Optimize service port definition
This commit is contained in:
@@ -3,42 +3,11 @@ locals {
|
||||
forward_labels = merge(var.labels, {
|
||||
"app.kubernetes.io/component" = "authentik-forward"
|
||||
})
|
||||
main_group = format("app-%s", var.app_name)
|
||||
external_url = format("https://%s", var.dns_names[0])
|
||||
rules_icons = [for v in var.dns_names : {
|
||||
"host" = "${v}"
|
||||
"http" = {
|
||||
"paths" = [{
|
||||
"backend" = {
|
||||
"service" = var.service
|
||||
}
|
||||
"path" = "/${var.icon}"
|
||||
"pathType" = "Prefix"
|
||||
}]
|
||||
}
|
||||
}]
|
||||
external_url = format("https://%s", var.dns_name)
|
||||
forward_outpost_providers = jsondecode(data.http.get_forward_outpost.response_body).results[0].providers
|
||||
forward_outpost_pk = jsondecode(data.http.get_forward_outpost.response_body).results[0].pk
|
||||
}
|
||||
|
||||
resource "kubectl_manifest" "ingress_icon" {
|
||||
force_conflicts = true
|
||||
yaml_body = <<-EOF
|
||||
apiVersion: "networking.k8s.io/v1"
|
||||
kind: "Ingress"
|
||||
metadata:
|
||||
name: "${local.app_slug}-icons"
|
||||
namespace: "${var.namespace}"
|
||||
labels: ${jsonencode(local.forward_labels)}
|
||||
spec:
|
||||
ingressClassName: "${var.ingress_class}"
|
||||
rules: ${jsonencode(local.rules_icons)}
|
||||
tls:
|
||||
- hosts: ${jsonencode(var.dns_names)}
|
||||
secretName: "${var.instance}-cert"
|
||||
EOF
|
||||
}
|
||||
|
||||
data "authentik_flow" "default_authorization_flow" {
|
||||
slug = "default-provider-authorization-implicit-consent"
|
||||
}
|
||||
|
||||
@@ -18,37 +18,15 @@ variable "labels" {
|
||||
type = map(string)
|
||||
}
|
||||
|
||||
variable "ingress_class" {
|
||||
variable "dns_name" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "icon" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "dns_names" {
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
variable "access_token_validity" {
|
||||
type = string
|
||||
default = "hours=10" // ;minutes=10
|
||||
}
|
||||
|
||||
variable "app_name" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "service" {
|
||||
type = object({
|
||||
name = string
|
||||
port = object({
|
||||
number = number
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
variable "request_headers" {
|
||||
type = map(string)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user