diff --git a/main.tf b/main.tf index 62186ecf..9815c2fc 100644 --- a/main.tf +++ b/main.tf @@ -165,8 +165,6 @@ module "kubernetes_cluster" { source = "./modules/kubernetes" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key # dockerhub_password = var.dockerhub_password client_certificate_secret_name = var.client_certificate_secret_name mailserver_accounts = var.mailserver_accounts diff --git a/modules/kubernetes/drone/main.tf b/modules/kubernetes/drone/main.tf index 19c9308a..35ae19a9 100644 --- a/modules/kubernetes/drone/main.tf +++ b/modules/kubernetes/drone/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "github_client_id" {} variable "github_client_secret" {} variable "rpc_secret" {} @@ -24,8 +22,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "drone" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_config_map" "git_crypt_key" { diff --git a/modules/kubernetes/f1-stream/main.tf b/modules/kubernetes/f1-stream/main.tf index e2f79306..4da82497 100644 --- a/modules/kubernetes/f1-stream/main.tf +++ b/modules/kubernetes/f1-stream/main.tf @@ -1,6 +1,4 @@ -variable tls_secret_name {} -variable "tls_crt" {} -variable "tls_key" {} +variable "tls_secret_name" {} resource "kubernetes_namespace" "f1-stream" { metadata { @@ -76,8 +74,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "f1-stream" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } diff --git a/modules/kubernetes/hackmd/main.tf b/modules/kubernetes/hackmd/main.tf index 51a7ba25..ebc8489e 100644 --- a/modules/kubernetes/hackmd/main.tf +++ b/modules/kubernetes/hackmd/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "hackmd_db_password" {} resource "kubernetes_namespace" "hackmd" { @@ -13,8 +11,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "hackmd" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_deployment" "hackmd" { diff --git a/modules/kubernetes/k8s-dashboard/main.tf b/modules/kubernetes/k8s-dashboard/main.tf index 2efffd90..d7be1d38 100644 --- a/modules/kubernetes/k8s-dashboard/main.tf +++ b/modules/kubernetes/k8s-dashboard/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "client_certificate_secret_name" {} resource "random_password" "csrf_token" { @@ -24,8 +22,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "kubernetes-dashboard" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } # # locals { diff --git a/modules/kubernetes/kms/main.tf b/modules/kubernetes/kms/main.tf index 8b448aa5..8c8b1396 100644 --- a/modules/kubernetes/kms/main.tf +++ b/modules/kubernetes/kms/main.tf @@ -1,7 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} - resource "kubernetes_namespace" "kms" { metadata { @@ -13,8 +10,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "kms" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_config_map" "kms-web-page" { diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf index ead8bbbb..952f969e 100644 --- a/modules/kubernetes/main.tf +++ b/modules/kubernetes/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "client_certificate_secret_name" {} variable "hackmd_db_password" {} variable "mailserver_accounts" {} @@ -49,8 +47,6 @@ module "dnscrypt" { module "drone" { source = "./drone" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key github_client_id = var.drone_github_client_id github_client_secret = var.drone_github_client_secret @@ -64,8 +60,6 @@ module "drone" { module "f1-stream" { source = "./f1-stream" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key depends_on = [null_resource.core_services] } @@ -74,8 +68,6 @@ module "hackmd" { source = "./hackmd" hackmd_db_password = var.hackmd_db_password tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key depends_on = [null_resource.core_services] } @@ -88,8 +80,6 @@ module "hackmd" { module "kms" { source = "./kms" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key depends_on = [null_resource.core_services] } @@ -97,8 +87,6 @@ module "kms" { module "k8s-dashboard" { source = "./k8s-dashboard" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key client_certificate_secret_name = var.client_certificate_secret_name depends_on = [null_resource.core_services] @@ -116,67 +104,53 @@ module "metallb" { source = "./metallb" } -module monitoring { +module "monitoring" { source = "./monitoring" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key alertmanager_account_password = var.alertmanager_account_password depends_on = [null_resource.core_services] } -module openid_help_page { +module "openid_help_page" { source = "./openid_help_page" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key depends_on = [null_resource.core_services] } -module pihole { +module "pihole" { source = "./pihole" web_password = var.pihole_web_password tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key depends_on = [module.bind] # DNS goes like pihole -> bind -> dnscrypt } -module privatebin { +module "privatebin" { source = "./privatebin" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key depends_on = [null_resource.core_services] } -module vault { +module "vault" { source = "./vault" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } -module webhook_handler { +module "webhook_handler" { source = "./webhook_handler" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key webhook_secret = var.webhook_handler_secret depends_on = [null_resource.core_services] } -module wireguard { +module "wireguard" { source = "./wireguard" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key wg_0_conf = var.wireguard_wg_0_conf wg_0_key = var.wireguard_wg_0_key firewall_sh = var.wireguard_firewall_sh diff --git a/modules/kubernetes/monitoring/main.tf b/modules/kubernetes/monitoring/main.tf index 166999ff..a47a0aba 100644 --- a/modules/kubernetes/monitoring/main.tf +++ b/modules/kubernetes/monitoring/main.tf @@ -1,14 +1,10 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "alertmanager_account_password" {} module "tls_secret" { source = "../setup_tls_secret" namespace = "monitoring" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "helm_release" "prometheus" { diff --git a/modules/kubernetes/openid_help_page/main.tf b/modules/kubernetes/openid_help_page/main.tf index 0d9c16eb..4ff04c33 100644 --- a/modules/kubernetes/openid_help_page/main.tf +++ b/modules/kubernetes/openid_help_page/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} resource "kubernetes_namespace" "openid_help_page" { metadata { @@ -12,8 +10,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "openid-help-page" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_deployment" "openid_help_page" { diff --git a/modules/kubernetes/pihole/main.tf b/modules/kubernetes/pihole/main.tf index 71e810df..e0081232 100644 --- a/modules/kubernetes/pihole/main.tf +++ b/modules/kubernetes/pihole/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "web_password" {} resource "kubernetes_namespace" "pihole" { @@ -13,8 +11,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "pihole" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } diff --git a/modules/kubernetes/privatebin/main.tf b/modules/kubernetes/privatebin/main.tf index 5386acec..c76bcb19 100644 --- a/modules/kubernetes/privatebin/main.tf +++ b/modules/kubernetes/privatebin/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} resource "kubernetes_namespace" "privatebin" { metadata { @@ -12,8 +10,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "privatebin" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_deployment" "privatebin" { diff --git a/modules/kubernetes/vault/main.tf b/modules/kubernetes/vault/main.tf index 39e25425..3a9579d8 100644 --- a/modules/kubernetes/vault/main.tf +++ b/modules/kubernetes/vault/main.tf @@ -1,6 +1,4 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "host" { default = "vault.viktorbarzin.me" } @@ -15,8 +13,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "vault" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_persistent_volume" "vault_data" { diff --git a/modules/kubernetes/webhook_handler/main.tf b/modules/kubernetes/webhook_handler/main.tf index 90e4594b..24b5163a 100644 --- a/modules/kubernetes/webhook_handler/main.tf +++ b/modules/kubernetes/webhook_handler/main.tf @@ -1,7 +1,5 @@ variable "tls_secret_name" {} -variable "tls_crt" {} -variable "tls_key" {} variable "webhook_secret" {} resource "kubernetes_namespace" "webhook-handler" { @@ -14,8 +12,6 @@ module "tls_secret" { source = "../setup_tls_secret" namespace = "webhook-handler" tls_secret_name = var.tls_secret_name - tls_crt = var.tls_crt - tls_key = var.tls_key } resource "kubernetes_cluster_role" "deployment_updater" {