vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-05-12 12:21:07 +02:00
parent 9259db48b2
commit 8ed9c2fab3
8 changed files with 99 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
meta/domain-auth/index.yaml
View File

@@ -21,6 +21,8 @@ options:
default: true default: true
type: boolean type: boolean
type: object type: object
x-vynil-category: share
x-vynil-package: authentik
authentik-forward: authentik-forward:
default: default:
enable: false enable: false
@@ -31,6 +33,8 @@ options:
default: false default: false
type: boolean type: boolean
type: object type: object
x-vynil-category: share
x-vynil-package: authentik-forward
authentik-ldap: authentik-ldap:
default: default:
enable: false enable: false
@@ -41,6 +45,8 @@ options:
default: false default: false
type: boolean type: boolean
type: object type: object
x-vynil-category: share
x-vynil-package: authentik-ldap
backups: backups:
default: default:
enable: false enable: false

2
meta/domain-mail/index.yaml
View File

@@ -134,6 +134,8 @@ options:
default: true default: true
type: boolean type: boolean
type: object type: object
x-vynil-category: share
x-vynil-package: wildduck
dependencies: [] dependencies: []
providers: providers:
kubernetes: true kubernetes: true

2
share/wildduck/application.tf
View File

@@ -12,7 +12,7 @@ resource "authentik_group" "groups" {
resource "authentik_application" "prj_app" { resource "authentik_application" "prj_app" {
name = "${var.instance}" name = "${var.instance}"
slug = "${var.component}-${var.instance}" slug = "${var.instance}-${var.component}"
#protocol_provider = authentik_provider_oauth2.oauth2.id #protocol_provider = authentik_provider_oauth2.oauth2.id
group = var.app_group group = var.app_group
backchannel_providers = [authentik_provider_scim.scim.id] backchannel_providers = [authentik_provider_scim.scim.id]

12
share/wildduck/common.tf Normal file
View File

@@ -0,0 +1,12 @@
locals {
common_labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}

138
share/wildduck/index.yaml
View File

@@ -6,6 +6,56 @@ metadata:
name: wildduck name: wildduck
description: null description: null
options: options:
additional-domains:
default: []
items:
type: string
type: array
app_group:
default: ''
examples:
- ''
type: string
backups:
default:
enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
examples:
- enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key-id-key:
default: s3-id
type: string
secret-key:
default: s3-secret
type: string
secret-name:
default: backup-settings
type: string
type: object
domain:
default: your-company
examples:
- your-company
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
images: images:
default: default:
haraka: haraka:
@@ -283,61 +333,43 @@ options:
type: string type: string
type: object type: object
type: object type: object
domain: ingress_class:
default: your-company default: traefik
examples: examples:
- your-company - traefik
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string type: string
issuer: issuer:
default: letsencrypt-prod default: letsencrypt-prod
examples: examples:
- letsencrypt-prod - letsencrypt-prod
type: string type: string
app_group: mongo:
default: ''
examples:
- ''
type: string
backups:
default: default:
enable: false version: 6.0.13
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
examples: examples:
- enable: false - version: 6.0.13
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
properties: properties:
enable: version:
default: false default: 6.0.13
type: boolean
endpoint:
default: ''
type: string
key-id-key:
default: s3-id
type: string
secret-key:
default: s3-secret
type: string
secret-name:
default: backup-settings
type: string type: string
type: object type: object
ingress_class: redis:
default: traefik default:
exporter:
enabled: true
examples: examples:
- traefik - exporter:
type: string enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
storage: storage:
default: default:
redis: redis:
@@ -360,28 +392,6 @@ options:
examples: examples:
- mail - mail
type: string type: string
redis:
default:
exporter:
enabled: true
examples:
- exporter:
enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
additional-domains:
default: []
items:
type: string
type: array
dependencies: dependencies:
- dist: null - dist: null
category: dbo category: dbo

2
share/wildduck/mongo.tf
View File

@@ -40,7 +40,7 @@ resource "kubectl_manifest" "prj_mongo" {
spec: spec:
members: 1 members: 1
type: ReplicaSet type: ReplicaSet
version: "7.0.2" version: "${var.mongo.version}"
statefulSet: statefulSet:
spec: spec:
template: template:

4
share/wildduck/redis.tf
View File

@@ -5,7 +5,7 @@ locals {
} }
resource "kubectl_manifest" "prj_redis" { resource "kubectl_manifest" "prj_redis" {
yaml_body = <<-EOF yaml_body = <<-EOF
apiVersion: "redis.redis.opstreelabs.in/v1beta1" apiVersion: "redis.redis.opstreelabs.in/v1beta2"
kind: "Redis" kind: "Redis"
metadata: metadata:
name: "${var.instance}-${var.component}-redis" name: "${var.instance}-${var.component}-redis"
@@ -25,7 +25,7 @@ resource "kubectl_manifest" "prj_redis" {
redisExporter: redisExporter:
enabled: ${var.redis.exporter.enabled} enabled: ${var.redis.exporter.enabled}
image: "${var.images.redis_exporter.registry}/${var.images.redis_exporter.repository}:${var.images.redis_exporter.tag}" image: "${var.images.redis_exporter.registry}/${var.images.redis_exporter.repository}:${var.images.redis_exporter.tag}"
securityContext: podSecurityContext:
runAsUser: 1000 runAsUser: 1000
fsGroup: 1000 fsGroup: 1000
EOF EOF

2
share/wildduck/scim.tf
View File

@@ -14,7 +14,7 @@ data "authentik_property_mapping_scim" "group" {
} }
resource "authentik_provider_scim" "scim" { resource "authentik_provider_scim" "scim" {
name = "${var.component}-${var.instance}-scim" name = "${var.instance}-${var.component}-scim"
url = "http://${var.instance}-scimgateway.${var.namespace}.svc.cluster.local/scim" url = "http://${var.instance}-scimgateway.${var.namespace}.svc.cluster.local/scim"
token = local.secrets.authentik token = local.secrets.authentik
property_mappings = [data.authentik_property_mapping_scim.user.id] property_mappings = [data.authentik_property_mapping_scim.user.id]