diff --git a/apps/dbgate/configs.tf b/apps/dbgate/configs.tf index 7d43811..91cc49e 100644 --- a/apps/dbgate/configs.tf +++ b/apps/dbgate/configs.tf @@ -7,8 +7,8 @@ locals { join("_",["DATABASE_pg", pg.namespace, pg.name, pg.dbname]) = pg.dbname join("_",["USER_pg", pg.namespace, pg.name, pg.dbname]) = pg.username }]...) - pg_secrets = merge([for index, pg in var.pg: { - join("_",["PASSWORD_pg", pg.namespace, pg.name, pg.dbname]) = data.kubernetes_secret_v1.pgs[index].data[var.pg[index].secret.key] + pg_secrets = merge([for pg in var.pg: { + join("_",["PASSWORD_pg", pg.namespace, pg.name, pg.dbname]) = data.kubernetes_secret_v1.pgs[index].data[pg.secret.key] }]...) pg_conns = [for pg in var.pg: join("_",["pg", pg.namespace, pg.name, pg.dbname])] @@ -33,8 +33,8 @@ locals { join("_",["DATABASE_mongo", m.namespace, m.name]) = m.dbname join("_",["USER_mongo", m.namespace, m.name]) = m.username }]...) - mongo_secrets = merge([for index, m in var.mongo: { - join("_",["PASSWORD_mongo", m.namespace, m.name]) = data.kubernetes_secret_v1.mongos[index].data[var.mongo[index].secret.key] + mongo_secrets = merge([for m in var.mongo: { + join("_",["PASSWORD_mongo", m.namespace, m.name]) = data.kubernetes_secret_v1.mongos[index].data[m.secret.key] }]...) mongo_conns = [for m in var.mongo: join("_",["mongo", m.namespace, m.name])] oauth_config = { diff --git a/apps/dbgate/index.yaml b/apps/dbgate/index.yaml index 5e35fa2..c30ac5d 100644 --- a/apps/dbgate/index.yaml +++ b/apps/dbgate/index.yaml @@ -6,26 +6,6 @@ metadata: name: dbgate description: null options: - sub-domain: - default: dbgate - examples: - - dbgate - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - domain: - default: your-company - examples: - - your-company - type: string - use-oauth: - default: false - examples: - - false - type: boolean mongo: default: [] examples: @@ -94,16 +74,53 @@ options: type: string type: object type: object - app-group: - default: dev - examples: - - dev - type: string ingress-class: default: traefik examples: - traefik type: string + storage: + default: + accessMode: ReadWriteOnce + size: 1Gi + type: Filesystem + examples: + - accessMode: ReadWriteOnce + size: 1Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 1Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - Block + type: string + type: object + sub-domain: + default: dbgate + examples: + - dbgate + type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string pg: default: [] examples: @@ -133,11 +150,6 @@ options: type: string type: object type: array - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string maria: default: [] examples: @@ -167,33 +179,21 @@ options: type: string type: object type: array - storage: - default: - accessMode: ReadWriteOnce - size: 1Gi - type: Filesystem + domain: + default: your-company examples: - - accessMode: ReadWriteOnce - size: 1Gi - type: Filesystem - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 1Gi - type: string - type: - default: Filesystem - enum: - - Filesystem - - Block - type: string - type: object + - your-company + type: string + app-group: + default: dev + examples: + - dev + type: string + use-oauth: + default: false + examples: + - false + type: boolean dependencies: - dist: null category: share diff --git a/meta/domain-apps/apps.tf b/meta/domain-apps/apps.tf index 1e22ebe..54affff 100644 --- a/meta/domain-apps/apps.tf +++ b/meta/domain-apps/apps.tf @@ -13,13 +13,13 @@ locals { "ingress-class" = var.ingress-class "backups" = var.backups } - nextcloud = { for k, v in var.nextcloud : k => v if contains(["enable","storage"],k) } - nextcloud-storage = merge({ + nextcloud = { for k, v in var.nextcloud : k => v if contains(["enable"],k) } + nextcloud-storage = { "storage" = { "size" = "10Gi" "accessMode" = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce" } - }, { for k, v in var.nextcloud : k => v if k=="storage" }) + } } resource "kubernetes_namespace_v1" "files-ns" { diff --git a/meta/domain-apps/index.yaml b/meta/domain-apps/index.yaml index 86815f9..b2c8af1 100644 --- a/meta/domain-apps/index.yaml +++ b/meta/domain-apps/index.yaml @@ -6,11 +6,6 @@ metadata: name: domain-apps description: null options: - domain: - default: your-company - examples: - - your-company - type: string