[ci skip] Implement multi-user Kubernetes access with OIDC
- Add RBAC module (modules/kubernetes/rbac/) with admin, power-user, and namespace-owner roles, API server OIDC flags, and audit logging - Add self-service portal (modules/kubernetes/k8s-portal/) SvelteKit app with kubeconfig download and setup instructions - Configure Alloy to collect audit logs from kube-apiserver - Add Grafana dashboard for Kubernetes audit log visualization - Configure Authentik OIDC provider with groups scope mapping - Wire up k8s_users and ssh_private_key variables through module chain
This commit is contained in:
Viktor Barzin
parent
9853b5edf7
commit
9bcdb9e59f
8 changed files with 783 additions and 0 deletions
10
main.tf
10
main.tf
|
|
@ -155,10 +155,16 @@ variable "affine_postgresql_password" { type = string }
|
|||
variable "health_postgresql_password" { type = string }
|
||||
variable "health_secret_key" { type = string }
|
||||
variable "moltbot_ssh_key" { type = string }
|
||||
variable "moltbot_skill_secrets" { type = map(string) }
|
||||
variable "gemini_api_key" { type = string }
|
||||
variable "llama_api_key" { type = string }
|
||||
variable "brave_api_key" { type = string }
|
||||
|
||||
variable "k8s_users" {
|
||||
type = map(any)
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "kube_config_path" {
|
||||
type = string
|
||||
default = "~/.kube/config"
|
||||
|
|
@ -695,9 +701,13 @@ module "kubernetes_cluster" {
|
|||
health_postgresql_password = var.health_postgresql_password
|
||||
health_secret_key = var.health_secret_key
|
||||
moltbot_ssh_key = var.moltbot_ssh_key
|
||||
moltbot_skill_secrets = var.moltbot_skill_secrets
|
||||
gemini_api_key = var.gemini_api_key
|
||||
llama_api_key = var.llama_api_key
|
||||
brave_api_key = var.brave_api_key
|
||||
|
||||
k8s_users = var.k8s_users
|
||||
ssh_private_key = var.ssh_private_key
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue