From f1dde96d80f553e309d4ab3cb0cbd9e581c8d103 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Mon, 29 Dec 2025 10:23:42 +0000 Subject: [PATCH] replace hardcoded namespace with module reference [ci skip] --- modules/kubernetes/actualbudget/main.tf | 4 ++- modules/kubernetes/audiobookshelf/main.tf | 8 +++--- modules/kubernetes/authelia/main.tf | 12 ++++----- modules/kubernetes/authentik/main.tf | 6 ++--- modules/kubernetes/blog/main.tf | 10 +++---- modules/kubernetes/calibre/main.tf | 16 ++++++------ modules/kubernetes/changedetection/main.tf | 8 +++--- modules/kubernetes/cloudflared/cloudflare.tf | 16 ++++++------ modules/kubernetes/cloudflared/main.tf | 6 ++--- modules/kubernetes/crowdsec/main.tf | 12 ++++----- modules/kubernetes/cyberchef/main.tf | 8 +++--- modules/kubernetes/dashy/main.tf | 10 +++---- modules/kubernetes/dawarich/main.tf | 12 ++++----- modules/kubernetes/descheduler/main.tf | 6 ++--- modules/kubernetes/discount-bandit/main.tf | 8 +++--- modules/kubernetes/diun/main.tf | 8 +++--- modules/kubernetes/dnscat2/main.tf | 8 +++--- modules/kubernetes/dnscrypt/main.tf | 6 ++--- modules/kubernetes/drone/main.tf | 18 ++++++------- modules/kubernetes/echo/main.tf | 8 +++--- modules/kubernetes/excalidraw/main.tf | 10 +++---- modules/kubernetes/f1-stream/main.tf | 8 +++--- modules/kubernetes/finance_app/main.tf | 14 +++++----- modules/kubernetes/forgejo/main.tf | 8 +++--- modules/kubernetes/frigate/main.tf | 12 ++++----- modules/kubernetes/hackmd/main.tf | 8 +++--- modules/kubernetes/home_assistant/main.tf | 12 ++++----- modules/kubernetes/homepage/main.tf | 4 +-- modules/kubernetes/immich/main.tf | 26 +++++++++---------- modules/kubernetes/isponsorblocktv/main.tf | 2 +- modules/kubernetes/istio/main.tf | 14 +++++----- modules/kubernetes/jellyfin/main.tf | 8 +++--- modules/kubernetes/jsoncrack/main.tf | 8 +++--- modules/kubernetes/k8s-dashboard/main.tf | 20 +++++++------- modules/kubernetes/kafka/main.tf | 10 +++---- modules/kubernetes/kms/main.tf | 14 +++++----- modules/kubernetes/kured/main.tf | 4 +-- modules/kubernetes/linkwarden/main.tf | 8 +++--- modules/kubernetes/mailserver/main.tf | 14 +++++----- modules/kubernetes/main.tf | 9 ++++--- modules/kubernetes/matrix/main.tf | 8 +++--- modules/kubernetes/meshcentral/main.tf | 8 +++--- modules/kubernetes/metrics-server/main.tf | 8 ++---- modules/kubernetes/monitoring/grafana.tf | 4 +-- modules/kubernetes/monitoring/idrac.tf | 8 +++--- modules/kubernetes/monitoring/loki.tf | 6 ++--- modules/kubernetes/monitoring/main.tf | 17 +++++++++--- modules/kubernetes/monitoring/prometheus.tf | 4 +-- modules/kubernetes/monitoring/pve_exporter.tf | 6 ++--- .../kubernetes/monitoring/snmp_exporter.tf | 8 +++--- modules/kubernetes/n8n/main.tf | 10 +++---- modules/kubernetes/navidrome/main.tf | 8 +++--- modules/kubernetes/netbox/main.tf | 8 +++--- modules/kubernetes/networking-toolbox/main.tf | 8 +++--- modules/kubernetes/nextcloud/main.tf | 16 ++++++------ modules/kubernetes/ntfy/main.tf | 8 +++--- modules/kubernetes/nvidia/main.tf | 14 +++++----- modules/kubernetes/ollama/main.tf | 18 ++++++------- modules/kubernetes/onlyoffice/main.tf | 8 +++--- modules/kubernetes/owntracks/main.tf | 10 +++---- modules/kubernetes/paperless-ngx/main.tf | 8 +++--- modules/kubernetes/pihole/main.tf | 12 ++++----- modules/kubernetes/privatebin/main.tf | 8 +++--- .../kubernetes/real-estate-crawler/main.tf | 18 ++++++------- modules/kubernetes/redis/main.tf | 8 +++--- modules/kubernetes/resume/main.tf | 4 +-- modules/kubernetes/rybbit/main.tf | 16 ++++++------ modules/kubernetes/send/main.tf | 8 +++--- modules/kubernetes/servarr/main.tf | 2 +- modules/kubernetes/shadowsocks/main.tf | 6 ++--- modules/kubernetes/stirling-pdf/main.tf | 8 +++--- modules/kubernetes/tandoor/main.tf | 8 +++--- modules/kubernetes/technitium/main.tf | 12 ++++----- modules/kubernetes/travel_blog/main.tf | 10 +++---- modules/kubernetes/tuya-bridge/main.tf | 8 +++--- modules/kubernetes/uptime-kuma/main.tf | 20 +++++++------- modules/kubernetes/vault/main.tf | 8 +++--- modules/kubernetes/vaultwarden/main.tf | 8 +++--- modules/kubernetes/vikunja/main.tf | 10 +++---- modules/kubernetes/wealthfolio/main.tf | 8 +++--- modules/kubernetes/webhook_handler/main.tf | 12 ++++----- modules/kubernetes/xray/main.tf | 16 ++++++------ modules/kubernetes/youtube_dl/main.tf | 8 +++--- 83 files changed, 411 insertions(+), 403 deletions(-) diff --git a/modules/kubernetes/actualbudget/main.tf b/modules/kubernetes/actualbudget/main.tf index fc4ac749..17091036 100644 --- a/modules/kubernetes/actualbudget/main.tf +++ b/modules/kubernetes/actualbudget/main.tf @@ -18,7 +18,7 @@ resource "kubernetes_namespace" "actualbudget" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "actualbudget" + namespace = kubernetes_namespace.actualbudget tls_secret_name = var.tls_secret_name } @@ -29,6 +29,7 @@ module "viktor" { name = "viktor" tag = "edge" tls_secret_name = var.tls_secret_name + depends_on = [kubernetes_namespace.actualbudget] } # https://budget-anca.viktorbarzin.me/ @@ -37,4 +38,5 @@ module "anca" { name = "anca" tag = "edge" tls_secret_name = var.tls_secret_name + depends_on = [kubernetes_namespace.actualbudget] } diff --git a/modules/kubernetes/audiobookshelf/main.tf b/modules/kubernetes/audiobookshelf/main.tf index f3e6759e..39e46787 100644 --- a/modules/kubernetes/audiobookshelf/main.tf +++ b/modules/kubernetes/audiobookshelf/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "audiobookshelf" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "audiobookshelf" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "audiobookshelf" { metadata { name = "audiobookshelf" - namespace = "audiobookshelf" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name labels = { app = "audiobookshelf" } @@ -103,7 +103,7 @@ resource "kubernetes_deployment" "audiobookshelf" { resource "kubernetes_service" "audiobookshelf" { metadata { name = "audiobookshelf" - namespace = "audiobookshelf" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name labels = { "app" = "audiobookshelf" } @@ -124,7 +124,7 @@ resource "kubernetes_service" "audiobookshelf" { module "ingress" { source = "../ingress_factory" - namespace = "audiobookshelf" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name name = "audiobookshelf" tls_secret_name = var.tls_secret_name extra_annotations = { diff --git a/modules/kubernetes/authelia/main.tf b/modules/kubernetes/authelia/main.tf index 1bc69e2b..133f5670 100644 --- a/modules/kubernetes/authelia/main.tf +++ b/modules/kubernetes/authelia/main.tf @@ -11,12 +11,12 @@ resource "kubernetes_namespace" "authelia" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "authelia" + namespace = kubernetes_namespace.authelia.metadata[0].name tls_secret_name = var.tls_secret_name } resource "helm_release" "authelia" { - namespace = "authelia" + namespace = kubernetes_namespace.authelia.metadata[0].name name = "authelia" atomic = true @@ -32,7 +32,7 @@ resource "helm_release" "authelia" { # resource "kubernetes_config_map" "configuration" { # metadata { # name = "configuration" -# namespace = "authelia" +# namespace = kubernetes_namespace.authelia.metadata[0].name # labels = { # app = "configuration" @@ -53,7 +53,7 @@ resource "helm_release" "authelia" { # resource "kubernetes_deployment" "authelia" { # metadata { # name = "authelia" -# namespace = "authelia" +# namespace = kubernetes_namespace.authelia.metadata[0].name # labels = { # app = "authelia" # } @@ -119,7 +119,7 @@ resource "helm_release" "authelia" { # resource "kubernetes_service" "authelia" { # metadata { # name = "authelia" -# namespace = "authelia" +# namespace = kubernetes_namespace.authelia.metadata[0].name # labels = { # "app" = "authelia" # } @@ -142,7 +142,7 @@ resource "helm_release" "authelia" { # resource "kubernetes_ingress_v1" "authelia" { # metadata { # name = "authelia" -# namespace = "authelia" +# namespace = kubernetes_namespace.authelia.metadata[0].name # annotations = { # "kubernetes.io/ingress.class" = "nginx" # # "nginx.ingress.kubernetes.io/affinity" = "cookie" diff --git a/modules/kubernetes/authentik/main.tf b/modules/kubernetes/authentik/main.tf index 73e376e4..f5df26e1 100644 --- a/modules/kubernetes/authentik/main.tf +++ b/modules/kubernetes/authentik/main.tf @@ -5,7 +5,7 @@ variable "postgres_password" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "authentik" + namespace = kubernetes_namespace.authentik.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -16,7 +16,7 @@ resource "kubernetes_namespace" "authentik" { } resource "helm_release" "authentik" { - namespace = "authentik" + namespace = kubernetes_namespace.authentik.metadata[0].name create_namespace = true name = "goauthentik" @@ -34,7 +34,7 @@ resource "helm_release" "authentik" { resource "kubernetes_ingress_v1" "authentik" { metadata { name = "authentik" - namespace = "authentik" + namespace = kubernetes_namespace.authentik.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" } diff --git a/modules/kubernetes/blog/main.tf b/modules/kubernetes/blog/main.tf index fbf14df6..91cf4fed 100644 --- a/modules/kubernetes/blog/main.tf +++ b/modules/kubernetes/blog/main.tf @@ -12,20 +12,20 @@ resource "kubernetes_namespace" "website" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "website" + namespace = kubernetes_namespace.website.metadata[0].name tls_secret_name = var.tls_secret_name } # module "dockerhub_creds" { # source = "../dockerhub_secret" -# namespace = "website" +# namespace = kubernetes_namespace.website.metadata[0].name # password = var.dockerhub_password # } resource "kubernetes_deployment" "blog" { metadata { name = "blog" - namespace = "website" + namespace = kubernetes_namespace.website.metadata[0].name labels = { run = "blog" } @@ -78,7 +78,7 @@ resource "kubernetes_deployment" "blog" { resource "kubernetes_service" "blog" { metadata { name = "blog" - namespace = "website" + namespace = kubernetes_namespace.website.metadata[0].name labels = { "run" = "blog" } @@ -109,7 +109,7 @@ resource "kubernetes_service" "blog" { resource "kubernetes_ingress_v1" "blog" { metadata { name = "blog-ingress" - namespace = "website" + namespace = kubernetes_namespace.website.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/configuration-snippet" = <<-EOT diff --git a/modules/kubernetes/calibre/main.tf b/modules/kubernetes/calibre/main.tf index 77eb6fdd..040374bf 100644 --- a/modules/kubernetes/calibre/main.tf +++ b/modules/kubernetes/calibre/main.tf @@ -17,14 +17,14 @@ resource "kubernetes_namespace" "calibre" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name tls_secret_name = var.tls_secret_name } # resource "kubernetes_deployment" "calibre" { # metadata { # name = "calibre" -# namespace = "calibre" +# namespace = kubernetes_namespace.calibre.metadata[0].name # labels = { # app = "calibre" # } @@ -97,7 +97,7 @@ module "tls_secret" { resource "kubernetes_deployment" "calibre-web-automated" { metadata { name = "calibre-web-automated" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name labels = { app = "calibre-web-automated" } @@ -196,7 +196,7 @@ resource "kubernetes_deployment" "calibre-web-automated" { resource "kubernetes_service" "calibre" { metadata { name = "calibre" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name labels = { "app" = "calibre" } @@ -218,7 +218,7 @@ resource "kubernetes_service" "calibre" { module "ingress" { source = "../ingress_factory" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name name = "calibre" tls_secret_name = var.tls_secret_name extra_annotations = { @@ -248,7 +248,7 @@ module "ingress" { resource "kubernetes_deployment" "annas-archive-stacks" { metadata { name = "annas-archive-stacks" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name labels = { app = "annas-archive-stacks" } @@ -304,7 +304,7 @@ resource "kubernetes_deployment" "annas-archive-stacks" { resource "kubernetes_service" "annas-archive-stacks" { metadata { name = "annas-archive-stacks" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name labels = { "app" = "annas-archive-stacks" } @@ -324,7 +324,7 @@ resource "kubernetes_service" "annas-archive-stacks" { module "stacks-ingress" { source = "../ingress_factory" - namespace = "calibre" + namespace = kubernetes_namespace.calibre.metadata[0].name name = "stacks" service_name = "annas-archive-stacks" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/changedetection/main.tf b/modules/kubernetes/changedetection/main.tf index 0a52da3b..c7154e72 100644 --- a/modules/kubernetes/changedetection/main.tf +++ b/modules/kubernetes/changedetection/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "changedetection" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "changedetection" + namespace = kubernetes_namespace.changedetection.