backups: default: enable: false @@ -41,46 +36,6 @@ options: default: backup-settings type: string type: object - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - nextcloud: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string storage-classes: default: BlockReadWriteMany: '' @@ -106,6 +61,51 @@ options: default: '' type: string type: object + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + nextcloud: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + domain: + default: your-company + examples: + - your-company + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + ingress-class: + default: traefik + examples: + - traefik + type: string dependencies: [] providers: kubernetes: true @@ -114,4 +114,5 @@ providers: postgresql: null restapi: null http: null -tfaddtype: null + gitea: null +tfaddtype: false diff --git a/meta/domain-devspaces/apps.tf b/meta/domain-devspaces/apps.tf index 924150e..23606de 100644 --- a/meta/domain-devspaces/apps.tf +++ b/meta/domain-devspaces/apps.tf @@ -29,6 +29,7 @@ locals { ) }, { for k, v in var.apps.okd : k => v if k!="enable" }) dbgate = merge({ + "use-oauth" = var.issuer == "letsencrypt-prod" "pg" = concat( flatten([for ds in local.sorted-datasets: [for db in lookup(ds, "databases", []): { "name" = "${ds.name}-dataset-pg" @@ -98,17 +99,6 @@ locals { } if ds.engine=="mongo"]])]), var.external-mongos ) - "redis" = concat( - flatten([for ds in local.sorted-datasets: { - "name" = "${ds.name}-dataset-redis" - "namespace" = ds.namespace - } if ds.engine=="redis"]), - flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: { - "name" = "${ds.name}-dataset-redis" - "namespace" = "${var.domain}-${org.name}-${stage.name}" - } if ds.engine=="redis"]])]), - var.external-redis - ) }, { for k, v in var.apps.dbgate : k => v if k!="enable" }) } diff --git a/meta/domain-devspaces/index.yaml b/meta/domain-devspaces/index.yaml index 7faf7f2..b5272fd 100644 --- a/meta/domain-devspaces/index.yaml +++ b/meta/domain-devspaces/index.yaml @@ -6,6 +6,281 @@ metadata: name: domain-devspaces description: null options: + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + images: + default: + codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.15 + examples: + - codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.15 + properties: + codeserver: + default: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.15 + properties: + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: sebt3/code-server + type: string + tag: + default: 4.15 + type: number + type: object + type: object + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + external-pgs: + default: [] + examples: + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + external-marias: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + organisations: + default: [] + examples: + - [] + items: + properties: + datasets: + default: [] + items: + properties: + databases: + default: [] + items: + properties: + name: + default: db + type: string + type: object + type: array + engine: + default: pg + type: string + name: + default: '' + type: string + type: object + type: array + name: + default: '' + type: string + stages: + default: [] + items: + properties: + name: + default: prod + type: string + type: object + type: array + type: object + type: array + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + domain: + default: your-company + examples: + - your-company + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + stations-sub-domain: + default: code + examples: + - code + type: string + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + stations: + default: [] + examples: + - [] + items: + properties: + name: + default: '' + type: string + organisations: + default: [] + items: + type: string + type: array + type: object + type: array + external-mongos: + default: [] + examples: + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + ingress-class: + default: traefik + examples: + - traefik + type: string apps: default: dbgate: @@ -59,300 +334,11 @@ options: type: boolean type: object type: object - stations-sub-domain: - default: code - examples: - - code - type: string - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object app-group: default: dev examples: - dev