vynil/kydah-modules
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refacto and add lb

Browse Source
This commit is contained in:
Xavier Mortelette
2024-01-24 15:29:36 +01:00
committed by Sébastien Huss
parent 15c5e64ea5
commit 384fdd7b69
13 changed files with 168 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
forward/forward.tf
View File

@@ -1,8 +1,11 @@
locals {
forward_outpost_providers = jsondecode(data.http.get_forward_outpost.response_body).results[0].providers
forward_outpost_pk = jsondecode(data.http.get_forward_outpost.response_body).results[0].pk
app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance)
main_group = format("app-%s", local.app_name)
app_slug = "${var.instance}${var.component==""?"":"-"}${var.component}"
forward_labels = merge(var.labels, {
"app.kubernetes.io/component" = "authentik-forward"
})
main_group = format("app-%s", var.app_name)
external_url = format("https://%s", var.dns_names[0])
rules_icons = [for v in var.dns_names : {
"host" = "${v}"
@@ -24,9 +27,9 @@ resource "kubectl_manifest" "prj_ingress_icon" {
apiVersion: "networking.k8s.io/v1"
kind: "Ingress"
metadata:
name: "${var.instance}-icons"
name: "${local.app_slug}-icons"
namespace: "${var.namespace}"
labels: ${jsonencode(var.labels)}
labels: ${jsonencode(local.forward_labels)}
spec:
ingressClassName: "${var.ingress_class}"
rules: ${jsonencode(local.rules_icons)}
@@ -41,7 +44,7 @@ data "authentik_flow" "default-authorization-flow" {
}
resource "authentik_provider_proxy" "prj_forward" {
name = local.app_name
name = local.app_slug
external_host = local.external_url
authorization_flow = data.authentik_flow.default-authorization-flow.id
mode = "forward_single"
@@ -74,9 +77,9 @@ resource "kubectl_manifest" "prj_middleware" {
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: "forward-${local.app_name}"
name: "${local.app_slug}-forward"
namespace: "${var.namespace}"
labels: ${jsonencode(var.labels)}
labels: ${jsonencode(local.forward_labels)}
spec:
forwardAuth:
address: http://ak-outpost-forward.${var.domain}-auth.svc:9000/outpost.goauthentik.io/auth/traefik