resource "kubectl_manifest" "cm_env" { yaml_body = <<-EOF apiVersion: v1 kind: ConfigMap metadata: name: "${var.instance}-${var.component}-envs" labels: ${jsonencode(local.common_labels)} namespace: ${var.namespace} data: POSTGRES_DB: ${var.component} POSTGRES_USER: ${var.component} POSTGRES_HOST: ${var.instance}-${var.component}-pg-rw.${var.namespace}.svc TAIGA_SITES_DOMAIN: localhost:9000 TAIGA_SITES_SCHEME: http SESSION_COOKIE_SECURE: 'False' CSRF_COOKIE_SECURE: 'False' ENABLE_TELEMETRY: 'False' PUBLIC_REGISTER_ENABLED: 'False' ENABLE_GITHUB_AUTH: 'False' ENABLE_GITLAB_AUTH: 'True' GITLAB_CLIENT_ID: GITLAB_API_CLIENT_ID: gitlab-api-client-id GITLAB_API_CLIENT_SECRET: gitlab-api-client-secret GITLAB_URL: gitlab-url ENABLE_SLACK: 'False' ENABLE_GITHUB_IMPORTER: 'False' ENABLE_JIRA_IMPORTER: 'False' ENABLE_TRELLO_IMPORTER: 'False' TRELLO_IMPORTER_API_KEY: api-key-from-trello TRELLO_IMPORTER_SECRET_KEY: secret-key-from-trello - name: TAIGA_URL value: http://localhost:9000 - name: PUBLIC_REGISTER_ENABLED value: 'false' - name: ENABLE_GITHUB_AUTH value: 'false' - name: ENABLE_GITLAB_AUTH value: 'true' - name: GITLAB_CLIENT_ID value: gitlab-api-client-id - name: GITLAB_URL value: gitlab-url - name: ENABLE_SLACK value: 'false' - name: ENABLE_GITHUB_IMPORTER value: 'false' - name: ENABLE_JIRA_IMPORTER value: 'false' - name: ENABLE_TRELLO_IMPORTER value: 'false' EOF } resource "kubectl_manifest" "cm_scripts" { yaml_body = <<-EOF apiVersion: v1 kind: ConfigMap metadata: name: taiga-createinitialtemplates labels: ${jsonencode(local.common_labels)} namespace: ${var.namespace} data: createinitialtemplates.sh: |- #!/bin/sh echo """ import time import requests import subprocess print('Waiting for backend ...') while requests.get('http://taiga-back/api/v1/').status_code != 200: print('...') time.sleep(2) if len(str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'projects.projecttemplate']))) < 5: print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_project_templates'])) """ > /tmp/create_initial_project_templates.py python /tmp/create_initial_project_templates.py createinitialuser.sh: |- #!/bin/sh echo """ import time import requests import subprocess print('Waiting for backend ...') while requests.get('http://taiga-back/api/v1/').status_code != 200: print('...') time.sleep(2) if str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'users.user'], cwd='/taiga-back')).find('\"is_superuser\": true') == -1: print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_user'], cwd='/taiga-back')) else: print('Admin user yet created.') """ > /tmp/create_superuser.py python /tmp/create_superuser.py EOF } resource "kubectl_manifest" "ConfigMap_taiga-gateway" { yaml_body = <<-EOF apiVersion: v1 kind: ConfigMap metadata: name: taiga-gateway namespace: ${var.namespace} labels: ${jsonencode(local.common_labels)} data: default.conf: |- server { listen 80 default_server; client_max_body_size 100M; charset utf-8; # Frontend location / { proxy_pass http://taiga-front/; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; } # Api location /api { proxy_pass http://taiga-back:8000/api; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; } # Admin location /admin { proxy_pass http://taiga-back:8000/admin; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; } # Static location /static { root /taiga; } # Media location /_protected { internal; alias /taiga/media/; add_header Content-disposition "attachment"; } # Unprotected section location /media/exports { alias /taiga/media/exports/; add_header Content-disposition "attachment"; } location /media { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://taiga-protected:8003/; proxy_redirect off; } # Events location /events { proxy_pass http://taiga-events:8888/events; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_connect_timeout 7d; proxy_send_timeout 7d; proxy_read_timeout 7d; } } EOF }