diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml index a79cdee..ccffb98 100644 --- a/apps/nextcloud/index.yaml +++ b/apps/nextcloud/index.yaml @@ -6,6 +6,41 @@ metadata: name: nextcloud description: null options: + openid-name: + default: vynil + examples: + - vynil + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + domain: + default: your-company + examples: + - your-company + type: string + hpa: + default: + avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + examples: + - avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + properties: + avg-cpu: + default: 50 + type: integer + max-replicas: + default: 5 + type: integer + min-replicas: + default: 1 + type: integer + type: object apps: default: audioplayer: false @@ -96,6 +131,26 @@ options: default: true type: boolean type: object + admin: + default: + name: nextcloud_admin + examples: + - name: nextcloud_admin + properties: + name: + default: nextcloud_admin + type: string + type: object + sub-domain: + default: files + examples: + - files + type: string + app-group: + default: '' + examples: + - '' + type: string postgres: default: replicas: 1 @@ -116,78 +171,121 @@ options: default: '14' type: string type: object - admin: - default: - name: nextcloud_admin + domain-name: + default: your_company.com examples: - - name: nextcloud_admin - properties: - name: - default: nextcloud_admin - type: string - type: object - app-group: - default: '' - examples: - - '' + - your_company.com type: string - hpa: - default: - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - examples: - - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - properties: - avg-cpu: - default: 50 - type: integer - max-replicas: - default: 5 - type: integer - min-replicas: - default: 1 - type: integer - type: object ingress-class: default: traefik examples: - traefik type: string - redis: + backups: default: - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi + enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + use-barman: false examples: - - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi + - enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + use-barman: false properties: - exporter: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + restic-key: + default: bck-password + type: string + retention: default: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 properties: - enabled: - default: true - type: boolean - image: - default: quay.io/opstree/redis-exporter:v1.44.0 + db: + default: 30d + type: string + keepDaily: + default: 14 + type: integer + keepMonthly: + default: 12 + type: integer + keepWeekly: + default: 6 + type: integer + keepYearly: + default: 12 + type: integer + type: object + schedule: + default: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + properties: + backup: + default: 30 3 * * * + type: string + check: + default: 30 5 * * 1 + type: string + db: + default: 30 3 * * * + type: string + prune: + default: 30 1 * * 0 type: string type: object - image: - default: quay.io/opstree/redis:v7.0.5 + secret-key: + default: s3-secret type: string - storage: - default: 2Gi + secret-name: + default: backup-settings type: string + use-barman: + default: false + type: boolean type: object images: default: @@ -352,117 +450,6 @@ options: type: string type: object type: object - domain: - default: your-company - examples: - - your-company - type: string - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - restic-key: - default: bck-password - type: string - retention: - default: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - properties: - db: - default: 30d - type: string - keepDaily: - default: 14 - type: integer - keepMonthly: - default: 12 - type: integer - keepWeekly: - default: 6 - type: integer - keepYearly: - default: 12 - type: integer - type: object - schedule: - default: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - properties: - backup: - default: 30 3 * * * - type: string - check: - default: 30 5 * * 1 - type: string - db: - default: 30 3 * * * - type: string - prune: - default: 30 1 * * 0 - type: string - type: object - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - use-barman: - default: false - type: boolean - type: object storage: default: accessMode: ReadWriteOnce @@ -482,26 +469,39 @@ options: default: 10Gi type: string type: object - sub-domain: - default: files + redis: + default: + exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi