make tls crt and keys optional params to the create_tls_secret module
This commit is contained in:
viktorbarzin
parent
005f02d902
commit
3a37fc181d
13 changed files with 8 additions and 81 deletions
2
main.tf
2
main.tf
|
|
@ -165,8 +165,6 @@ module "kubernetes_cluster" {
|
|||
source = "./modules/kubernetes"
|
||||
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
# dockerhub_password = var.dockerhub_password
|
||||
client_certificate_secret_name = var.client_certificate_secret_name
|
||||
mailserver_accounts = var.mailserver_accounts
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "github_client_id" {}
|
||||
variable "github_client_secret" {}
|
||||
variable "rpc_secret" {}
|
||||
|
|
@ -24,8 +22,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "drone"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_config_map" "git_crypt_key" {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable tls_secret_name {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "tls_secret_name" {}
|
||||
|
||||
resource "kubernetes_namespace" "f1-stream" {
|
||||
metadata {
|
||||
|
|
@ -76,8 +74,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "f1-stream"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "hackmd_db_password" {}
|
||||
|
||||
resource "kubernetes_namespace" "hackmd" {
|
||||
|
|
@ -13,8 +11,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "hackmd"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_deployment" "hackmd" {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "client_certificate_secret_name" {}
|
||||
|
||||
resource "random_password" "csrf_token" {
|
||||
|
|
@ -24,8 +22,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "kubernetes-dashboard"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
# # locals {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
|
||||
|
||||
resource "kubernetes_namespace" "kms" {
|
||||
metadata {
|
||||
|
|
@ -13,8 +10,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "kms"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_config_map" "kms-web-page" {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "client_certificate_secret_name" {}
|
||||
variable "hackmd_db_password" {}
|
||||
variable "mailserver_accounts" {}
|
||||
|
|
@ -49,8 +47,6 @@ module "dnscrypt" {
|
|||
module "drone" {
|
||||
source = "./drone"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
github_client_id = var.drone_github_client_id
|
||||
github_client_secret = var.drone_github_client_secret
|
||||
|
|
@ -64,8 +60,6 @@ module "drone" {
|
|||
module "f1-stream" {
|
||||
source = "./f1-stream"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
|
@ -74,8 +68,6 @@ module "hackmd" {
|
|||
source = "./hackmd"
|
||||
hackmd_db_password = var.hackmd_db_password
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
|
@ -88,8 +80,6 @@ module "hackmd" {
|
|||
module "kms" {
|
||||
source = "./kms"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
|
@ -97,8 +87,6 @@ module "kms" {
|
|||
module "k8s-dashboard" {
|
||||
source = "./k8s-dashboard"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
client_certificate_secret_name = var.client_certificate_secret_name
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
|
|
@ -116,67 +104,53 @@ module "metallb" {
|
|||
source = "./metallb"
|
||||
}
|
||||
|
||||
module monitoring {
|
||||
module "monitoring" {
|
||||
source = "./monitoring"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
alertmanager_account_password = var.alertmanager_account_password
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
||||
module openid_help_page {
|
||||
module "openid_help_page" {
|
||||
source = "./openid_help_page"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
||||
module pihole {
|
||||
module "pihole" {
|
||||
source = "./pihole"
|
||||
web_password = var.pihole_web_password
|
||||
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
depends_on = [module.bind] # DNS goes like pihole -> bind -> dnscrypt
|
||||
}
|
||||
|
||||
module privatebin {
|
||||
module "privatebin" {
|
||||
source = "./privatebin"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
||||
module vault {
|
||||
module "vault" {
|
||||
source = "./vault"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
module webhook_handler {
|
||||
module "webhook_handler" {
|
||||
source = "./webhook_handler"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
webhook_secret = var.webhook_handler_secret
|
||||
|
||||
depends_on = [null_resource.core_services]
|
||||
}
|
||||
|
||||
module wireguard {
|
||||
module "wireguard" {
|
||||
source = "./wireguard"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
wg_0_conf = var.wireguard_wg_0_conf
|
||||
wg_0_key = var.wireguard_wg_0_key
|
||||
firewall_sh = var.wireguard_firewall_sh
|
||||
|
|
|
|||
|
|
@ -1,14 +1,10 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "alertmanager_account_password" {}
|
||||
|
||||
module "tls_secret" {
|
||||
source = "../setup_tls_secret"
|
||||
namespace = "monitoring"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "helm_release" "prometheus" {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
|
||||
resource "kubernetes_namespace" "openid_help_page" {
|
||||
metadata {
|
||||
|
|
@ -12,8 +10,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "openid-help-page"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_deployment" "openid_help_page" {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "web_password" {}
|
||||
|
||||
resource "kubernetes_namespace" "pihole" {
|
||||
|
|
@ -13,8 +11,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "pihole"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
|
||||
resource "kubernetes_namespace" "privatebin" {
|
||||
metadata {
|
||||
|
|
@ -12,8 +10,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "privatebin"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_deployment" "privatebin" {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,4 @@
|
|||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "host" {
|
||||
default = "vault.viktorbarzin.me"
|
||||
}
|
||||
|
|
@ -15,8 +13,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "vault"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_persistent_volume" "vault_data" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,5 @@
|
|||
|
||||
variable "tls_secret_name" {}
|
||||
variable "tls_crt" {}
|
||||
variable "tls_key" {}
|
||||
variable "webhook_secret" {}
|
||||
|
||||
resource "kubernetes_namespace" "webhook-handler" {
|
||||
|
|
@ -14,8 +12,6 @@ module "tls_secret" {
|
|||
source = "../setup_tls_secret"
|
||||
namespace = "webhook-handler"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tls_crt = var.tls_crt
|
||||
tls_key = var.tls_key
|
||||
}
|
||||
|
||||
resource "kubernetes_cluster_role" "deployment_updater" {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue