fix
This commit is contained in:
@@ -46,7 +46,7 @@ data "kustomization_overlay" "data" {
|
||||
"AUTHENTIK_POSTGRESQL__PORT=5432",
|
||||
"AUTHENTIK_POSTGRESQL__USER=${var.component}",
|
||||
"AUTHENTIK_REDIS__HOST=${var.name}-${var.component}-redis",
|
||||
"AUTHENTIK_BOOTSTRAP_EMAIL=${var.admin.email}@${var.domain-name}",
|
||||
"AUTHENTIK_BOOTSTRAP_EMAIL=${var.admin.email}@${var.domain_name}",
|
||||
]
|
||||
}
|
||||
patches {
|
||||
|
||||
@@ -115,7 +115,7 @@ options:
|
||||
examples:
|
||||
- letsencrypt-prod
|
||||
type: string
|
||||
ingress-class:
|
||||
ingress_class:
|
||||
default: traefik
|
||||
examples:
|
||||
- traefik
|
||||
@@ -183,7 +183,7 @@ options:
|
||||
default: 2023.8.3
|
||||
type: string
|
||||
type: object
|
||||
domain-name:
|
||||
domain_name:
|
||||
default: your_company.com
|
||||
examples:
|
||||
- your_company.com
|
||||
@@ -198,7 +198,7 @@ options:
|
||||
default: auth-admin
|
||||
type: string
|
||||
type: object
|
||||
sub-domain:
|
||||
sub_domain:
|
||||
default: auth
|
||||
examples:
|
||||
- auth
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
locals {
|
||||
dns-names = ["${var.sub-domain}.${var.domain-name}"]
|
||||
dns_names = ["${var.sub_domain}.${var.domain_name}"]
|
||||
middlewares = ["${var.instance}-https"]
|
||||
service = {
|
||||
"name" = "${var.instance}"
|
||||
@@ -7,7 +7,7 @@ locals {
|
||||
"number" = 80
|
||||
}
|
||||
}
|
||||
rules = [ for v in local.dns-names : {
|
||||
rules = [ for v in local.dns_names : {
|
||||
"host" = "${v}"
|
||||
"http" = {
|
||||
"paths" = [{
|
||||
@@ -31,7 +31,7 @@ resource "kubectl_manifest" "prj_certificate" {
|
||||
labels: ${jsonencode(local.common-labels)}
|
||||
spec:
|
||||
secretName: "${var.instance}-cert"
|
||||
dnsNames: ${jsonencode(local.dns-names)}
|
||||
dnsNames: ${jsonencode(local.dns_names)}
|
||||
issuerRef:
|
||||
name: "${var.issuer}"
|
||||
kind: "ClusterIssuer"
|
||||
@@ -66,10 +66,10 @@ resource "kubectl_manifest" "prj_ingress" {
|
||||
annotations:
|
||||
"traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}"
|
||||
spec:
|
||||
ingressClassName: "${var.ingress-class}"
|
||||
ingressClassName: "${var.ingress_class}"
|
||||
rules: ${jsonencode(local.rules)}
|
||||
tls:
|
||||
- hosts: ${jsonencode(local.dns-names)}
|
||||
- hosts: ${jsonencode(local.dns_names)}
|
||||
secretName: "${var.instance}-cert"
|
||||
EOF
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ resource "kubectl_manifest" "authentik_redis" {
|
||||
labels: ${jsonencode(local.common-labels)}
|
||||
spec:
|
||||
kubernetesConfig:
|
||||
image: "${var.redis.image}"
|
||||
image: "${var.images.redis.registry}/${var.images.redis.repository}:${var.images.redis.tag}"
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
redisSecret:
|
||||
name: "${var.component}"
|
||||
@@ -19,10 +19,10 @@ resource "kubectl_manifest" "authentik_redis" {
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: "${var.redis.storage}"
|
||||
storage: "${var.storage.redis}"
|
||||
redisExporter:
|
||||
enabled: ${var.redis.exporter.enabled}
|
||||
image: "${var.redis.exporter.image}"
|
||||
image: "${var.images.redis_exporter.registry}/${var.images.redis_exporter.repository}:${var.images.redis_exporter.tag}"
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
fsGroup: 1000
|
||||
|
||||
Reference in New Issue
Block a user