examples: - - files - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - openid-name: - default: vynil - examples: - - vynil - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string + - exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi + properties: + exporter: + default: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + properties: + enabled: + default: true + type: boolean + image: + default: quay.io/opstree/redis-exporter:v1.44.0 + type: string + type: object + image: + default: quay.io/opstree/redis:v7.0.5 + type: string + storage: + default: 2Gi + type: string + type: object dependencies: - dist: null category: share diff --git a/apps/nextcloud/presentation.tf b/apps/nextcloud/presentation.tf index 19d91ce..4a3c1d5 100644 --- a/apps/nextcloud/presentation.tf +++ b/apps/nextcloud/presentation.tf @@ -94,7 +94,7 @@ module "collabora-ingress" { labels = local.collabora-labels dns-names = [local.dns-collabora] middlewares = [] - service = local.service + service = local.collabora-service providers = { kubectl = kubectl } @@ -125,7 +125,7 @@ module "onlyoffice-ingress" { labels = local.onlyoffice-labels dns-names = [local.dns-onlyoffice] middlewares = [] - service = local.service + service = local.onlyoffice-service providers = { kubectl = kubectl } diff --git a/meta/domain-devspaces/apps.tf b/meta/domain-devspaces/apps.tf index 07897ec..6769955 100644 --- a/meta/domain-devspaces/apps.tf +++ b/meta/domain-devspaces/apps.tf @@ -7,7 +7,7 @@ locals { "vynil.solidite.fr/ingress" = var.ingress-class } global = { - "domain" = var.namespace + "domain" = var.domain "domain-name" = var.domain-name "issuer" = var.issuer "ingress-class" = var.ingress-class diff --git a/meta/domain-devspaces/index.yaml b/meta/domain-devspaces/index.yaml index 5ac15d5..c816eec 100644 --- a/meta/domain-devspaces/index.yaml +++ b/meta/domain-devspaces/index.yaml @@ -6,22 +6,16 @@ metadata: name: domain-devspaces description: null options: - stations: - default: [] + issuer: + default: letsencrypt-prod examples: - - [] - items: - properties: - name: - default: '' - type: string - organisations: - default: [] - items: - type: string - type: array - type: object - type: array + - letsencrypt-prod + type: string + app-group: + default: dev + examples: + - dev + type: string organisations: default: [] examples: @@ -63,101 +57,11 @@ options: type: array type: object type: array - domain-name: - default: your_company.com + domain: + default: your-company examples: - - your_company.com + - your-company type: string - external-pgs: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - stations-sub-domain: - default: code - examples: - - code - type: string - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - external-marias: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array external-mongos: default: [] examples: @@ -202,7 +106,37 @@ options: default: domain type: string type: object - external-redis: + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + stations: default: [] examples: - [] @@ -211,9 +145,11 @@ options: name: default: '' type: string - namespace: - default: '' - type: string + organisations: + default: [] + items: + type: string + type: array type: object type: array images: @@ -255,25 +191,34 @@ options: type: number type: object type: object - issuer: - default: letsencrypt-prod + stations-sub-domain: + default: code examples: - - letsencrypt-prod - type: string - domain: - default: your-company - examples: - - your-company + - code type: string ingress-class: default: traefik examples: - traefik type: string - app-group: - default: dev + external-redis: + default: [] examples: - - dev + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + type: object + type: array + domain-name: + default: your_company.com + examples: + - your_company.com type: string storage-classes: default: @@ -353,6 +298,61 @@ options: type: boolean type: object type: object + external-marias: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + external-pgs: + default: [] + examples: + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array dependencies: [] providers: kubernetes: true diff --git a/meta/domain-devspaces/stations.tf b/meta/domain-devspaces/stations.tf index 686682d..44af039 100644 --- a/meta/domain-devspaces/stations.tf +++ b/meta/domain-devspaces/stations.tf @@ -21,6 +21,7 @@ locals { "organisation" = org "usage" = "station" "station" = station + "sub-domain" = "${station.name}.stations" }) if ds.name == dsname ] ]) if org.name == name diff --git a/modules/ingress/ingress.tf b/modules/ingress/ingress.tf index 473df63..6e38939 100644 --- a/modules/ingress/ingress.tf +++ b/modules/ingress/ingress.tf @@ -7,7 +7,7 @@ locals { "backend" = { "service" = var.service } - "path" = "/" + "path" = "/${var.sub-path}" "pathType" = "Prefix" }] } @@ -15,6 +15,7 @@ locals { } resource "kubectl_manifest" "prj_certificate" { + count = var.create-cert?1:0 yaml_body = <<-EOF apiVersion: "cert-manager.io/v1" kind: "Certificate" @@ -33,7 +34,7 @@ resource "kubectl_manifest" "prj_certificate" { } resource "kubectl_manifest" "prj_https_redirect" { - count = var.component==""?1:0 + count = var.create-redirect||var.component==""?1:0 yaml_body = <<-EOF apiVersion: "traefik.containo.us/v1alpha1" kind: "Middleware" @@ -54,7 +55,7 @@ resource "kubectl_manifest" "prj_ingress" { apiVersion: "networking.k8s.io/v1" kind: "Ingress" metadata: - name: "${var.instance}${var.component==""?"":"-"}${var.component}" + name: "${var.instance}${var.component==""?"":"-${var.component}"}" namespace: "${var.namespace}" labels: ${jsonencode(var.labels)} annotations: @@ -64,6 +65,6 @@ resource "kubectl_manifest" "prj_ingress" { rules: ${jsonencode(local.rules)} tls: - hosts: ${jsonencode(var.dns-names)} - secretName: "${var.instance}${var.component==""?"":"-"}${var.component}-cert" + secretName: "${var.instance}${var.secret-component!=""?"-${var.secret-component}":var.component==""?"":"-${var.component}"}-cert" EOF } diff --git a/modules/ingress/variables.tf b/modules/ingress/variables.tf index 1ae73fb..365bb76 100644 --- a/modules/ingress/variables.tf +++ b/modules/ingress/variables.tf @@ -26,3 +26,20 @@ variable "middlewares" { } variable "service" { } + +variable "create-redirect" { + type = bool + default = false +} +variable "create-cert" { + type = bool + default = true +} +variable "sub-path" { + type = string + default = "" +} +variable "secret-component" { + type = string + default = "" +} diff --git a/share/dataset-pg/databases.tf b/share/dataset-pg/databases.tf index 236bf5d..659e0c3 100644 --- a/share/dataset-pg/databases.tf +++ b/share/dataset-pg/databases.tf @@ -1,5 +1,12 @@ + +resource "time_sleep" "wait_pg_ready" { + depends_on = [kubectl_manifest.prj_pg] + + create_duration = "90s" +} + data "kubernetes_secret_v1" "postgresql_password" { - depends_on = [ kubectl_manifest.prj_pg ] + depends_on = [ time_sleep.wait_pg_ready ] metadata { name = "${var.instance}-${var.component}-superuser" namespace = "${var.namespace}" @@ -52,7 +59,7 @@ data "kubernetes_secret_v1" "password_get" { } resource "postgresql_role" "owner" { - depends_on = [ kubectl_manifest.prj_pg ] + depends_on = [ time_sleep.wait_pg_ready ] count = length(local.sorted-dbs) name = "${local.sorted-dbs[count.index].name}" login = true diff --git a/share/dataset-pg/index.yaml b/share/dataset-pg/index.yaml index 8074721..5d4ea2a 100644 --- a/share/dataset-pg/index.yaml +++ b/share/dataset-pg/index.yaml @@ -6,18 +6,49 @@ metadata: name: dataset-pg description: null options: - replicas: - default: 1 + storage: + default: 8Gi examples: - - 1 - type: integer + - 8Gi + type: string + sub-domain: + default: dataset-pg + examples: + - dataset-pg + type: string extentions: default: pool: enable: false + postgrest: + enable: false + image: + pullPolicy: IfNotPresent + registry: docker.io + repository: postgrest/postgrest + tag: v11.2.1 + swagger: + enable: true + pullPolicy: IfNotPresent + registry: docker.io + repository: swaggerapi/swagger-ui + tag: v5.9.0 examples: - pool: enable: false + postgrest: + enable: false + image: + pullPolicy: IfNotPresent + registry: docker.io + repository: postgrest/postgrest + tag: v11.2.1 + swagger: + enable: true + pullPolicy: IfNotPresent + registry: docker.io + repository: swaggerapi/swagger-ui + tag: v5.9.0 properties: pool: default: @@ -27,7 +58,108 @@ options: default: false type: boolean type: object + postgrest: + default: + enable: false + image: + pullPolicy: IfNotPresent + registry: docker.io + repository: postgrest/postgrest + tag: v11.2.1 + swagger: + enable: true + pullPolicy: IfNotPresent + registry: docker.io + repository: swaggerapi/swagger-ui + tag: v5.9.0 + properties: + enable: + default: false + type: boolean + image: + default: + pullPolicy: IfNotPresent + registry: docker.io + repository: postgrest/postgrest + tag: v11.2.1 + properties: + pullPolicy: + default: IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: postgrest/postgrest + type: string + tag: + default: v11.2.1 + type: string + type: object + swagger: + default: + enable: true + pullPolicy: IfNotPresent + registry: docker.io + repository: swaggerapi/swagger-ui + tag: v5.9.0 + properties: + enable: + default: true + type: boolean + pullPolicy: + default: IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: swaggerapi/swagger-ui + type: string + tag: + default: v5.9.0 + type: string + type: object + type: object type: object + databases: + default: [] + items: + properties: + name: + default: db + type: string + type: object + type: array + replicas: + default: 1 + examples: + - 1 + type: integer + ingress-class: + default: traefik + examples: + - traefik + type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + roles: + default: [] + items: + properties: + name: + default: alt-account + type: string + type: object + type: array + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string backups: default: enable: false @@ -82,29 +214,6 @@ options: default: backup-settings type: string type: object - databases: - default: [] - items: - properties: - name: - default: db - type: string - type: object - type: array - storage: - default: 8Gi - examples: - - 8Gi - type: string - roles: - default: [] - items: - properties: - name: - default: alt-account - type: string - type: object - type: array dependencies: - dist: null category: dbo @@ -116,4 +225,5 @@ providers: postgresql: true restapi: null http: null + gitea: null tfaddtype: null diff --git a/share/dataset-pg/postgresql.tf b/share/dataset-pg/postgresql.tf index 2693c23..f7f89ae 100644 --- a/share/dataset-pg/postgresql.tf +++ b/share/dataset-pg/postgresql.tf @@ -1,4 +1,5 @@ locals { + dns-name = "${var.instance}.${var.sub-domain}.${var.domain-name}" pg-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "postgresql" }) @@ -21,6 +22,10 @@ resource "kubectl_manifest" "prj_pg" { size: "${var.storage}" monitoring: enablePodMonitor: true + bootstrap: + initdb: + database: "${var.instance}" + owner: "${var.instance}" EOF ], var.backups.enable?[<<-EOF backup: diff --git a/share/dataset-pg/postgrest.tf b/share/dataset-pg/postgrest.tf new file mode 100644 index 0000000..086683b --- /dev/null +++ b/share/dataset-pg/postgrest.tf @@ -0,0 +1,208 @@ +locals { + prest-labels = merge(local.common-labels, { + "app.kubernetes.io/component" = "postgrest" + }) + prest-dns-name = "api.${local.dns-name}" + prest-service = { + "name" = "${var.instance}-postgrest" + "port" = { + "number" = 80 + } + } + swagger-service = { + "name" = "${var.instance}-swagger" + "port" = { + "number" = 80 + } + } +} + +resource "kubectl_manifest" "postgrest_config" { + yaml_body = <<-EOF + apiVersion: v1 + kind: ConfigMap + metadata: + name: "${var.component}-${var.instance}-postgrest" + namespace: "${var.namespace}" + labels: ${jsonencode(local.prest-labels)} + data: + PGDATABASE: "${var.instance}" + PGHOST: "${var.instance}-${var.component}-pg-rw.${var.namespace}.svc" + PGPORT: 5432 + PGRST_OPENAPI_SERVER_PROXY_URI: "https://${local.prest-dns-name}" + API_URL: "https://${local.prest-dns-name}" + EOF +} + + +resource "kubectl_manifest" "postgrest_deploy" { + count = var.extentions.postgrest.enable ? 1:0 + yaml_body = join("", concat([<<-EOF + apiVersion: apps/v1 + kind: Deployment + metadata: + name: "${var.component}-${var.instance}-postgrest" + namespace: "${var.namespace}" + labels: ${jsonencode(local.prest-labels)} + spec: + replicas: 1 + selector: + matchLabels: ${jsonencode(local.prest-labels)} + template: + metadata: + labels: ${jsonencode(local.prest-labels)} + spec: + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + restartPolicy: Always + containers: + - name: postgrest + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + env: + - name: PGUSER + valueFrom: + secretKeyRef: + key: username + name: "${var.instance}-${var.component}-pg-app" + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: "${var.instance}-${var.component}-pg-app" + envFrom: + - configMapRef: + name: "${var.component}-${var.instance}-postgrest" + image: "${var.extentions.postgrest.image.registry}/${var.extentions.postgrest.image.repository}:${var.extentions.postgrest.image.tag}" + imagePullPolicy: "${var.extentions.postgrest.image.pullPolicy}" + ports: + - containerPort: 3000 + name: http + protocol: TCP + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + EOF + ], var.extentions.postgrest.swagger.enable?[<<-EOF + - name: swagger + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + image: "${var.extentions.postgrest.swagger.registry}/${var.extentions.postgrest.swagger.repository}:${var.extentions.postgrest.swagger.tag}" + imagePullPolicy: "${var.extentions.postgrest.swagger.pullPolicy}" + ports: + - containerPort: 8080 + name: swagger + protocol: TCP + envFrom: + - configMapRef: + name: "${var.component}-${var.instance}-postgrest" + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: swagger + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: swagger + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + EOF + ]:[""])) +} + +module "postgrest-service" { + count = var.extentions.postgrest.enable ? 1 : 0 + source = "/dist/modules/service" + component = "postgrest" + instance = var.instance + namespace = var.namespace + labels = local.prest-labels + target = "http" + port = local.prest-service.port.number + providers = { + kubectl = kubectl + } +} + +module "postgrest-ingress" { + count = var.extentions.postgrest.enable ? 1 : 0 + source = "/dist/modules/ingress" + component = "postgrest" + instance = var.instance + namespace = var.namespace + issuer = var.issuer + ingress-class = var.ingress-class + labels = local.prest-labels + dns-names = [local.prest-dns-name] + create-redirect = true + middlewares = [] + service = local.prest-service + providers = { + kubectl = kubectl + } +} + +module "swagger-service" { + count = var.extentions.postgrest.enable && var.extentions.postgrest.swagger.enable ? 1 : 0 + source = "/dist/modules/service" + component = "swagger" + instance = var.instance + namespace = var.namespace + labels = local.prest-labels + target = "swagger" + port = local.swagger-service.port.number + providers = { + kubectl = kubectl + } +} + +module "swagger-ingress" { + count = var.extentions.postgrest.enable && var.extentions.postgrest.swagger.enable ? 1 : 0 + source = "/dist/modules/ingress" + component = "swagger" + instance = var.instance + namespace = var.namespace + issuer = var.issuer + ingress-class = var.ingress-class + labels = local.prest-labels + dns-names = [local.prest-dns-name] + middlewares = [] + create-cert = false + sub-path = "ui" + secret-component = "postgrest" + service = local.swagger-service + providers = { + kubectl = kubectl + } +} diff --git a/share/organisation/index.yaml b/share/organisation/index.yaml index 732a276..e4c3827 100644 --- a/share/organisation/index.yaml +++ b/share/organisation/index.yaml @@ -6,16 +6,36 @@ metadata: name: organisation description: null options: - ingress-class: - default: traefik + distributions: + default: + core: core + domain: domain examples: - - traefik - type: string + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string + haveGitea: + default: false + examples: + - false + type: boolean + domain: + default: your-company + examples: + - your-company + type: string datasets: default: [] items: @@ -28,6 +48,11 @@ options: type: string type: object type: array + app-group: + default: dev + examples: + - dev + type: string backups: default: enable: false @@ -58,11 +83,6 @@ options: default: backup-settings type: string type: object - app-group: - default: dev - examples: - - dev - type: string stages: default: [] items: @@ -72,36 +92,16 @@ options: type: string type: object type: array - domain: - default: your-company + ingress-class: + default: traefik examples: - - your-company + - traefik type: string - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object domain-name: default: your_company.com examples: - your_company.com type: string - haveGitea: - default: false - examples: - - false - type: boolean dependencies: [] providers: kubernetes: true @@ -110,4 +110,5 @@ providers: postgresql: null restapi: null http: null + gitea: null tfaddtype: null diff --git a/share/organisation/stages.tf b/share/organisation/stages.tf index 8cb7270..455d210 100644 --- a/share/organisation/stages.tf +++ b/share/organisation/stages.tf @@ -25,7 +25,10 @@ locals { for stage in local.sorted-stage-name: flatten([ for name in local.sorted-dataset-name: [ for ds in var.datasets: - merge(ds,{"namespace" = "${var.domain}-${var.instance}-${stage}"}) if ds.name == name + merge(ds,{ + "sub-domain" = "${stage}.${var.instance}" + "namespace" = "${var.domain}-${var.instance}-${stage}" + }) if ds.name == name ] ]) ])