80 lines
2.8 KiB
HCL
80 lines
2.8 KiB
HCL
resource "kubectl_manifest" "Secret_openproject-postgresql" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openproject-postgresql
|
|
namespace: ${var.namespace}
|
|
labels: ${jsonencode(local.common-labels)}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
type: Opaque
|
|
data:
|
|
postgres-password: VDQxbmpqeEVnYg==
|
|
password: cEhqbUkyQjVYVw==
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "Secret_openproject-core" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openproject-core
|
|
labels: ${jsonencode(local.common-labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
stringData:
|
|
DATABASE_HOST: openproject-postgresql.vynil-ci.svc.cluster.local
|
|
DATABASE_PORT: '5432'
|
|
DATABASE_URL: postgresql://openproject@openproject-postgresql:5432/openproject
|
|
OPENPROJECT_SEED_ADMIN_USER_PASSWORD: admin
|
|
OPENPROJECT_SEED_ADMIN_USER_PASSWORD_RESET: 'true'
|
|
OPENPROJECT_SEED_ADMIN_USER_NAME: OpenProject Admin
|
|
OPENPROJECT_SEED_ADMIN_USER_MAIL: admin@example.net
|
|
OPENPROJECT_HTTPS: 'true'
|
|
OPENPROJECT_SEED_LOCALE: en
|
|
OPENPROJECT_HOST__NAME: openproject.example.com
|
|
OPENPROJECT_HSTS: 'true'
|
|
OPENPROJECT_RAILS__CACHE__STORE: memcache
|
|
OPENPROJECT_RAILS__RELATIVE__URL__ROOT: ''
|
|
POSTGRES_STATEMENT_TIMEOUT: 120s
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "Secret_openproject-oidc" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openproject-oidc
|
|
labels: ${jsonencode(local.common-labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
stringData:
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_DISPLAY__NAME: Keycloak
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: oidc.host
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_IDENTIFIER: oidc.identifier
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SECRET: oidc.secret
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_AUTHORIZATION__ENDPOINT: oidc.authorizationEndpoint
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_TOKEN__ENDPOINT: oidc.tokenEndpoint
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_USERINFO__ENDPOINT: oidc.userinfoEndpoint
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: oidc.endSessionEndpoint
|
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SCOPE: '[openid email profile]'
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "Secret_openproject-memcached" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openproject-memcached
|
|
labels: ${jsonencode(local.common-labels)}
|
|
namespace: ${var.namespace}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
stringData:
|
|
OPENPROJECT_CACHE__MEMCACHE__SERVER: openproject-memcached:11211
|
|
EOF
|
|
}
|
|
|