vynil/domain-incoming
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a0addbd8420edc47ecad7774e42ef340fee1f14a
domain-incoming/meta/domain/installs.tf
Sébastien Huss a0addbd842 fix
2024-01-26 11:14:00 +01:00

254 lines
8.0 KiB
HCL
Raw Blame History

locals {
global = {
"domain" = var.namespace
"domain_name" = var.domain_name
"issuer" = var.issuer
"ingress_class" = var.ingress_class
"distributions" = var.distributions
"backups" = var.backups
"storage-classes"= var.storage-classes
}
annotations = {
"vynil.solidite.fr/meta" = var.component
"vynil.solidite.fr/name" = var.namespace
"vynil.solidite.fr/domain" = var.domain_name
"vynil.solidite.fr/issuer" = var.issuer
"vynil.solidite.fr/ingress" = var.ingress_class
}
auth = { for k, v in var.auth : k => v if k!="enable" }
infra = { for k, v in var.infra : k => v if k!="enable" }
ci = { for k, v in var.ci : k => v if k!="enable" }
erp = { for k, v in var.erp : k => v if k!="enable" }
apps = { for k, v in var.apps : k => v if k!="enable" }
mail = { for k, v in var.mail : k => v if k!="enable" }
monitor = { for k, v in var.monitor : k => v if k!="enable" }
devspaces = { for k, v in var.devspaces : k => v if k!="enable" }
# Force install authentik and it's modules when any are needed
use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable)
use-forward = var.infra.enable && var.infra.traefik.enable
use-other-auth = false
added-auth-ldap = local.use-ldap?{
"authentik-ldap" = {"enable"= true}
}:{}
added-auth-forward = local.use-forward?{
"authentik-forward" = {"enable"= true}
}:{}
added-auth = local.use-ldap||local.use-forward||local.use-other-auth?merge({
"authentik" = {"enable" = true}
},local.added-auth-ldap,local.added-auth-forward):{}
divisions = {
"clients" = {
"enable" = false
"apps" = []
"divisions" = []
}
"employes" = {
"enable" = true
"apps" = []
"divisions" = []
}
"fournisseurs" = {
"enable" = false
"apps" = []
"divisions" = []
}
}
devspaces-custom = {
external-pgs = concat(var.erp.enable&&var.erp.dolibarr.enable?[{
"name" = "dolibarr-dolibarr-pg"
"dbname" = "dolibarr"
"username" = "dolibarr"
"namespace" = "${var.namespace}-erp"
"secret" = {
"name" = "dolibarr-dolibarr-pg-app"
"key" = "password"
}
}]:[], var.apps.enable&&var.apps.nextcloud.enable?[{
"name" = "nextcloud-nextcloud-pg"
"dbname" = "nextcloud"
"username" = "nextcloud"
"namespace" = "${var.namespace}-files"
"secret" = {
"name" = "nextcloud-nextcloud-pg-app"
"key" = "password"
}
}]:[], var.auth.enable&&lookup(lookup(merge(var.auth,local.added-auth), "authentik",{}),"enable",false)?[{
"name" = "authentik-authentik-pg"
"dbname" = "authentik"
"username" = "authentik"
"namespace" = "${var.namespace}-auth"
"secret" = {
"name" = "authentik-authentik-pg-app"
"key" = "password"
}
}]:[], var.ci.enable&&var.ci.gitea.enable?[{
"name" = "gitea-gitea-pg"
"dbname" = "gitea"
"username" = "gitea"
"namespace" = "${var.namespace}-ci"
"secret" = {
"name" = "gitea-gitea-pg-app"
"key" = "password"
}
}]:[], lookup(var.devspaces, "external-pgs", []))
external-mongos = concat(var.mail.enable&&var.mail.wildduck.enable?[{
"name" = "wildduck-wildduck-mongo"
"dbname" = "wildduck"
"username" = "wildduck"
"namespace" = "${var.namespace}-mail"
"secret" = {
"name" = "wildduck-wildduck-mongo"
"key" = "password"
}
}]:[], lookup(var.devspaces, "external-mongos", []))
external-redis = concat(var.mail.enable&&var.mail.wildduck.enable?[{
"name" = "wildduck-wildduck-redis"
"namespace" = "${var.namespace}-mail"
}]:[], var.auth.enable&&lookup(lookup(merge(var.auth,local.added-auth), "authentik",{}),"enable",false)?[{
"name" = "authentik-authentik-redis"
"namespace" = "${var.namespace}-auth"
"secret" = {
"name" = "authentik"
"key" = "AUTHENTIK_REDIS__PASSWORD"
}
}]:[], var.erp.enable&&var.erp.dolibarr.enable?[{
"name" = "dolibarr-dolibarr-redis"
"namespace" = "${var.namespace}-erp"
}]:[], var.apps.enable&&var.apps.nextcloud.enable?[{
"name" = "nextcloud-nextcloud-redis"
"namespace" = "${var.namespace}-files"
}]:[], lookup(var.devspaces, "external-redis", []))
"haveGitea" = var.ci.enable && var.ci.gitea.enable
}
}
resource "kubectl_manifest" "auth" {
count = var.auth.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "auth"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-auth"
options: ${jsonencode(merge(local.global, local.added-auth, local.divisions, local.auth))}
EOF
}
resource "kubectl_manifest" "infra" {
count = var.infra.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "infra"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-infra"
options: ${jsonencode(merge(local.global, local.infra))}
EOF
}
resource "kubectl_manifest" "ci" {
count = var.ci.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "ci"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-ci"
options: ${jsonencode(merge(local.global, local.ci))}
EOF
}
resource "kubectl_manifest" "erp" {
count = var.erp.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "erp"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-erp"
options: ${jsonencode(merge(local.global, local.erp))}
EOF
}
resource "kubectl_manifest" "apps" {
count = var.apps.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "apps"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-apps"
options: ${jsonencode(merge(local.global, local.apps))}
EOF
}
resource "kubectl_manifest" "mail" {
count = var.mail.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "mail"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-mail"
options: ${jsonencode(merge(local.global, local.mail))}
EOF
}
resource "kubectl_manifest" "monitor" {
count = var.monitor.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "monitor"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-monitor"
options: ${jsonencode(merge(local.global, local.monitor))}
EOF
}
resource "kubectl_manifest" "devspaces" {
count = var.devspaces.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "devspaces"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-devspaces"
options: ${jsonencode(merge(local.global, local.devspaces, local.devspaces-custom))}
EOF
}
Reference in New Issue View Git Blame Copy Permalink