49 lines
1.5 KiB
HCL
49 lines
1.5 KiB
HCL
|
|
terraform {
|
|
required_providers {
|
|
kustomization = {
|
|
source = "kbst/kustomization"
|
|
version = "~> 0.9.2"
|
|
}
|
|
kubernetes = {
|
|
source = "hashicorp/kubernetes"
|
|
version = "~> 2.20.0"
|
|
}
|
|
kubectl = {
|
|
source = "gavinbunney/kubectl"
|
|
version = "~> 1.14.0"
|
|
}
|
|
authentik = {
|
|
source = "goauthentik/authentik"
|
|
version = "~> 2023.5.0"
|
|
}
|
|
postgresql = {
|
|
source = "cyrilgdn/postgresql"
|
|
version = "~> 1.19.0"
|
|
}
|
|
}
|
|
}
|
|
provider "kustomization" {
|
|
kubeconfig_incluster = true
|
|
}
|
|
provider "kubernetes" {
|
|
host = "https://kubernetes.default.svc"
|
|
token = "${file("/run/secrets/kubernetes.io/serviceaccount/token")}"
|
|
cluster_ca_certificate = "${file("/run/secrets/kubernetes.io/serviceaccount/ca.crt")}"
|
|
}
|
|
provider "kubectl" {
|
|
host = "https://kubernetes.default.svc"
|
|
token = "${file("/run/secrets/kubernetes.io/serviceaccount/token")}"
|
|
cluster_ca_certificate = "${file("/run/secrets/kubernetes.io/serviceaccount/ca.crt")}"
|
|
load_config_file = false
|
|
}
|
|
provider "authentik" {
|
|
url = "http://authentik.${var.domain}-auth.svc"
|
|
token = data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]
|
|
}
|
|
provider "postgresql" {
|
|
host = "${var.instance}-${var.component}-rw.${var.namespace}.svc"
|
|
username = data.kubernetes_secret_v1.postgresql_password.data["username"]
|
|
password = data.kubernetes_secret_v1.postgresql_password.data["password"]
|
|
}
|