add reloader to reload wireguard upon config change

2021-03-17 21:02:53 +00:00 · 2021-03-17 21:02:53 +00:00 · ca931d8fa1
commit ca931d8fa1
parent e2270586a7
4 changed files with 22 additions and 0 deletions
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@ -157,6 +157,10 @@ module "privatebin" {
 #   tls_secret_name = var.tls_secret_name
 # }

+module "reloader" {
+  source = "./reloader"
+}
+
 module "webhook_handler" {
  source          = "./webhook_handler"
  tls_secret_name = var.tls_secret_name
--- a/modules/kubernetes/reloader/main.tf
+++ b/modules/kubernetes/reloader/main.tf
@ -0,0 +1,8 @@
+resource "helm_release" "reloader" {
+  namespace        = "reloader"
+  create_namespace = true
+  name             = "reloader"
+
+  repository = "https://stakater.github.io/stakater-charts"
+  chart      = "reloader"
+}
--- a/modules/kubernetes/wireguard/main.tf
+++ b/modules/kubernetes/wireguard/main.tf
@ -22,6 +22,9 @@ resource "kubernetes_config_map" "wg_0_conf" {
    labels = {
      app = "wireguard"
    }
+    annotations = {
+      "reloader.stakater.com/match" = "true"
+    }
  }

  data = {
@ -34,6 +37,10 @@ resource "kubernetes_secret" "wg_0_key" {
  metadata {
    name      = "wg0-key"
    namespace = "wireguard"
+
+    annotations = {
+      "reloader.stakater.com/match" = "true"
+    }
  }
  data = {
    "wg0.key" = var.wg_0_key
@ -49,6 +56,9 @@ resource "kubernetes_deployment" "wireguard" {
    labels = {
      app = "wireguard"
    }
+    annotations = {
+      "reloader.stakater.com/search" = "true"
+    }
  }
  spec {
    replicas = 1
--- a/terraform.tfstate
+++ b/terraform.tfstate