33 lines
1.1 KiB
HCL
33 lines
1.1 KiB
HCL
locals {
|
|
request_headers = {
|
|
"Content-Type" = "application/json"
|
|
Authorization = "Bearer ${local.authentik_token}"
|
|
}
|
|
outposts = jsondecode(data.http.get_proxy_outpost.response_body).results
|
|
outpost_providers = local.outposts[0].providers
|
|
outpost_pk = local.outposts[0].pk
|
|
}
|
|
|
|
|
|
data "http" "get_proxy_outpost" {
|
|
depends_on = [data.kubernetes_secret_v1.authentik]
|
|
url = "${local.authentik_url}/api/v3/outposts/instances/?name__iexact=${var.domain}-proxy-outpost"
|
|
method = "GET"
|
|
request_headers = local.request_headers
|
|
lifecycle {
|
|
postcondition {
|
|
condition = contains([200], self.status_code)
|
|
error_message = "Status code invalid, error: ${try(jsondecode(self.response_body).detail, "no-error")}"
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
resource "restapi_object" "proxy_outpost_binding" {
|
|
path = "/outposts/instances/${local.outpost_pk}/"
|
|
data = jsonencode({
|
|
name = "${var.domain}-proxy-outpost"
|
|
providers = contains(local.outpost_providers, authentik_provider_proxy.app_proxy_provider.id) ? local.outpost_providers : concat(local.outpost_providers, [authentik_provider_proxy.app_proxy_provider.id])
|
|
})
|
|
}
|