adding missng tf files
This commit is contained in:
189
apps/nextcloud/datas.tf
Normal file
189
apps/nextcloud/datas.tf
Normal file
@@ -0,0 +1,189 @@
|
||||
locals {
|
||||
common-labels = {
|
||||
"vynil.solidite.fr/owner-name" = var.instance
|
||||
"vynil.solidite.fr/owner-namespace" = var.namespace
|
||||
"vynil.solidite.fr/owner-category" = var.category
|
||||
"vynil.solidite.fr/owner-component" = var.component
|
||||
"app.kubernetes.io/managed-by" = "vynil"
|
||||
"app.kubernetes.io/name" = var.component
|
||||
"app.kubernetes.io/instance" = var.instance
|
||||
}
|
||||
}
|
||||
|
||||
data "kustomization_overlay" "data" {
|
||||
namespace = var.namespace
|
||||
common_labels = local.common-labels
|
||||
resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml"]
|
||||
images {
|
||||
name = "nextcloud"
|
||||
new_name = "${var.images.nextcloud.registry}/${var.images.nextcloud.repository}"
|
||||
new_tag = "${var.images.nextcloud.tag}"
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "Deployment"
|
||||
name = "nextcloud"
|
||||
}
|
||||
patch = <<-EOF
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nextcloud
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: nextcloud
|
||||
image: "${var.images.nextcloud.registry}/${var.images.nextcloud.repository}:${var.images.nextcloud.tag}"
|
||||
imagePullPolicy: "${var.images.nextcloud.pullPolicy}"
|
||||
env:
|
||||
- name: POSTGRES_HOST
|
||||
value: "${var.instance}-${var.component}"
|
||||
- name: POSTGRES_DB
|
||||
value: "${var.component}"
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
|
||||
- name: NEXTCLOUD_ADMIN_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud
|
||||
key: nextcloud-username
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud
|
||||
key: nextcloud-password
|
||||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: nextcloud.kube.home
|
||||
- name: REDIS_HOST
|
||||
value: "${var.instance}-${var.component}-redis.${var.namespace}.svc"
|
||||
- name: REDIS_HOST_PASSWORD
|
||||
value: ""
|
||||
resources:
|
||||
{}
|
||||
- name: nextcloud-cron
|
||||
image: "${var.images.nextcloud.registry}/${var.images.nextcloud.repository}:${var.images.nextcloud.tag}"
|
||||
imagePullPolicy: "${var.images.nextcloud.pullPolicy}"
|
||||
command:
|
||||
- /cron.sh
|
||||
env:
|
||||
- name: POSTGRES_HOST
|
||||
value: "${var.instance}-${var.component}"
|
||||
- name: POSTGRES_DB
|
||||
value: "${var.component}"
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
|
||||
- name: NEXTCLOUD_ADMIN_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud
|
||||
key: nextcloud-username
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud
|
||||
key: nextcloud-password
|
||||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: nextcloud.kube.home
|
||||
- name: REDIS_HOST
|
||||
value: "${var.instance}-${var.component}-redis.${var.namespace}.svc"
|
||||
- name: REDIS_HOST_PASSWORD
|
||||
value: ""
|
||||
resources:
|
||||
{}
|
||||
- name: nextcloud-nginx
|
||||
image: "${var.images.nginx.registry}/${var.images.nginx.repository}:${var.images.nginx.tag}"
|
||||
imagePullPolicy: "${var.images.nginx.pullPolicy}"
|
||||
resources:
|
||||
{}
|
||||
EOF
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "Deployment"
|
||||
name = "authentik-worker"
|
||||
}
|
||||
patch = <<-EOF
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nextcloud-metrics
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: metrics-exporter
|
||||
image: "${var.images.exporter.registry}/${var.images.exporter.repository}:${var.images.exporter.tag}"
|
||||
imagePullPolicy: "${var.images.exporter.pullPolicy}"
|
||||
env:
|
||||
- name: NEXTCLOUD_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud
|
||||
key: nextcloud-username
|
||||
- name: NEXTCLOUD_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud
|
||||
key: nextcloud-password
|
||||
- name: NEXTCLOUD_SERVER
|
||||
value: "https://${local.dns-name}"
|
||||
- name: NEXTCLOUD_TIMEOUT
|
||||
value: 5s
|
||||
- name: NEXTCLOUD_TLS_SKIP_VERIFY
|
||||
value: "false"
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: 9205
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsNonRoot: true
|
||||
EOF
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "PersistentVolumeClaim"
|
||||
name = "nextcloud-nextcloud"
|
||||
}
|
||||
patch = <<-EOF
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: nextcloud-nextcloud
|
||||
spec:
|
||||
accessModes:
|
||||
- "${var.storage.accessMode}"
|
||||
resources:
|
||||
requests:
|
||||
storage: "${var.storage.size}"
|
||||
EOF
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "HorizontalPodAutoscaler"
|
||||
name = "nextcloud"
|
||||
}
|
||||
patch = <<-EOF
|
||||
apiVersion: autoscaling/v1
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: nextcloud
|
||||
spec:
|
||||
minReplicas: ${var.hpa.min-replicas}
|
||||
maxReplicas: ${var.hpa.max-replicas}
|
||||
targetCPUUtilizationPercentage: ${var.hpa.avg-cpu}
|
||||
EOF
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user