fix
This commit is contained in:
@@ -7,6 +7,7 @@ resource "kubectl_manifest" "config" {
|
||||
namespace: "${var.namespace}"
|
||||
labels: ${jsonencode(local.common-labels)}
|
||||
data:
|
||||
NODE_EXTRA_CA_CERTS: /etc/local-ca/ca.crt
|
||||
INVITE_ONLY_SIGNUP: "true"
|
||||
TELEMETRY_ENABLED: "false"
|
||||
REDIS_URL: "${module.redis.url}"
|
||||
|
||||
@@ -20,7 +20,7 @@ resource "kubectl_manifest" "deploy" {
|
||||
containers:
|
||||
- name: infisical-backend
|
||||
image: "${var.images.infisical.registry}/${var.images.infisical.repository}:${var.images.infisical.tag}"
|
||||
imagePullPolicy: "${var.images.infisical.pullPolicy}"
|
||||
imagePullPolicy: "${var.images.infisical.pull_policy}"
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /api/status
|
||||
@@ -36,5 +36,15 @@ resource "kubectl_manifest" "deploy" {
|
||||
name: "${kubectl_manifest.config.name}"
|
||||
- secretRef:
|
||||
name: "${kubectl_manifest.secret.name}"
|
||||
volumeMounts:
|
||||
- name: certs
|
||||
mountPath: /etc/local-ca
|
||||
readOnly: true
|
||||
restartPolicy: Always
|
||||
volumes:
|
||||
- name: certs
|
||||
secret:
|
||||
secretName: "${module.ingress.sercret_name}"
|
||||
defaultMode: 0444
|
||||
EOF
|
||||
}
|
||||
|
||||
@@ -6,63 +6,90 @@ metadata:
|
||||
name: infisical
|
||||
description: null
|
||||
options:
|
||||
sub_domain:
|
||||
default: infisical
|
||||
examples:
|
||||
- infisical
|
||||
type: string
|
||||
replicas:
|
||||
default: 1
|
||||
examples:
|
||||
- 1
|
||||
type: integer
|
||||
domain:
|
||||
default: your-company
|
||||
app_group:
|
||||
default: apps
|
||||
examples:
|
||||
- your-company
|
||||
- apps
|
||||
type: string
|
||||
domain_name:
|
||||
default: your-company.com
|
||||
redis:
|
||||
default:
|
||||
exporter:
|
||||
enabled: true
|
||||
examples:
|
||||
- your-company.com
|
||||
- exporter:
|
||||
enabled: true
|
||||
properties:
|
||||
exporter:
|
||||
default:
|
||||
enabled: true
|
||||
properties:
|
||||
enabled:
|
||||
default: true
|
||||
type: boolean
|
||||
type: object
|
||||
type: object
|
||||
sso_vynil:
|
||||
default: true
|
||||
examples:
|
||||
- true
|
||||
type: boolean
|
||||
issuer:
|
||||
default: letsencrypt-prod
|
||||
examples:
|
||||
- letsencrypt-prod
|
||||
type: string
|
||||
images:
|
||||
default:
|
||||
infisical:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: docker.io
|
||||
repository: infisical/infisical
|
||||
tag: latest
|
||||
redis:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: quay.io
|
||||
repository: opstree/redis
|
||||
tag: v7.0.12
|
||||
redis_exporter:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: quay.io
|
||||
repository: opstree/redis-exporter
|
||||
tag: v1.44.0
|
||||
examples:
|
||||
- infisical:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: docker.io
|
||||
repository: infisical/infisical
|
||||
tag: latest
|
||||
redis:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: quay.io
|
||||
repository: opstree/redis
|
||||
tag: v7.0.12
|
||||
redis_exporter:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: quay.io
|
||||
repository: opstree/redis-exporter
|
||||
tag: v1.44.0
|
||||
properties:
|
||||
infisical:
|
||||
default:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: docker.io
|
||||
repository: infisical/infisical
|
||||
tag: latest
|
||||
properties:
|
||||
pullPolicy:
|
||||
pull_policy:
|
||||
default: IfNotPresent
|
||||
enum:
|
||||
- Always
|
||||
@@ -81,12 +108,12 @@ options:
|
||||
type: object
|
||||
redis:
|
||||
default:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: quay.io
|
||||
repository: opstree/redis
|
||||
tag: v7.0.12
|
||||
properties:
|
||||
pullPolicy:
|
||||
pull_policy:
|
||||
default: IfNotPresent
|
||||
enum:
|
||||
- Always
|
||||
@@ -105,12 +132,12 @@ options:
|
||||
type: object
|
||||
redis_exporter:
|
||||
default:
|
||||
pullPolicy: IfNotPresent
|
||||
pull_policy: IfNotPresent
|
||||
registry: quay.io
|
||||
repository: opstree/redis-exporter
|
||||
tag: v1.44.0
|
||||
properties:
|
||||
pullPolicy:
|
||||
pull_policy:
|
||||
default: IfNotPresent
|
||||
enum:
|
||||
- Always
|
||||
@@ -128,31 +155,21 @@ options:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
domain_name:
|
||||
default: your-company.com
|
||||
examples:
|
||||
- your-company.com
|
||||
type: string
|
||||
ingress_class:
|
||||
default: traefik
|
||||
examples:
|
||||
- traefik
|
||||
type: string
|
||||
app_group:
|
||||
default: apps
|
||||
domain:
|
||||
default: your-company
|
||||
examples:
|
||||
- apps
|
||||
- your-company
|
||||
type: string
|
||||
sub_domain:
|
||||
default: infisical
|
||||
examples:
|
||||
- infisical
|
||||
type: string
|
||||
issuer:
|
||||
default: letsencrypt-prod
|
||||
examples:
|
||||
- letsencrypt-prod
|
||||
type: string
|
||||
sso_vynil:
|
||||
default: true
|
||||
examples:
|
||||
- true
|
||||
type: boolean
|
||||
dependencies:
|
||||
- dist: null
|
||||
category: core
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
locals {
|
||||
dns_name = "${var.sub_domain}.${var.domain_name}"
|
||||
dns_names = [local.dns_name]
|
||||
icon = "icon.svg"
|
||||
icon = "infisical.ico"
|
||||
request_headers = {
|
||||
"Content-Type" = "application/json"
|
||||
Authorization = "Bearer ${data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]}"
|
||||
|
||||
@@ -27,5 +27,7 @@ resource "kubectl_manifest" "secret" {
|
||||
length: "32"
|
||||
- fieldName: "ENCRYPTION_KEY"
|
||||
length: "32"
|
||||
- fieldName: "AUTH_SECRET"
|
||||
length: "32"
|
||||
EOF
|
||||
}
|
||||
|
||||
@@ -5,6 +5,7 @@ module "redis" {
|
||||
namespace = var.namespace
|
||||
labels = local.common-labels
|
||||
images = var.images
|
||||
exporter = var.redis.exporter
|
||||
providers = {
|
||||
kubectl = kubectl
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user