diff --git a/modules/kubernetes/dbaas/chart_values.tpl b/modules/kubernetes/dbaas/chart_values.tpl new file mode 100644 index 00000000..e344ea09 --- /dev/null +++ b/modules/kubernetes/dbaas/chart_values.tpl @@ -0,0 +1,7 @@ +tls: + useSelfSigned: true +credentials: + root: + password: ${root_password} + user: root +serverInstances: 1 diff --git a/modules/kubernetes/dbaas/main.tf b/modules/kubernetes/dbaas/main.tf index dee4a62f..4db2cbe8 100644 --- a/modules/kubernetes/dbaas/main.tf +++ b/modules/kubernetes/dbaas/main.tf @@ -2,7 +2,7 @@ variable "tls_secret_name" {} variable "dbaas_root_password" {} variable "cluster_master_service" { - default = "mysql-cluster-mysql-master" + default = "mysql-cluster" } variable "prod" { default = false @@ -35,21 +35,44 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +# resource "helm_release" "mysql" { +# namespace = "dbaas" +# create_namespace = false +# name = "mysql" + +# repository = "https://presslabs.github.io/charts" +# chart = "mysql-operator" +# # version = "v0.5.0-rc.3" + +# values = [templatefile("${path.module}/mysql_chart_values.yaml", { secretName = var.tls_secret_name })] +# atomic = true + +# depends_on = [kubernetes_namespace.dbaas] +# } + resource "helm_release" "mysql" { namespace = "dbaas" create_namespace = false - name = "mysql" + name = "mysql-operator" - repository = "https://presslabs.github.io/charts" + repository = "https://mysql.github.io/mysql-operator/" chart = "mysql-operator" - # version = "v0.5.0-rc.3" - - values = [templatefile("${path.module}/mysql_chart_values.yaml", { secretName = var.tls_secret_name })] - atomic = true - + atomic = true depends_on = [kubernetes_namespace.dbaas] } +resource "helm_release" "innodb-cluster" { + namespace = "dbaas" + create_namespace = false + name = var.cluster_master_service + + repository = "https://mysql.github.io/mysql-operator/" + chart = "mysql-innodbcluster" + atomic = true + depends_on = [kubernetes_namespace.dbaas] + values = [templatefile("${path.module}/chart_values.tpl", { root_password = var.dbaas_root_password })] +} + resource "kubernetes_persistent_volume" "mysql-operator" { metadata { name = "mysql-operator-pv" diff --git a/modules/kubernetes/mailserver/main.tf b/modules/kubernetes/mailserver/main.tf index 3f49e145..fc46ddbf 100644 --- a/modules/kubernetes/mailserver/main.tf +++ b/modules/kubernetes/mailserver/main.tf @@ -154,17 +154,19 @@ resource "kubernetes_deployment" "mailserver" { } } - # lifecycle { - # post_start { - # exec { - # command = [ - # "/bin/sh", - # "-c", - # "cp -f /tmp/user-patches.sh /tmp/docker-mailserver/user-patches.sh && chown root:root /var/log/mail && chmod 755 /var/log/mail", - # ] - # } - # } - # } + lifecycle { + post_start { + exec { + command = [ + "postmap", + "/etc/postfix/sasl/passwd" + # "/bin/sh", + # "-c", + # "cp -f /tmp/user-patches.sh /tmp/docker-mailserver/user-patches.sh && chown root:root /var/log/mail && chmod 755 /var/log/mail", + ] + } + } + } volume_mount { name = "config-tls" diff --git a/modules/kubernetes/url-shortener/main.tf b/modules/kubernetes/url-shortener/main.tf index d51f12f7..d58abcfd 100644 --- a/modules/kubernetes/url-shortener/main.tf +++ b/modules/kubernetes/url-shortener/main.tf @@ -1,3 +1,9 @@ +## Setup +## Need to manually add +## user: shlink +## password: var.mysql_password +## to the mysql tier + variable "tls_secret_name" {} variable "geolite_license_key" {} variable "api_key" {} @@ -27,11 +33,8 @@ resource "kubernetes_secret" "mysql_config" { } } data = { - # TODO user other user... - # "DB_USER" = "shlink" - "DB_USER" = "root" - # "DB_PASSWORD" = var.mysql_password - "DB_PASSWORD" = "cDMyUEFDbGNpQmdjT2RtNXNac2YK" + "DB_USER" = "shlink" + "DB_PASSWORD" = var.mysql_password } } @@ -91,7 +94,7 @@ resource "kubernetes_deployment" "shlink" { image = "shlinkio/shlink:stable" name = "shlink" env { - name = "SHORT_DOMAIN_HOST" + name = "DEFAULT_DOMAIN" value = var.domain } env { @@ -109,7 +112,7 @@ resource "kubernetes_deployment" "shlink" { } env { name = "DB_HOST" - value = "mysql-cluster-mysql-master.dbaas.svc.cluster.local" + value = "mysql-cluster.dbaas.svc.cluster.local" } # env { # name = "DB_USER" @@ -337,98 +340,3 @@ resource "kubernetes_ingress_v1" "shlink-web" { } } } -# TESTING - -resource "kubernetes_deployment" "shlink2" { - metadata { - name = "shlink2" - namespace = "url" - labels = { - run = "shlink2" - } - } - spec { - replicas = 1 - selector { - match_labels = { - run = "shlink2" - } - } - template { - metadata { - labels = { - run = "shlink2" - } - } - spec { - container { - image = "brndnmtthws/nginx-echo-headers" - name = "shlink2" - } - } - } - } -} -resource "kubernetes_service" "shlink2" { - metadata { - name = "shlink2" - namespace = "url" - labels = { - "run" = "shlink2" - } - } - - spec { - selector = { - run = "shlink2" - } - port { - name = "http" - port = "80" - target_port = "8080" - } - } -} - -resource "kubernetes_ingress_v1" "shlink2" { - metadata { - name = "shlink-ingress2" - namespace = "url" - annotations = { - "kubernetes.io/ingress.class" = "nginx" - "nginx.ingress.kubernetes.io/configuration-snippet" : <<-EOF - more_set_headers "Kek: $host"; - more_set_headers "Host: $host"; - more_set_headers "X-Real-IP: $remote_addr"; - more_set_headers "X-Forwarded-For: $proxy_add_x_forwarded_for"; - more_set_headers "X-Forwarded-Proto: $scheme"; - EOF - "nginx.org/location-snippets" : <<-EOF - add_header my-test-header test-value; - EOF - } - } - - spec { - tls { - hosts = ["url2.viktorbarzin.me"] - secret_name = var.tls_secret_name - } - rule { - host = "url2.viktorbarzin.me" - http { - path { - path = "/" - backend { - service { - name = "shlink2" - port { - number = 80 - } - } - } - } - } - } - } -} diff --git a/terraform.tfstate b/terraform.tfstate index 3c80f3e5..512d5729 100644 Binary files a/terraform.tfstate and b/terraform.tfstate differ diff --git a/terraform.tfvars b/terraform.tfvars index 9ec7d425..a4afd42a 100644 Binary files a/terraform.tfvars and b/terraform.tfvars differ