diff --git a/modules/kubernetes/wireguard/main.tf b/modules/kubernetes/wireguard/main.tf index 8dc6bb2a..c5c514a1 100644 --- a/modules/kubernetes/wireguard/main.tf +++ b/modules/kubernetes/wireguard/main.tf @@ -212,174 +212,174 @@ resource "kubernetes_service" "wireguard_exporter" { } -resource "kubernetes_deployment" "webui" { - metadata { - name = "webui" - namespace = "wireguard" - labels = { - app = "webui" - } - # annotations = { - # "configmap.reloader.stakater.com/reload" = "wg0-conf" - # } - annotations = { - "reloader.stakater.com/search" = "true" - } - } - spec { - replicas = 1 - selector { - match_labels = { - app = "webui" - } - } - template { - metadata { - labels = { - app = "webui" - } - } - spec { - init_container { - image = "busybox" - name = "setup-config" - command = ["/bin/sh", "-c", "cat /config/config.json && cp /config/config.json /cache/config.json"] - # command = ["/bin/sh", "-c", "cat /config/config.json /cache/config.json; tail -f /dev/null"] - volume_mount { - name = "config" - mount_path = "/config/config.json" - sub_path = "config.json" - } - volume_mount { - name = "cache" - mount_path = "/cache" - } - } - container { - image = "embarkstudios/wireguard-ui:latest" - name = "webui" - image_pull_policy = "IfNotPresent" - lifecycle { - } - command = ["/wireguard-ui"] - args = [ - "--data-dir", - "/data", - "--log-level", - "debug", - "--wg-endpoint", - "vpn.viktorbarzin.me:51820", - "--wg-dns", - "10.0.20.1", - "--wg-allowed-ips", - "0.0.0.0/0", - "--client-ip-range", - "10.3.3.10/24", - "--no-nat", - ] - port { - container_port = 8080 - protocol = "TCP" - } - security_context { - capabilities { - add = ["NET_ADMIN", "SYS_MODULE", "CAP_SYS_ADMIN"] - } - } +# resource "kubernetes_deployment" "webui" { +# metadata { +# name = "webui" +# namespace = "wireguard" +# labels = { +# app = "webui" +# } +# # annotations = { +# # "configmap.reloader.stakater.com/reload" = "wg0-conf" +# # } +# annotations = { +# "reloader.stakater.com/search" = "true" +# } +# } +# spec { +# replicas = 1 +# selector { +# match_labels = { +# app = "webui" +# } +# } +# template { +# metadata { +# labels = { +# app = "webui" +# } +# } +# spec { +# init_container { +# image = "busybox" +# name = "setup-config" +# command = ["/bin/sh", "-c", "cat /config/config.json && cp /config/config.json /cache/config.json"] +# # command = ["/bin/sh", "-c", "cat /config/config.json /cache/config.json; tail -f /dev/null"] +# volume_mount { +# name = "config" +# mount_path = "/config/config.json" +# sub_path = "config.json" +# } +# volume_mount { +# name = "cache" +# mount_path = "/cache" +# } +# } +# container { +# image = "embarkstudios/wireguard-ui:latest" +# name = "webui" +# image_pull_policy = "IfNotPresent" +# lifecycle { +# } +# command = ["/wireguard-ui"] +# args = [ +# "--data-dir", +# "/data", +# "--log-level", +# "debug", +# "--wg-endpoint", +# "vpn.viktorbarzin.me:51820", +# "--wg-dns", +# "10.0.20.1", +# "--wg-allowed-ips", +# "0.0.0.0/0", +# "--client-ip-range", +# "10.3.3.10/24", +# "--no-nat", +# ] +# port { +# container_port = 8080 +# protocol = "TCP" +# } +# security_context { +# capabilities { +# add = ["NET_ADMIN", "SYS_MODULE", "CAP_SYS_ADMIN"] +# } +# } - # volume_mount { - # name = "wg0-key" - # mount_path = "/data/config.json" - # sub_path = "config.json" - # } - volume_mount { - name = "cache" - mount_path = "/data" - } - # volume_mount { - # name = "wg0-key" - # mount_path = "/etc/wireguard/wg0.key" - # sub_path = "wg0.key" - # } - } - # volume { - # name = "wg0-conf" - # config_map { - # name = "wg0-conf" - # } - # } - volume { - name = "config" - secret { - secret_name = "wg0-key" - items { - key = "wg-ui-config" - path = "config.json" - } - } - } - volume { - name = "cache" - empty_dir { - } - } - } - } - } -} -resource "kubernetes_service" "webui" { - metadata { - name = "webui" - namespace = "wireguard" +# # volume_mount { +# # name = "wg0-key" +# # mount_path = "/data/config.json" +# # sub_path = "config.json" +# # } +# volume_mount { +# name = "cache" +# mount_path = "/data" +# } +# # volume_mount { +# # name = "wg0-key" +# # mount_path = "/etc/wireguard/wg0.key" +# # sub_path = "wg0.key" +# # } +# } +# # volume { +# # name = "wg0-conf" +# # config_map { +# # name = "wg0-conf" +# # } +# # } +# volume { +# name = "config" +# secret { +# secret_name = "wg0-key" +# items { +# key = "wg-ui-config" +# path = "config.json" +# } +# } +# } +# volume { +# name = "cache" +# empty_dir { +# } +# } +# } +# } +# } +# } +# resource "kubernetes_service" "webui" { +# metadata { +# name = "webui" +# namespace = "wireguard" - labels = { - app = "webui" - } - } - spec { - type = "ClusterIP" - port { - name = "http" - protocol = "TCP" - port = 80 - target_port = "8080" - } - selector = { - app = "webui" - } - } -} +# labels = { +# app = "webui" +# } +# } +# spec { +# type = "ClusterIP" +# port { +# name = "http" +# protocol = "TCP" +# port = 80 +# target_port = "8080" +# } +# selector = { +# app = "webui" +# } +# } +# } -resource "kubernetes_ingress_v1" "webui" { - metadata { - name = "webui-ingress" - namespace = "wireguard" - annotations = { - "kubernetes.io/ingress.class" = "nginx" - } - } +# resource "kubernetes_ingress_v1" "webui" { +# metadata { +# name = "webui-ingress" +# namespace = "wireguard" +# annotations = { +# "kubernetes.io/ingress.class" = "nginx" +# } +# } - spec { - tls { - hosts = ["wg.viktorbarzin.me"] - secret_name = var.tls_secret_name - } - rule { - host = "wg.viktorbarzin.me" - http { - path { - path = "/" - backend { - service { - name = "webui" - port { - number = 80 - } - } - } - } - } - } - } -} +# spec { +# tls { +# hosts = ["wg.viktorbarzin.me"] +# secret_name = var.tls_secret_name +# } +# rule { +# host = "wg.viktorbarzin.me" +# http { +# path { +# path = "/" +# backend { +# service { +# name = "webui" +# port { +# number = 80 +# } +# } +# } +# } +# } +# } +# } +# }