fix
This commit is contained in:
@@ -20,3 +20,48 @@ resource "kubectl_manifest" "rabbit" {
|
|||||||
memory: "${var.rabbitmq.requests.memory}"
|
memory: "${var.rabbitmq.requests.memory}"
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "kubectl_manifest" "rabbit_vhost" {
|
||||||
|
yaml_body = <<-EOF
|
||||||
|
apiVersion: rabbitmq.com/v1beta1
|
||||||
|
kind: Vhost
|
||||||
|
metadata:
|
||||||
|
name: "${var.instance}-${var.component}-taiga"
|
||||||
|
namespace: "${var.namespace}"
|
||||||
|
labels: ${jsonencode(local.rabbitmq_labels)}
|
||||||
|
spec:
|
||||||
|
name: taiga
|
||||||
|
rabbitmqClusterReference:
|
||||||
|
name: ${kubectl_manifest.rabbit.name}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "kubectl_manifest" "rabbit_user" {
|
||||||
|
yaml_body = <<-EOF
|
||||||
|
apiVersion: rabbitmq.com/v1beta1
|
||||||
|
kind: User
|
||||||
|
metadata:
|
||||||
|
name: "${var.instance}-${var.component}-taiga"
|
||||||
|
namespace: "${var.namespace}"
|
||||||
|
labels: ${jsonencode(local.rabbitmq_labels)}
|
||||||
|
spec:
|
||||||
|
tags: ["administrator"]
|
||||||
|
importCredentialsSecret:
|
||||||
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
|
rabbitmqClusterReference:
|
||||||
|
name: ${kubectl_manifest.rabbit.name}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
apiVersion: rabbitmq.com/v1beta1
|
||||||
|
kind: User
|
||||||
|
metadata:
|
||||||
|
name: import-user-sample
|
||||||
|
spec:
|
||||||
|
tags: ["administrator"]
|
||||||
|
rabbitmqClusterReference:
|
||||||
|
name: test # rabbitmqCluster must exist in the same namespace as this resource
|
||||||
|
importCredentialsSecret:
|
||||||
|
name: credentials-secret
|
||||||
@@ -14,6 +14,7 @@ resource "kubectl_manifest" "cm_env_back" {
|
|||||||
TAIGA_SITES_DOMAIN: ${local.dns_name}
|
TAIGA_SITES_DOMAIN: ${local.dns_name}
|
||||||
TAIGA_SITES_SCHEME: https
|
TAIGA_SITES_SCHEME: https
|
||||||
TAIGA_ASYNC_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
|
TAIGA_ASYNC_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
|
||||||
|
TAIGA_EVENTS_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
|
||||||
SESSION_COOKIE_SECURE: "False"
|
SESSION_COOKIE_SECURE: "False"
|
||||||
CSRF_COOKIE_SECURE: "False"
|
CSRF_COOKIE_SECURE: "False"
|
||||||
ENABLE_TELEMETRY: "False"
|
ENABLE_TELEMETRY: "False"
|
||||||
|
|||||||
@@ -3,6 +3,11 @@ resource "random_password" "system" {
|
|||||||
special = false
|
special = false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "random_password" "rabbit" {
|
||||||
|
length = 32
|
||||||
|
special = false
|
||||||
|
}
|
||||||
|
|
||||||
resource "kubectl_manifest" "secret" {
|
resource "kubectl_manifest" "secret" {
|
||||||
yaml_body = <<-EOF
|
yaml_body = <<-EOF
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
@@ -16,3 +21,18 @@ resource "kubectl_manifest" "secret" {
|
|||||||
TAIGA_SECRET_KEY: "${random_password.system.result}"
|
TAIGA_SECRET_KEY: "${random_password.system.result}"
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "kubectl_manifest" "rabbit_user_secret" {
|
||||||
|
yaml_body = <<-EOF
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: "${var.instance}-${var.component}-rabbitmq-taiga"
|
||||||
|
labels: ${jsonencode(local.common_labels)}
|
||||||
|
namespace: ${var.namespace}
|
||||||
|
type: Opaque
|
||||||
|
stringData:
|
||||||
|
username: taiga
|
||||||
|
password: "${random_password.rabbit.result}"
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|||||||
@@ -27,12 +27,12 @@ resource "kubectl_manifest" "Deployment_taiga-events" {
|
|||||||
- name: RABBITMQ_USER
|
- name: RABBITMQ_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ${kubectl_manifest.rabbit.name}-default-user
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
key: username
|
key: username
|
||||||
- name: RABBITMQ_PASS
|
- name: RABBITMQ_PASS
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ${kubectl_manifest.rabbit.name}-default-user
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
key: password
|
key: password
|
||||||
ports:
|
ports:
|
||||||
- name: taiga-events
|
- name: taiga-events
|
||||||
@@ -185,12 +185,12 @@ resource "kubectl_manifest" "Deployment_taiga-back" {
|
|||||||
- name: RABBITMQ_USER
|
- name: RABBITMQ_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ${kubectl_manifest.rabbit.name}-default-user
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
key: username
|
key: username
|
||||||
- name: RABBITMQ_PASS
|
- name: RABBITMQ_PASS
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ${kubectl_manifest.rabbit.name}-default-user
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
key: password
|
key: password
|
||||||
- name: GITLAB_API_CLIENT_ID
|
- name: GITLAB_API_CLIENT_ID
|
||||||
value: gitlab-api-client-id
|
value: gitlab-api-client-id
|
||||||
@@ -243,12 +243,12 @@ resource "kubectl_manifest" "Deployment_taiga-back" {
|
|||||||
- name: RABBITMQ_USER
|
- name: RABBITMQ_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ${kubectl_manifest.rabbit.name}-default-user
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
key: username
|
key: username
|
||||||
- name: RABBITMQ_PASS
|
- name: RABBITMQ_PASS
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: ${kubectl_manifest.rabbit.name}-default-user
|
name: ${kubectl_manifest.rabbit_user_secret.name}
|
||||||
key: password
|
key: password
|
||||||
- name: POSTGRES_PASSWORD
|
- name: POSTGRES_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
|
|||||||
Reference in New Issue
Block a user