vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-05-29 17:16:33 +02:00
parent 3dfe5b4a69
commit 2c671da3f8
11 changed files with 113 additions and 241 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
meta/domain-devspaces/apps.tf
View File

@@ -49,147 +49,19 @@ locals {
"domain_name" = "devtools.${var.domain_name}"
"app_group" = "dev"
})
okd = merge(local.global-apps,{
"namespaces" = concat([
for station in local.sorted-station-names: "${var.domain}-devspaces-${station}"
],flatten([
for org in local.sorted-organisations:[
for stage in reverse(distinct(sort([for s in lookup(org, "stages", []): s.name]))): "${var.domain}-org-${org.name}-${stage}"
]
])
)
}, { for k, v in var.apps.okd : k => v if !contains(["enable","storage","backups"],k) },{
okd = merge(local.global-apps, { for k, v in var.apps.okd : k => v if !contains(["enable","storage","backups"],k) },{
backups = merge(local.global-backups, lookup(var.apps.okd, "backups", {}))
storage = merge({ for k, v in lookup(var.apps.okd, "storage", {}) : k => v if !contains(["volume"],k) }, {
volume = merge(local.global-volume, lookup(lookup(var.apps.okd, "storage", {}), "volume", {}))
})
})
gramo = merge(local.global-apps, {
"namespaces" = concat([
for station in local.sorted-station-names: "${var.domain}-devspaces-${station}"
],flatten([
for org in local.sorted-organisations:[
for stage in reverse(distinct(sort([for s in lookup(org, "stages", []): s.name]))): "${var.domain}-org-${org.name}-${stage}"
]
])
)
}, { for k, v in var.apps.gramo : k => v if !contains(["enable","storage","backups"],k) },{
gramo = merge(local.global-apps, { for k, v in var.apps.gramo : k => v if !contains(["enable","storage","backups"],k) },{
backups = merge(local.global-backups, lookup(var.apps.gramo, "backups", {}))
storage = merge({ for k, v in lookup(var.apps.gramo, "storage", {}) : k => v if !contains(["volume"],k) }, {
volume = merge(local.global-volume, lookup(lookup(var.apps.gramo, "storage", {}), "volume", {}))
})
})
dbgate = merge(local.global-apps, {
"namespaces" = concat([
for station in local.sorted-station-names: "${var.domain}-devspaces-${station}"
],flatten([
for org in local.sorted-organisations:[
for stage in reverse(distinct(sort([for s in lookup(org, "stages", []): s.name]))): "${var.domain}-org-${org.name}-${stage}"
]
])
)
}, {
"pg" = concat(
flatten([for ds in local.sorted-datasets: [for db in lookup(ds, "databases", []): {
"name" = "${ds.name}-dataset-pg"
"namespace" = ds.namespace
"dbname" = db.name
"username" = db.name
"secret" = {
"name" = "${ds.name}-dataset-pg-${db.name}"
"key" = "POSGRESQL_PASSWORD"
}
}] if ds.engine=="pg"]),
flatten([for ds in local.sorted-datasets: {
"name" = "${ds.name}-dataset-pg"
"namespace" = ds.namespace
"dbname" = ds.name
"username" = ds.name
"secret" = {
"name" = "${ds.name}-dataset-pg-app"
"key" = "password"
}
} if ds.engine=="pg"]),
flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): flatten([for ds in org.datasets: [for db in lookup(ds, "databases", []):{
"name" = "${ds.name}-dataset-pg"
"namespace" = "${var.domain}-org-${org.name}-${stage.name}"
"dbname" = db.name
"username" = db.name
"secret" = {
"name" = "${ds.name}-dataset-pg-${db.name}"
"key" = "POSGRESQL_PASSWORD"
}
}] if ds.engine=="pg"])])]),
flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): flatten([for ds in org.datasets: {
"name" = "${ds.name}-dataset-pg"
"namespace" = "${var.domain}-org-${org.name}-${stage.name}"
"dbname" = ds.name
"username" = ds.name
"secret" = {
"name" = "${ds.name}-dataset-pg-app"
"key" = "password"
}
} if ds.engine=="pg"])])]),
var.external-pgs
)
"maria" = concat(
flatten([for ds in local.sorted-datasets: {
"name" = "${ds.name}-dataset-maria"
"namespace" = ds.namespace
"dbname" = ds.name
"username" = ds.name
"secret" = {
"name" = "${ds.name}-dataset-maria"
"key" = "password"
}
} if ds.engine=="maria"]),
flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: {
"name" = "${ds.name}-dataset-maria"
"namespace" = "${var.domain}-org-${org.name}-${stage.name}"
"dbname" = ds.name
"username" = ds.name
"secret" = {
"name" = "${ds.name}-dataset-maria"
"key" = "password"
}
} if ds.engine=="maria"]])]),
var.external-marias
)
"mongo" = concat(
flatten([for ds in local.sorted-datasets: {
"name" = "${ds.name}-dataset-mongo"
"namespace" = ds.namespace
"dbname" = ds.name
"username" = ds.name
"secret" = {
"name" = "${ds.name}-dataset-mongo"
"key" = "password"
}
} if ds.engine=="mongo"]),
flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: {
"name" = "${ds.name}-dataset-mongo"
"namespace" = "${var.domain}-org-${org.name}-${stage.name}"
"dbname" = ds.name
"username" = ds.name
"secret" = {
"name" = "${ds.name}-dataset-mongo"
"key" = "password"
}
} if ds.engine=="mongo"]])]),
var.external-mongos
)
"redis" = concat(
flatten([for ds in local.sorted-datasets: {
"name" = "${ds.name}-dataset-redis"
"namespace" = ds.namespace
} if ds.engine=="mongo"]),
flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: {
"name" = "${ds.name}-dataset-redis"
"namespace" = "${var.domain}-org-${org.name}-${stage.name}"
} if ds.engine=="mongo"]])]),
var.external-redis
)
}, { for k, v in var.apps.dbgate : k => v if !contains(["enable","storage","backups"],k) },{
dbgate = merge(local.global-apps, { for k, v in var.apps.dbgate : k => v if !contains(["enable","storage","backups"],k) },{
backups = merge(local.global-backups, lookup(var.apps.dbgate, "backups", {}))
storage = merge({ for k, v in lookup(var.apps.dbgate, "storage", {}) : k => v if !contains(["volume"],k) }, {
volume = merge(local.global-volume, lookup(lookup(var.apps.dbgate, "storage", {}), "volume", {}))

71
meta/domain/installs.tf
View File

@@ -71,7 +71,7 @@ locals {
})
# Force install authentik and it's modules when any are needed
use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable)
use-ldap = var.erp.enable && var.erp.dolibarr.enable
use-forward = var.infra.enable && var.infra.traefik.enable
use-other-auth = false
added-auth-ldap = local.use-ldap?{
@@ -100,73 +100,6 @@ locals {
"divisions" = []
}
}
devspaces-custom = {
external-pgs = concat(var.erp.enable&&var.erp.dolibarr.enable?[{
"name" = "dolibarr-dolibarr-pg"
"dbname" = "dolibarr"
"username" = "dolibarr"
"namespace" = "${var.namespace}-erp"
"secret" = {
"name" = "dolibarr-dolibarr-pg-app"
"key" = "password"
}
}]:[], var.apps.enable&&var.apps.nextcloud.enable?[{
"name" = "nextcloud-nextcloud-pg"
"dbname" = "nextcloud"
"username" = "nextcloud"
"namespace" = "${var.namespace}-files"
"secret" = {
"name" = "nextcloud-nextcloud-pg-app"
"key" = "password"
}
}]:[], var.auth.enable&&lookup(lookup(merge(var.auth,local.added-auth), "authentik",{}),"enable",false)?[{
"name" = "authentik-authentik-pg"
"dbname" = "authentik"
"username" = "authentik"
"namespace" = "${var.namespace}-auth"
"secret" = {
"name" = "authentik-authentik-pg-app"
"key" = "password"
}
}]:[], var.ci.enable&&var.ci.gitea.enable?[{
"name" = "gitea-gitea-pg"
"dbname" = "gitea"
"username" = "gitea"
"namespace" = "${var.namespace}-ci"
"secret" = {
"name" = "gitea-gitea-pg-app"
"key" = "password"
}
}]:[], lookup(var.devspaces, "external-pgs", []))
external-mongos = concat(var.mail.enable&&var.mail.wildduck.enable?[{
"name" = "wildduck-wildduck-mongo"
"dbname" = "wildduck"
"username" = "wildduck"
"namespace" = "${var.namespace}-mail"
"secret" = {
"name" = "wildduck-wildduck-mongo"
"key" = "password"
}
}]:[], lookup(var.devspaces, "external-mongos", []))
external-redis = concat(var.mail.enable&&var.mail.wildduck.enable?[{
"name" = "wildduck-wildduck-redis"
"namespace" = "${var.namespace}-mail"
}]:[], var.auth.enable&&lookup(lookup(merge(var.auth,local.added-auth), "authentik",{}),"enable",false)?[{
"name" = "authentik-authentik-redis"
"namespace" = "${var.namespace}-auth"
"secret" = {
"name" = "authentik"
"key" = "AUTHENTIK_REDIS__PASSWORD"
}
}]:[], var.erp.enable&&var.erp.dolibarr.enable?[{
"name" = "dolibarr-dolibarr-redis"
"namespace" = "${var.namespace}-erp"
}]:[], var.apps.enable&&var.apps.nextcloud.enable?[{
"name" = "nextcloud-nextcloud-redis"
"namespace" = "${var.namespace}-files"
}]:[], lookup(var.devspaces, "external-redis", []))
"haveGitea" = var.ci.enable && var.ci.gitea.enable
}
}
resource "kubectl_manifest" "auth" {
@@ -294,6 +227,6 @@ resource "kubectl_manifest" "devspaces" {
distrib: "${var.distributions.domain}"
category: "meta"
component: "domain-devspaces"
options: ${jsonencode(merge(local.devspaces, local.devspaces-custom))}
options: ${jsonencode(local.devspaces)}
EOF
}