From 738339e6f78e9401ec386d03baf23719a8668413 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Fri, 26 Jan 2024 20:49:13 +0100 Subject: [PATCH] fix --- meta/domain-apps/apps.tf | 10 +- meta/domain-apps/index.yaml | 180 +++++++-------- meta/domain-auth/index.yaml | 246 ++++++++++----------- meta/domain-ci/index.yaml | 142 ++++++------ meta/domain-devspaces/index.yaml | 340 ++++++++++++++-------------- meta/domain-erp/index.yaml | 76 +++---- meta/domain-infra/index.yaml | 164 +++++++------- meta/domain-mail/index.yaml | 106 ++++----- meta/domain-monitor/index.yaml | 258 +++++++++++----------- meta/domain/index.yaml | 365 ++++++++++++++++--------------- meta/domain/installs.tf | 104 ++++++--- 11 files changed, 1028 insertions(+), 963 deletions(-) diff --git a/meta/domain-apps/apps.tf b/meta/domain-apps/apps.tf index 64b7ff6..be5d3e5 100644 --- a/meta/domain-apps/apps.tf +++ b/meta/domain-apps/apps.tf @@ -1,8 +1,4 @@ locals { - annotations = { - "vynil.solidite.fr/meta" = var.component - "vynil.solidite.fr/name" = var.namespace - } annotations_default = { "default.vynil.solidite.fr/sso_vynil" = var.sso_vynil "default.vynil.solidite.fr/domain_name" = var.domain_name @@ -56,8 +52,8 @@ locals { resource "kubernetes_namespace_v1" "files-ns" { count = var.nextcloud.enable ? 1 : 0 metadata { - annotations = merge(local.annotations, local.annotations_default) - labels = merge(local.common-labels, local.annotations) + annotations = local.annotations_default + labels = local.common-labels name = "${var.namespace}-files" } } @@ -70,7 +66,7 @@ resource "kubectl_manifest" "nextcloud" { kind: "Install" metadata: name: "nextcloud" - namespace: "${var.namespace}-files" + namespace: "${kubernetes_namespace_v1.files-ns[0].metadata[0].name}" labels: ${jsonencode(local.common-labels)} spec: distrib: "${var.distributions.domain}" diff --git a/meta/domain-apps/index.yaml b/meta/domain-apps/index.yaml index 7a1707f..fb5d097 100644 --- a/meta/domain-apps/index.yaml +++ b/meta/domain-apps/index.yaml @@ -6,96 +6,6 @@ metadata: name: domain-apps description: null options: - sso_vynil: - default: true - examples: - - true - type: boolean - storage: - default: - volume: - accessMode: ReadWriteOnce - class: '' - examples: - - volume: - accessMode: ReadWriteOnce - class: '' - properties: - volume: - default: - accessMode: ReadWriteOnce - class: '' - properties: - accessMode: - default: ReadWriteOnce - type: string - class: - default: '' - type: string - type: object - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - domain: - default: your-company - examples: - - your-company - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - app_group: - default: infra - examples: - - infra - type: string - timezone: - default: Europe/Paris - examples: - - Europe/Paris - type: string - language: - default: fr_FR - examples: - - fr_FR - type: string - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - domain_name: - default: your-company.com - examples: - - your-company.com - type: string - nextcloud: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: nextcloud backups: default: enable: false @@ -136,6 +46,96 @@ options: default: false type: boolean type: object + domain: + default: your-company + examples: + - your-company + type: string + timezone: + default: Europe/Paris + examples: + - Europe/Paris + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string + storage: + default: + volume: + accessMode: ReadWriteOnce + class: '' + examples: + - volume: + accessMode: ReadWriteOnce + class: '' + properties: + volume: + default: + accessMode: ReadWriteOnce + class: '' + properties: + accessMode: + default: ReadWriteOnce + type: string + class: + default: '' + type: string + type: object + type: object + nextcloud: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: nextcloud + language: + default: fr_FR + examples: + - fr_FR + type: string + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + sso_vynil: + default: true + examples: + - true + type: boolean + app_group: + default: apps + examples: + - apps + type: string dependencies: [] providers: kubernetes: true diff --git a/meta/domain-auth/index.yaml b/meta/domain-auth/index.yaml index 97ae0c8..964182c 100644 --- a/meta/domain-auth/index.yaml +++ b/meta/domain-auth/index.yaml @@ -6,55 +6,15 @@ metadata: name: domain-auth description: null options: - fournisseurs: - default: - apps: [] - divisions: [] - enable: false + issuer: + default: letsencrypt-prod examples: - - apps: [] - divisions: [] - enable: false - properties: - apps: - default: [] - items: - type: string - type: array - divisions: - default: [] - items: - properties: - apps: - items: - type: string - type: array - name: - type: string - teams: - items: - type: object - type: array - type: object - type: array - enable: - default: false - type: boolean - type: object - app_group: - default: infra - examples: - - infra + - letsencrypt-prod type: string - sso_vynil: - default: true + domain: + default: your-company examples: - - true - type: boolean - timezone: - default: Europe/Paris - examples: - - Europe/Paris + - your-company type: string backups: default: @@ -96,27 +56,37 @@ options: default: false type: boolean type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - authentik: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - authentik-forward: + clients: default: + apps: [] + divisions: [] enable: false examples: - - enable: false + - apps: [] + divisions: [] + enable: false properties: + apps: + default: [] + items: + type: string + type: array + divisions: + default: [] + items: + properties: + apps: + items: + type: string + type: array + name: + type: string + teams: + items: + type: object + type: array + type: object + type: array enable: default: false type: boolean @@ -156,22 +126,70 @@ options: default: true type: boolean type: object - authentik-ldap: - default: - enable: false + timezone: + default: Europe/Paris examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - domain: - default: your-company - examples: - - your-company + - Europe/Paris type: string - clients: + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + language: + default: fr_FR + examples: + - fr_FR + type: string + sso_vynil: + default: true + examples: + - true + type: boolean + ingress_class: + default: traefik + examples: + - traefik + type: string + storage: + default: + volume: + accessMode: ReadWriteOnce + class: '' + examples: + - volume: + accessMode: ReadWriteOnce + class: '' + properties: + volume: + default: + accessMode: ReadWriteOnce + class: '' + properties: + accessMode: + default: ReadWriteOnce + type: string + class: + default: '' + type: string + type: object + type: object + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + fournisseurs: default: apps: [] divisions: [] @@ -206,58 +224,40 @@ options: default: false type: boolean type: object - domain_name: - default: your-company.com - examples: - - your-company.com - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - language: - default: fr_FR - examples: - - fr_FR - type: string - storage: + authentik: default: - volume: - accessMode: ReadWriteOnce - class: '' + enable: true examples: - - volume: - accessMode: ReadWriteOnce - class: '' + - enable: true properties: - volume: - default: - accessMode: ReadWriteOnce - class: '' - properties: - accessMode: - default: ReadWriteOnce - type: string - class: - default: '' - type: string - type: object + enable: + default: true + type: boolean type: object - distributions: - default: - core: core - domain: domain + app_group: + default: apps examples: - - core: core - domain: domain + - apps + type: string + authentik-forward: + default: + enable: false + examples: + - enable: false properties: - core: - default: core - type: string - domain: - default: domain - type: string + enable: + default: false + type: boolean + type: object + authentik-ldap: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean type: object dependencies: [] providers: diff --git a/meta/domain-ci/index.yaml b/meta/domain-ci/index.yaml index 3fcfd42..a9961e4 100644 --- a/meta/domain-ci/index.yaml +++ b/meta/domain-ci/index.yaml @@ -6,36 +6,11 @@ metadata: name: domain-ci description: null options: - domain: - default: your-company - examples: - - your-company - type: string - language: - default: fr_FR - examples: - - fr_FR - type: string timezone: default: Europe/Paris examples: - Europe/Paris type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - app_group: - default: infra - examples: - - infra - type: string distributions: default: core: core @@ -51,16 +26,83 @@ options: default: domain type: string type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + storage: + default: + volume: + accessMode: ReadWriteOnce + class: '' + examples: + - volume: + accessMode: ReadWriteOnce + class: '' + properties: + volume: + default: + accessMode: ReadWriteOnce + class: '' + properties: + accessMode: + default: ReadWriteOnce + type: string + class: + default: '' + type: string + type: object + type: object + gitea: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: gitea + ingress_class: + default: traefik + examples: + - traefik + type: string sso_vynil: default: true examples: - true type: boolean + woodpecker: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: woodpecker + language: + default: fr_FR + examples: + - fr_FR + type: string domain_name: default: your-company.com examples: - your-company.com type: string + app_group: + default: dev + examples: + - dev + type: string backups: default: enable: false @@ -101,53 +143,11 @@ options: default: false type: boolean type: object - storage: - default: - volume: - accessMode: ReadWriteOnce - class: '' + domain: + default: your-company examples: - - volume: - accessMode: ReadWriteOnce - class: '' - properties: - volume: - default: - accessMode: ReadWriteOnce - class: '' - properties: - accessMode: - default: ReadWriteOnce - type: string - class: - default: '' - type: string - type: object - type: object - gitea: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: gitea - woodpecker: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: woodpecker + - your-company + type: string dependencies: [] providers: kubernetes: true diff --git a/meta/domain-devspaces/index.yaml b/meta/domain-devspaces/index.yaml index 1c9ad87..d3261ab 100644 --- a/meta/domain-devspaces/index.yaml +++ b/meta/domain-devspaces/index.yaml @@ -6,48 +6,99 @@ metadata: name: domain-devspaces description: null options: - haveGitea: - default: false + stations: + default: [] examples: - - false - type: boolean - timezone: - default: Europe/Paris + - [] + items: + properties: + name: + default: '' + type: string + organisations: + default: [] + items: + type: string + type: array + type: object + type: array + domain_name: + default: your-company.com examples: - - Europe/Paris + - your-company.com type: string - storage: + images: default: - volume: - accessMode: ReadWriteOnce - class: '' + codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 examples: - - volume: - accessMode: ReadWriteOnce - class: '' + - codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 properties: - volume: + codeserver: default: - accessMode: ReadWriteOnce - class: '' + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 properties: - accessMode: - default: ReadWriteOnce + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent type: string - class: - default: '' + registry: + default: docker.io type: string + repository: + default: sebt3/code-server + type: string + tag: + default: 4.18 + type: number type: object type: object - app_group: - default: dev + external-pgs: + default: [] examples: - - dev - type: string - issuer: - default: letsencrypt-prod + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + ingress_class: + default: traefik examples: - - letsencrypt-prod + - traefik type: string organisations: default: [] @@ -90,6 +141,32 @@ options: type: array type: object type: array + external-marias: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array external-mongos: default: [] examples: @@ -119,36 +196,7 @@ options: type: string type: object type: array - external-pgs: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - external-marias: + external-redis: default: [] examples: - [] @@ -160,59 +208,81 @@ options: namespace: default: '' type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string type: object type: array - images: + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + distributions: default: - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 + core: core + domain: domain examples: - - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 + - core: core + domain: domain properties: - codeserver: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + sso_vynil: + default: true + examples: + - true + type: boolean + timezone: + default: Europe/Paris + examples: + - Europe/Paris + type: string + storage: + default: + volume: + accessMode: ReadWriteOnce + class: '' + examples: + - volume: + accessMode: ReadWriteOnce + class: '' + properties: + volume: default: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 + accessMode: ReadWriteOnce + class: '' properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent + accessMode: + default: ReadWriteOnce type: string - registry: - default: docker.io + class: + default: '' type: string - repository: - default: sebt3/code-server - type: string - tag: - default: 4.18 - type: number type: object type: object + stations-sub_domain: + default: code + examples: + - code + type: string + domain: + default: your-company + examples: + - your-company + type: string + app_group: + default: dev + examples: + - dev + type: string + haveGitea: + default: false + examples: + - false + type: boolean apps: default: dbgate: @@ -284,55 +354,11 @@ options: type: boolean type: object type: object - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - sso_vynil: - default: true - examples: - - true - type: boolean - ingress_class: - default: traefik - examples: - - traefik - type: string language: default: fr_FR examples: - fr_FR type: string - domain_name: - default: your-company.com - examples: - - your-company.com - type: string - external-redis: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - type: object - type: array backups: default: enable: false @@ -373,32 +399,6 @@ options: default: false type: boolean type: object - stations-sub_domain: - default: code - examples: - - code - type: string - stations: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - organisations: - default: [] - items: - type: string - type: array - type: object - type: array - domain: - default: your-company - examples: - - your-company - type: string dependencies: [] providers: kubernetes: true diff --git a/meta/domain-erp/index.yaml b/meta/domain-erp/index.yaml index ba855bb..fca6655 100644 --- a/meta/domain-erp/index.yaml +++ b/meta/domain-erp/index.yaml @@ -11,10 +11,10 @@ options: examples: - true type: boolean - app_group: - default: erp + timezone: + default: Europe/Paris examples: - - erp + - Europe/Paris type: string ingress_class: default: traefik @@ -26,6 +26,21 @@ options: examples: - your-company type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object domain_name: default: your-company.com examples: @@ -71,48 +86,21 @@ options: default: false type: boolean type: object - timezone: - default: Europe/Paris + language: + default: fr_FR examples: - - Europe/Paris + - fr_FR + type: string + app_group: + default: apps + examples: + - apps type: string issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string - dolibarr: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: dolibarr - language: - default: fr_FR - examples: - - fr_FR - type: string - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object storage: default: volume: @@ -136,6 +124,18 @@ options: type: string type: object type: object + dolibarr: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: dolibarr dependencies: [] providers: kubernetes: true diff --git a/meta/domain-infra/index.yaml b/meta/domain-infra/index.yaml index 150c61b..033e8ec 100644 --- a/meta/domain-infra/index.yaml +++ b/meta/domain-infra/index.yaml @@ -6,18 +6,34 @@ metadata: name: domain-infra description: null options: - dns: - default: - enable: false + issuer: + default: letsencrypt-prod examples: - - enable: false + - letsencrypt-prod + type: string + storage: + default: + volume: + accessMode: ReadWriteOnce + class: '' + examples: + - volume: + accessMode: ReadWriteOnce + class: '' properties: - enable: - default: false - type: boolean + volume: + default: + accessMode: ReadWriteOnce + class: '' + properties: + accessMode: + default: ReadWriteOnce + type: string + class: + default: '' + type: string + type: object type: object - x-vynil-category: share - x-vynil-package: dns gramo: default: enable: false @@ -40,30 +56,32 @@ options: default: false type: boolean type: object - ingress_class: - default: traefik - examples: - - traefik - type: string - distributions: + dns: default: - core: core - domain: domain + enable: false examples: - - core: core - domain: domain + - enable: false properties: - core: - default: core - type: string - domain: - default: domain - type: string + enable: + default: false + type: boolean type: object - domain_name: - default: your-company.com + x-vynil-category: share + x-vynil-package: dns + sso_vynil: + default: true examples: - - your-company.com + - true + type: boolean + domain: + default: your-company + examples: + - your-company + type: string + timezone: + default: Europe/Paris + examples: + - Europe/Paris type: string traefik: default: @@ -82,48 +100,16 @@ options: type: object x-vynil-category: apps x-vynil-package: traefix-ui - app_group: - default: infra + ingress_class: + default: traefik examples: - - infra - type: string - domain: - default: your-company - examples: - - your-company - type: string - timezone: - default: Europe/Paris - examples: - - Europe/Paris - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod + - traefik type: string language: default: fr_FR examples: - fr_FR type: string - okd: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: okd - sso_vynil: - default: true - examples: - - true - type: boolean backups: default: enable: false @@ -164,28 +150,42 @@ options: default: false type: boolean type: object - storage: + okd: default: - volume: - accessMode: ReadWriteOnce - class: '' + enable: false examples: - - volume: - accessMode: ReadWriteOnce - class: '' + - enable: false properties: - volume: - default: - accessMode: ReadWriteOnce - class: '' - properties: - accessMode: - default: ReadWriteOnce - type: string - class: - default: '' - type: string - type: object + enable: + default: false + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: okd + app_group: + default: infra + examples: + - infra + type: string + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string type: object dependencies: [] providers: diff --git a/meta/domain-mail/index.yaml b/meta/domain-mail/index.yaml index 76e454c..bfe81db 100644 --- a/meta/domain-mail/index.yaml +++ b/meta/domain-mail/index.yaml @@ -6,6 +6,56 @@ metadata: name: domain-mail description: null options: + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + domain: + default: your-company + examples: + - your-company + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string + app_group: + default: apps + examples: + - apps + type: string + language: + default: fr_FR + examples: + - fr_FR + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + wildduck: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object storage: default: volume: @@ -29,56 +79,16 @@ options: type: string type: object type: object - ingress_class: - default: traefik - examples: - - traefik - type: string - domain_name: - default: your-company.com - examples: - - your-company.com - type: string - timezone: - default: Europe/Paris - examples: - - Europe/Paris - type: string sso_vynil: default: true examples: - true type: boolean - language: - default: fr_FR - examples: - - fr_FR - type: string issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - app_group: - default: infra - examples: - - infra - type: string backups: default: enable: false @@ -119,20 +129,10 @@ options: default: false type: boolean type: object - wildduck: - default: - enable: true + timezone: + default: Europe/Paris examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - domain: - default: your-company - examples: - - your-company + - Europe/Paris type: string dependencies: [] providers: diff --git a/meta/domain-monitor/index.yaml b/meta/domain-monitor/index.yaml index 