fix

2024-04-09 14:27:42 +02:00
parent 2ebd36f29c
commit 737820335d
6 changed files with 152 additions and 134 deletions
--- a/share/authentik/index.yaml
+++ b/share/authentik/index.yaml
@@ -6,10 +6,104 @@ metadata:
  name: authentik
  description: authentik is an open-source Identity Provider focused on flexibility and versatility
 options:
-  loglevel:
-    default: info
+  admin:
+    default:
+      email: auth-admin
    examples:
-    - info
+    - email: auth-admin
+    properties:
+      email:
+        default: auth-admin
+        type: string
+    type: object
+  backups:
+    default:
+      enable: false
+      endpoint: ''
+      key_id_key: s3-id
+      retention:
+        db: 30d
+      schedule:
+        db: 0 3 * * *
+      secret_key: s3-secret
+      secret_name: backup-settings
+      use_barman: false
+    examples:
+    - enable: false
+      endpoint: ''
+      key_id_key: s3-id
+      retention:
+        db: 30d
+      schedule:
+        db: 0 3 * * *
+      secret_key: s3-secret
+      secret_name: backup-settings
+      use_barman: false
+    properties:
+      enable:
+        default: false
+        type: boolean
+      endpoint:
+        default: ''
+        type: string
+      key_id_key:
+        default: s3-id
+        type: string
+      retention:
+        default:
+          db: 30d
+        properties:
+          db:
+            default: 30d
+            type: string
+        type: object
+      schedule:
+        default:
+          db: 0 3 * * *
+        properties:
+          db:
+            default: 0 3 * * *
+            type: string
+        type: object
+      secret_key:
+        default: s3-secret
+        type: string
+      secret_name:
+        default: backup-settings
+        type: string
+      use_barman:
+        default: false
+        type: boolean
+    type: object
+  customisation:
+    default:
+      configmap_name: ''
+      use_custom_css: false
+      use_icon_left: false
+    examples:
+    - configmap_name: ''
+      use_custom_css: false
+      use_icon_left: false
+    properties:
+      configmap_name:
+        default: ''
+        type: string
+      use_custom_css:
+        default: false
+        type: boolean
+      use_icon_left:
+        default: false
+        type: boolean
+    type: object
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
+  domain_name:
+    default: your_company.com
+    examples:
+    - your_company.com
    type: string
  email:
    default:
@@ -36,11 +130,6 @@ options:
        default: false
        type: boolean
    type: object
-  sub_domain:
-    default: auth
-    examples:
-    - auth
-    type: string
  error_reporting:
    default:
      enabled: false
@@ -61,21 +150,6 @@ options:
        default: false
        type: boolean
    type: object
-  admin:
-    default:
-      email: auth-admin
-    examples:
-    - email: auth-admin
-    properties:
-      email:
-        default: auth-admin
-        type: string
-    type: object
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
  geoip:
    default: /geoip/GeoLite2-City.mmdb
    examples:
@@ -248,6 +322,21 @@ options:
            type: string
        type: object
    type: object
+  ingress_class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  loglevel:
+    default: info
+    examples:
+    - info
+    type: string
  postgres:
    default:
      replicas: 1
@@ -258,11 +347,6 @@ options:
        default: 1
        type: integer
    type: object
-  ingress_class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
  redis:
    default:
      exporter:
@@ -309,95 +393,11 @@ options:
            type: string
        type: object
    type: object
-  backups:
-    default:
-      enable: false
-      endpoint: ''
-      key_id_key: s3-id
-      retention:
-        db: 30d
-      schedule:
-        db: 0 3 * * *
-      secret_key: s3-secret
-      secret_name: backup-settings
-      use_barman: false
+  sub_domain:
+    default: auth
    examples:
-    - enable: false
-      endpoint: ''
-      key_id_key: s3-id
-      retention:
-        db: 30d
-      schedule:
-        db: 0 3 * * *
-      secret_key: s3-secret
-      secret_name: backup-settings
-      use_barman: false
-    properties:
-      enable:
-        default: false
-        type: boolean
-      endpoint:
-        default: ''
-        type: string
-      key_id_key:
-        default: s3-id
-        type: string
-      retention:
-        default:
-          db: 30d
-        properties:
-          db:
-            default: 30d
-            type: string
-        type: object
-      schedule:
-        default:
-          db: 0 3 * * *
-        properties:
-          db:
-            default: 0 3 * * *
