vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-05-27 11:15:39 +02:00
parent d312844f1c
commit e0937896e9
4 changed files with 72 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
apps/taiga/rabbitmq.tf
View File

@@ -20,3 +20,48 @@ resource "kubectl_manifest" "rabbit" {
memory: "${var.rabbitmq.requests.memory}"
EOF
}
resource "kubectl_manifest" "rabbit_vhost" {
yaml_body = <<-EOF
apiVersion: rabbitmq.com/v1beta1
kind: Vhost
metadata:
name: "${var.instance}-${var.component}-taiga"
namespace: "${var.namespace}"
labels: ${jsonencode(local.rabbitmq_labels)}
spec:
name: taiga
rabbitmqClusterReference:
name: ${kubectl_manifest.rabbit.name}
EOF
}
resource "kubectl_manifest" "rabbit_user" {
yaml_body = <<-EOF
apiVersion: rabbitmq.com/v1beta1
kind: User
metadata:
name: "${var.instance}-${var.component}-taiga"
namespace: "${var.namespace}"
labels: ${jsonencode(local.rabbitmq_labels)}
spec:
tags: ["administrator"]
importCredentialsSecret:
name: ${kubectl_manifest.rabbit_user_secret.name}
rabbitmqClusterReference:
name: ${kubectl_manifest.rabbit.name}
EOF
}
apiVersion: rabbitmq.com/v1beta1
kind: User
metadata:
name: import-user-sample
spec:
tags: ["administrator"]
rabbitmqClusterReference:
name: test # rabbitmqCluster must exist in the same namespace as this resource
importCredentialsSecret:
name: credentials-secret

1
apps/taiga/taiga_ConfigMap.tf
View File

@@ -14,6 +14,7 @@ resource "kubectl_manifest" "cm_env_back" {
TAIGA_SITES_DOMAIN: ${local.dns_name}
TAIGA_SITES_SCHEME: https
TAIGA_ASYNC_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
TAIGA_EVENTS_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
SESSION_COOKIE_SECURE: "False"
CSRF_COOKIE_SECURE: "False"
ENABLE_TELEMETRY: "False"

20
apps/taiga/taiga_Secret.tf
View File

@@ -3,6 +3,11 @@ resource "random_password" "system" {
special = false
}
resource "random_password" "rabbit" {
length = 32
special = false
}
resource "kubectl_manifest" "secret" {
yaml_body = <<-EOF
apiVersion: v1
@@ -16,3 +21,18 @@ resource "kubectl_manifest" "secret" {
TAIGA_SECRET_KEY: "${random_password.system.result}"
EOF
}
resource "kubectl_manifest" "rabbit_user_secret" {
yaml_body = <<-EOF
apiVersion: v1
kind: Secret
metadata:
name: "${var.instance}-${var.component}-rabbitmq-taiga"
labels: ${jsonencode(local.common_labels)}
namespace: ${var.namespace}
type: Opaque
stringData:
username: taiga
password: "${random_password.rabbit.result}"
EOF
}

12
apps/taiga/taiga_workload.tf
View File

@@ -27,12 +27,12 @@ resource "kubectl_manifest" "Deployment_taiga-events" {
- name: RABBITMQ_USER
valueFrom:
secretKeyRef:
name: ${kubectl_manifest.rabbit.name}-default-user
name: ${kubectl_manifest.rabbit_user_secret.name}
key: username
- name: RABBITMQ_PASS
valueFrom:
secretKeyRef:
name: ${kubectl_manifest.rabbit.name}-default-user
name: ${kubectl_manifest.rabbit_user_secret.name}
key: password
ports:
- name: taiga-events
@@ -185,12 +185,12 @@ resource "kubectl_manifest" "Deployment_taiga-back" {
- name: RABBITMQ_USER
valueFrom:
secretKeyRef:
name: ${kubectl_manifest.rabbit.name}-default-user
name: ${kubectl_manifest.rabbit_user_secret.name}
key: username
- name: RABBITMQ_PASS
valueFrom:
secretKeyRef:
name: ${kubectl_manifest.rabbit.name}-default-user
name: ${kubectl_manifest.rabbit_user_secret.name}
key: password
- name: GITLAB_API_CLIENT_ID
value: gitlab-api-client-id
@@ -243,12 +243,12 @@ resource "kubectl_manifest" "Deployment_taiga-back" {
- name: RABBITMQ_USER
valueFrom:
secretKeyRef:
name: ${kubectl_manifest.rabbit.name}-default-user
name: ${kubectl_manifest.rabbit_user_secret.name}
key: username
- name: RABBITMQ_PASS
valueFrom:
secretKeyRef:
name: ${kubectl_manifest.rabbit.name}-default-user
name: ${kubectl_manifest.rabbit_user_secret.name}
key: password
- name: POSTGRES_PASSWORD
valueFrom: