From a0addbd8420edc47ecad7774e42ef340fee1f14a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Fri, 26 Jan 2024 11:14:00 +0100 Subject: [PATCH] fix --- apps/code-server/deploy.tf | 2 +- apps/code-server/index.yaml | 148 ++--- apps/code-server/presentation.tf | 8 +- apps/dbgate/index.yaml | 158 ++--- apps/dbgate/presentation.tf | 6 +- apps/dolibarr/application.tf | 6 +- apps/dolibarr/configmap.tf | 2 +- apps/dolibarr/index.yaml | 426 ++++++------ apps/dolibarr/ingress.tf | 4 +- apps/dolibarr/ldap.tf | 2 +- apps/dolibarr/saml.tf | 2 +- apps/gitea/index.yaml | 542 ++++++++-------- apps/gitea/inline-config.tf | 8 +- apps/gitea/presentation.tf | 6 +- apps/gramo/index.yaml | 56 +- apps/gramo/presentation.tf | 8 +- apps/k8s-api/index.yaml | 12 +- apps/k8s-api/ingress.tf | 2 +- .../apps_v1_Deployment_nextcloud-metrics.yaml | 2 +- .../apps_v1_Deployment_nextcloud.yaml | 2 +- ..._v1_HorizontalPodAutoscaler_nextcloud.yaml | 2 +- apps/nextcloud/index.yaml | 606 +++++++++--------- ...oreos.com_v1_ServiceMonitor_nextcloud.yaml | 2 +- apps/nextcloud/presentation.tf | 10 +- .../v1_ConfigMap_nextcloud-config.yaml | 2 +- .../v1_ConfigMap_nextcloud-nginxconfig.yaml | 2 +- ...istentVolumeClaim_nextcloud-nextcloud.yaml | 2 +- .../v1_Service_nextcloud-metrics.yaml | 2 +- apps/nextcloud/v1_Service_nextcloud.yaml | 2 +- apps/okd/index.yaml | 52 +- apps/okd/presentation.tf | 8 +- apps/sonar/index.yaml | 4 +- apps/traefik-ui/index.yaml | 42 +- apps/traefik-ui/presentation.tf | 8 +- apps/woodpecker/datas.tf | 4 +- apps/woodpecker/gitea_token.tf | 2 +- apps/woodpecker/index.yaml | 122 ++-- apps/woodpecker/presentation.tf | 6 +- meta/domain-apps/apps.tf | 8 +- meta/domain-apps/index.yaml | 110 ++-- meta/domain-auth/apps.tf | 8 +- meta/domain-auth/index.yaml | 190 +++--- meta/domain-ci/apps.tf | 8 +- meta/domain-ci/index.yaml | 128 ++-- meta/domain-devspaces/apps.tf | 14 +- meta/domain-devspaces/index.yaml | 486 +++++++------- meta/domain-erp/apps.tf | 10 +- meta/domain-erp/index.yaml | 76 +-- meta/domain-infra/apps.tf | 10 +- meta/domain-infra/index.yaml | 150 ++--- meta/domain-mail/apps.tf | 8 +- meta/domain-mail/index.yaml | 98 +-- meta/domain-monitor/apps.tf | 10 +- meta/domain-monitor/index.yaml | 174 ++--- meta/domain/index.yaml | 264 ++++---- meta/domain/installs.tf | 8 +- modules/application/application.tf | 2 +- modules/application/variables.tf | 2 +- modules/forward/forward.tf | 2 +- modules/forward/variables.tf | 2 +- modules/ingress/ingress.tf | 2 +- modules/ingress/variables.tf | 2 +- monitor/alertmanager/index.yaml | 6 +- monitor/alertmanager/presentation.tf | 8 +- monitor/grafana/index.yaml | 6 +- monitor/grafana/presentation.tf | 6 +- monitor/loki-dashboard/index.yaml | 4 +- monitor/prometheus/index.yaml | 6 +- monitor/prometheus/presentation.tf | 8 +- monitor/thanos-ruler/index.yaml | 4 +- share/authentik-forward/index.yaml | 16 +- share/authentik/datas.tf | 2 +- share/authentik/index.yaml | 256 ++++---- share/authentik/ingress.tf | 4 +- share/dataset-pg/directus.tf | 6 +- share/dataset-pg/index.yaml | 6 +- share/dataset-pg/postgresql.tf | 2 +- share/dataset-pg/postgrest.tf | 4 +- share/dns/config.tf | 4 +- share/dns/index.yaml | 2 +- share/organisation/gitea-user.tf | 2 +- share/organisation/index.yaml | 6 +- share/organisation/stages.tf | 10 +- share/wildduck/application.tf | 6 +- share/wildduck/haraka.tf | 8 +- share/wildduck/index.yaml | 6 +- share/wildduck/ingress.tf | 6 +- share/wildduck/scimgateway.tf | 2 +- share/wildduck/webmail.tf | 12 +- share/wildduck/wildduck.tf | 6 +- share/wildduck/zonemta.tf | 6 +- 91 files changed, 2236 insertions(+), 2236 deletions(-) diff --git a/apps/code-server/deploy.tf b/apps/code-server/deploy.tf index 2ffbe44..c95f6f9 100644 --- a/apps/code-server/deploy.tf +++ b/apps/code-server/deploy.tf @@ -9,7 +9,7 @@ resource "kubectl_manifest" "deploy" { spec: replicas: 1 hostname: "${var.component}-${var.instance}" - subdomain: "${var.domain-name}" + subdomain: "${var.domain_name}" selector: matchLabels: ${jsonencode(local.common-labels)} template: diff --git a/apps/code-server/index.yaml b/apps/code-server/index.yaml index 0272232..2a32d51 100644 --- a/apps/code-server/index.yaml +++ b/apps/code-server/index.yaml @@ -11,60 +11,6 @@ options: examples: - your-company type: string - admin: - default: - cluster: false - namespace: false - examples: - - cluster: false - namespace: false - properties: - cluster: - default: false - type: boolean - namespace: - default: false - type: boolean - type: object - images: - default: - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 - examples: - - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 - properties: - codeserver: - default: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 - properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent - type: string - registry: - default: docker.io - type: string - repository: - default: sebt3/code-server - type: string - tag: - default: 4.18 - type: number - type: object - type: object storage: default: volume: @@ -107,26 +53,6 @@ options: examples: - Europe/Paris type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - domain-name: - default: your-company.com - examples: - - your-company.com - type: string - ingress-class: - default: traefik - examples: - - traefik - type: string - app-group: - default: dev - examples: - - dev - type: string no-editor: default: false examples: @@ -137,6 +63,80 @@ options: examples: - code type: string + domain_name: + default: your-company.com + examples: + - your-company.com + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string + images: + default: + codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 + examples: + - codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 + properties: + codeserver: + default: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 + properties: + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: sebt3/code-server + type: string + tag: + default: 4.18 + type: number + type: object + type: object + admin: + default: + cluster: false + namespace: false + examples: + - cluster: false + namespace: false + properties: + cluster: + default: false + type: boolean + namespace: + default: false + type: boolean + type: object + app_group: + default: dev + examples: + - dev + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string dependencies: - dist: null category: share diff --git a/apps/code-server/presentation.tf b/apps/code-server/presentation.tf index a15ff6f..ff5c70a 100644 --- a/apps/code-server/presentation.tf +++ b/apps/code-server/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.instance}.${var.sub-domain}.${var.domain-name}" + dns_name = "${var.instance}.${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "_static/src/browser/media/favicon-dark-support.svg" @@ -34,7 +34,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["forward-${local.app_name}"] @@ -48,7 +48,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.forward.provider-id @@ -73,7 +73,7 @@ module "forward" { instance = var.instance domain = var.domain namespace = var.namespace - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names service = local.service diff --git a/apps/dbgate/index.yaml b/apps/dbgate/index.yaml index 42f6010..cf5dd9f 100644 --- a/apps/dbgate/index.yaml +++ b/apps/dbgate/index.yaml @@ -6,6 +6,16 @@ metadata: name: dbgate description: null options: + sub-domain: + default: dbgate + examples: + - dbgate + type: string + domain_name: + default: your_company.com + examples: + - your_company.com + type: string images: default: dbgate: @@ -45,11 +55,45 @@ options: type: string type: object type: object - app-group: + app_group: default: dev examples: - dev type: string + maria: + default: [] + examples: + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + domain: + default: your-company + examples: + - your-company + type: string storage: default: volume: @@ -87,16 +131,40 @@ options: type: string type: object type: object - issuer: - default: letsencrypt-prod + ingress_class: + default: traefik examples: - - letsencrypt-prod + - traefik type: string - domain-name: - default: your_company.com + mongo: + default: [] examples: - - your_company.com - type: string + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array redis: default: [] examples: @@ -111,20 +179,10 @@ options: type: string type: object type: array - domain: - default: your-company + issuer: + default: letsencrypt-prod examples: - - your-company - type: string - sub-domain: - default: dbgate - examples: - - dbgate - type: string - ingress-class: - default: traefik - examples: - - traefik + - letsencrypt-prod type: string pg: default: [] @@ -155,64 +213,6 @@ options: type: string type: object type: array - maria: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - mongo: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array dependencies: - dist: null category: core diff --git a/apps/dbgate/presentation.tf b/apps/dbgate/presentation.tf index 9a71c9f..bf92529 100644 --- a/apps/dbgate/presentation.tf +++ b/apps/dbgate/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "logo192.png" @@ -34,7 +34,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = [] @@ -48,7 +48,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.oauth2.provider-id diff --git a/apps/dolibarr/application.tf b/apps/dolibarr/application.tf index 3f3eddd..0399e67 100644 --- a/apps/dolibarr/application.tf +++ b/apps/dolibarr/application.tf @@ -61,10 +61,10 @@ resource "authentik_policy_binding" "dolibarr_ldap_access_vynil" { resource "authentik_application" "dolibarr_application_saml" { name = "${var.instance}" slug = "${var.component}-${var.instance}" - group = var.app-group + group = var.app_group protocol_provider = authentik_provider_saml.dolibarr.id - meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain-name) - meta_icon = format("https://%s.%s/%s", var.sub-domain, var.domain-name, "theme/dolibarr_256x256_color.png") + meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain_name) + meta_icon = format("https://%s.%s/%s", var.sub-domain, var.domain_name, "theme/dolibarr_256x256_color.png") } resource "authentik_policy_binding" "dolibarr_saml_access_users" { diff --git a/apps/dolibarr/configmap.tf b/apps/dolibarr/configmap.tf index 5ce606c..aef0605 100644 --- a/apps/dolibarr/configmap.tf +++ b/apps/dolibarr/configmap.tf @@ -167,7 +167,7 @@ resource "kubectl_manifest" "config" { DOLI_ADMIN_LOGIN: "admin_${var.instance}" DOLI_MODULES: "modSociete,modBlockedLog,modSamlConnector,modLdap" DOLI_AUTH: "dolibarr" - DOLI_URL_ROOT: "https://${var.sub-domain}.${var.domain-name}" + DOLI_URL_ROOT: "https://${var.sub-domain}.${var.domain_name}" DOLI_LDAP_PORT: "389" DOLI_LDAP_VERSION: "3" DOLI_LDAP_SERVERTYPE: "openldap" diff --git a/apps/dolibarr/index.yaml b/apps/dolibarr/index.yaml index e815cd5..17b8d05 100644 --- a/apps/dolibarr/index.yaml +++ b/apps/dolibarr/index.yaml @@ -6,6 +6,195 @@ metadata: name: dolibarr description: null options: + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + redis: + default: + exporter: + enabled: true + examples: + - exporter: + enabled: true + properties: + exporter: + default: + enabled: true + properties: + enabled: + default: true + type: boolean + type: object + type: object + log-level: + default: 5 + examples: + - 5 + type: integer + storage: + default: + postgres: + size: 5Gi + redis: + size: 2Gi + volume: + accessMode: ReadWriteOnce + size: 1Gi + type: Filesystem + description: Configure this app storage + examples: + - postgres: + size: 5Gi + redis: + size: 2Gi + volume: + accessMode: ReadWriteOnce + size: 1Gi + type: Filesystem + properties: + postgres: + default: + size: 5Gi + properties: + size: + default: 5Gi + type: string + type: object + redis: + default: + size: 2Gi + properties: + size: + default: 2Gi + type: string + type: object + volume: + default: + accessMode: ReadWriteOnce + size: 1Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 1Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - Block + type: string + type: object + type: object + domain: + default: your-company + examples: + - your-company + type: string + app_group: + default: '' + examples: + - '' + type: string + sub-domain: + default: erp + examples: + - erp + type: string + postgres: + default: + replicas: 1 + examples: + - replicas: 1 + properties: + replicas: + default: 1 + type: integer + type: object + hpa: + default: + avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + examples: + - avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + properties: + avg-cpu: + default: 50 + type: integer + max-replicas: + default: 5 + type: integer + min-replicas: + default: 1 + type: integer + type: object + resources: + default: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 100Mi + examples: + - limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 100Mi + properties: + limits: + default: + cpu: 200m + memory: 256Mi + properties: + cpu: + default: 200m + type: string + memory: + default: 256Mi + type: string + type: object + requests: + default: + cpu: 50m + memory: 100Mi + properties: + cpu: + default: 50m + type: string + memory: + default: 100Mi + type: string + type: object + type: object + parameters: + default: + MAIN_LANG_DEFAULT: auto + examples: + - MAIN_LANG_DEFAULT: auto + properties: + MAIN_LANG_DEFAULT: + default: auto + type: string + type: object + ingress_class: + default: traefik + examples: + - traefik + type: string backups: default: enable: false @@ -112,38 +301,34 @@ options: default: false type: boolean type: object - app-group: - default: '' + modules: + default: + - societe examples: - - '' + - - societe + items: + type: string + type: array + domain_name: + default: your_company.com + examples: + - your_company.com type: string - redis: + user-groups: default: - exporter: - enabled: true + - admin: true + name: dolibarr-admin examples: - - exporter: - enabled: true - properties: - exporter: - default: - enabled: true - properties: - enabled: - default: true - type: boolean - type: object - type: object - postgres: - default: - replicas: 1 - examples: - - replicas: 1 - properties: - replicas: - default: 1 - type: integer - type: object + - - admin: true + name: dolibarr-admin + items: + properties: + admin: + type: boolean + name: + type: string + type: object + type: array images: default: dolibarr: @@ -293,191 +478,6 @@ options: type: string type: object type: object - storage: - default: - postgres: - size: 5Gi - redis: - size: 2Gi - volume: - accessMode: ReadWriteOnce - size: 1Gi - type: Filesystem - description: Configure this app storage - examples: - - postgres: - size: 5Gi - redis: - size: 2Gi - volume: - accessMode: ReadWriteOnce - size: 1Gi - type: Filesystem - properties: - postgres: - default: - size: 5Gi - properties: - size: - default: 5Gi - type: string - type: object - redis: - default: - size: 2Gi - properties: - size: - default: 2Gi - type: string - type: object - volume: - default: - accessMode: ReadWriteOnce - size: 1Gi - type: Filesystem - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 1Gi - type: string - type: - default: Filesystem - enum: - - Filesystem - - Block - type: string - type: object - type: object - resources: - default: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 50m - memory: 100Mi - examples: - - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 50m - memory: 100Mi - properties: - limits: - default: - cpu: 200m - memory: 256Mi - properties: - cpu: - default: 200m - type: string - memory: - default: 256Mi - type: string - type: object - requests: - default: - cpu: 50m - memory: 100Mi - properties: - cpu: - default: 50m - type: string - memory: - default: 100Mi - type: string - type: object - type: object - domain: - default: your-company - examples: - - your-company - type: string - parameters: - default: - MAIN_LANG_DEFAULT: auto - examples: - - MAIN_LANG_DEFAULT: auto - properties: - MAIN_LANG_DEFAULT: - default: auto - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - ingress-class: - default: traefik - examples: - - traefik - type: string - hpa: - default: - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - examples: - - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - properties: - avg-cpu: - default: 50 - type: integer - max-replicas: - default: 5 - type: integer - min-replicas: - default: 1 - type: integer - type: object - modules: - default: - - societe - examples: - - - societe - items: - type: string - type: array - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - user-groups: - default: - - admin: true - name: dolibarr-admin - examples: - - - admin: true - name: dolibarr-admin - items: - properties: - admin: - type: boolean - name: - type: string - type: object - type: array - sub-domain: - default: erp - examples: - - erp - type: string - log-level: - default: 5 - examples: - - 5 - type: integer dependencies: - dist: null category: share diff --git a/apps/dolibarr/ingress.tf b/apps/dolibarr/ingress.tf index 902e01d..dc1cbbd 100644 --- a/apps/dolibarr/ingress.tf +++ b/apps/dolibarr/ingress.tf @@ -1,5 +1,5 @@ locals { - dns_names = ["${var.sub-domain}.${var.domain-name}"] + dns_names = ["${var.sub-domain}.${var.domain_name}"] middlewares = ["${var.instance}-https"] service = { "name" = "${var.instance}" @@ -66,7 +66,7 @@ resource "kubectl_manifest" "prj_ingress" { annotations: "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}" spec: - ingressClassName: "${var.ingress-class}" + ingressClassName: "${var.ingress_class}" rules: ${jsonencode(local.rules)} tls: - hosts: ${jsonencode(local.dns_names)} diff --git a/apps/dolibarr/ldap.tf b/apps/dolibarr/ldap.tf index 79bb5c0..34324fd 100644 --- a/apps/dolibarr/ldap.tf +++ b/apps/dolibarr/ldap.tf @@ -5,7 +5,7 @@ data "kubernetes_secret_v1" "authentik" { } } locals { - base-dn = format("dc=%s", join(",dc=", split(".", format("%s.%s", var.sub-domain, var.domain-name)))) + base-dn = format("dc=%s", join(",dc=", split(".", format("%s.%s", var.sub-domain, var.domain_name)))) base-group-dn = format("ou=groups,%s", local.base-dn) base-user-dn = format("ou=users,%s", local.base-dn) authentik_url = "http://authentik.${var.domain}-auth.svc" diff --git a/apps/dolibarr/saml.tf b/apps/dolibarr/saml.tf index fbd8a10..c9970bb 100644 --- a/apps/dolibarr/saml.tf +++ b/apps/dolibarr/saml.tf @@ -47,7 +47,7 @@ resource "authentik_provider_saml" "dolibarr" { name = "dolibarr-${var.instance}-saml" authentication_flow = data.authentik_flow.default-authentication-flow.id authorization_flow = data.authentik_flow.default-authorization-flow.id - acs_url = "https://${var.sub-domain}.${var.domain-name}/custom/samlconnector/acs.php?entity=1&fk_idp=0" + acs_url = "https://${var.sub-domain}.${var.domain_name}/custom/samlconnector/acs.php?entity=1&fk_idp=0" property_mappings = data.authentik_property_mapping_saml.saml_maps.ids name_id_mapping = data.authentik_property_mapping_saml.saml_name.id signing_kp = data.authentik_certificate_key_pair.generated.id diff --git a/apps/gitea/index.yaml b/apps/gitea/index.yaml index d7d5856..07ce884 100644 --- a/apps/gitea/index.yaml +++ b/apps/gitea/index.yaml @@ -9,11 +9,36 @@ metadata: A painless self-hosted Git service. Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. options: - replicas: - default: 1 + load-balancer: + default: + ip: '' examples: - - 1 - type: integer + - ip: '' + properties: + ip: + default: '' + type: string + type: object + sub-domain: + default: git + examples: + - git + type: string + admin: + default: + email: git-admin@git.your_company.com + name: gitea_admin + examples: + - email: git-admin@git.your_company.com + name: gitea_admin + properties: + email: + default: git-admin@git.your_company.com + type: string + name: + default: gitea_admin + type: string + type: object webhook: default: allowed-hosts: private @@ -29,199 +54,92 @@ options: default: false type: boolean type: object - load-balancer: + storage: default: - ip: '' + postgres: + size: 10Gi + redis: + size: 2Gi + volume: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem + description: Configure this app storage examples: - - ip: '' + - postgres: + size: 10Gi + redis: + size: 2Gi + volume: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem properties: - ip: - default: '' - type: string - type: object - push-create: - default: - org: 'true' - private: 'false' - user: 'true' - examples: - - org: 'true' - private: 'false' - user: 'true' - properties: - org: - default: 'true' - type: string - private: - default: 'false' - type: string - user: - default: 'true' - type: string - type: object - redis: - default: - exporter: - enabled: true - examples: - - exporter: - enabled: true - properties: - exporter: + postgres: default: - enabled: true + size: 10Gi properties: - enabled: - default: true - type: boolean + size: + default: 10Gi + type: string + type: object + redis: + default: + size: 2Gi + properties: + size: + default: 2Gi + type: string + type: object + volume: + default: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - Block + type: string type: object type: object - sub-domain: - default: git - examples: - - git - type: string - domain: - default: your-company - examples: - - your-company - type: string - app-group: - default: dev - examples: - - dev - type: string - domain-name: + domain_name: default: your_company.com examples: - your_company.com type: string - ssh-sub-domain: - default: git + ssh-port: + default: 2222 examples: - - git + - 2222 + type: integer + release: + default: 8.3.0 + examples: + - 8.3.0 type: string - issuer: - default: letsencrypt-prod + default-branch: + default: main examples: - - letsencrypt-prod + - main type: string - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 10 3 * * * - check: 10 5 * * 1 - db: 10 3 * * * - prune: 10 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - use-barman: false + app_group: + default: dev examples: - - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 10 3 * * * - check: 10 5 * * 1 - db: 10 3 * * * - prune: 10 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - restic-key: - default: bck-password - type: string - retention: - default: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - properties: - db: - default: 30d - type: string - keepDaily: - default: 14 - type: integer - keepMonthly: - default: 12 - type: integer - keepWeekly: - default: 6 - type: integer - keepYearly: - default: 12 - type: integer - type: object - schedule: - default: - backup: 10 3 * * * - check: 10 5 * * 1 - db: 10 3 * * * - prune: 10 1 * * 0 - properties: - backup: - default: 10 3 * * * - type: string - check: - default: 10 5 * * 1 - type: string - db: - default: 10 3 * * * - type: string - prune: - default: 10 1 * * 0 - type: string - type: object - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - use-barman: - default: false - type: boolean - type: object - postgres: - default: - replicas: 1 - examples: - - replicas: 1 - properties: - replicas: - default: 1 - type: integer - type: object + - dev + type: string images: default: gitea: @@ -353,12 +271,79 @@ options: type: string type: object type: object - default-branch: - default: main + timezone: + default: Europe/Paris examples: - - main + - Europe/Paris type: string - ingress-class: + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + redis: + default: + exporter: + enabled: true + examples: + - exporter: + enabled: true + properties: + exporter: + default: + enabled: true + properties: + enabled: + default: true + type: boolean + type: object + type: object + postgres: + default: + replicas: 1 + examples: + - replicas: 1 + properties: + replicas: + default: 1 + type: integer + type: object + replicas: + default: 1 + examples: + - 1 + type: integer + push-create: + default: + org: 'true' + private: 'false' + user: 'true' + examples: + - org: 'true' + private: 'false' + user: 'true' + properties: + org: + default: 'true' + type: string + private: + default: 'false' + type: string + user: + default: 'true' + type: string + type: object + disable-registration: + default: true + examples: + - true + type: boolean + ssh-sub-domain: + default: git + examples: + - git + type: string + ingress_class: default: traefik examples: - traefik @@ -368,102 +353,117 @@ options: examples: - gitea-modern type: string - ssh-port: - default: 2222 + domain: + default: your-company examples: - - 2222 - type: integer - admin: - default: - email: git-admin@git.your_company.com - name: gitea_admin - examples: - - email: git-admin@git.your_company.com - name: gitea_admin - properties: - email: - default: git-admin@git.your_company.com - type: string - name: - default: gitea_admin - type: string - type: object - timezone: - default: Europe/Paris - examples: - - Europe/Paris + - your-company type: string - disable-registration: - default: true - examples: - - true - type: boolean - storage: + backups: default: - postgres: - size: 10Gi - redis: - size: 2Gi - volume: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem - description: Configure this app storage + enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 10 3 * * * + check: 10 5 * * 1 + db: 10 3 * * * + prune: 10 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + use-barman: false examples: - - postgres: - size: 10Gi - redis: - size: 2Gi - volume: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem + - enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 10 3 * * * + check: 10 5 * * 1 + db: 10 3 * * * + prune: 10 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + use-barman: false properties: - postgres: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + restic-key: + default: bck-password + type: string + retention: default: - size: 10Gi + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 properties: - size: - default: 10Gi - type: string - type: object - redis: - default: - size: 2Gi - properties: - size: - default: 2Gi - type: string - type: object - volume: - default: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: - default: Filesystem - enum: - - Filesystem - - Block + db: + default: 30d + type: string + keepDaily: + default: 14 + type: integer + keepMonthly: + default: 12 + type: integer + keepWeekly: + default: 6 + type: integer + keepYearly: + default: 12 + type: integer + type: object + schedule: + default: + backup: 10 3 * * * + check: 10 5 * * 1 + db: 10 3 * * * + prune: 10 1 * * 0 + properties: + backup: + default: 10 3 * * * + type: string + check: + default: 10 5 * * 1 + type: string + db: + default: 10 3 * * * + type: string + prune: + default: 10 1 * * 0 type: string type: object + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + use-barman: + default: false + type: boolean type: object - release: - default: 8.3.0 - examples: - - 8.3.0 - type: string dependencies: - dist: null category: share diff --git a/apps/gitea/inline-config.tf b/apps/gitea/inline-config.tf index 67a5922..224376f 100644 --- a/apps/gitea/inline-config.tf +++ b/apps/gitea/inline-config.tf @@ -43,15 +43,15 @@ ROOT=/data/git/gitea-repositories EOF server = <<-EOF APP_DATA_PATH=/data -DOMAIN=${var.sub-domain}.${var.domain-name} +DOMAIN=${var.sub-domain}.${var.domain_name} ENABLE_PPROF=false HTTP_PORT=3000 PROTOCOL=http -ROOT_URL=https://${var.sub-domain}.${var.domain-name} -SSH_DOMAIN=${var.sub-domain}.${var.domain-name} +ROOT_URL=https://${var.sub-domain}.${var.domain_name} +SSH_DOMAIN=${var.sub-domain}.${var.domain_name} SSH_LISTEN_PORT=2222 SSH_PORT=${var.ssh-port} -SSH_DOMAIN=${var.ssh-sub-domain}.${var.domain-name} +SSH_DOMAIN=${var.ssh-sub-domain}.${var.domain_name} START_SSH_SERVER=true EOF ui = <<-EOF diff --git a/apps/gitea/presentation.tf b/apps/gitea/presentation.tf index e297e79..7ecc4d8 100644 --- a/apps/gitea/presentation.tf +++ b/apps/gitea/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "assets/img/logo.svg" @@ -34,7 +34,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = [] @@ -48,7 +48,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.oauth2.provider-id diff --git a/apps/gramo/index.yaml b/apps/gramo/index.yaml index e16a2ed..cfe1109 100644 --- a/apps/gramo/index.yaml +++ b/apps/gramo/index.yaml @@ -6,31 +6,6 @@ metadata: name: gramo description: null options: - sub-domain: - default: gramo - examples: - - gramo - type: string - cluster-admin: - default: false - examples: - - false - type: boolean - app-group: - default: infra - examples: - - infra - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - managed: - default: false - examples: - - false - type: boolean images: default: gramo: @@ -70,16 +45,36 @@ options: type: string type: object type: object - ingress-class: - default: traefik + domain_name: + default: your_company.com examples: - - traefik + - your_company.com type: string issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string + managed: + default: false + examples: + - false + type: boolean + cluster-admin: + default: false + examples: + - false + type: boolean + sub-domain: + default: gramo + examples: + - gramo + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string domain: default: your-company examples: @@ -90,6 +85,11 @@ options: items: type: string type: array + app_group: + default: infra + examples: + - infra + type: string dependencies: - dist: null category: share diff --git a/apps/gramo/presentation.tf b/apps/gramo/presentation.tf index 3aa8aed..eb865b2 100644 --- a/apps/gramo/presentation.tf +++ b/apps/gramo/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "icon.svg" @@ -34,7 +34,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["forward-${local.app_name}"] @@ -48,7 +48,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.forward.provider-id @@ -73,7 +73,7 @@ module "forward" { instance = var.instance domain = var.domain namespace = var.namespace - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names service = local.service diff --git a/apps/k8s-api/index.yaml b/apps/k8s-api/index.yaml index 95c560f..97b1dd1 100644 --- a/apps/k8s-api/index.yaml +++ b/apps/k8s-api/index.yaml @@ -11,10 +11,10 @@ options: examples: - your-company type: string - ingress-class: - default: traefik + domain_name: + default: your_company.com examples: - - traefik + - your_company.com type: string sub-domain: default: api @@ -26,10 +26,10 @@ options: examples: - letsencrypt-prod type: string - domain-name: - default: your_company.com + ingress_class: + default: traefik examples: - - your_company.com + - traefik type: string dependencies: - dist: null diff --git a/apps/k8s-api/ingress.tf b/apps/k8s-api/ingress.tf index 63e1433..f4a5931 100644 --- a/apps/k8s-api/ingress.tf +++ b/apps/k8s-api/ingress.tf @@ -1,5 +1,5 @@ locals { - dns_names = ["${var.sub-domain}.${var.domain-name}"] + dns_names = ["${var.sub-domain}.${var.domain_name}"] middlewares = [] services = [{ "kind" = "Service" diff --git a/apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml b/apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml index 619148a..21d66e0 100644 --- a/apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml +++ b/apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud-metrics labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: metrics diff --git a/apps/nextcloud/apps_v1_Deployment_nextcloud.yaml b/apps/nextcloud/apps_v1_Deployment_nextcloud.yaml index 1fdcf6d..7ed08a8 100644 --- a/apps/nextcloud/apps_v1_Deployment_nextcloud.yaml +++ b/apps/nextcloud/apps_v1_Deployment_nextcloud.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: app diff --git a/apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml b/apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml index 3c93769..fec7691 100644 --- a/apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml +++ b/apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: app diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml index ddb2873..a5f686c 100644 --- a/apps/nextcloud/index.yaml +++ b/apps/nextcloud/index.yaml @@ -6,6 +6,11 @@ metadata: name: nextcloud description: null options: + sub-domain: + default: files + examples: + - files + type: string postgres: default: replicas: 1 @@ -16,10 +21,299 @@ options: default: 1 type: integer type: object - app-group: - default: '' + openid-name: + default: vynil examples: - - '' + - vynil + type: string + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + use-barman: false + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + restic-key: bck-password + retention: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + schedule: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + secret-key: s3-secret + secret-name: backup-settings + use-barman: false + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + restic-key: + default: bck-password + type: string + retention: + default: + db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 + properties: + db: + default: 30d + type: string + keepDaily: + default: 14 + type: integer + keepMonthly: + default: 12 + type: integer + keepWeekly: + default: 6 + type: integer + keepYearly: + default: 12 + type: integer + type: object + schedule: + default: + backup: 30 3 * * * + check: 30 5 * * 1 + db: 30 3 * * * + prune: 30 1 * * 0 + properties: + backup: + default: 30 3 * * * + type: string + check: + default: 30 5 * * 1 + type: string + db: + default: 30 3 * * * + type: string + prune: + default: 30 1 * * 0 + type: string + type: object + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + use-barman: + default: false + type: boolean + type: object + redis: + default: + exporter: + enabled: true + examples: + - exporter: + enabled: true + properties: + exporter: + default: + enabled: true + properties: + enabled: + default: true + type: boolean + type: object + type: object + apps: + default: + audioplayer: false + bookmarks: false + bpm: false + calendar: false + collabora: false + contacts: false + deck: false + groupfolders: true + mindmap: false + music: false + notes: false + onlyoffice: false + passman: false + spreed: false + tables: false + tasks: false + texteditor: true + examples: + - audioplayer: false + bookmarks: false + bpm: false + calendar: false + collabora: false + contacts: false + deck: false + groupfolders: true + mindmap: false + music: false + notes: false + onlyoffice: false + passman: false + spreed: false + tables: false + tasks: false + texteditor: true + properties: + audioplayer: + default: false + type: boolean + bookmarks: + default: false + type: boolean + bpm: + default: false + type: boolean + calendar: + default: false + type: boolean + collabora: + default: false + type: boolean + contacts: + default: false + type: boolean + deck: + default: false + type: boolean + groupfolders: + default: true + type: boolean + mindmap: + default: false + type: boolean + music: + default: false + type: boolean + notes: + default: false + type: boolean + onlyoffice: + default: false + type: boolean + passman: + default: false + type: boolean + spreed: + default: false + type: boolean + tables: + default: false + type: boolean + tasks: + default: false + type: boolean + texteditor: + default: true + type: boolean + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + storage: + default: + postgres: + size: 5Gi + redis: + size: 2Gi + volume: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem + description: Configure this app storage + examples: + - postgres: + size: 5Gi + redis: + size: 2Gi + volume: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem + properties: + postgres: + default: + size: 5Gi + properties: + size: + default: 5Gi + type: string + type: object + redis: + default: + size: 2Gi + properties: + size: + default: 2Gi + type: string + type: object + volume: + default: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - Block + type: string + type: object + type: object + domain: + default: your-company + examples: + - your-company + type: string + ingress_class: + default: traefik + examples: + - traefik type: string images: default: @@ -276,6 +570,11 @@ options: type: string type: object type: object + app_group: + default: '' + examples: + - '' + type: string admin: default: name: nextcloud_admin @@ -286,104 +585,11 @@ options: default: nextcloud_admin type: string type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - openid-name: - default: vynil - examples: - - vynil - type: string - storage: - default: - postgres: - size: 5Gi - redis: - size: 2Gi - volume: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem - description: Configure this app storage - examples: - - postgres: - size: 5Gi - redis: - size: 2Gi - volume: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem - properties: - postgres: - default: - size: 5Gi - properties: - size: - default: 5Gi - type: string - type: object - redis: - default: - size: 2Gi - properties: - size: - default: 2Gi - type: string - type: object - volume: - default: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: - default: Filesystem - enum: - - Filesystem - - Block - type: string - type: object - type: object - redis: - default: - exporter: - enabled: true - examples: - - exporter: - enabled: true - properties: - exporter: - default: - enabled: true - properties: - enabled: - default: true - type: boolean - type: object - type: object - domain-name: + domain_name: default: your_company.com examples: - your_company.com type: string - domain: - default: your-company - examples: - - your-company - type: string hpa: default: avg-cpu: 50 @@ -404,212 +610,6 @@ options: default: 1 type: integer type: object - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - restic-key: bck-password - retention: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - schedule: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - restic-key: - default: bck-password - type: string - retention: - default: - db: 30d - keepDaily: 14 - keepMonthly: 12 - keepWeekly: 6 - keepYearly: 12 - properties: - db: - default: 30d - type: string - keepDaily: - default: 14 - type: integer - keepMonthly: - default: 12 - type: integer - keepWeekly: - default: 6 - type: integer - keepYearly: - default: 12 - type: integer - type: object - schedule: - default: - backup: 30 3 * * * - check: 30 5 * * 1 - db: 30 3 * * * - prune: 30 1 * * 0 - properties: - backup: - default: 30 3 * * * - type: string - check: - default: 30 5 * * 1 - type: string - db: - default: 30 3 * * * - type: string - prune: - default: 30 1 * * 0 - type: string - type: object - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - use-barman: - default: false - type: boolean - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - sub-domain: - default: files - examples: - - files - type: string - apps: - default: - audioplayer: false - bookmarks: false - bpm: false - calendar: false - collabora: false - contacts: false - deck: false - groupfolders: true - mindmap: false - music: false - notes: false - onlyoffice: false - passman: false - spreed: false - tables: false - tasks: false - texteditor: true - examples: - - audioplayer: false - bookmarks: false - bpm: false - calendar: false - collabora: false - contacts: false - deck: false - groupfolders: true - mindmap: false - music: false - notes: false - onlyoffice: false - passman: false - spreed: false - tables: false - tasks: false - texteditor: true - properties: - audioplayer: - default: false - type: boolean - bookmarks: - default: false - type: boolean - bpm: - default: false - type: boolean - calendar: - default: false - type: boolean - collabora: - default: false - type: boolean - contacts: - default: false - type: boolean - deck: - default: false - type: boolean - groupfolders: - default: true - type: boolean - mindmap: - default: false - type: boolean - music: - default: false - type: boolean - notes: - default: false - type: boolean - onlyoffice: - default: false - type: boolean - passman: - default: false - type: boolean - spreed: - default: false - type: boolean - tables: - default: false - type: boolean - tasks: - default: false - type: boolean - texteditor: - default: true - type: boolean - type: object dependencies: - dist: null category: share diff --git a/apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml b/apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml index 7b792bc..0b2809f 100644 --- a/apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml +++ b/apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml @@ -6,7 +6,7 @@ metadata: namespace: "vynil-cloud" labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: metrics diff --git a/apps/nextcloud/presentation.tf b/apps/nextcloud/presentation.tf index 6b346e5..52e63d6 100644 --- a/apps/nextcloud/presentation.tf +++ b/apps/nextcloud/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns-collabora = "collabora.${local.dns_name}" dns-onlyoffice = "onlyoffice.${local.dns_name}" dns_names = [local.dns_name] @@ -31,7 +31,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["${var.instance}-sslenforce", "${var.instance}-redirectdav", "${var.instance}-redirectindex"] @@ -45,7 +45,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app-group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.oauth2.provider-id @@ -90,7 +90,7 @@ module "collabora-ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.collabora-labels dns_names = [local.dns-collabora] middlewares = [] @@ -121,7 +121,7 @@ module "onlyoffice-ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.onlyoffice-labels dns_names = [local.dns-onlyoffice] middlewares = [] diff --git a/apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml b/apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml index 8546d9f..e404a96 100644 --- a/apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml +++ b/apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud-config labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm data: diff --git a/apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml b/apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml index ff0f856..c0eff26 100644 --- a/apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml +++ b/apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud-nginxconfig labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm data: diff --git a/apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml b/apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml index d19d073..fc94d3a 100644 --- a/apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml +++ b/apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud-nextcloud labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: app diff --git a/apps/nextcloud/v1_Service_nextcloud-metrics.yaml b/apps/nextcloud/v1_Service_nextcloud-metrics.yaml index 815f114..a680176 100644 --- a/apps/nextcloud/v1_Service_nextcloud-metrics.yaml +++ b/apps/nextcloud/v1_Service_nextcloud-metrics.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud-metrics labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: metrics diff --git a/apps/nextcloud/v1_Service_nextcloud.yaml b/apps/nextcloud/v1_Service_nextcloud.yaml index 0920502..50d029b 100644 --- a/apps/nextcloud/v1_Service_nextcloud.yaml +++ b/apps/nextcloud/v1_Service_nextcloud.yaml @@ -5,7 +5,7 @@ metadata: name: nextcloud labels: app.kubernetes.io/name: nextcloud - helm.sh/chart: nextcloud-4.5.11 + helm.sh/chart: nextcloud-4.5.12 app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: app diff --git a/apps/okd/index.yaml b/apps/okd/index.yaml index a4187cf..3d594cf 100644 --- a/apps/okd/index.yaml +++ b/apps/okd/index.yaml @@ -6,31 +6,26 @@ metadata: name: okd description: null options: - app-group: - default: infra + sub-domain: + default: okd examples: - - infra + - okd type: string - managed: - default: false + ingress_class: + default: traefik examples: - - false - type: boolean + - traefik + type: string + domain: + default: your-company + examples: + - your-company + type: string cluster-admin: default: false examples: - false type: boolean - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string namespaces: default: [] items: @@ -75,20 +70,25 @@ options: type: string type: object type: object - domain: - default: your-company + managed: + default: false examples: - - your-company + - false + type: boolean + domain_name: + default: your_company.com + examples: + - your_company.com type: string - sub-domain: - default: okd + issuer: + default: letsencrypt-prod examples: - - okd + - letsencrypt-prod type: string - ingress-class: - default: traefik + app_group: + default: infra examples: - - traefik + - infra type: string dependencies: - dist: null diff --git a/apps/okd/presentation.tf b/apps/okd/presentation.tf index 90334b1..a322503 100644 --- a/apps/okd/presentation.tf +++ b/apps/okd/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "static/assets/okd-logo.svg" @@ -34,7 +34,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["forward-${local.app_name}"] @@ -48,7 +48,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.forward.provider-id @@ -73,7 +73,7 @@ module "forward" { instance = var.instance domain = var.domain namespace = var.namespace - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names service = local.service diff --git a/apps/sonar/index.yaml b/apps/sonar/index.yaml index 3509f62..e074884 100644 --- a/apps/sonar/index.yaml +++ b/apps/sonar/index.yaml @@ -6,7 +6,7 @@ metadata: name: sonar description: null options: - ingress-class: + ingress_class: default: traefik examples: - traefik @@ -78,7 +78,7 @@ options: examples: - your-company type: string - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/apps/traefik-ui/index.yaml b/apps/traefik-ui/index.yaml index edd4c87..ccf0550 100644 --- a/apps/traefik-ui/index.yaml +++ b/apps/traefik-ui/index.yaml @@ -6,7 +6,27 @@ metadata: name: traefik-ui description: Access to the Traefik UI options: - ingress-class: + domain: + default: your-company + examples: + - your-company + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + app_group: + default: infra + examples: + - infra + type: string + sub-domain: default: traefik examples: - traefik @@ -16,26 +36,6 @@ options: examples: - letsencrypt-prod type: string - sub-domain: - default: traefik - examples: - - traefik - type: string - app-group: - default: infra - examples: - - infra - type: string - domain: - default: your-company - examples: - - your-company - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string dependencies: - dist: null category: share diff --git a/apps/traefik-ui/presentation.tf b/apps/traefik-ui/presentation.tf index 80cfd71..3c5ce83 100644 --- a/apps/traefik-ui/presentation.tf +++ b/apps/traefik-ui/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "dashboard/statics/icons/favicon-96x96.png" @@ -21,7 +21,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["forward-${local.app_name}"] @@ -35,7 +35,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.forward.provider-id @@ -60,7 +60,7 @@ module "forward" { instance = var.instance domain = var.domain namespace = var.namespace - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names service = local.service diff --git a/apps/woodpecker/datas.tf b/apps/woodpecker/datas.tf index acf3c3f..f0fef87 100644 --- a/apps/woodpecker/datas.tf +++ b/apps/woodpecker/datas.tf @@ -150,9 +150,9 @@ data "kustomization_overlay" "data" { - name: WOODPECKER_ADMIN value: "${var.admin-users}" - name: WOODPECKER_HOST - value: "https://${var.sub-domain}.${var.domain-name}" + value: "https://${var.sub-domain}.${var.domain_name}" - name: WOODPECKER_HOST - value: "https://${var.sub-domain}.${var.domain-name}" + value: "https://${var.sub-domain}.${var.domain_name}" envFrom: - secretRef: name: woodpecker-secret diff --git a/apps/woodpecker/gitea_token.tf b/apps/woodpecker/gitea_token.tf index 9fddbe3..bc82482 100644 --- a/apps/woodpecker/gitea_token.tf +++ b/apps/woodpecker/gitea_token.tf @@ -22,7 +22,7 @@ resource "gitea_oauth2_app" "prj" { name = var.component confidential_client = true redirect_uris = [ - "https://${var.sub-domain}.${var.domain-name}/authorize" + "https://${var.sub-domain}.${var.domain_name}/authorize" ] } diff --git a/apps/woodpecker/index.yaml b/apps/woodpecker/index.yaml index 71737b6..e93bd3f 100644 --- a/apps/woodpecker/index.yaml +++ b/apps/woodpecker/index.yaml @@ -6,71 +6,11 @@ metadata: name: woodpecker description: null options: - storage-agent: - default: - size: 10Gi - storageClass: '' - writeMany: 'false' - examples: - - size: 10Gi - storageClass: '' - writeMany: 'false' - properties: - size: - default: 10Gi - type: string - storageClass: - default: '' - type: string - writeMany: - default: 'false' - type: string - type: object - sub-domain: - default: ci - examples: - - ci - type: string - app-group: - default: dev - examples: - - dev - type: string - timeouts: - default: - default: '60' - max: '120' - examples: - - default: '60' - max: '120' - properties: - default: - default: '60' - type: string - max: - default: '120' - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - domain: - default: your-company - examples: - - your-company - type: string - ingress-class: + ingress_class: default: traefik examples: - traefik type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string images: default: agent: @@ -187,11 +127,71 @@ options: default: 10Gi type: string type: object + timeouts: + default: + default: '60' + max: '120' + examples: + - default: '60' + max: '120' + properties: + default: + default: '60' + type: string + max: + default: '120' + type: string + type: object + sub-domain: + default: ci + examples: + - ci + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + storage-agent: + default: + size: 10Gi + storageClass: '' + writeMany: 'false' + examples: + - size: 10Gi + storageClass: '' + writeMany: 'false' + properties: + size: + default: 10Gi + type: string + storageClass: + default: '' + type: string + writeMany: + default: 'false' + type: string + type: object + app_group: + default: dev + examples: + - dev + type: string + domain_name: + default: your_company.com + examples: + - your_company.com + type: string admin-users: default: woodpecker,admin examples: - woodpecker,admin type: string + domain: + default: your-company + examples: + - your-company + type: string dependencies: - dist: null category: apps diff --git a/apps/woodpecker/presentation.tf b/apps/woodpecker/presentation.tf index 4017764..d198a3d 100644 --- a/apps/woodpecker/presentation.tf +++ b/apps/woodpecker/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] icon = "favicons/favicon-light-default.png" service = { @@ -16,7 +16,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = [] @@ -30,7 +30,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon providers = { diff --git a/meta/domain-apps/apps.tf b/meta/domain-apps/apps.tf index 3422c0a..f7f35ce 100644 --- a/meta/domain-apps/apps.tf +++ b/meta/domain-apps/apps.tf @@ -2,15 +2,15 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = "${var.namespace}-auth" - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups } default-mode = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce" diff --git a/meta/domain-apps/index.yaml b/meta/domain-apps/index.yaml index 6ef9696..d637930 100644 --- a/meta/domain-apps/index.yaml +++ b/meta/domain-apps/index.yaml @@ -6,23 +6,11 @@ metadata: name: domain-apps description: null options: - domain-name: - default: your_company.com + domain: + default: your-company examples: - - your_company.com + - your-company type: string - nextcloud: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: nextcloud distributions: default: core: core @@ -38,6 +26,58 @@ options: default: domain type: string type: object + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + nextcloud: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: nextcloud + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string backups: default: enable: false @@ -68,46 +108,6 @@ options: default: backup-settings type: string type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - domain: - default: your-company - examples: - - your-company - type: string - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string dependencies: [] providers: kubernetes: true diff --git a/meta/domain-auth/apps.tf b/meta/domain-auth/apps.tf index a6dc7e7..945291d 100644 --- a/meta/domain-auth/apps.tf +++ b/meta/domain-auth/apps.tf @@ -2,15 +2,15 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = "${var.namespace}-auth" - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups } authentik = { for k, v in var.authentik : k => v if k!="enable" } diff --git a/meta/domain-auth/index.yaml b/meta/domain-auth/index.yaml index f996ae3..fadfd49 100644 --- a/meta/domain-auth/index.yaml +++ b/meta/domain-auth/index.yaml @@ -6,6 +6,91 @@ metadata: name: domain-auth description: null options: + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + domain: + default: your-company + examples: + - your-company + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string + authentik: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + clients: + default: + apps: [] + divisions: [] + enable: false + examples: + - apps: [] + divisions: [] + enable: false + properties: + apps: + default: [] + items: + type: string + type: array + divisions: + default: [] + items: + properties: + apps: + items: + type: string + type: array + name: + type: string + teams: + items: + type: object + type: array + type: object + type: array + enable: + default: false + type: boolean + type: object + authentik-ldap: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object fournisseurs: default: apps: [] @@ -66,35 +151,15 @@ options: default: '' type: string type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - authentik: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - domain: - default: your-company - examples: - - your-company - type: string - clients: + employes: default: apps: [] divisions: [] - enable: false + enable: true examples: - apps: [] divisions: [] - enable: false + enable: true properties: apps: default: [] @@ -118,28 +183,18 @@ options: type: object type: array enable: - default: false + default: true type: boolean type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - distributions: + authentik-forward: default: - core: core - domain: domain + enable: false examples: - - core: core - domain: domain + - enable: false properties: - core: - default: core - type: string - domain: - default: domain - type: string + enable: + default: false + type: boolean type: object issuer: default: letsencrypt-prod @@ -176,61 +231,6 @@ options: default: backup-settings type: string type: object - authentik-forward: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - authentik-ldap: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - employes: - default: - apps: [] - divisions: [] - enable: true - examples: - - apps: [] - divisions: [] - enable: true - properties: - apps: - default: [] - items: - type: string - type: array - divisions: - default: [] - items: - properties: - apps: - items: - type: string - type: array - name: - type: string - teams: - items: - type: object - type: array - type: object - type: array - enable: - default: true - type: boolean - type: object dependencies: [] providers: kubernetes: true diff --git a/meta/domain-ci/apps.tf b/meta/domain-ci/apps.tf index 0cac560..a5b61b5 100644 --- a/meta/domain-ci/apps.tf +++ b/meta/domain-ci/apps.tf @@ -2,15 +2,15 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups } default-mode = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce" diff --git a/meta/domain-ci/index.yaml b/meta/domain-ci/index.yaml index cf05d52..3596e8e 100644 --- a/meta/domain-ci/index.yaml +++ b/meta/domain-ci/index.yaml @@ -11,12 +11,18 @@ options: examples: - your-company type: string - issuer: - default: letsencrypt-prod + gitea: + default: + enable: true examples: - - letsencrypt-prod - type: string - x-vynil-enum-source: issuer + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: gitea distributions: default: core: core @@ -32,6 +38,59 @@ options: default: domain type: string type: object + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + x-vynil-enum-source: issuer + woodpecker: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: woodpecker + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string backups: default: enable: false @@ -62,65 +121,6 @@ options: default: backup-settings type: string type: object - gitea: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: gitea - woodpecker: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: woodpecker - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - ingress-class: - default: traefik - examples: - - traefik - type: string - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object dependencies: [] providers: kubernetes: true diff --git a/meta/domain-devspaces/apps.tf b/meta/domain-devspaces/apps.tf index a5226ad..e12c350 100644 --- a/meta/domain-devspaces/apps.tf +++ b/meta/domain-devspaces/apps.tf @@ -2,21 +2,21 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = "${var.domain}-devspaces" - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.domain - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups - "app-group" = var.app-group + "app_group" = var.app_group } global-apps = merge(local.global, { - "domain-name" = "devtools.${var.domain-name}" - "app-group" = "dev" + "domain_name" = "devtools.${var.domain_name}" + "app_group" = "dev" }) okd = merge({ "namespaces" = concat([ diff --git a/meta/domain-devspaces/index.yaml b/meta/domain-devspaces/index.yaml index 22850c1..ef170e8 100644 --- a/meta/domain-devspaces/index.yaml +++ b/meta/domain-devspaces/index.yaml @@ -11,6 +11,70 @@ options: examples: - your-company type: string + external-pgs: + default: [] + examples: + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + domain_name: + default: your_company.com + examples: + - your_company.com + type: string issuer: default: letsencrypt-prod examples: @@ -57,249 +121,6 @@ options: type: array type: object type: array - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - stations-sub-domain: - default: code - examples: - - code - type: string - external-marias: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - app-group: - default: dev - examples: - - dev - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - external-pgs: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - external-redis: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - type: object - type: array - external-mongos: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object - images: - default: - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 - examples: - - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 - properties: - codeserver: - default: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.18 - properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent - type: string - registry: - default: docker.io - type: string - repository: - default: sebt3/code-server - type: string - tag: - default: 4.18 - type: number - type: object - type: object - stations: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - organisations: - default: [] - items: - type: string - type: array - type: object - type: array apps: default: dbgate: @@ -376,6 +197,185 @@ options: examples: - false type: boolean + stations: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + organisations: + default: [] + items: + type: string + type: array + type: object + type: array + external-marias: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + images: + default: + codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 + examples: + - codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 + properties: + codeserver: + default: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.18 + properties: + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: sebt3/code-server + type: string + tag: + default: 4.18 + type: number + type: object + type: object + external-mongos: + default: [] + examples: + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + ingress_class: + default: traefik + examples: + - traefik + type: string + stations-sub-domain: + default: code + examples: + - code + type: string + app_group: + default: dev + examples: + - dev + type: string + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + external-redis: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + type: object + type: array dependencies: [] providers: kubernetes: true diff --git a/meta/domain-erp/apps.tf b/meta/domain-erp/apps.tf index e30281b..9affdee 100644 --- a/meta/domain-erp/apps.tf +++ b/meta/domain-erp/apps.tf @@ -2,18 +2,18 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } annotations_default = { - "default.vynil.solidite.fr/domain_name" = var.domain-name + "default.vynil.solidite.fr/domain_name" = var.domain_name } global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups } default-mode = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce" diff --git a/meta/domain-erp/index.yaml b/meta/domain-erp/index.yaml index f33bb7a..ddf1c28 100644 --- a/meta/domain-erp/index.yaml +++ b/meta/domain-erp/index.yaml @@ -6,6 +6,26 @@ metadata: name: domain-erp description: null options: + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object storage-classes: default: BlockReadWriteMany: '' @@ -31,33 +51,11 @@ options: default: '' type: string type: object - dolibarr: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: dolibarr - ingress-class: + ingress_class: default: traefik examples: - traefik type: string - domain: - default: your-company - examples: - - your-company - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string backups: default: enable: false @@ -88,26 +86,28 @@ options: default: backup-settings type: string type: object - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string + domain: + default: your-company + examples: + - your-company + type: string + dolibarr: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: apps + x-vynil-package: dolibarr dependencies: [] providers: kubernetes: true diff --git a/meta/domain-infra/apps.tf b/meta/domain-infra/apps.tf index 72ef934..19ba4fd 100644 --- a/meta/domain-infra/apps.tf +++ b/meta/domain-infra/apps.tf @@ -2,17 +2,17 @@ locals { annotations = { "vynil.solidite.fr/meta" = "domain-ci" "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = "admin.${var.domain-name}" + "domain_name" = "admin.${var.domain_name}" "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups - "app-group" = var.app-group + "app_group" = var.app_group } traefik = { for k, v in var.traefik : k => v if k!="enable" } dns = { for k, v in var.dns : k => v if k!="enable" } diff --git a/meta/domain-infra/index.yaml b/meta/domain-infra/index.yaml index 01c9756..89da52b 100644 --- a/meta/domain-infra/index.yaml +++ b/meta/domain-infra/index.yaml @@ -6,7 +6,7 @@ metadata: name: domain-infra description: null options: - dns: + okd: default: enable: false examples: @@ -16,55 +16,25 @@ options: default: false type: boolean type: object - x-vynil-category: share - x-vynil-package: dns - api: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - traefik: - default: - enable: false - namespace: traefik - examples: - - enable: false - namespace: traefik - properties: - enable: - default: false - type: boolean - namespace: - default: traefik - type: string - type: object x-vynil-category: apps - x-vynil-package: traefix-ui - app-group: - default: infra - examples: - - infra - type: string - distributions: + x-vynil-package: okd + gramo: default: - core: core - domain: domain + enable: false examples: - - core: core - domain: domain + - enable: false properties: - core: - default: core - type: string - domain: - default: domain - type: string + enable: + default: false + type: boolean type: object + x-vynil-category: apps + x-vynil-package: gramo + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string storage-classes: default: BlockReadWriteMany: '' @@ -90,45 +60,23 @@ options: default: '' type: string type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - okd: + traefik: default: enable: false + namespace: traefik examples: - enable: false + namespace: traefik properties: enable: default: false type: boolean + namespace: + default: traefik + type: string type: object x-vynil-category: apps - x-vynil-package: okd - gramo: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - x-vynil-category: apps - x-vynil-package: gramo - domain: - default: your-company - examples: - - your-company - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string + x-vynil-package: traefix-ui backups: default: enable: false @@ -159,11 +107,63 @@ options: default: backup-settings type: string type: object - ingress-class: + api: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + domain: + default: your-company + examples: + - your-company + type: string + app_group: + default: infra + examples: + - infra + type: string + dns: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: share + x-vynil-package: dns + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + ingress_class: default: traefik examples: - traefik type: string + domain_name: + default: your_company.com + examples: + - your_company.com + type: string dependencies: [] providers: kubernetes: true diff --git a/meta/domain-mail/apps.tf b/meta/domain-mail/apps.tf index f47104c..dcaa429 100644 --- a/meta/domain-mail/apps.tf +++ b/meta/domain-mail/apps.tf @@ -2,15 +2,15 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups } wildduck = { for k, v in var.wildduck : k => v if k!="enable" } diff --git a/meta/domain-mail/index.yaml b/meta/domain-mail/index.yaml index aa12487..0614891 100644 --- a/meta/domain-mail/index.yaml +++ b/meta/domain-mail/index.yaml @@ -6,41 +6,16 @@ metadata: name: domain-mail description: null options: - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' + domain_name: + default: your_company.com examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object - wildduck: - default: - enable: true + - your_company.com + type: string + issuer: + default: letsencrypt-prod examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object + - letsencrypt-prod + type: string distributions: default: core: core @@ -56,26 +31,11 @@ options: default: domain type: string type: object - ingress-class: + ingress_class: default: traefik examples: - traefik type: string - domain: - default: your-company - examples: - - your-company - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string backups: default: enable: false @@ -106,6 +66,46 @@ options: default: backup-settings type: string type: object + wildduck: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + domain: + default: your-company + examples: + - your-company + type: string dependencies: [] providers: kubernetes: true diff --git a/meta/domain-monitor/apps.tf b/meta/domain-monitor/apps.tf index 9f54eee..1ba6c7e 100644 --- a/meta/domain-monitor/apps.tf +++ b/meta/domain-monitor/apps.tf @@ -2,17 +2,17 @@ locals { annotations = { "vynil.solidite.fr/meta" = "domain-monitor" "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = "monitor.${var.domain-name}" + "domain_name" = "monitor.${var.domain_name}" "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups - "app-group" = var.app-group + "app_group" = var.app_group } grafana = { for k, v in var.grafana : k => v if k!="enable" } prometheus = { for k, v in var.prometheus : k => v if k!="enable" } diff --git a/meta/domain-monitor/index.yaml b/meta/domain-monitor/index.yaml index 134f307..73e6b7c 100644 --- a/meta/domain-monitor/index.yaml +++ b/meta/domain-monitor/index.yaml @@ -6,18 +6,6 @@ metadata: name: domain-monitor description: null options: - dashboards-workload: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: dashboards-workload loki: default: enable: true @@ -30,7 +18,7 @@ options: type: object x-vynil-category: monitor x-vynil-package: loki - dashboards-minimal: + dashboards-workload: default: enable: true examples: @@ -41,12 +29,7 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: dashboards-minimal - app-group: - default: monitor - examples: - - monitor - type: string + x-vynil-package: dashboards-workload node-exporter: default: enable: true @@ -59,35 +42,23 @@ options: type: object x-vynil-category: monitor x-vynil-package: node-exporter - grafana: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: grafana - dashboards-cluster: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: dashboards-cluster domain: default: your-company examples: - your-company type: string + alertmanager: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: alertmanager alerts-containers: default: enable: true @@ -112,30 +83,6 @@ options: type: object x-vynil-category: monitor x-vynil-package: prometheus - alertmanager: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: alertmanager - promtail: - default: - enable: true - examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object - x-vynil-category: monitor - x-vynil-package: promtail storage-classes: default: BlockReadWriteMany: '' @@ -161,7 +108,17 @@ options: default: '' type: string type: object - alerts-core: + ingress_class: + default: traefik + examples: + - traefik + type: string + app_group: + default: monitor + examples: + - monitor + type: string + promtail: default: enable: true examples: @@ -172,19 +129,24 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: alerts-core - monitor-control-plan: - default: - enable: false + x-vynil-package: promtail + domain_name: + default: your_company.com examples: - - enable: false + - your_company.com + type: string + grafana: + default: + enable: true + examples: + - enable: true properties: enable: - default: false + default: true type: boolean type: object x-vynil-category: monitor - x-vynil-package: monitor-control-plan + x-vynil-package: grafana backups: default: enable: false @@ -220,6 +182,42 @@ options: examples: - letsencrypt-prod type: string + kube-state-metrics: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: kube-state-metrics + monitor-control-plan: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: monitor-control-plan + dashboards-minimal: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: dashboards-minimal dashboards-namespace: default: enable: true @@ -232,6 +230,18 @@ options: type: object x-vynil-category: monitor x-vynil-package: dashboards-namespace + dashboards-cluster: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + x-vynil-category: monitor + x-vynil-package: dashboards-cluster distributions: default: core: core @@ -247,12 +257,7 @@ options: default: domain type: string type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - kube-state-metrics: + alerts-core: default: enable: true examples: @@ -263,12 +268,7 @@ options: type: boolean type: object x-vynil-category: monitor - x-vynil-package: kube-state-metrics - domain-name: - default: your_company.com - examples: - - your_company.com - type: string + x-vynil-package: alerts-core dependencies: [] providers: kubernetes: true diff --git a/meta/domain/index.yaml b/meta/domain/index.yaml index d85a530..d446282 100644 --- a/meta/domain/index.yaml +++ b/meta/domain/index.yaml @@ -6,57 +6,6 @@ metadata: name: domain description: null options: - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - apps: - default: - enable: false - nextcloud: - enable: true - examples: - - enable: false - nextcloud: - enable: true - properties: - enable: - default: false - type: boolean - nextcloud: - default: - enable: true - properties: - enable: - default: true - type: boolean - type: object - type: object - x-vynil-category: meta - x-vynil-package: domain-apps - mail: - default: - enable: false - wildduck: - enable: true - examples: - - enable: false - wildduck: - enable: true - properties: - enable: - default: false - type: boolean - wildduck: - default: - enable: true - properties: - enable: - default: true - type: boolean - type: object - type: object storage-classes: default: BlockReadWriteMany: '' @@ -82,50 +31,6 @@ options: default: '' type: string type: object - auth: - default: - authentik: - enable: true - enable: true - examples: - - authentik: - enable: true - enable: true - properties: - authentik: - default: - enable: true - properties: - enable: - default: true - type: boolean - type: object - enable: - default: true - type: boolean - type: object - x-vynil-category: meta - x-vynil-package: domain-auth - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string infra: default: enable: false @@ -150,12 +55,31 @@ options: type: object x-vynil-category: meta x-vynil-package: domain-infra - ingress-class: - default: traefik + apps: + default: + enable: false + nextcloud: + enable: true examples: - - traefik - type: string - devspaces: + - enable: false + nextcloud: + enable: true + properties: + enable: + default: false + type: boolean + nextcloud: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object + type: object + x-vynil-category: meta + x-vynil-package: domain-apps + monitor: default: enable: false examples: @@ -166,7 +90,108 @@ options: type: boolean type: object x-vynil-category: meta - x-vynil-package: domain-devspaces + x-vynil-package: domain-monitor + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + ingress_class: + default: traefik + examples: + - traefik + type: string + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + mail: + default: + enable: false + wildduck: + enable: true + examples: + - enable: false + wildduck: + enable: true + properties: + enable: + default: false + type: boolean + wildduck: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object + type: object + auth: + default: + authentik: + enable: true + enable: true + examples: + - authentik: + enable: true + enable: true + properties: + authentik: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object + enable: + default: true + type: boolean + type: object + x-vynil-category: meta + x-vynil-package: domain-auth ci: default: enable: false @@ -215,7 +240,7 @@ options: type: object x-vynil-category: meta x-vynil-package: domain-erp - monitor: + devspaces: default: enable: false examples: @@ -226,37 +251,12 @@ options: type: boolean type: object x-vynil-category: meta - x-vynil-package: domain-monitor - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings + x-vynil-package: domain-devspaces + issuer: + default: letsencrypt-prod examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object + - letsencrypt-prod + type: string dependencies: [] providers: kubernetes: null diff --git a/meta/domain/installs.tf b/meta/domain/installs.tf index 7861d15..2c4aa1e 100644 --- a/meta/domain/installs.tf +++ b/meta/domain/installs.tf @@ -1,9 +1,9 @@ locals { global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "distributions" = var.distributions "backups" = var.backups "storage-classes"= var.storage-classes @@ -11,9 +11,9 @@ locals { annotations = { "vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } auth = { for k, v in var.auth : k => v if k!="enable" } infra = { for k, v in var.infra : k => v if k!="enable" } diff --git a/modules/application/application.tf b/modules/application/application.tf index d66b910..6b9d03d 100644 --- a/modules/application/application.tf +++ b/modules/application/application.tf @@ -19,7 +19,7 @@ resource "authentik_group" "subgroup" { resource "authentik_application" "prj_app" { name = "${var.instance}" slug = "${var.component}-${var.instance}" - group = var.app-group + group = var.app_group protocol_provider = var.protocol_provider backchannel_providers = var.backchannel_providers meta_launch_url = format("https://%s", var.dns_name) diff --git a/modules/application/variables.tf b/modules/application/variables.tf index 6834e6a..b2398ee 100644 --- a/modules/application/variables.tf +++ b/modules/application/variables.tf @@ -7,7 +7,7 @@ variable "instance" { variable "icon" { type = string } -variable "app-group" { +variable "app_group" { type = string } variable "protocol_provider" { diff --git a/modules/forward/forward.tf b/modules/forward/forward.tf index cb68717..c854473 100644 --- a/modules/forward/forward.tf +++ b/modules/forward/forward.tf @@ -28,7 +28,7 @@ resource "kubectl_manifest" "prj_ingress_icon" { namespace: "${var.namespace}" labels: ${jsonencode(var.labels)} spec: - ingressClassName: "${var.ingress-class}" + ingressClassName: "${var.ingress_class}" rules: ${jsonencode(local.rules-icons)} tls: - hosts: ${jsonencode(var.dns_names)} diff --git a/modules/forward/variables.tf b/modules/forward/variables.tf index d11bb51..b612b8a 100644 --- a/modules/forward/variables.tf +++ b/modules/forward/variables.tf @@ -13,7 +13,7 @@ variable "domain" { variable "namespace" { type = string } -variable "ingress-class" { +variable "ingress_class" { type = string } variable "labels" { diff --git a/modules/ingress/ingress.tf b/modules/ingress/ingress.tf index d392032..76d5ae4 100644 --- a/modules/ingress/ingress.tf +++ b/modules/ingress/ingress.tf @@ -61,7 +61,7 @@ resource "kubectl_manifest" "prj_ingress" { annotations: "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in concat(["${var.instance}-https"],var.middlewares) : format("%s-%s@kubernetescrd", var.namespace, m)])}" spec: - ingressClassName: "${var.ingress-class}" + ingressClassName: "${var.ingress_class}" rules: ${jsonencode(local.rules)} tls: - hosts: ${jsonencode(var.dns_names)} diff --git a/modules/ingress/variables.tf b/modules/ingress/variables.tf index b54db32..ee55242 100644 --- a/modules/ingress/variables.tf +++ b/modules/ingress/variables.tf @@ -10,7 +10,7 @@ variable "namespace" { variable "issuer" { type = string } -variable "ingress-class" { +variable "ingress_class" { type = string } diff --git a/monitor/alertmanager/index.yaml b/monitor/alertmanager/index.yaml index 750b805..2622eba 100644 --- a/monitor/alertmanager/index.yaml +++ b/monitor/alertmanager/index.yaml @@ -6,12 +6,12 @@ metadata: name: alertmanager description: null options: - ingress-class: + ingress_class: default: traefik examples: - traefik type: string - app-group: + app_group: default: monitor examples: - monitor @@ -85,7 +85,7 @@ options: examples: - letsencrypt-prod type: string - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/monitor/alertmanager/presentation.tf b/monitor/alertmanager/presentation.tf index 81f61fc..77c4f7d 100644 --- a/monitor/alertmanager/presentation.tf +++ b/monitor/alertmanager/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "favicon.ico" @@ -21,7 +21,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["forward-${local.app_name}"] @@ -35,7 +35,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.forward.provider-id @@ -60,7 +60,7 @@ module "forward" { instance = var.instance domain = var.domain namespace = var.namespace - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names service = local.service diff --git a/monitor/grafana/index.yaml b/monitor/grafana/index.yaml index bfa0bc6..2b011ef 100644 --- a/monitor/grafana/index.yaml +++ b/monitor/grafana/index.yaml @@ -108,12 +108,12 @@ options: type: string type: object type: object - ingress-class: + ingress_class: default: traefik examples: - traefik type: string - app-group: + app_group: default: monitor examples: - monitor @@ -128,7 +128,7 @@ options: examples: - grafana type: string - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/monitor/grafana/presentation.tf b/monitor/grafana/presentation.tf index 3ec7117..426a477 100644 --- a/monitor/grafana/presentation.tf +++ b/monitor/grafana/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "public/img/grafana_icon.svg" @@ -21,7 +21,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = [] @@ -35,7 +35,7 @@ module "ingress" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon sub_groups = ["admin"] diff --git a/monitor/loki-dashboard/index.yaml b/monitor/loki-dashboard/index.yaml index e890502..1e32c8d 100644 --- a/monitor/loki-dashboard/index.yaml +++ b/monitor/loki-dashboard/index.yaml @@ -6,7 +6,7 @@ metadata: name: loki-dashboard description: null options: - ingress-class: + ingress_class: default: traefik examples: - traefik @@ -65,7 +65,7 @@ options: examples: - to-be-set type: string - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/monitor/prometheus/index.yaml b/monitor/prometheus/index.yaml index 4f33a28..556a5a5 100644 --- a/monitor/prometheus/index.yaml +++ b/monitor/prometheus/index.yaml @@ -80,7 +80,7 @@ options: examples: - false type: boolean - domain-name: + domain_name: default: your_company.com examples: - your_company.com @@ -90,7 +90,7 @@ options: examples: - prometheus type: string - app-group: + app_group: default: monitor examples: - monitor @@ -105,7 +105,7 @@ options: examples: - letsencrypt-prod type: string - ingress-class: + ingress_class: default: traefik examples: - traefik diff --git a/monitor/prometheus/presentation.tf b/monitor/prometheus/presentation.tf index ec3a2ca..60c0e6c 100644 --- a/monitor/prometheus/presentation.tf +++ b/monitor/prometheus/presentation.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.sub-domain}.${var.domain-name}" + dns_name = "${var.sub-domain}.${var.domain_name}" dns_names = [local.dns_name] app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance) icon = "favicon.ico" @@ -21,7 +21,7 @@ module "ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names middlewares = ["forward-${local.app_name}"] @@ -35,7 +35,7 @@ module "application" { source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application" component = var.component instance = var.instance - app_group = var.app-group + app_group = var.app_group dns_name = local.dns_name icon = local.icon protocol_provider = module.forward.provider-id @@ -60,7 +60,7 @@ module "forward" { instance = var.instance domain = var.domain namespace = var.namespace - ingress_class = var.ingress-class + ingress_class = var.ingress_class labels = local.common-labels dns_names = local.dns_names service = local.service diff --git a/monitor/thanos-ruler/index.yaml b/monitor/thanos-ruler/index.yaml index 607673f..e842e50 100644 --- a/monitor/thanos-ruler/index.yaml +++ b/monitor/thanos-ruler/index.yaml @@ -45,12 +45,12 @@ options: type: string type: object type: object - domain-name: + domain_name: default: your_company.com examples: - your_company.com type: string - ingress-class: + ingress_class: default: traefik examples: - traefik diff --git a/share/authentik-forward/index.yaml b/share/authentik-forward/index.yaml index e1a5497..9735b8a 100644 --- a/share/authentik-forward/index.yaml +++ b/share/authentik-forward/index.yaml @@ -6,13 +6,6 @@ metadata: name: authentik-forward description: null options: - sub-domain: - default: null - domain-name: - default: your_company.com - examples: - - your_company.com - type: string domain: default: your-company examples: @@ -23,7 +16,14 @@ options: examples: - letsencrypt-prod type: string - ingress-class: + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + sub-domain: + default: null + ingress_class: default: traefik examples: - traefik diff --git a/share/authentik/datas.tf b/share/authentik/datas.tf index 006caac..8baedf2 100644 --- a/share/authentik/datas.tf +++ b/share/authentik/datas.tf @@ -46,7 +46,7 @@ data "kustomization_overlay" "data" { "AUTHENTIK_POSTGRESQL__PORT=5432", "AUTHENTIK_POSTGRESQL__USER=${var.component}", "AUTHENTIK_REDIS__HOST=${var.name}-${var.component}-redis", - "AUTHENTIK_BOOTSTRAP_EMAIL=${var.admin.email}@${var.domain-name}", + "AUTHENTIK_BOOTSTRAP_EMAIL=${var.admin.email}@${var.domain_name}", ] } patches { diff --git a/share/authentik/index.yaml b/share/authentik/index.yaml index dc4fb5e..0faf0f3 100644 --- a/share/authentik/index.yaml +++ b/share/authentik/index.yaml @@ -23,10 +23,35 @@ options: type: boolean type: object type: object - ingress-class: - default: traefik + postgres: + default: + replicas: 1 examples: - - traefik + - replicas: 1 + properties: + replicas: + default: 1 + type: integer + type: object + admin: + default: + email: auth-admin + examples: + - email: auth-admin + properties: + email: + default: auth-admin + type: string + type: object + domain: + default: your-company + examples: + - your-company + type: string + geoip: + default: /geoip/GeoLite2-City.mmdb + examples: + - /geoip/GeoLite2-City.mmdb type: string email: default: @@ -53,11 +78,110 @@ options: default: false type: boolean type: object - domain-name: + loglevel: + default: info + examples: + - info + type: string + sub-domain: + default: auth + examples: + - auth + type: string + domain_name: default: your_company.com examples: - your_company.com type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + error_reporting: + default: + enabled: false + environment: k8s + send_pii: false + examples: + - enabled: false + environment: k8s + send_pii: false + properties: + enabled: + default: false + type: boolean + environment: + default: k8s + type: string + send_pii: + default: false + type: boolean + type: object + ingress_class: + default: traefik + examples: + - traefik + type: string + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret-key: s3-secret + secret-name: backup-settings + use-barman: false + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret-key: s3-secret + secret-name: backup-settings + use-barman: false + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + retention: + default: + db: 30d + properties: + db: + default: 30d + type: string + type: object + schedule: + default: + db: 0 3 * * * + properties: + db: + default: 0 3 * * * + type: string + type: object + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + use-barman: + default: false + type: boolean + type: object storage: default: postgres: @@ -224,130 +348,6 @@ options: type: string type: object type: object - domain: - default: your-company - examples: - - your-company - type: string - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret-key: s3-secret - secret-name: backup-settings - use-barman: false - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - retention: - default: - db: 30d - properties: - db: - default: 30d - type: string - type: object - schedule: - default: - db: 0 3 * * * - properties: - db: - default: 0 3 * * * - type: string - type: object - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - use-barman: - default: false - type: boolean - type: object - error_reporting: - default: - enabled: false - environment: k8s - send_pii: false - examples: - - enabled: false - environment: k8s - send_pii: false - properties: - enabled: - default: false - type: boolean - environment: - default: k8s - type: string - send_pii: - default: false - type: boolean - type: object - loglevel: - default: info - examples: - - info - type: string - admin: - default: - email: auth-admin - examples: - - email: auth-admin - properties: - email: - default: auth-admin - type: string - type: object - postgres: - default: - replicas: 1 - examples: - - replicas: 1 - properties: - replicas: - default: 1 - type: integer - type: object - geoip: - default: /geoip/GeoLite2-City.mmdb - examples: - - /geoip/GeoLite2-City.mmdb - type: string - sub-domain: - default: auth - examples: - - auth - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string dependencies: - dist: null category: core diff --git a/share/authentik/ingress.tf b/share/authentik/ingress.tf index 902e01d..dc1cbbd 100644 --- a/share/authentik/ingress.tf +++ b/share/authentik/ingress.tf @@ -1,5 +1,5 @@ locals { - dns_names = ["${var.sub-domain}.${var.domain-name}"] + dns_names = ["${var.sub-domain}.${var.domain_name}"] middlewares = ["${var.instance}-https"] service = { "name" = "${var.instance}" @@ -66,7 +66,7 @@ resource "kubectl_manifest" "prj_ingress" { annotations: "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}" spec: - ingressClassName: "${var.ingress-class}" + ingressClassName: "${var.ingress_class}" rules: ${jsonencode(local.rules)} tls: - hosts: ${jsonencode(local.dns_names)} diff --git a/share/dataset-pg/directus.tf b/share/dataset-pg/directus.tf index 86d95c9..6c76611 100644 --- a/share/dataset-pg/directus.tf +++ b/share/dataset-pg/directus.tf @@ -45,7 +45,7 @@ resource "kubectl_manifest" "directus_config" { DB_PORT: "5432" STORAGE_LOCATIONS: "local" STORAGE_LOCAL_ROOT: "/var/store" - ADMIN_EMAIL: "admin@${var.domain-name}" + ADMIN_EMAIL: "admin@${var.domain_name}" NODE_EXTRA_CA_CERTS: "/etc/local-ca/ca.crt" TELEMETRY: "false" AUTH_PROVIDERS: "VYNIL" @@ -216,7 +216,7 @@ module "directus-ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.directus-labels dns_names = [local.directus-dns_name] create-redirect = true @@ -232,7 +232,7 @@ module "directus-application" { source = "/dist/modules/application" component = "directus-${replace(var.sub-domain, ".", "-")}" instance = var.instance - app-group = var.app-group + app_group = var.app_group dns_name = local.directus-dns_name icon = local.directus-icon protocol_provider = module.directus-oauth2[0].provider-id diff --git a/share/dataset-pg/index.yaml b/share/dataset-pg/index.yaml index c3e508c..943a1db 100644 --- a/share/dataset-pg/index.yaml +++ b/share/dataset-pg/index.yaml @@ -6,7 +6,7 @@ metadata: name: dataset-pg description: null options: - app-group: + app_group: default: api examples: - api @@ -278,7 +278,7 @@ options: default: backup-settings type: string type: object - ingress-class: + ingress_class: default: traefik examples: - traefik @@ -340,7 +340,7 @@ options: default: 1 type: integer type: object - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/share/dataset-pg/postgresql.tf b/share/dataset-pg/postgresql.tf index 5eb2c43..df6e929 100644 --- a/share/dataset-pg/postgresql.tf +++ b/share/dataset-pg/postgresql.tf @@ -1,5 +1,5 @@ locals { - dns_name = "${var.instance}.${var.sub-domain}.${var.domain-name}" + dns_name = "${var.instance}.${var.sub-domain}.${var.domain_name}" pg-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "postgresql" }) diff --git a/share/dataset-pg/postgrest.tf b/share/dataset-pg/postgrest.tf index ad5df86..b877998 100644 --- a/share/dataset-pg/postgrest.tf +++ b/share/dataset-pg/postgrest.tf @@ -152,7 +152,7 @@ module "postgrest-ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.prest-labels dns_names = [local.prest-dns_name] create-redirect = true @@ -184,7 +184,7 @@ module "swagger-ingress" { instance = var.instance namespace = var.namespace issuer = var.issuer - ingress-class = var.ingress-class + ingress_class = var.ingress_class labels = local.prest-labels dns_names = [local.prest-dns_name] middlewares = [] diff --git a/share/dns/config.tf b/share/dns/config.tf index 010c71c..0924b22 100644 --- a/share/dns/config.tf +++ b/share/dns/config.tf @@ -23,13 +23,13 @@ locals { } EOF soa-ns = <<-EOF - @ IN SOA ${var.sub-domain}.${var.domain-name}. ${var.domain-name}. ( + @ IN SOA ${var.sub-domain}.${var.domain_name}. ${var.domain_name}. ( ${formatdate("YYYYMMDDhh",timestamp())} ; Serial 4H ; Refresh 1H ; Retry 7D ; Expire 4H ) ; Negative Cache TTL - @ IN NS ${var.sub-domain}.${var.domain-name}. + @ IN NS ${var.sub-domain}.${var.domain_name}. EOF files = merge({ "Corefile" = join("\n", concat([local.begin-core],[for z in var.zones: format("file /etc/coredns/%s.db %s", z.name,z.name)],[local.end-core])) diff --git a/share/dns/index.yaml b/share/dns/index.yaml index 5c4b683..b2e72cf 100644 --- a/share/dns/index.yaml +++ b/share/dns/index.yaml @@ -16,7 +16,7 @@ options: examples: - dns type: string - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/share/organisation/gitea-user.tf b/share/organisation/gitea-user.tf index 02fc2f1..ece8f87 100644 --- a/share/organisation/gitea-user.tf +++ b/share/organisation/gitea-user.tf @@ -83,7 +83,7 @@ resource "gitea_user" "user-ci" { username = "${var.instance}-ci" login_name = "${var.instance}-ci" password = random_password.password.result - email = "${var.instance}-ci@${var.domain-name}" + email = "${var.instance}-ci@${var.domain_name}" must_change_password = true } diff --git a/share/organisation/index.yaml b/share/organisation/index.yaml index b654cda..a1d58ec 100644 --- a/share/organisation/index.yaml +++ b/share/organisation/index.yaml @@ -6,7 +6,7 @@ metadata: name: organisation description: null options: - app-group: + app_group: default: dev examples: - dev @@ -16,7 +16,7 @@ options: examples: - your-company type: string - ingress-class: + ingress_class: default: traefik examples: - traefik @@ -87,7 +87,7 @@ options: type: string type: object type: array - domain-name: + domain_name: default: your_company.com examples: - your_company.com diff --git a/share/organisation/stages.tf b/share/organisation/stages.tf index 99f4885..57e1b49 100644 --- a/share/organisation/stages.tf +++ b/share/organisation/stages.tf @@ -1,17 +1,17 @@ locals { annotations = { "vynil.solidite.fr/name" = "${var.component}" - "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/domain" = var.domain_name "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class + "vynil.solidite.fr/ingress" = var.ingress_class } global = { "domain" = var.namespace - "domain-name" = var.domain-name + "domain_name" = var.domain_name "issuer" = var.issuer - "ingress-class" = var.ingress-class + "ingress_class" = var.ingress_class "backups" = var.backups - "app-group" = var.app-group + "app_group" = var.app_group } sorted-stage-name = reverse(distinct(sort([for s in var.stages: s.name]))) sorted-dataset-name = reverse(distinct(sort([for d in var.datasets: d.name]))) diff --git a/share/wildduck/application.tf b/share/wildduck/application.tf index c0960a3..1a69f2a 100644 --- a/share/wildduck/application.tf +++ b/share/wildduck/application.tf @@ -14,10 +14,10 @@ resource "authentik_application" "prj_app" { name = "${var.instance}" slug = "${var.component}-${var.instance}" #protocol_provider = authentik_provider_oauth2.oauth2.id - group = var.app-group + group = var.app_group backchannel_providers = [authentik_provider_scim.scim.id] - meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain-name) - meta_icon = format("https://%s.%s/%s", var.sub-domain, var.domain-name, "favicon-32x32.png") + meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain_name) + meta_icon = format("https://%s.%s/%s", var.sub-domain, var.domain_name, "favicon-32x32.png") } resource "authentik_policy_expression" "policy" { diff --git a/share/wildduck/haraka.tf b/share/wildduck/haraka.tf index 37d1962..6e06abb 100644 --- a/share/wildduck/haraka.tf +++ b/share/wildduck/haraka.tf @@ -96,11 +96,11 @@ resource "kubernetes_config_map_v1" "haraka_config" { } data = yamldecode(<<-EOF me: |- - ${var.sub-domain}.${var.domain-name} + ${var.sub-domain}.${var.domain_name} host_list: |- # add hosts in here we want to accept mail for - ${var.sub-domain}.${var.domain-name} - ${var.domain-name} + ${var.sub-domain}.${var.domain_name} + ${var.domain_name} ${join("\n ",var.additional-domains)} rspamd.ini: |- host = ${var.instance}-rspamd.${var.namespace}.svc.cluster.local @@ -188,7 +188,7 @@ resource "kubernetes_config_map_v1" "haraka_config" { dkim_sign.ini: |- disabled = true selector = mail - domain = ${var.domain-name} + domain = ${var.domain_name} headers_to_sign = From, Sender, Reply-To, Subject, Date, Message-ID, To, Cc, MIME-Version wildduck.yaml: |- redis: diff --git a/share/wildduck/index.yaml b/share/wildduck/index.yaml index 6453179..a373310 100644 --- a/share/wildduck/index.yaml +++ b/share/wildduck/index.yaml @@ -28,12 +28,12 @@ options: type: boolean type: object type: object - domain-name: + domain_name: default: your_company.com examples: - your_company.com type: string - app-group: + app_group: default: '' examples: - '' @@ -360,7 +360,7 @@ options: type: string type: object type: object - ingress-class: + ingress_class: default: traefik examples: - traefik diff --git a/share/wildduck/ingress.tf b/share/wildduck/ingress.tf index 3b28f80..22b0858 100644 --- a/share/wildduck/ingress.tf +++ b/share/wildduck/ingress.tf @@ -1,6 +1,6 @@ locals { - dns_names = ["${var.sub-domain}.${var.domain-name}"] - cert-names = concat(local.dns_names, ["${var.domain-name}"]) + dns_names = ["${var.sub-domain}.${var.domain_name}"] + cert-names = concat(local.dns_names, ["${var.domain_name}"]) middlewares = ["${var.instance}-https"] service = { "name" = "${var.instance}-webmail" @@ -67,7 +67,7 @@ resource "kubectl_manifest" "prj_ingress" { annotations: "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}" spec: - ingressClassName: "${var.ingress-class}" + ingressClassName: "${var.ingress_class}" rules: ${jsonencode(local.rules)} tls: - hosts: ${jsonencode(local.dns_names)} diff --git a/share/wildduck/scimgateway.tf b/share/wildduck/scimgateway.tf index 4374d18..b061409 100644 --- a/share/wildduck/scimgateway.tf +++ b/share/wildduck/scimgateway.tf @@ -55,7 +55,7 @@ resource "kubectl_manifest" "scimgateway_deploy" { - name: "PORT" value: "8880" - name: "WILDDUCK_DOMAIN" - value: "${var.domain-name}" + value: "${var.domain_name}" - name: "WILDDUCK_API" value: "http://${var.instance}-wildduck-api.${var.namespace}.svc" - name: SEED diff --git a/share/wildduck/webmail.tf b/share/wildduck/webmail.tf index 1670af7..347148c 100644 --- a/share/wildduck/webmail.tf +++ b/share/wildduck/webmail.tf @@ -92,7 +92,7 @@ resource "kubernetes_config_map_v1" "webmail_config" { [service] # email domain for new users - domain="${var.domain-name}" + domain="${var.domain_name}" # default quotas for new users quota=1024 recipients=2000 @@ -102,7 +102,7 @@ resource "kubernetes_config_map_v1" "webmail_config" { allowJoin=false enableSpecial=false # if true the allow creating addresses with special usernames # allowed domains for new addresses - domains=["${var.domain-name}"] + domains=["${var.domain_name}"] generalNotification="" # static notification to show on top of the page @@ -145,7 +145,7 @@ resource "kubernetes_config_map_v1" "webmail_config" { # set to false if not using HTTPS enabled=true # must be https url or use default - appId="https://${var.domain-name}" + appId="https://${var.domain_name}" [log] level="silly" @@ -154,15 +154,15 @@ resource "kubernetes_config_map_v1" "webmail_config" { [setup] # these values are shown in the configuration help page [setup.imap] - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" secure=true port=143 [setup.pop3] - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" secure=true port=110 [setup.smtp] - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" secure=true port=25 EOF diff --git a/share/wildduck/wildduck.tf b/share/wildduck/wildduck.tf index 084ebb1..6fb4f2c 100644 --- a/share/wildduck/wildduck.tf +++ b/share/wildduck/wildduck.tf @@ -173,7 +173,7 @@ resource "kubernetes_config_map_v1" "wildduck_config" { enabled=true [smtp.setup] # Public configuration for SMTP MDA, needed for mobileconfig files - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" secure=true port=465 [webhooks] @@ -312,7 +312,7 @@ resource "kubernetes_config_map_v1" "wildduck_config" { autoExpunge=true [setup] # Public configuration for IMAP - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" secure=true # port defaults to imap.port port=9930 @@ -360,7 +360,7 @@ resource "kubernetes_config_map_v1" "wildduck_config" { cert="/var/opt/certs/tls.crt" [setup] # Public configuration for POP3 - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" secure=true # port defaults to pop3.port port=995 diff --git a/share/wildduck/zonemta.tf b/share/wildduck/zonemta.tf index c003312..53487cb 100644 --- a/share/wildduck/zonemta.tf +++ b/share/wildduck/zonemta.tf @@ -128,7 +128,7 @@ resource "kubernetes_config_map_v1" "zonemta_config" { # Server process must be able to locally bind to these addresses [[default]] address="0.0.0.0" - name="${var.sub-domain}.${var.domain-name}" + name="${var.sub-domain}.${var.domain_name}" # #[[default]] #address="1.2.3.5" @@ -145,7 +145,7 @@ resource "kubernetes_config_map_v1" "zonemta_config" { interfaces=["feeder"] # optional hostname to be used in headers # defaults to os.hostname() - hostname="${var.sub-domain}.${var.domain-name}" + hostname="${var.sub-domain}.${var.domain_name}" # How long to keep auth records in log authlogExpireDays=30 # default smtp recipients for 24h (can be overriden per user) @@ -161,7 +161,7 @@ resource "kubernetes_config_map_v1" "zonemta_config" { # SRS secret value. Must be the same as in the MX side secret="${local.secrets.srs}" # SRS domain, must resolve back to MX - rewriteDomain="${var.domain-name}" + rewriteDomain="${var.domain_name}" # DKIM Settings # ------------- ["modules/zonemta-wildduck".dkim]