locals {
  dns_name  = "${var.sub_domain}.${var.domain_name}"
  dns_names = [local.dns_name]
  app_name  = (var.component == var.instance || var.component=="") ? var.instance : format("%s-%s", var.component, var.instance)
  icon      = "favicon.ico"
}

module "service" {
  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
  component         = var.component
  instance          = var.instance
  namespace         = var.namespace
  labels            = local.common_labels
  selector          = local.back_labels
  targets           = ["http"]
  providers = {
    kubectl = kubectl
  }
}

module "ingress" {
  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
  component         = ""
  instance          = var.instance
  namespace         = var.namespace
  issuer            = var.issuer
  ingress_class     = var.ingress_class
  labels            = local.common_labels
  dns_names         = local.dns_names
  services          = [module.service.default_definition]
  providers = {
    kubectl = kubectl
  }
}

module "application" {
  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
  component         = var.component
  instance          = var.instance
  app_group         = var.app_group
  dns_name          = local.dns_name
  icon              = local.icon
  sub_groups        = ["admin"]
  protocol_provider = module.oauth2.provider-id
  providers = {
    authentik = authentik
  }
}

module "oauth2" {
  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
  component         = var.component
  instance          = var.instance
  namespace         = var.namespace
  domain            = var.domain
  labels            = local.common_labels
  dns_name          = local.dns_name
  redirect_path     = "login"
  providers = {
    kubernetes = kubernetes
    kubectl = kubectl
    authentik = authentik
  }
}


resource "kubectl_manifest" "svc_back" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: Service
    metadata:
      name: "${var.instance}-${var.component}-back"
      labels: ${jsonencode(local.back_all_labels)}
      namespace: ${var.namespace}
      ownerReferences: ${jsonencode(var.install_owner)}
    spec:
      type: ClusterIP
      ports:
      - name: taiga-back
        port: 8000
        targetPort: taiga-back
      - name: http
        port: 80
        targetPort: http
      selector: ${jsonencode(local.back_labels)}
EOF
}

resource "kubectl_manifest" "svc_front" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: Service
    metadata:
      name: "${var.instance}-${var.component}-front"
      labels: ${jsonencode(local.front_all_labels)}
      namespace: ${var.namespace}
      ownerReferences: ${jsonencode(var.install_owner)}
    spec:
      type: ClusterIP
      ports:
      - name: http
        port: 80
        targetPort: http
      selector: ${jsonencode(local.front_labels)}
EOF
}

resource "kubectl_manifest" "svc_events" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: Service
    metadata:
      name: "${var.instance}-${var.component}-events"
      labels: ${jsonencode(local.event_all_labels)}
      namespace: ${var.namespace}
      ownerReferences: ${jsonencode(var.install_owner)}
    spec:
      type: ClusterIP
      ports:
      - name: taiga-events
        port: 8888
        targetPort: taiga-events
      selector: ${jsonencode(local.event_labels)}
EOF
}

resource "kubectl_manifest" "svc_protected" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: Service
    metadata:
      name: "${var.instance}-${var.component}-protected"
      labels: ${jsonencode(local.protected_all_labels)}
      namespace: ${var.namespace}
      ownerReferences: ${jsonencode(var.install_owner)}
    spec:
      type: ClusterIP
      ports:
      - name: taiga-protected
        port: 8003
        targetPort: taiga-protected
      selector: ${jsonencode(local.protected_labels)}
EOF
}