diff --git a/apps/dolibarr/index.yaml b/apps/dolibarr/index.yaml index 4df9fdf..5aa6407 100644 --- a/apps/dolibarr/index.yaml +++ b/apps/dolibarr/index.yaml @@ -6,77 +6,6 @@ metadata: name: dolibarr description: null options: - sub-domain: - default: erp - examples: - - erp - type: string - hpa: - default: - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - examples: - - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - properties: - avg-cpu: - default: 50 - type: integer - max-replicas: - default: 5 - type: integer - min-replicas: - default: 1 - type: integer - type: object - redis: - default: - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi - examples: - - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi - properties: - exporter: - default: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - properties: - enabled: - default: true - type: boolean - image: - default: quay.io/opstree/redis-exporter:v1.44.0 - type: string - type: object - image: - default: quay.io/opstree/redis:v7.0.5 - type: string - storage: - default: 2Gi - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - modules: - default: - - societe - examples: - - - societe - items: - type: string - type: array storage: default: accessMode: ReadWriteOnce @@ -104,26 +33,6 @@ options: - block type: string type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - parameters: - default: - MAIN_LANG_DEFAULT: auto - examples: - - MAIN_LANG_DEFAULT: auto - properties: - MAIN_LANG_DEFAULT: - default: auto - type: string - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string images: default: dolibarr: @@ -189,6 +98,59 @@ options: type: string type: object type: object + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + sub-domain: + default: erp + examples: + - erp + type: string + redis: + default: + exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi + examples: + - exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi + properties: + exporter: + default: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + properties: + enabled: + default: true + type: boolean + image: + default: quay.io/opstree/redis-exporter:v1.44.0 + type: string + type: object + image: + default: quay.io/opstree/redis:v7.0.5 + type: string + storage: + default: 2Gi + type: string + type: object + parameters: + default: + MAIN_LANG_DEFAULT: auto + examples: + - MAIN_LANG_DEFAULT: auto + properties: + MAIN_LANG_DEFAULT: + default: auto + type: string + type: object backups: default: enable: false @@ -290,11 +252,6 @@ options: default: backup-settings type: string type: object - domain: - default: your-company - examples: - - your-company - type: string user-groups: default: - admin: true @@ -315,25 +272,35 @@ options: examples: - 5 type: integer - postgres: - default: - replicas: 1 - storage: 5Gi - version: '14' + issuer: + default: letsencrypt-prod examples: - - replicas: 1 - storage: 5Gi - version: '14' + - letsencrypt-prod + type: string + domain: + default: your-company + examples: + - your-company + type: string + hpa: + default: + avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + examples: + - avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 properties: - replicas: + avg-cpu: + default: 50 + type: integer + max-replicas: + default: 5 + type: integer + min-replicas: default: 1 type: integer - storage: - default: 5Gi - type: string - version: - default: '14' - type: string type: object resources: default: @@ -376,6 +343,39 @@ options: type: string type: object type: object + modules: + default: + - societe + examples: + - - societe + items: + type: string + type: array + ingress-class: + default: traefik + examples: + - traefik + type: string + postgres: + default: + replicas: 1 + storage: 5Gi + version: '14' + examples: + - replicas: 1 + storage: 5Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 5Gi + type: string + version: + default: '14' + type: string + type: object dependencies: - dist: null category: share diff --git a/apps/dolibarr/postgresql.tf b/apps/dolibarr/postgresql.tf index 4b08efe..7c0c762 100644 --- a/apps/dolibarr/postgresql.tf +++ b/apps/dolibarr/postgresql.tf @@ -2,7 +2,7 @@ locals { pg-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "pg" }) - backup-def = var.backups.enable ? { + backup-def = { retentionPolicy = var.backups.retention.db barmanObjectStore = { destinationPath = "s3://${var.instance}-${var.namespace}/" @@ -18,7 +18,7 @@ locals { } } } - } : {} + } } resource "kubectl_manifest" "prj_pg" { @@ -39,7 +39,7 @@ resource "kubectl_manifest" "prj_pg" { owner: "${var.component}" storage: size: "${var.postgres.storage}" - backup: ${jsonencode(local.backup-def)} + backup: ${jsonencode(var.backups.enable?local.backup-def:{})} EOF } diff --git a/apps/gitea/index.yaml b/apps/gitea/index.yaml index 2c1f872..28b731f 100644 --- a/apps/gitea/index.yaml +++ b/apps/gitea/index.yaml @@ -9,10 +9,20 @@ metadata: A painless self-hosted Git service. Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. options: - timezone: - default: Europe/Paris + volume: + default: + size: 10Gi examples: - - Europe/Paris + - size: 10Gi + properties: + size: + default: 10Gi + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod type: string load-balancer: default: @@ -24,16 +34,31 @@ options: default: '' type: string type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string domain: default: your-company examples: - your-company type: string + disable-registration: + default: true + examples: + - true + type: boolean + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + ssh-port: + default: 2222 + examples: + - 2222 + type: integer + default-branch: + default: main + examples: + - main + type: string webhook: default: allowed-hosts: private @@ -49,51 +74,21 @@ options: default: false type: boolean type: object - sub-domain: - default: git + theme: + default: gitea-modern examples: - - git + - gitea-modern type: string - postgres: - default: - replicas: 1 - storage: 10Gi - version: '14' - examples: - - replicas: 1 - storage: 10Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 10Gi - type: string - version: - default: '14' - type: string - type: object release: default: 8.3.0 examples: - 8.3.0 type: string - disable-registration: - default: true + sub-domain: + default: git examples: - - true - type: boolean - ingress-class: - default: traefik - examples: - - traefik + - git type: string - replicas: - default: 1 - examples: - - 1 - type: integer backups: default: enable: false @@ -195,21 +190,51 @@ options: default: backup-settings type: string type: object - volume: + admin: default: - size: 10Gi + email: git-admin@git.your_company.com + name: gitea_admin examples: - - size: 10Gi + - email: git-admin@git.your_company.com + name: gitea_admin properties: - size: - default: 10Gi + email: + default: git-admin@git.your_company.com + type: string + name: + default: gitea_admin type: string type: object - default-branch: - default: main + postgres: + default: + replicas: 1 + storage: 10Gi + version: '14' examples: - - main + - replicas: 1 + storage: 10Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 10Gi + type: string + version: + default: '14' + type: string + type: object + timezone: + default: Europe/Paris + examples: + - Europe/Paris type: string + replicas: + default: 1 + examples: + - 1 + type: integer push-create: default: org: 'true' @@ -230,26 +255,11 @@ options: default: 'true' type: string type: object - admin: - default: - email: git-admin@git.your_company.com - name: gitea_admin + ingress-class: + default: traefik examples: - - email: git-admin@git.your_company.com - name: gitea_admin - properties: - email: - default: git-admin@git.your_company.com - type: string - name: - default: gitea_admin - type: string - type: object - ssh-port: - default: 2222 - examples: - - 2222 - type: integer + - traefik + type: string images: default: gitea: @@ -313,16 +323,6 @@ options: type: string type: object type: object - theme: - default: gitea-modern - examples: - - gitea-modern - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string dependencies: - dist: null category: share diff --git a/apps/gitea/postgresql.tf b/apps/gitea/postgresql.tf index 65545c7..d21aef4 100644 --- a/apps/gitea/postgresql.tf +++ b/apps/gitea/postgresql.tf @@ -2,7 +2,7 @@ locals { pg-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "pg" }) - backup-def = var.backups.enable ? { + backup-def = { retentionPolicy = var.backups.retention.db barmanObjectStore = { destinationPath = "s3://${var.instance}-${var.namespace}/" @@ -18,7 +18,7 @@ locals { } } } - } : {} + } } resource "kubectl_manifest" "prj_pg" { @@ -39,7 +39,7 @@ resource "kubectl_manifest" "prj_pg" { initdb: database: "${var.component}" owner: "${var.component}" - backup: ${jsonencode(local.backup-def)} + backup: ${jsonencode(var.backups.enable?local.backup-def:{})} EOF } diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml index 5637634..74042be 100644 --- a/apps/nextcloud/index.yaml +++ b/apps/nextcloud/index.yaml @@ -6,137 +6,54 @@ metadata: name: nextcloud description: null options: - sub-domain: - default: files + domain-name: + default: your_company.com examples: - - files + - your_company.com type: string - hpa: + redis: default: - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 + exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi examples: - - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 + - exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi properties: - avg-cpu: - default: 50 - type: integer - max-replicas: - default: 5 - type: integer - min-replicas: - default: 1 - type: integer - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - restic-key: - default: bck-password - type: string - retention: + exporter: default: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 properties: - db: - default: 30d - type: string - keepDaily: - default: 14 - type: integer - keepMonthly: - default: 12 - type: integer - keepWeekly: - default: 6 - type: integer - keepYearly: - default: 12 - type: integer - type: object - schedule: - default: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - properties: - backup: - default: 30 3 * * * - type: string - check: - default: 30 5 * * 1 - type: string - db: - default: 30 3 * * * - type: string - prune: - default: 30 1 * * 0 + enabled: + default: true + type: boolean + image: + default: quay.io/opstree/redis-exporter:v1.44.0 type: string type: object - secret-key: - default: s3-secret + image: + default: quay.io/opstree/redis:v7.0.5 type: string - secret-name: - default: backup-settings + storage: + default: 2Gi type: string type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + domain: + default: your-company + examples: + - your-company + type: string apps: default: audioplayer: false @@ -227,69 +144,6 @@ options: default: true type: boolean type: object - redis: - default: - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi - examples: - - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi - properties: - exporter: - default: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - properties: - enabled: - default: true - type: boolean - image: - default: quay.io/opstree/redis-exporter:v1.44.0 - type: string - type: object - image: - default: quay.io/opstree/redis:v7.0.5 - type: string - storage: - default: 2Gi - type: string - type: object - postgres: - default: - replicas: 1 - storage: 5Gi - version: '14' - examples: - - replicas: 1 - storage: 5Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 5Gi - type: string - version: - default: '14' - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string storage: default: accessMode: ReadWriteOnce @@ -319,16 +173,26 @@ options: default: nextcloud_admin type: string type: object - domain: - default: your-company + hpa: + default: + avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 examples: - - your-company - type: string - openid-name: - default: vynil - examples: - - vynil - type: string + - avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + properties: + avg-cpu: + default: 50 + type: integer + max-replicas: + default: 5 + type: integer + min-replicas: + default: 1 + type: integer + type: object images: default: collabora: @@ -492,6 +356,142 @@ options: type: string type: object type: object + postgres: + default: + replicas: 1 + storage: 5Gi + version: '14' + examples: + - replicas: 1 + storage: 5Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 5Gi + type: string + version: + default: '14' + type: string + type: object + ingress-class: + default: traefik + examples: + - traefik + type: string + openid-name: + default: vynil + examples: + - vynil + type: string + sub-domain: + default: files + examples: + - files + type: string + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + restic-key: + default: bck-password + type: string + retention: + default: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + properties: + db: + default: 30d + type: string + keepDaily: + default: 14 + type: integer + keepMonthly: + default: 12 + type: integer + keepWeekly: + default: 6 + type: integer + keepYearly: + default: 12 + type: integer + type: object + schedule: + default: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + properties: + backup: + default: 30 3 * * * + type: string + check: + default: 30 5 * * 1 + type: string + db: + default: 30 3 * * * + type: string + prune: + default: 30 1 * * 0 + type: string + type: object + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object dependencies: - dist: null category: share diff --git a/apps/nextcloud/postgresql.tf b/apps/nextcloud/postgresql.tf index 3d51075..e883b2d 100644 --- a/apps/nextcloud/postgresql.tf +++ b/apps/nextcloud/postgresql.tf @@ -2,7 +2,7 @@ locals { pg-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "pg" }) - backup-def = var.backups.enable ? { + backup-def = { barmanObjectStore = { destinationPath = "s3://${var.instance}-${var.namespace}/" endpointURL = "${var.backups.endpoint}/barman" @@ -17,7 +17,7 @@ locals { } } } - } : {} + } } resource "kubectl_manifest" "prj_pg" { @@ -38,7 +38,7 @@ resource "kubectl_manifest" "prj_pg" { initdb: database: "${var.component}" owner: "${var.component}" - backup: ${jsonencode(local.backup-def)} + backup: ${jsonencode(var.backups.enable?local.backup-def:{})} EOF } diff --git a/share/authentik/index.yaml b/share/authentik/index.yaml index 7b3bb67..8456c6b 100644 --- a/share/authentik/index.yaml +++ b/share/authentik/index.yaml @@ -11,16 +11,164 @@ options: examples: - info type: string - geoip: - default: /geoip/GeoLite2-City.mmdb + admin: + default: + email: auth-admin examples: - - /geoip/GeoLite2-City.mmdb - type: string + - email: auth-admin + properties: + email: + default: auth-admin + type: string + type: object + email: + default: + port: 587 + timeout: 30 + use_ssl: false + use_tls: false + examples: + - port: 587 + timeout: 30 + use_ssl: false + use_tls: false + properties: + port: + default: 587 + type: integer + timeout: + default: 30 + type: integer + use_ssl: + default: false + type: boolean + use_tls: + default: false + type: boolean + type: object + redis: + default: + exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 