type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - ingress-class: - default: traefik - examples: - - traefik - type: string - external-pgs: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - external-marias: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - images: - default: - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.15 - examples: - - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.15 - properties: - codeserver: - default: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.15 - properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent - type: string - registry: - default: docker.io - type: string - repository: - default: sebt3/code-server - type: string - tag: - default: 4.15 - type: number - type: object - type: object - external-mongos: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - stations: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - organisations: - default: [] - items: - type: string - type: array - type: object - type: array - domain: - default: your-company - examples: - - your-company - type: string - external-redis: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - type: object - type: array - organisations: - default: [] - examples: - - [] - items: - properties: - datasets: - default: [] - items: - properties: - databases: - default: [] - items: - properties: - name: - default: db - type: string - type: object - type: array - engine: - default: pg - type: string - name: - default: '' - type: string - type: object - type: array - name: - default: '' - type: string - stages: - default: [] - items: - properties: - name: - default: prod - type: string - type: object - type: array - type: object - type: array dependencies: [] providers: kubernetes: true diff --git a/meta/domain/index.yaml b/meta/domain/index.yaml index b6f00f7..84de5c2 100644 --- a/meta/domain/index.yaml +++ b/meta/domain/index.yaml @@ -6,6 +6,46 @@ metadata: name: domain description: null options: + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + devspaces: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object apps: default: enable: false @@ -28,26 +68,83 @@ options: type: boolean type: object type: object - mail: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string domain-name: default: your_company.com examples: - your_company.com type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object + ci: + default: + enable: false + gitea: + enable: true + examples: + - enable: false + gitea: + enable: true + properties: + enable: + default: false + type: boolean + gitea: + default: + enable: true + properties: + enable: + default: true + type: boolean + type: object + type: object + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + ingress-class: + default: traefik + examples: + - traefik + type: string infra: default: enable: false @@ -92,41 +189,6 @@ options: default: false type: boolean type: object - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string auth: default: enable: true @@ -137,35 +199,20 @@ options: default: true type: boolean type: object - distributions: - default: - core: core - domain: domain - examples: - - core: core - domain: domain - properties: - core: - default: core - type: string - domain: - default: domain - type: string - type: object - ci: + mail: default: enable: false - gitea: + wildduck: enable: true examples: - enable: false - gitea: + wildduck: enable: true properties: enable: default: false type: boolean - gitea: + wildduck: default: enable: true properties: @@ -174,41 +221,6 @@ options: type: boolean type: object type: object - devspaces: - default: - enable: false - examples: - - enable: false - properties: - enable: - default: false - type: boolean - type: object - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object dependencies: [] providers: kubernetes: null @@ -217,4 +229,5 @@ providers: postgresql: null restapi: null http: null + gitea: null tfaddtype: null diff --git a/meta/domain/installs.tf b/meta/domain/installs.tf index 4cfff3e..f04695a 100644 --- a/meta/domain/installs.tf +++ b/meta/domain/installs.tf @@ -1,58 +1,88 @@ locals { - global = { - "domain" = var.namespace - "domain-name" = var.domain-name - "issuer" = var.issuer - "ingress-class" = var.ingress-class - "distributions" = var.distributions - "backups" = var.backups - "storage-classes"= var.storage-classes - } - annotations = { - "vynil.solidite.fr/meta" = var.component - "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain-name - "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress-class - } - auth = { for k, v in var.auth : k => v if k!