domain/apps/dbgate/application.tf

locals {
    dns-name = "${var.sub-domain}.${var.domain-name}"
    dns-names = [local.dns-name]
}


provider "restapi" {
  uri = "http://authentik.${var.domain}-auth.svc/api/v3/"
  headers = local.request_headers
  create_method = "PATCH"
  update_method = "PATCH"
  destroy_method = "PATCH"
  write_returns_object = true
  id_attribute = "name"
}


module "ingress" {
  source = "/dist/modules/ingress"
  component         = var.component
  instance          = var.instance
  namespace         = var.namespace
  issuer            = var.issuer
  ingress-class     = var.ingress-class
  labels            = local.common-labels
  dns-names         = local.dns-names
  middlewares       = ["${var.instance}-https"]
  service           = {
    "name"  = "${var.component}-${var.instance}"
    "port" = {
      "number" = 80
    }
  }
  providers = {
    kubectl = kubectl
  }
}

module "application" {
  source = "/dist/modules/application"
  component         = var.component
  instance          = var.instance
  app-group         = var.app-group
  sub-domain        = var.sub-domain
  domain-name       = var.domain-name
  icon              = "logo192.png"
  protocol_provider = var.use-oauth?module.oauth2.provider-id:module.forward.provider-id
  providers = {
    authentik = authentik
  }
}

module "oauth2" {
  count  = var.use-oauth?1:0
  source = "/dist/modules/oauth2"
  component         = var.component
  instance          = var.instance
  namespace         = var.namespace
  labels            = local.common-labels
  dns-name          = local.dns-name
  providers = {
    kubernetes = kubernetes
    kubectl = kubectl
    authentik = authentik
  }
}

module "forward" {
  count  = var.use-oauth?0:1
  source = "/dist/modules/forward"
  component         = var.component
  instance          = var.instance
  domain            = var.domain
  namespace         = var.namespace
  ingress-class     = var.ingress-class
  labels            = local.common-labels
  dns-names         = local.dns-names
  authentik-token   = data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]
  providers = {
    restapi = restapi
    http = http
    kubectl = kubectl
    authentik = authentik
  }
}