8Gi + examples: + - exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 8Gi + properties: + exporter: + default: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + properties: + enabled: + default: true + type: boolean + image: + default: quay.io/opstree/redis-exporter:v1.44.0 + type: string + type: object + image: + default: quay.io/opstree/redis:v7.0.5 + type: string + storage: + default: 8Gi + type: string + type: object ingress-class: default: traefik examples: - traefik type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + image: + default: + project: goauthentik + pullPolicy: IfNotPresent + registry: ghcr.io + repository: goauthentik/server + tag: 2023.5.4 + examples: + - project: goauthentik + pullPolicy: IfNotPresent + registry: ghcr.io + repository: goauthentik/server + tag: 2023.5.4 + properties: + project: + default: goauthentik + type: string + pullPolicy: + default: IfNotPresent + type: string + registry: + default: ghcr.io + type: string + repository: + default: goauthentik/server + type: string + tag: + default: 2023.5.4 + type: string + type: object + postgres: + default: + replicas: 1 + storage: 8Gi + version: '14' + examples: + - replicas: 1 + storage: 8Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 8Gi + type: string + version: + default: '14' + type: string + type: object + sub-domain: + default: auth + examples: + - auth + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + error_reporting: + default: + enabled: false + environment: k8s + send_pii: false + examples: + - enabled: false + environment: k8s + send_pii: false + properties: + enabled: + default: false + type: boolean + environment: + default: k8s + type: string + send_pii: + default: false + type: boolean + type: object backups: default: enable: false @@ -75,164 +223,16 @@ options: default: backup-settings type: string type: object - error_reporting: - default: - enabled: false - environment: k8s - send_pii: false - examples: - - enabled: false - environment: k8s - send_pii: false - properties: - enabled: - default: false - type: boolean - environment: - default: k8s - type: string - send_pii: - default: false - type: boolean - type: object - postgres: - default: - replicas: 1 - storage: 8Gi - version: '14' - examples: - - replicas: 1 - storage: 8Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 8Gi - type: string - version: - default: '14' - type: string - type: object - redis: - default: - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 8Gi - examples: - - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 8Gi - properties: - exporter: - default: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - properties: - enabled: - default: true - type: boolean - image: - default: quay.io/opstree/redis-exporter:v1.44.0 - type: string - type: object - image: - default: quay.io/opstree/redis:v7.0.5 - type: string - storage: - default: 8Gi - type: string - type: object - image: - default: - project: goauthentik - pullPolicy: IfNotPresent - registry: ghcr.io - repository: goauthentik/server - tag: 2023.5.4 - examples: - - project: goauthentik - pullPolicy: IfNotPresent - registry: ghcr.io - repository: goauthentik/server - tag: 2023.5.4 - properties: - project: - default: goauthentik - type: string - pullPolicy: - default: IfNotPresent - type: string - registry: - default: ghcr.io - type: string - repository: - default: goauthentik/server - type: string - tag: - default: 2023.5.4 - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - sub-domain: - default: auth - examples: - - auth - type: string - admin: - default: - email: auth-admin - examples: - - email: auth-admin - properties: - email: - default: auth-admin - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - email: - default: - port: 587 - timeout: 30 - use_ssl: false - use_tls: false - examples: - - port: 587 - timeout: 30 - use_ssl: false - use_tls: false - properties: - port: - default: 587 - type: integer - timeout: - default: 30 - type: integer - use_ssl: - default: false - type: boolean - use_tls: - default: false - type: boolean - type: object domain: default: your-company examples: - your-company type: string + geoip: + default: /geoip/GeoLite2-City.mmdb + examples: + - /geoip/GeoLite2-City.mmdb + type: string dependencies: - dist: null category: core diff --git a/share/authentik/postgresql.tf b/share/authentik/postgresql.tf index e6cd42b..a0c5d81 100644 --- a/share/authentik/postgresql.tf +++ b/share/authentik/postgresql.tf @@ -5,7 +5,7 @@ locals { pool-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "pg-pool" }) - backup-def = var.backups.enable ? { + backup-def = { retentionPolicy = var.backups.retention.db barmanObjectStore = { destinationPath = "s3://${var.instance}-${var.namespace}/" @@ -21,7 +21,7 @@ locals { } } } - } : {} + } } resource "kubectl_manifest" "prj_pg" { @@ -42,7 +42,7 @@ resource "kubectl_manifest" "prj_pg" { initdb: database: "${var.component}" owner: "${var.component}" - backup: ${jsonencode(local.backup-def)} + backup: ${jsonencode(var.backups.enable?local.backup-def:{})} EOF }