viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix dbaas mysql operator and shlink [ci skip]

Browse source
This commit is contained in:
viktorbarzin 2022-12-27 17:56:39 +02:00
parent 70cc0f6b26
commit ab0d747063
No known key found for this signature in database
GPG key ID: 0EB088298288D958
6 changed files with 61 additions and 121 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/kubernetes/dbaas/chart_values.tpl Normal file
View file

@ -0,0 +1,7 @@
tls:
useSelfSigned: true
credentials:
root:
password: ${root_password}
user: root
serverInstances: 1

39
modules/kubernetes/dbaas/main.tf
View file

@ -2,7 +2,7 @@
variable "tls_secret_name" {} variable "tls_secret_name" {}
variable "dbaas_root_password" {} variable "dbaas_root_password" {}
variable "cluster_master_service" { variable "cluster_master_service" {
default = "mysql-cluster-mysql-master" default = "mysql-cluster"
} }
variable "prod" { variable "prod" {
default = false default = false
@ -35,21 +35,44 @@ module "tls_secret" {
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
# resource "helm_release" "mysql" {
# namespace = "dbaas"
# create_namespace = false
# name = "mysql"
# repository = "https://presslabs.github.io/charts"
# chart = "mysql-operator"
# # version = "v0.5.0-rc.3"
# values = [templatefile("${path.module}/mysql_chart_values.yaml", { secretName = var.tls_secret_name })]
# atomic = true
# depends_on = [kubernetes_namespace.dbaas]
# }
resource "helm_release" "mysql" { resource "helm_release" "mysql" {
namespace = "dbaas" namespace = "dbaas"
create_namespace = false create_namespace = false
name = "mysql" name = "mysql-operator"
repository = "https://presslabs.github.io/charts" repository = "https://mysql.github.io/mysql-operator/"
chart = "mysql-operator" chart = "mysql-operator"
# version = "v0.5.0-rc.3" atomic = true
values = [templatefile("${path.module}/mysql_chart_values.yaml", { secretName = var.tls_secret_name })]
atomic = true
depends_on = [kubernetes_namespace.dbaas] depends_on = [kubernetes_namespace.dbaas]
} }
resource "helm_release" "innodb-cluster" {
namespace = "dbaas"
create_namespace = false
name = var.cluster_master_service
repository = "https://mysql.github.io/mysql-operator/"
chart = "mysql-innodbcluster"
atomic = true
depends_on = [kubernetes_namespace.dbaas]
values = [templatefile("${path.module}/chart_values.tpl", { root_password = var.dbaas_root_password })]
}
resource "kubernetes_persistent_volume" "mysql-operator" { resource "kubernetes_persistent_volume" "mysql-operator" {
metadata { metadata {
name = "mysql-operator-pv" name = "mysql-operator-pv"

24
modules/kubernetes/mailserver/main.tf
View file

@ -154,17 +154,19 @@ resource "kubernetes_deployment" "mailserver" {
} }
} }
# lifecycle { lifecycle {
# post_start { post_start {
# exec { exec {
# command = [ command = [
# "/bin/sh", "postmap",
# "-c", "/etc/postfix/sasl/passwd"
# "cp -f /tmp/user-patches.sh /tmp/docker-mailserver/user-patches.sh && chown root:root /var/log/mail && chmod 755 /var/log/mail", # "/bin/sh",
# ] # "-c",
# } # "cp -f /tmp/user-patches.sh /tmp/docker-mailserver/user-patches.sh && chown root:root /var/log/mail && chmod 755 /var/log/mail",
# } ]
# } }
}
}
volume_mount { volume_mount {
name = "config-tls" name = "config-tls"

112
modules/kubernetes/url-shortener/main.tf
View file

@ -1,3 +1,9 @@
## Setup
## Need to manually add
## user: shlink
## password: var.mysql_password
## to the mysql tier
variable "tls_secret_name" {} variable "tls_secret_name" {}
variable "geolite_license_key" {} variable "geolite_license_key" {}
variable "api_key" {} variable "api_key" {}
@ -27,11 +33,8 @@ resource "kubernetes_secret" "mysql_config" {
} }
} }
data = { data = {
# TODO user other user... "DB_USER" = "shlink"
# "DB_USER" = "shlink" "DB_PASSWORD" = var.mysql_password
"DB_USER" = "root"
# "DB_PASSWORD" = var.mysql_password
"DB_PASSWORD" = "cDMyUEFDbGNpQmdjT2RtNXNac2YK"
} }
} }
@ -91,7 +94,7 @@ resource "kubernetes_deployment" "shlink" {
image = "shlinkio/shlink:stable" image = "shlinkio/shlink:stable"
name = "shlink" name = "shlink"
env { env {
name = "SHORT_DOMAIN_HOST" name = "DEFAULT_DOMAIN"
value = var.domain value = var.domain
} }
env { env {
@ -109,7 +112,7 @@ resource "kubernetes_deployment" "shlink" {
} }
env { env {
name = "DB_HOST" name = "DB_HOST"
value = "mysql-cluster-mysql-master.dbaas.svc.cluster.local" value = "mysql-cluster.dbaas.svc.cluster.local"
} }
# env { # env {
# name = "DB_USER" # name = "DB_USER"
@ -337,98 +340,3 @@ resource "kubernetes_ingress_v1" "shlink-web" {
} }
} }
} }
# TESTING
resource "kubernetes_deployment" "shlink2" {
metadata {
name = "shlink2"
namespace = "url"
labels = {
run = "shlink2"
}
}
spec {
replicas = 1
selector {
match_labels = {
run = "shlink2"
}
}
template {
metadata {
labels = {
run = "shlink2"
}
}
spec {
container {
image = "brndnmtthws/nginx-echo-headers"
name = "shlink2"
}
}
}
}
}
resource "kubernetes_service" "shlink2" {
metadata {
name = "shlink2"
namespace = "url"
labels = {
"run" = "shlink2"
}
}
spec {
selector = {
run = "shlink2"
}
port {
name = "http"
port = "80"
target_port = "8080"
}
}
}
resource "kubernetes_ingress_v1" "shlink2" {
metadata {
name = "shlink-ingress2"
namespace = "url"
annotations = {
"kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/configuration-snippet" : <<-EOF
more_set_headers "Kek: $host";
more_set_headers "Host: $host";
more_set_headers "X-Real-IP: $remote_addr";
more_set_headers "X-Forwarded-For: $proxy_add_x_forwarded_for";
more_set_headers "X-Forwarded-Proto: $scheme";
EOF
"nginx.org/location-snippets" : <<-EOF
add_header my-test-header test-value;
EOF
}
}
spec {
tls {
hosts = ["url2.viktorbarzin.me"]
secret_name = var.tls_secret_name
}
rule {
host = "url2.viktorbarzin.me"
http {
path {
path = "/"
backend {
service {
name = "shlink2"
port {
number = 80
}
}
}
}
}
}
}
}

BIN
terraform.tfstate
View file

Binary file not shown.

BIN
terraform.tfvars
View file

Binary file not shown.