608996c..88b870c 100644 --- a/meta/domain-monitor/index.yaml +++ b/meta/domain-monitor/index.yaml @@ -6,55 +6,6 @@ metadata: name: domain-monitor description: null options: - alerts-containers: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: alerts-containers - loki: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: loki - domain_name: - default: your-company.com - examples: - - your-company.com - type: string - timezone: - default: Europe/Paris - examples: - - Europe/Paris - type: string - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object grafana: default: enable: true @@ -67,63 +18,24 @@ options: type: object x-vynil-category: monitor x-vynil-package: grafana - node-exporter: + monitor-control-plan: default: - enable: true + enable: false examples: - - enable: true + - enable: false properties: enable: - default: true + default: false type: boolean type: object x-vynil-category: monitor - x-vynil-package: node-exporter - promtail: - default: - enable: true + x-vynil-package: monitor-control-plan + ingress_class: + default: traefik examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: promtail - alertmanager: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: alertmanager - language: - default: fr_FR - examples: - - fr_FR + - traefik type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - domain: - default: your-company - examples: - - your-company - type: string - app_group: - default: infra - examples: - - infra - type: string - alerts-core: + dashboards-cluster: default: enable: true examples: @@ -134,19 +46,7 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: alerts-core - kube-state-metrics: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: kube-state-metrics + x-vynil-package: dashboards-cluster storage: default: volume: @@ -170,10 +70,71 @@ options: type: string type: object type: object - ingress_class: - default: traefik + sso_vynil: + default: true examples: - - traefik + - true + type: boolean + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + alerts-containers: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: alerts-containers + node-exporter: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: node-exporter + dashboards-workload: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: dashboards-workload + domain: + default: your-company + examples: + - your-company + type: string + app_group: + default: monitor + examples: + - monitor type: string backups: default: @@ -215,7 +176,22 @@ options: default: false type: boolean type: object - dashboards-cluster: + language: + default: fr_FR + examples: + - fr_FR + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + timezone: + default: Europe/Paris + examples: + - Europe/Paris + type: string + alerts-core: default: enable: true examples: @@ -226,8 +202,8 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: dashboards-cluster - prometheus: + x-vynil-package: alerts-core + promtail: default: enable: true examples: @@ -238,7 +214,31 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: prometheus + x-vynil-package: promtail + kube-state-metrics: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: kube-state-metrics + alertmanager: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: alertmanager dashboards-minimal: default: enable: true @@ -263,7 +263,12 @@ options: type: object x-vynil-category: monitor x-vynil-package: dashboards-namespace - dashboards-workload: + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + loki: default: enable: true examples: @@ -274,24 +279,19 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: dashboards-workload - monitor-control-plan: + x-vynil-package: loki + prometheus: default: - enable: false + enable: true examples: - - enable: false + - enable: true properties: enable: - default: false + default: true type: boolean type: object x-vynil-category: monitor - x-vynil-package: monitor-control-plan - sso_vynil: - default: true - examples: - - true - type: boolean + x-vynil-package: prometheus dependencies: [] providers: kubernetes: true diff --git a/meta/domain/index.yaml b/meta/domain/index.yaml index cfc573a..bed3ce9 100644 --- a/meta/domain/index.yaml +++ b/meta/domain/index.yaml @@ -6,57 +6,6 @@ metadata: name: domain description: null options: - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - apps: - default: - enable: false - nextcloud: - enable: true - examples: - - enable: false - nextcloud: - enable: true - properties: - enable: - default: false - type: boolean - nextcloud: - default: - enable: true - properties: - enable: - default: true - type: boolean - type: object - type: object - x-vynil-category: meta - x-vynil-package: domain-apps - domain_name: - default: your_company.com - examples: - - your_company.com - type: string - monitor: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: meta - x-vynil-package: domain-monitor distributions: default: core: core @@ -72,6 +21,120 @@ options: default: domain type: string type: object + backups: + default: + enable: false + endpoint: '' + key_id_key: s3-id + restic_key: bck-password + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + examples: + - enable: false + endpoint: '' + key_id_key: s3-id + restic_key: bck-password + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key_id_key: + default: s3-id + type: string + restic_key: + default: bck-password + type: string + secret_key: + default: s3-secret + type: string + secret_name: + default: backup-settings + type: string + use_barman: + default: false + type: boolean + type: object + erp: + default: + dolibarr: + enable: true + enable: false + examples: + - dolibarr: + enable: true + enable: false + properties: + dolibarr: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object + enable: + default: false + type: boolean + type: object + x-vynil-category: meta + x-vynil-package: domain-erp + ingress_class: + default: traefik + examples: + - traefik + type: string + storage: + default: + volume: + accessMode: ReadWriteOnce + class: '' + examples: + - volume: + accessMode: ReadWriteOnce + class: '' + properties: + volume: + default: + accessMode: ReadWriteOnce + class: '' + properties: + accessMode: + default: ReadWriteOnce + type: string + class: + default: '' + type: string + type: object + type: object + mail: + default: + enable: false + wildduck: + enable: true + examples: + - enable: false + wildduck: + enable: true + properties: + enable: + default: false + type: boolean + wildduck: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object + type: object ci: default: enable: false @@ -108,106 +171,11 @@ options: type: object x-vynil-category: meta x-vynil-package: domain-devspaces - mail: - default: - enable: false - wildduck: - enable: true + issuer: + default: letsencrypt-prod examples: - - enable: false - wildduck: - enable: true - properties: - enable: - default: false - type: boolean - wildduck: - default: - enable: true - properties: - enable: - default: true - type: boolean - type: object - type: object - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - erp: - default: - dolibarr: - enable: true - enable: false - examples: - - dolibarr: - enable: true - enable: false - properties: - dolibarr: - default: - enable: true - properties: - enable: - default: true - type: boolean - type: object - enable: - default: false - type: boolean - type: object - x-vynil-category: meta - x-vynil-package: domain-erp - infra: - default: - enable: false - traefik: - enable: false - examples: - - enable: false - traefik: - enable: false - properties: - enable: - default: false - type: boolean - traefik: - default: - enable: false - properties: - enable: - default: false - type: boolean - type: object - type: object - x-vynil-category: meta - x-vynil-package: domain-infra + - letsencrypt-prod + type: string auth: default: authentik: @@ -232,31 +200,86 @@ options: type: object x-vynil-category: meta x-vynil-package: domain-auth - storage-classes: + apps: default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' + enable: false + nextcloud: + enable: true examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' + - enable: false + nextcloud: + enable: true properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string + enable: + default: false + type: boolean + nextcloud: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object type: object + x-vynil-category: meta + x-vynil-package: domain-apps + sso_vynil: + default: true + examples: + - true + type: boolean + language: + default: fr_FR + examples: + - fr_FR + type: string + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + infra: + default: + enable: false + traefik: + enable: false + examples: + - enable: false + traefik: + enable: false + properties: + enable: + default: false + type: boolean + traefik: + default: + enable: false + properties: + enable: + default: false + type: boolean + type: object + type: object + x-vynil-category: meta + x-vynil-package: domain-infra + monitor: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: meta + x-vynil-package: domain-monitor + timezone: + default: Europe/Paris + examples: + - Europe/Paris + type: string dependencies: [] providers: kubernetes: null diff --git a/meta/domain/installs.tf b/meta/domain/installs.tf index 2c4aa1e..cc4a165 100644 --- a/meta/domain/installs.tf +++ b/meta/domain/installs.tf @@ -1,28 +1,74 @@ locals { global = { - "domain" = var.namespace - "domain_name" = var.domain_name - "issuer" = var.issuer - "ingress_class" = var.ingress_class - "distributions" = var.distributions - "backups" = var.backups - "storage-classes"= var.storage-classes + "sso_vynil" = var.sso_vynil + "domain_name" = var.domain_name + "timezone" = var.timezone + "language" = var.language + "domain" = var.namespace + "issuer" = var.issuer + "ingress_class" = var.ingress_class } - annotations = { - "vynil.solidite.fr/meta" = var.component - "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain_name - "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress_class + global-backups = { + "enable" = var.backups.enable + "use_barman" = var.backups.use_barman + "endpoint" = var.backups.endpoint + "secret_name" = var.backups.secret_name + "key_id_key" = var.backups.key_id_key + "secret_key" = var.backups.secret_key + "restic_key" = var.backups.restic_key } - auth = { for k, v in var.auth : k => v if k!="enable" } - infra = { for k, v in var.infra : k => v if k!="enable" } - ci = { for k, v in var.ci : k => v if k!="enable" } - erp = { for k, v in var.erp : k => v if k!="enable" } - apps = { for k, v in var.apps : k => v if k!="enable" } - mail = { for k, v in var.mail : k => v if k!="enable" } - monitor = { for k, v in var.monitor : k => v if k!="enable" } - devspaces = { for k, v in var.devspaces : k => v if k!="enable" } + global-volume = { + "accessMode" = var.storage.volume.accessMode + "class" = var.storage.volume.class + } + auth = merge(local.global,{ for k, v in var.auth : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.auth, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.auth, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.auth, "storage", {}), "volume", {}), local.global-volume) + }) + }) + infra = merge(local.global,{ for k, v in var.infra : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.infra, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.infra, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.infra, "storage", {}), "volume", {}), local.global-volume) + }) + }) + ci = merge(local.global,{ for k, v in var.ci : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.ci, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.ci, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.ci, "storage", {}), "volume", {}), local.global-volume) + }) + }) + erp = merge(local.global,{ for k, v in var.erp : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.erp, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.erp, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.erp, "storage", {}), "volume", {}), local.global-volume) + }) + }) + apps = merge(local.global,{ for k, v in var.apps : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.apps, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.apps, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.apps, "storage", {}), "volume", {}), local.global-volume) + }) + }) + mail = merge(local.global,{ for k, v in var.mail : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.mail, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.mail, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.mail, "storage", {}), "volume", {}), local.global-volume) + }) + }) + monitor = merge(local.global,{ for k, v in var.monitor : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.monitor, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.monitor, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.monitor, "storage", {}), "volume", {}), local.global-volume) + }) + }) + devspaces = merge(local.global,{ for k, v in var.devspaces : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.devspaces, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.devspaces, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.devspaces, "storage", {}), "volume", {}), local.global-volume) + }) + }) # Force install authentik and it's modules when any are needed use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable) @@ -136,7 +182,7 @@ resource "kubectl_manifest" "auth" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-auth" - options: ${jsonencode(merge(local.global, local.added-auth, local.divisions, local.auth))} + options: ${jsonencode(merge(local.added-auth, local.divisions, local.auth))} EOF } resource "kubectl_manifest" "infra" { @@ -152,7 +198,7 @@ resource "kubectl_manifest" "infra" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-infra" - options: ${jsonencode(merge(local.global, local.infra))} + options: ${jsonencode(local.infra)} EOF } resource "kubectl_manifest" "ci" { @@ -168,7 +214,7 @@ resource "kubectl_manifest" "ci" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-ci" - options: ${jsonencode(merge(local.global, local.ci))} + options: ${jsonencode(local.ci)} EOF } resource "kubectl_manifest" "erp" { @@ -184,7 +230,7 @@ resource "kubectl_manifest" "erp" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-erp" - options: ${jsonencode(merge(local.global, local.erp))} + options: ${jsonencode(local.erp)} EOF } resource "kubectl_manifest" "apps" { @@ -200,7 +246,7 @@ resource "kubectl_manifest" "apps" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-apps" - options: ${jsonencode(merge(local.global, local.apps))} + options: ${jsonencode(local.apps)} EOF } resource "kubectl_manifest" "mail" { @@ -216,7 +262,7 @@ resource "kubectl_manifest" "mail" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-mail" - options: ${jsonencode(merge(local.global, local.mail))} + options: ${jsonencode(local.mail)} EOF } resource "kubectl_manifest" "monitor" { @@ -232,7 +278,7 @@ resource "kubectl_manifest" "monitor" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-monitor" - options: ${jsonencode(merge(local.global, local.monitor))} + options: ${jsonencode(local.monitor)} EOF } resource "kubectl_manifest" "devspaces" { @@ -248,6 +294,6 @@ resource "kubectl_manifest" "devspaces" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-devspaces" - options: ${jsonencode(merge(local.global, local.devspaces, local.devspaces-custom))} + options: ${jsonencode(merge(local.devspaces, local.devspaces-custom))} EOF }