52 lines
1.9 KiB
HCL
52 lines
1.9 KiB
HCL
# locals {
|
|
# app_slug = "${var.instance}${var.component == "" ? "" : "-"}${var.component}"
|
|
# forward_labels = merge(var.labels, {
|
|
# "app.kubernetes.io/component" = "ak-gatekeeper"
|
|
# })
|
|
# external_url = format("https://%s", var.dns_name)
|
|
# forward_outpost_providers = jsondecode(data.http.get_forward_outpost.response_body).results[0].providers
|
|
# forward_outpost_pk = jsondecode(data.http.get_forward_outpost.response_body).results[0].pk
|
|
# }
|
|
|
|
# data "authentik_flow" "default_authorization_flow" {
|
|
# slug = "default-provider-authorization-implicit-consent"
|
|
# }
|
|
|
|
# resource "authentik_provider_proxy" "forward" {
|
|
# name = local.app_slug
|
|
# external_host = local.external_url
|
|
# authorization_flow = data.authentik_flow.default_authorization_flow.id
|
|
# mode = "forward_single"
|
|
# access_token_validity = var.access_token_validity
|
|
# }
|
|
|
|
# data "http" "get_forward_outpost" {
|
|
# depends_on = [authentik_provider_proxy.forward]
|
|
# url = "http://authentik.${var.domain}-auth.svc/api/v3/outposts/instances/?name__iexact=${var.domain}-proxy-outpost"
|
|
# method = "GET"
|
|
# request_headers = var.request_headers
|
|
# lifecycle {
|
|
# postcondition {
|
|
# condition = contains([200], self.status_code)
|
|
# error_message = "Status code invalid"
|
|
# }
|
|
# }
|
|
# }
|
|
|
|
# resource "restapi_object" "forward_outpost_binding" {
|
|
# path = "/outposts/instances/${local.forward_outpost_pk}/"
|
|
# data = jsonencode({
|
|
# name = "forward"
|
|
# providers = contains(local.forward_outpost_providers, authentik_provider_proxy.forward.id) ? local.forward_outpost_providers : concat(local.forward_outpost_providers, [authentik_provider_proxy.forward.id])
|
|
# })
|
|
# }
|
|
|
|
|
|
|
|
# data "kubernetes_ingress_v1" "authentik" {
|
|
# metadata {
|
|
# name = "authentik"
|
|
# namespace = "${var.domain}-auth"
|
|
# }
|
|
# }
|