add option to specify which ingresses are protected and also expose list of paths to allow [ci skip]

modules/kubernetes/reverse_proxy/factory/main.tf

@@ -10,6 +10,14 @@ variable "tls_secret_name" {}
 variable "backend_protocol" {
   default = "HTTP"
 }
+variable "protected" {
+  type    = bool
+  default = true
+}
+variable "ingress_path" {
+  type    = list(string)
+  default = ["/"]
+}
 
 
 resource "kubernetes_service" "proxied-service" {
@@ -41,8 +49,8 @@ resource "kubernetes_ingress_v1" "proxied-ingress" {
     annotations = {
       "nginx.ingress.kubernetes.io/backend-protocol" = "${var.backend_protocol}"
       "kubernetes.io/ingress.class"                  = "nginx"
-      "nginx.ingress.kubernetes.io/auth-url" : "https://oauth2.viktorbarzin.me/oauth2/auth"
-      "nginx.ingress.kubernetes.io/auth-signin" : "https://oauth2.viktorbarzin.me/oauth2/start?rd=/redirect/$http_host$escaped_request_uri"
+      "nginx.ingress.kubernetes.io/auth-url" : var.protected ? "https://oauth2.viktorbarzin.me/oauth2/auth" : null
+      "nginx.ingress.kubernetes.io/auth-signin" : var.protected ? "https://oauth2.viktorbarzin.me/oauth2/start?rd=/redirect/$http_host$escaped_request_uri" : null
     }
   }
 
@@ -54,18 +62,27 @@ resource "kubernetes_ingress_v1" "proxied-ingress" {
     rule {
       host = "${var.name}.viktorbarzin.me"
       http {
-        path {
-          path = "/"
-          backend {
-            service {
+        dynamic "path" {
+          # for_each = { for pr in var.ingress_path : pr => pr }
+          for_each = var.ingress_path
 
-              name = var.name
-              port {
-                number = var.port
+          content {
+            path = path.value
+            backend {
+              service {
+
+                name = var.name
+                port {
+                  number = var.port
+                }
               }
             }
           }
         }
+        # path {
+        #   # path = var.ingress_path
+        #   path = each.value
+        # }
       }
     }
   }