vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2023-10-23 19:53:14 +02:00
parent bab68d5822
commit 2849b6fa1a
5 changed files with 343 additions and 360 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/dbgate/configs.tf
View File

@@ -52,6 +52,7 @@ locals {
"OAUTH_LOGOUT" = "https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/application/o/${var.component}-${var.instance}/end-session/"
"OAUTH_LOGIN_FIELD" = "nickname"
"OAUTH_SCOPE" = "email"
"NODE_EXTRA_CA_CERTS" = "/etc/local-ca/ca.crt"
}
connections = join(",", concat(local.pg_conns, local.maria_conns, local.mongo_conns, local.redis_conns))
connection_vars = merge(local.pg_vars, local.maria_vars, local.mongo_vars, local.redis_vars)
@@ -66,7 +67,7 @@ resource "kubectl_manifest" "dbgate-config" {
name: "${var.component}-${var.instance}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
data: ${jsonencode(var.use-oauth?merge(local.oauth_config, local.connection_vars):local.connection_vars)}
data: ${jsonencode(merge(local.oauth_config, local.connection_vars))}
EOF
}

205
apps/dbgate/index.yaml
View File

@@ -6,10 +6,10 @@ metadata:
name: dbgate
description: null
options:
domain-name:
default: your_company.com
issuer:
default: letsencrypt-prod
examples:
- your_company.com
- letsencrypt-prod
type: string
storage:
default:
@@ -38,103 +38,6 @@ options:
- Block
type: string
type: object
use-oauth:
default: false
examples:
- false
type: boolean
mongo:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
ingress-class:
default: traefik
examples:
- traefik
type: string
sub-domain:
default: dbgate
examples:
- dbgate
type: string
pg:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
redis:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
type: object
type: array
app-group:
default: dev
examples:
- dev
type: string
maria:
default: []
examples:
@@ -164,11 +67,6 @@ options:
type: string
type: object
type: array
domain:
default: your-company
examples:
- your-company
type: string
images:
default:
dbgate:
@@ -208,6 +106,103 @@ options:
type: string
type: object
type: object
ingress-class:
default: traefik
examples:
- traefik
type: string
sub-domain:
default: dbgate
examples:
- dbgate
type: string
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
app-group:
default: dev
examples:
- dev
type: string
redis:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
type: object
type: array
domain:
default: your-company
examples:
- your-company
type: string
mongo:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
pg:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
dependencies:
- dist: null
category: share

36
apps/dbgate/presentation.tf
View File

@@ -37,7 +37,7 @@ module "ingress" {
ingress-class = var.ingress-class
labels = local.common-labels
dns-names = local.dns-names
middlewares = var.use-oauth?[]:["forward-${local.app-name}"]
middlewares = []
service = local.service
providers = {
kubectl = kubectl
@@ -51,14 +51,13 @@ module "application" {
app-group = var.app-group
dns-name = local.dns-name
icon = local.icon
protocol_provider = var.use-oauth?module.oauth2[0].provider-id:module.forward[0].provider-id
protocol_provider = module.oauth2.provider-id
providers = {
authentik = authentik
}
}
module "oauth2" {
count = var.use-oauth?1:0
source = "/dist/modules/oauth2"
component = var.component
instance = var.instance
@@ -72,34 +71,3 @@ module "oauth2" {
authentik = authentik
}
}
provider "restapi" {
uri = "http://authentik.${var.domain}-auth.svc/api/v3/"
headers = local.request_headers
create_method = "PATCH"
update_method = "PATCH"
destroy_method = "PATCH"
write_returns_object = true
id_attribute = "name"
}
module "forward" {
count = var.use-oauth?0:1
source = "/dist/modules/forward"
component = var.component
instance = var.instance
domain = var.domain
namespace = var.namespace
ingress-class = var.ingress-class
labels = local.common-labels
dns-names = local.dns-names
service = local.service
icon = local.icon
request_headers = local.request_headers
providers = {
restapi = restapi
http = http
kubectl = kubectl
authentik = authentik
}
}