106 lines
3.8 KiB
HCL
106 lines
3.8 KiB
HCL
resource "kubectl_manifest" "cm_env_back" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-back"
|
|
labels: ${jsonencode(local.common_labels)}
|
|
namespace: ${var.namespace}
|
|
data:
|
|
POSTGRES_DB: ${var.component}
|
|
POSTGRES_USER: ${var.component}
|
|
POSTGRES_HOST: ${var.instance}-${var.component}-pg-rw.${var.namespace}.svc
|
|
TAIGA_URL: https://${local.dns_name}
|
|
TAIGA_SITES_DOMAIN: ${local.dns_name}
|
|
TAIGA_SITES_SCHEME: https
|
|
TAIGA_ASYNC_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
|
|
TAIGA_EVENTS_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
|
|
SESSION_COOKIE_SECURE: "True"
|
|
CSRF_COOKIE_SECURE: "True"
|
|
ENABLE_TELEMETRY: "False"
|
|
PUBLIC_REGISTER_ENABLED: "True"
|
|
ENABLE_GITHUB_AUTH: "False"
|
|
ENABLE_GITLAB_AUTH: "False"
|
|
ENABLE_SLACK: "False"
|
|
ENABLE_GITHUB_IMPORTER: "False"
|
|
ENABLE_JIRA_IMPORTER: "False"
|
|
ENABLE_TRELLO_IMPORTER: "False"
|
|
ENABLE_OIDC_AUTH: "False"
|
|
ENABLE_OPENID_AUTH: "True"
|
|
OPENID_SCOPE: "openid email profile"
|
|
OPENID_TOKEN_URL: "${module.oauth2.sso_token_url}"
|
|
OPENID_USER_URL: "${module.oauth2.sso_userinfo_url}"
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "cm_env_front" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-front"
|
|
labels: ${jsonencode(local.common_labels)}
|
|
namespace: ${var.namespace}
|
|
data:
|
|
TAIGA_URL: https://${local.dns_name}
|
|
TAIGA_SITES_DOMAIN: ${local.dns_name}
|
|
TAIGA_SITES_SCHEME: https
|
|
SESSION_COOKIE_SECURE: "false"
|
|
CSRF_COOKIE_SECURE: "false"
|
|
ENABLE_TELEMETRY: "false"
|
|
PUBLIC_REGISTER_ENABLED: "true"
|
|
ENABLE_GITHUB_AUTH: "false"
|
|
ENABLE_GITLAB_AUTH: "false"
|
|
ENABLE_SLACK: "false"
|
|
ENABLE_GITHUB_IMPORTER: "false"
|
|
ENABLE_JIRA_IMPORTER: "false"
|
|
ENABLE_TRELLO_IMPORTER: "false"
|
|
ENABLE_OIDC_AUTH: "false"
|
|
ENABLE_OPENID_AUTH: "true"
|
|
OPENID_URL: "${module.oauth2.sso_configuration_url}"
|
|
OPENID_SCOPE: "openid email profile"
|
|
OPENID_NAME: "${var.domain}"
|
|
EOF
|
|
}
|
|
|
|
# awk '/taiga-events-rabbitmq/||/taiga-async-rabbitmq/' < /taiga-back/settings/config.py
|
|
# EVENTS_PUSH_BACKEND_URL = f"amqp://{ os.getenv('RABBITMQ_USER') }:{ os.getenv('RABBITMQ_PASS') }@taiga-events-rabbitmq:5672/taiga"
|
|
# CELERY_BROKER_URL = f"amqp://{ os.getenv('RABBITMQ_USER') }:{ os.getenv('RABBITMQ_PASS') }@taiga-async-rabbitmq:5672/taiga"
|
|
|
|
|
|
resource "kubectl_manifest" "cm_scripts" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-scripts"
|
|
labels: ${jsonencode(local.postcfg_all_labels)}
|
|
namespace: ${var.namespace}
|
|
data:
|
|
certs.sh: |-
|
|
#!/usr/bin/env bash
|
|
if [ -f /etc/local-ca/ca.crt ];then
|
|
export REQUESTS_CA_BUNDLE=/etc/local-ca/ca.crt
|
|
else
|
|
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
|
|
fi
|
|
postconfig.py: |-
|
|
#!/usr/bin/env python
|
|
import time
|
|
import requests
|
|
import subprocess
|
|
|
|
print('Waiting for backend ...')
|
|
while requests.get('http://${kubectl_manifest.svc_back.name}/api/v1/').status_code != 200:
|
|
print('...')
|
|
time.sleep(2)
|
|
|
|
if len(str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'projects.projecttemplate']))) < 5:
|
|
print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_project_templates']))
|
|
|
|
if str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'users.user'], cwd='/taiga-back')).find('\"is_superuser\": true') == -1:
|
|
print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_user'], cwd='/taiga-back'))
|
|
EOF
|
|
}
|
|
|