From 45558f8a04db9c11c559db0528618b82b531cbf7 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Mon, 8 Jan 2024 22:45:55 +0000 Subject: [PATCH] refactor home assistant module [ci skip] --- modules/kubernetes/home_assistant/main.tf | 392 +++++++++++----------- modules/kubernetes/main.tf | 12 +- 2 files changed, 202 insertions(+), 202 deletions(-) diff --git a/modules/kubernetes/home_assistant/main.tf b/modules/kubernetes/home_assistant/main.tf index 1a739bfd..a26f3910 100644 --- a/modules/kubernetes/home_assistant/main.tf +++ b/modules/kubernetes/home_assistant/main.tf @@ -2,237 +2,237 @@ variable "tls_secret_name" {} variable "client_certificate_secret_name" {} variable "configuration_yaml" {} -# resource "kubernetes_namespace" "home_assistant" { -# metadata { -# name = "home-assistant" -# } -# } +resource "kubernetes_namespace" "home_assistant" { + metadata { + name = "home-assistant" + } +} -# resource "kubernetes_config_map" "home_assistant_config_map" { -# metadata { -# name = "home-assistant-configmap" -# namespace = "home-assistant" +resource "kubernetes_config_map" "home_assistant_config_map" { + metadata { + name = "home-assistant-configmap" + namespace = "home-assistant" -# annotations = { -# "reloader.stakater.com/match" = "true" -# } -# } + annotations = { + "reloader.stakater.com/match" = "true" + } + } -# data = { -# # "db.viktorbarzin.lan" = var.db_viktorbarzin_lan -# # "db.viktorbarzin.me" = format("%s%s", var.db_viktorbarzin_me, file("${path.module}/extra/viktorbarzin.me")) -# # "db.181.191.213.in-addr.arpa" = var.db_ptr -# "configuration.yaml" = var.configuration_yaml -# } -# } + data = { + # "db.viktorbarzin.lan" = var.db_viktorbarzin_lan + # "db.viktorbarzin.me" = format("%s%s", var.db_viktorbarzin_me, file("${path.module}/extra/viktorbarzin.me")) + # "db.181.191.213.in-addr.arpa" = var.db_ptr + "configuration.yaml" = var.configuration_yaml + } +} -# module "tls_secret" { -# source = "../setup_tls_secret" -# namespace = "home-assistant" -# tls_secret_name = var.tls_secret_name -# } +module "tls_secret" { + source = "../setup_tls_secret" + namespace = "home-assistant" + tls_secret_name = var.tls_secret_name +} -# resource "helm_release" "home_assistant" { -# namespace = "home-assistant" -# create_namespace = true -# name = "home-assistant" +resource "helm_release" "home_assistant" { + namespace = "home-assistant" + create_namespace = true + name = "home-assistant" -# repository = "https://k8s-at-home.com/charts/" -# chart = "home-assistant" + repository = "https://k8s-at-home.com/charts/" + chart = "home-assistant" -# values = [templatefile("${path.module}/home_assistant_chart_values.tpl", { tls_secret_name = var.tls_secret_name, client_certificate_secret_name = var.client_certificate_secret_name })] -# } + values = [templatefile("${path.module}/home_assistant_chart_values.tpl", { tls_secret_name = var.tls_secret_name, client_certificate_secret_name = var.client_certificate_secret_name })] +} -# resource "kubernetes_deployment" "home_assistant" { -# metadata { -# name = "home-assistant" -# namespace = "home-assistant" +resource "kubernetes_deployment" "home_assistant" { + metadata { + name = "home-assistant" + namespace = "home-assistant" -# labels = { -# "app.kubernetes.io/instance" = "home-assistant" -# "app.kubernetes.io/name" = "home-assistant" -# "app.kubernetes.io/version" = "2022.5.4" -# } -# } + labels = { + "app.kubernetes.io/instance" = "home-assistant" + "app.kubernetes.io/name" = "home-assistant" + "app.kubernetes.io/version" = "2022.5.4" + } + } -# spec { -# replicas = 1 + spec { + replicas = 1 -# selector { -# match_labels = { -# "app.kubernetes.io/instance" = "home-assistant" -# "app.kubernetes.io/name" = "home-assistant" -# } -# } + selector { + match_labels = { + "app.kubernetes.io/instance" = "home-assistant" + "app.kubernetes.io/name" = "home-assistant" + } + } -# template { -# metadata { -# labels = { -# "app.kubernetes.io/instance" = "home-assistant" + template { + metadata { + labels = { + "app.kubernetes.io/instance" = "home-assistant" -# "app.kubernetes.io/name" = "home-assistant" -# } -# } + "app.kubernetes.io/name" = "home-assistant" + } + } -# spec { -# container { -# name = "home-assistant" -# # image = "ghcr.io/home-assistant/home-assistant:2022.5.4" -# image = "ghcr.io/home-assistant/home-assistant:2022.5.5" -# # image = "ghcr.io/home-assistant/home-assistant" -# port { -# name = "http" -# container_port = 8123 -# protocol = "TCP" -# } -# env { -# name = "TZ" -# value = "UTC+3" -# } + spec { + container { + name = "home-assistant" + # image = "ghcr.io/home-assistant/home-assistant:2022.5.4" + image = "ghcr.io/home-assistant/home-assistant:2022.5.5" + # image = "ghcr.io/home-assistant/home-assistant" + port { + name = "http" + container_port = 8123 + protocol = "TCP" + } + env { + name = "TZ" + value = "UTC+3" + } -# volume_mount { -# name = "configuration" -# mount_path = "/config" -# # sub_path = "hackmd" -# } -# liveness_probe { -# tcp_socket { -# port = "8123" -# } -# timeout_seconds = 1 -# period_seconds = 10 -# success_threshold = 1 -# failure_threshold = 3 -# } + volume_mount { + name = "configuration" + mount_path = "/config" + # sub_path = "hackmd" + } + liveness_probe { + tcp_socket { + port = "8123" + } + timeout_seconds = 1 + period_seconds = 10 + success_threshold = 1 + failure_threshold = 3 + } -# readiness_probe { -# tcp_socket { -# port = "8123" -# } + readiness_probe { + tcp_socket { + port = "8123" + } -# timeout_seconds = 1 -# period_seconds = 10 -# success_threshold = 1 -# failure_threshold = 3 -# } + timeout_seconds = 1 + period_seconds = 10 + success_threshold = 1 + failure_threshold = 3 + } -# startup_probe { -# tcp_socket { -# port = "8123" -# } + startup_probe { + tcp_socket { + port = "8123" + } -# timeout_seconds = 1 -# period_seconds = 5 -# success_threshold = 1 -# failure_threshold = 30 -# } + timeout_seconds = 1 + period_seconds = 5 + success_threshold = 1 + failure_threshold = 30 + } -# termination_message_path = "/dev/termination-log" -# image_pull_policy = "IfNotPresent" -# } + termination_message_path = "/dev/termination-log" + image_pull_policy = "IfNotPresent" + } -# volume { -# name = "configuration" -# iscsi { -# target_portal = "iscsi.viktorbarzin.lan:3260" -# fs_type = "ext4" -# iqn = "iqn.2020-12.lan.viktorbarzin:storage:home-assistant" -# lun = 0 -# read_only = false -# } -# } + volume { + name = "configuration" + iscsi { + target_portal = "iscsi.viktorbarzin.lan:3260" + fs_type = "ext4" + iqn = "iqn.2020-12.lan.viktorbarzin:storage:home-assistant" + lun = 0 + read_only = false + } + } -# restart_policy = "Always" -# termination_grace_period_seconds = 30 -# dns_policy = "ClusterFirst" -# service_account_name = "default" -# } -# } + restart_policy = "Always" + termination_grace_period_seconds = 30 + dns_policy = "ClusterFirst" + service_account_name = "default" + } + } -# strategy { -# type = "Recreate" -# } -# revision_history_limit = 3 -# } -# } -# resource "kubernetes_service" "home_assistant" { -# metadata { -# name = "home-assistant" -# namespace = "home-assistant" + strategy { + type = "Recreate" + } + revision_history_limit = 3 + } +} +resource "kubernetes_service" "home_assistant" { + metadata { + name = "home-assistant" + namespace = "home-assistant" -# labels = { -# "app.kubernetes.io/instance" = "home-assistant" + labels = { + "app.kubernetes.io/instance" = "home-assistant" -# "app.kubernetes.io/managed-by" = "Helm" + "app.kubernetes.io/managed-by" = "Helm" -# "app.kubernetes.io/name" = "home-assistant" + "app.kubernetes.io/name" = "home-assistant" -# "app.kubernetes.io/version" = "2022.5.4" + "app.kubernetes.io/version" = "2022.5.4" -# "helm.sh/chart" = "home-assistant-13.2.0" -# } + "helm.sh/chart" = "home-assistant-13.2.0" + } -# annotations = { -# "meta.helm.sh/release-name" = "home-assistant" + annotations = { + "meta.helm.sh/release-name" = "home-assistant" -# "meta.helm.sh/release-namespace" = "home-assistant" -# } -# } + "meta.helm.sh/release-namespace" = "home-assistant" + } + } -# spec { -# port { -# name = "http" -# protocol = "TCP" -# port = 8123 -# target_port = "http" -# } + spec { + port { + name = "http" + protocol = "TCP" + port = 8123 + target_port = "http" + } -# selector = { -# "app.kubernetes.io/instance" = "home-assistant" + selector = { + "app.kubernetes.io/instance" = "home-assistant" -# "app.kubernetes.io/name" = "home-assistant" -# } + "app.kubernetes.io/name" = "home-assistant" + } -# # cluster_ip = "10.102.20.150" -# type = "ClusterIP" -# session_affinity = "None" -# } -# } + # cluster_ip = "10.102.20.150" + type = "ClusterIP" + session_affinity = "None" + } +} -# resource "kubernetes_ingress_v1" "home-assistant-ui" { -# metadata { -# name = "home-assistant-ui-ingress" -# namespace = "home-assistant" -# annotations = { -# "kubernetes.io/ingress.class" = "nginx" -# "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true" -# "nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on" -# "nginx.ingress.kubernetes.io/auth-tls-secret" = var.client_certificate_secret_name -# } -# } +resource "kubernetes_ingress_v1" "home-assistant-ui" { + metadata { + name = "home-assistant-ui-ingress" + namespace = "home-assistant" + annotations = { + "kubernetes.io/ingress.class" = "nginx" + "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true" + "nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on" + "nginx.ingress.kubernetes.io/auth-tls-secret" = var.client_certificate_secret_name + } + } -# spec { -# tls { -# hosts = ["home-assistant.viktorbarzin.me"] -# secret_name = var.tls_secret_name -# } -# rule { -# host = "home-assistant.viktorbarzin.me" -# http { -# path { -# path = "/" -# backend { -# service { -# name = "home-assistant" -# port { -# number = 8123 -# } -# } -# } -# } -# } -# } -# } -# } + spec { + tls { + hosts = ["home-assistant.viktorbarzin.me"] + secret_name = var.tls_secret_name + } + rule { + host = "home-assistant.viktorbarzin.me" + http { + path { + path = "/" + backend { + service { + name = "home-assistant" + port { + number = 8123 + } + } + } + } + } + } + } +} diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf index baae2ef1..2a98fe10 100644 --- a/modules/kubernetes/main.tf +++ b/modules/kubernetes/main.tf @@ -262,12 +262,12 @@ module "wireguard" { firewall_sh = var.wireguard_firewall_sh } -module "home_assistant" { - source = "./home_assistant" - tls_secret_name = var.tls_secret_name - client_certificate_secret_name = var.client_certificate_secret_name - configuration_yaml = var.home_assistant_configuration -} +# module "home_assistant" { +# source = "./home_assistant" +# tls_secret_name = var.tls_secret_name +# client_certificate_secret_name = var.client_certificate_secret_name +# configuration_yaml = var.home_assistant_configuration +# } module "finance_app" { source = "./finance_app"