vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a0addbd8420edc47ecad7774e42ef340fee1f14a
domain/meta/domain-auth/apps.tf
Sébastien Huss a0addbd842 fix
2024-01-26 11:14:00 +01:00

83 lines
2.7 KiB
HCL
Raw Blame History

locals {
annotations = {
"vynil.solidite.fr/meta" = var.component
"vynil.solidite.fr/name" = "${var.namespace}-auth"
"vynil.solidite.fr/domain" = var.domain_name
"vynil.solidite.fr/issuer" = var.issuer
"vynil.solidite.fr/ingress" = var.ingress_class
}
global = {
"domain" = var.namespace
"domain_name" = var.domain_name
"issuer" = var.issuer
"ingress_class" = var.ingress_class
"backups" = var.backups
}
authentik = { for k, v in var.authentik : k => v if k!="enable" }
authentik-ldap = { for k, v in var.authentik-ldap : k => v if k!="enable" }
authentik-forward = { for k, v in var.authentik-forward : k => v if k!="enable" }
}
resource "kubernetes_namespace_v1" "auth-ns" {
count = var.authentik.enable || var.authentik-ldap.enable || var.authentik-forward.enable ? 1 : 0
metadata {
annotations = local.annotations
labels = merge(local.common-labels, local.annotations)
name = "${var.namespace}-auth"
}
}
resource "kubectl_manifest" "authentik" {
count = var.authentik.enable || var.authentik-ldap.enable || var.authentik-forward.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.auth-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "authentik"
namespace: "${var.namespace}-auth"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "share"
component: "authentik"
options: ${jsonencode(merge(local.global, local.authentik))}
EOF
}
resource "kubectl_manifest" "authentik-ldap" {
count = var.authentik-ldap.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.auth-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "authentik-ldap"
namespace: "${var.namespace}-auth"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "share"
component: "authentik-ldap"
options: ${jsonencode(merge(local.global, local.authentik-ldap))}
EOF
}
resource "kubectl_manifest" "authentik-forward" {
count = var.authentik-forward.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.auth-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "authentik-forward"
namespace: "${var.namespace}-auth"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.distributions.domain}"
category: "share"
component: "authentik-forward"
options: ${jsonencode(merge(local.global, local.authentik-forward))}
EOF
}
Reference in New Issue View Git Blame Copy Permalink