-            type: string
-        type: object
-      secret_key:
-        default: s3-secret
-        type: string
-      secret_name:
-        default: backup-settings
-        type: string
-      use_barman:
-        default: false
-        type: boolean
-    type: object
-  domain_name:
-    default: your_company.com
-    examples:
-    - your_company.com
+    - auth
    type: string
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  customisation:
-    default:
-      configmap_name: ''
-      use_custom_css: false
-      use_icon_left: false
-    examples:
-    - configmap_name: ''
-      use_custom_css: false
-      use_icon_left: false
-    properties:
-      configmap_name:
-        default: ''
-        type: string
-      use_custom_css:
-        default: false
-        type: boolean
-      use_icon_left:
-        default: false
-        type: boolean
-    type: object
 dependencies:
 - dist: null
  category: core
--- a/share/authentik/postgresql.tf
+++ b/share/authentik/postgresql.tf
@@ -15,9 +15,6 @@ resource "kubectl_manifest" "prj_pg" {
      name: "${var.instance}-${var.component}-pg"
      namespace: "${var.namespace}"
      labels: ${jsonencode(local.pg-labels)}
-      annotations:
-        "k8up.io/backupcommand": "pg_dump -U postgres -d ${var.component} --clean"
-        "k8up.io/file-extension": ".sql"
    spec:
      instances: ${var.postgres.replicas}
      imageName: "${var.images.postgresql.registry}/${var.images.postgresql.repository}:${var.images.postgresql.tag}"
@@ -29,6 +26,15 @@ resource "kubectl_manifest" "prj_pg" {
          owner: "${var.component}"
      monitoring:
        enablePodMonitor: true
+      inheritedMetadata:
+        annotations:
+          "k8up.io/backup": "false"
+      template:
+        metadata:
+          annotations:
+            "k8up.io/backupcommand": "pg_dump -U postgres -d ${var.component} --clean"
+            "k8up.io/file-extension": ".sql"
+            "k8up.io/backup": "true"
  EOF
  ], var.backups.enable&&var.backups.use_barman?[<<-EOF
      backup:
--- a/share/authentik/redis.tf
+++ b/share/authentik/redis.tf
@@ -15,6 +15,9 @@ resource "kubectl_manifest" "authentik_redis" {
          key: "AUTHENTIK_REDIS__PASSWORD"
      storage:
        volumeClaimTemplate:
+          metadata:
+            annotations:
+              k8up.io/backup: "false"
          spec:
            accessModes: ["ReadWriteOnce"]
            resources:
--- a/share/dataset-pg/postgresql.tf
+++ b/share/dataset-pg/postgresql.tf
@@ -16,9 +16,6 @@ resource "kubectl_manifest" "prj_pg" {
      name: "${var.instance}-${var.component}"
      namespace: "${var.namespace}"
      labels: ${jsonencode(local.pg-labels)}
-      annotations:
-        "k8up.io/backupcommand": "pg_dumpall -U postgres -w --clean"
-        "k8up.io/file-extension": ".sql"
    spec:
      instances: ${var.postgres.replicas}
      imageName: "${var.images.postgresql.registry}/${var.images.postgresql.repository}:${var.images.postgresql.tag}"
@@ -31,6 +28,15 @@ resource "kubectl_manifest" "prj_pg" {
        initdb:
          database: "${var.instance}"
          owner: "${var.instance}"
+      inheritedMetadata:
+        annotations:
+          "k8up.io/backup": "false"
+      template:
+        metadata:
+          annotations:
+            "k8up.io/backupcommand": "pg_dumpall -U postgres -w --clean"
+            "k8up.io/file-extension": ".sql"
+            "k8up.io/backup": "true"
  EOF
  ], var.backups.enable?[<<-EOF
      backup:
--- a/share/dataset-redis/index.yaml
+++ b/share/dataset-redis/index.yaml
@@ -6,11 +6,16 @@ metadata:
  name: dataset-redis
  description: null
 options:
-  storage:
-    default: 8Gi
+  exporter:
+    default:
+      enable: true
    examples:
-    - 8Gi
-    type: string
+    - enable: true
+    properties:
+      enable:
+        default: true
+        type: boolean
+    type: object
  images:
    default:
      redis:
@@ -74,16 +79,11 @@ options:
            type: string
        type: object
    type: object
-  exporter:
-    default:
-      enable: true
+  storage:
+    default: 8Gi
    examples:
-    - enable: true
-    properties:
-      enable:
-        default: true
-        type: boolean
-    type: object
+    - 8Gi
+    type: string
 dependencies:
 - dist: null
  category: dbo
--- a/share/dataset-redis/redis.tf
+++ b/share/dataset-redis/redis.tf
@@ -17,6 +17,9 @@ resource "kubectl_manifest" "prj_redis" {
        imagePullPolicy: "${var.images.redis.pull_policy}"
      storage:
        volumeClaimTemplate:
+          metadata:
+            annotations:
+              k8up.io/backup: "false"
          spec:
            accessModes: ["ReadWriteOnce"]
            resources: