vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
284dc650c4a796149a8c873998e3472735a2a1ef
domain/meta/domain-auth/apps.tf
Sébastien Huss 284dc650c4 first commit
2023-07-14 11:51:07 +02:00

82 lines
2.6 KiB
HCL
Raw Blame History

locals {
annotations = {
"vynil.solidite.fr/meta" = "domain-auth"
"vynil.solidite.fr/name" = "${var.namespace}-auth"
"vynil.solidite.fr/domain" = var.domain-name
"vynil.solidite.fr/issuer" = var.issuer
"vynil.solidite.fr/ingress" = var.ingress-class
}
global = {
"domain" = var.namespace
"domain-name" = var.domain-name
"issuer" = var.issuer
"ingress-class" = var.ingress-class
}
authentik = { for k, v in var.authentik : k => v if k!="enable" }
authentik-ldap = { for k, v in var.authentik-ldap : k => v if k!="enable" }
authentik-forward = { for k, v in var.authentik-forward : k => v if k!="enable" }
}
resource "kubernetes_namespace_v1" "auth-ns" {
count = var.authentik.enable || var.authentik-ldap.enable || var.authentik-forward.enable ? 1 : 0
metadata {
annotations = local.annotations
labels = merge(local.common-labels, local.annotations)
name = "${var.namespace}-auth"
}
}
resource "kubectl_manifest" "authentik" {
count = var.authentik.enable || var.authentik-ldap.enable || var.authentik-forward.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.auth-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "authentik"
namespace: "${var.namespace}-auth"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "core"
category: "share"
component: "authentik"
options: ${jsonencode(merge(local.global, local.authentik))}
EOF
}
resource "kubectl_manifest" "authentik-ldap" {
count = var.authentik-ldap.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.auth-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "authentik-ldap"
namespace: "${var.namespace}-auth"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "core"
category: "share"
component: "authentik-ldap"
options: ${jsonencode(merge(local.global, local.authentik-ldap))}
EOF
}
resource "kubectl_manifest" "authentik-forward" {
count = var.authentik-forward.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.auth-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "authentik-forward"
namespace: "${var.namespace}-auth"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "core"
category: "share"
component: "authentik-forward"
options: ${jsonencode(merge(local.global, local.authentik-forward))}
EOF
}
Reference in New Issue View Git Blame Copy Permalink