146 lines
3.9 KiB
HCL
146 lines
3.9 KiB
HCL
locals {
|
|
dns_name = "${var.sub_domain}.${var.domain_name}"
|
|
dns_names = [local.dns_name]
|
|
app_name = (var.component == var.instance || var.component=="") ? var.instance : format("%s-%s", var.component, var.instance)
|
|
icon = "favicon.ico"
|
|
}
|
|
|
|
module "service" {
|
|
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
|
component = var.component
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
labels = local.common_labels
|
|
selector = local.back_labels
|
|
targets = ["http"]
|
|
providers = {
|
|
kubectl = kubectl
|
|
}
|
|
}
|
|
|
|
module "ingress" {
|
|
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
|
component = ""
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
issuer = var.issuer
|
|
ingress_class = var.ingress_class
|
|
labels = local.common_labels
|
|
dns_names = local.dns_names
|
|
services = [module.service.default_definition]
|
|
providers = {
|
|
kubectl = kubectl
|
|
}
|
|
}
|
|
|
|
module "application" {
|
|
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
|
component = var.component
|
|
instance = var.instance
|
|
app_group = var.app_group
|
|
dns_name = local.dns_name
|
|
icon = local.icon
|
|
sub_groups = ["admin"]
|
|
protocol_provider = module.oauth2.provider-id
|
|
providers = {
|
|
authentik = authentik
|
|
}
|
|
}
|
|
|
|
module "oauth2" {
|
|
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
|
|
component = var.component
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
domain = var.domain
|
|
labels = local.common_labels
|
|
dns_name = local.dns_name
|
|
redirect_path = "login"
|
|
providers = {
|
|
kubernetes = kubernetes
|
|
kubectl = kubectl
|
|
authentik = authentik
|
|
}
|
|
}
|
|
|
|
|
|
resource "kubectl_manifest" "svc_back" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-back"
|
|
labels: ${jsonencode(local.back_all_labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: taiga-back
|
|
port: 8000
|
|
targetPort: taiga-back
|
|
- name: http
|
|
port: 80
|
|
targetPort: http
|
|
selector: ${jsonencode(local.back_labels)}
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "svc_front" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-front"
|
|
labels: ${jsonencode(local.front_all_labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
targetPort: http
|
|
selector: ${jsonencode(local.front_labels)}
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "svc_events" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-events"
|
|
labels: ${jsonencode(local.event_all_labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: taiga-events
|
|
port: 8888
|
|
targetPort: taiga-events
|
|
selector: ${jsonencode(local.event_labels)}
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "svc_protected" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-protected"
|
|
labels: ${jsonencode(local.protected_all_labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: taiga-protected
|
|
port: 8003
|
|
targetPort: taiga-protected
|
|
selector: ${jsonencode(local.protected_labels)}
|
|
EOF
|
|
}
|
|
|