="enable" } - infra = { for k, v in var.infra : k => v if k!="enable" } - ci = { for k, v in var.ci : k => v if k!="enable" } - erp = { for k, v in var.erp : k => v if k!="enable" } - apps = { for k, v in var.apps : k => v if k!="enable" } - mail = { for k, v in var.mail : k => v if k!="enable" } - devspaces = { for k, v in var.devspaces : k => v if k!="enable" } + global = { + "domain" = var.namespace + "domain-name" = var.domain-name + "issuer" = var.issuer + "ingress-class" = var.ingress-class + "distributions" = var.distributions + "backups" = var.backups + "storage-classes"= var.storage-classes + } + annotations = { + "vynil.solidite.fr/meta" = var.component + "vynil.solidite.fr/name" = var.namespace + "vynil.solidite.fr/domain" = var.domain-name + "vynil.solidite.fr/issuer" = var.issuer + "vynil.solidite.fr/ingress" = var.ingress-class + } + auth = { for k, v in var.auth : k => v if k!="enable" } + infra = { for k, v in var.infra : k => v if k!="enable" } + ci = { for k, v in var.ci : k => v if k!="enable" } + erp = { for k, v in var.erp : k => v if k!="enable" } + apps = { for k, v in var.apps : k => v if k!="enable" } + mail = { for k, v in var.mail : k => v if k!="enable" } + devspaces = { for k, v in var.devspaces : k => v if k!="enable" } - # Force install authentik and it's modules when any are needed - use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable) - use-forward = var.infra.enable && var.infra.traefik.enable - use-other-auth = false - added-auth-ldap = local.use-ldap?{ - "authentik-ldap" = {"enable"= true} - }:{} - added-auth-forward = local.use-forward?{ - "authentik-forward" = {"enable"= true} - }:{} - added-auth = local.use-ldap||local.use-forward||local.use-other-auth?merge({ - "authentik" = {"enable" = true} - },local.added-auth-ldap,local.added-auth-forward):{} - divisions = { - "clients" = { - "enable" = false - "apps" = [] - "divisions" = [] - } - "employes" = { - "enable" = true - "apps" = [] - "divisions" = [] - } - "fournisseurs" = { - "enable" = false - "apps" = [] - "divisions" = [] - } + # Force install authentik and it's modules when any are needed + use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable) + use-forward = var.infra.enable && var.infra.traefik.enable + use-other-auth = false + added-auth-ldap = local.use-ldap?{ + "authentik-ldap" = {"enable"= true} + }:{} + added-auth-forward = local.use-forward?{ + "authentik-forward" = {"enable"= true} + }:{} + added-auth = local.use-ldap||local.use-forward||local.use-other-auth?merge({ + "authentik" = {"enable" = true} + },local.added-auth-ldap,local.added-auth-forward):{} + divisions = { + "clients" = { + "enable" = false + "apps" = [] + "divisions" = [] } + "employes" = { + "enable" = true + "apps" = [] + "divisions" = [] + } + "fournisseurs" = { + "enable" = false + "apps" = [] + "divisions" = [] + } + } + devspaces-custom = { + external-pgs = concat(var.erp.enable&&var.erp.dolibarr.enable?[{ + "name" = "dolibarr-dolibarr-pg" + "dbname" = "dolibarr" + "username" = "dolibarr" + "namespace" = "${var.domain}-erp" + "secret" = { + "name" = "dolibarr-dolibarr-pg-app" + "key" = "password" + } + }]:[], var.apps.enable&&var.apps.nextcloud.enable?[{ + "name" = "nextcloud-nextcloud-pg" + "dbname" = "nextcloud" + "username" = "nextcloud" + "namespace" = "${var.domain}-files" + "secret" = { + "name" = "nextcloud-nextcloud-pg-app" + "key" = "password" + } + }]:[], var.ci.enable&&var.ci.gitea.enable?[{ + "name" = "gitea-gitea-pg" + "dbname" = "gitea" + "username" = "gitea" + "namespace" = "${var.domain}-ci" + "secret" = { + "name" = "gitea-gitea-pg-app" + "key" = "password" + } + }]:[]) + } } resource "kubectl_manifest" "auth" { @@ -164,6 +194,6 @@ resource "kubectl_manifest" "devspaces" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-devspaces" - options: ${jsonencode(merge(local.global, local.devspaces))} + options: ${jsonencode(merge(local.global, local.devspaces-custom, local.devspaces))} EOF }