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "changedetection" { metadata { name = "changedetection" - namespace = "changedetection" + namespace = kubernetes_namespace.changedetection.metadata[0].name labels = { app = "changedetection" } @@ -103,7 +103,7 @@ resource "kubernetes_deployment" "changedetection" { resource "kubernetes_service" "changedetection" { metadata { name = "changedetection" - namespace = "changedetection" + namespace = kubernetes_namespace.changedetection.metadata[0].name labels = { "app" = "changedetection" } @@ -122,7 +122,7 @@ resource "kubernetes_service" "changedetection" { module "ingress" { source = "../ingress_factory" - namespace = "changedetection" + namespace = kubernetes_namespace.changedetection.metadata[0].name name = "changedetection" tls_secret_name = var.tls_secret_name protected = true diff --git a/modules/kubernetes/cloudflared/cloudflare.tf b/modules/kubernetes/cloudflared/cloudflare.tf index f82d39a4..fe6fb945 100644 --- a/modules/kubernetes/cloudflared/cloudflare.tf +++ b/modules/kubernetes/cloudflared/cloudflare.tf @@ -72,11 +72,11 @@ resource "cloudflare_zero_trust_tunnel_cloudflared_config" "sof" { } resource "cloudflare_record" "dns_record" { - for_each = local.cloudflare_proxied_names_map - # count = length(var.cloudflare_proxied_names) + # for_each = local.cloudflare_proxied_names_map + count = length(var.cloudflare_proxied_names) content = "${var.cloudflare_tunnel_id}.cfargotunnel.com" - # name = var.cloudflare_proxied_names[count.index] - name = each.key + name = var.cloudflare_proxied_names[count.index] + # name = each.key proxied = true ttl = 1 type = "CNAME" @@ -84,12 +84,12 @@ resource "cloudflare_record" "dns_record" { } resource "cloudflare_record" "non_proxied_dns_record" { - for_each = local.cloudflare_non_proxied_names_map - # count = length(var.cloudflare_non_proxied_names) + # for_each = local.cloudflare_non_proxied_names_map + count = length(var.cloudflare_non_proxied_names) # content = var.non_proxied_names[count.index].ip content = var.public_ip - # name = var.cloudflare_non_proxied_names[count.index] - name = each.key + name = var.cloudflare_non_proxied_names[count.index] + # name = each.key proxied = false ttl = 1 type = "A" diff --git a/modules/kubernetes/cloudflared/main.tf b/modules/kubernetes/cloudflared/main.tf index 7fe90b83..bbd33b47 100644 --- a/modules/kubernetes/cloudflared/main.tf +++ b/modules/kubernetes/cloudflared/main.tf @@ -10,14 +10,14 @@ resource "kubernetes_namespace" "cloudflared" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "cloudflared" + namespace = kubernetes_namespace.cloudflared.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "cloudflared" { metadata { name = "cloudflared" - namespace = "cloudflared" + namespace = kubernetes_namespace.cloudflared.metadata[0].name labels = { app = "cloudflared" } @@ -64,7 +64,7 @@ resource "kubernetes_deployment" "cloudflared" { resource "kubernetes_service" "cloudflared" { metadata { name = "cloudflared" - namespace = "cloudflared" + namespace = kubernetes_namespace.cloudflared.metadata[0].name labels = { "app" = "cloudflared" } diff --git a/modules/kubernetes/crowdsec/main.tf b/modules/kubernetes/crowdsec/main.tf index baf3b0a6..e3cb5566 100644 --- a/modules/kubernetes/crowdsec/main.tf +++ b/modules/kubernetes/crowdsec/main.tf @@ -9,7 +9,7 @@ variable "crowdsec_dash_machine_password" { type = string } # used for web dash module "tls_secret" { source = "../setup_tls_secret" - namespace = "crowdsec" + namespace = kubernetes_namespace.crowdsec.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -22,7 +22,7 @@ resource "kubernetes_namespace" "crowdsec" { resource "kubernetes_config_map" "crowdsec_custom_scenarios" { metadata { name = "crowdsec-custom-scenarios" - namespace = "crowdsec" + namespace = kubernetes_namespace.crowdsec.metadata[0].name labels = { "app.kubernetes.io/name" = "crowdsec" } @@ -62,7 +62,7 @@ resource "kubernetes_config_map" "crowdsec_custom_scenarios" { resource "helm_release" "crowdsec" { - namespace = "crowdsec" + namespace = kubernetes_namespace.crowdsec.metadata[0].name create_namespace = true name = "crowdsec" atomic = true @@ -80,7 +80,7 @@ resource "helm_release" "crowdsec" { resource "kubernetes_deployment" "crowdsec-web" { metadata { name = "crowdsec-web" - namespace = "crowdsec" + namespace = kubernetes_namespace.crowdsec.metadata[0].name labels = { app = "crowdsec_web" "kubernetes.io/cluster-service" = "true" @@ -137,7 +137,7 @@ resource "kubernetes_deployment" "crowdsec-web" { resource "kubernetes_service" "crowdsec-web" { metadata { name = "crowdsec-web" - namespace = "crowdsec" + namespace = kubernetes_namespace.crowdsec.metadata[0].name labels = { "app" = "crowdsec_web" } @@ -155,7 +155,7 @@ resource "kubernetes_service" "crowdsec-web" { } module "ingress" { source = "../ingress_factory" - namespace = "crowdsec" + namespace = kubernetes_namespace.crowdsec.metadata[0].name name = "crowdsec-web" protected = true tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/cyberchef/main.tf b/modules/kubernetes/cyberchef/main.tf index e6db2fe8..8049635e 100644 --- a/modules/kubernetes/cyberchef/main.tf +++ b/modules/kubernetes/cyberchef/main.tf @@ -7,14 +7,14 @@ resource "kubernetes_namespace" "cyberchef" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "cyberchef" + namespace = kubernetes_namespace.cyberchef.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "cyberchef" { metadata { name = "cyberchef" - namespace = "cyberchef" + namespace = kubernetes_namespace.cyberchef.metadata[0].name labels = { app = "cyberchef" } @@ -55,7 +55,7 @@ resource "kubernetes_deployment" "cyberchef" { resource "kubernetes_service" "cyberchef" { metadata { name = "cc" - namespace = "cyberchef" + namespace = kubernetes_namespace.cyberchef.metadata[0].name labels = { "app" = "cyberchef" } @@ -76,7 +76,7 @@ resource "kubernetes_service" "cyberchef" { module "ingress" { source = "../ingress_factory" - namespace = "cyberchef" + namespace = kubernetes_namespace.cyberchef.metadata[0].name name = "cc" tls_secret_name = var.tls_secret_name rybbit_site_id = "7c460afc68c4" diff --git a/modules/kubernetes/dashy/main.tf b/modules/kubernetes/dashy/main.tf index dc946ecf..1fb34fb9 100644 --- a/modules/kubernetes/dashy/main.tf +++ b/modules/kubernetes/dashy/main.tf @@ -3,7 +3,7 @@ variable "tls_secret_name" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "dashy" + namespace = kubernetes_namespace.dashy.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -19,7 +19,7 @@ resource "kubernetes_namespace" "dashy" { resource "kubernetes_config_map" "config" { metadata { name = "config" - namespace = "dashy" + namespace = kubernetes_namespace.dashy.metadata[0].name annotations = { "reloader.stakater.com/match" = "true" @@ -34,7 +34,7 @@ resource "kubernetes_config_map" "config" { resource "kubernetes_deployment" "dashy" { metadata { name = "dashy" - namespace = "dashy" + namespace = kubernetes_namespace.dashy.metadata[0].name labels = { app = "dashy" } @@ -85,7 +85,7 @@ resource "kubernetes_deployment" "dashy" { resource "kubernetes_service" "dashy" { metadata { name = "dashy" - namespace = "dashy" + namespace = kubernetes_namespace.dashy.metadata[0].name labels = { app = "dashy" } @@ -105,7 +105,7 @@ resource "kubernetes_service" "dashy" { module "ingress" { source = "../ingress_factory" - namespace = "dashy" + namespace = kubernetes_namespace.dashy.metadata[0].name name = "dashy" tls_secret_name = var.tls_secret_name protected = true # hidden as we use homepage now diff --git a/modules/kubernetes/dawarich/main.tf b/modules/kubernetes/dawarich/main.tf index b93c11a0..d6a1cef5 100644 --- a/modules/kubernetes/dawarich/main.tf +++ b/modules/kubernetes/dawarich/main.tf @@ -17,14 +17,14 @@ resource "kubernetes_namespace" "dawarich" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "dawarich" + namespace = kubernetes_namespace.dawarich.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "dawarich" { metadata { name = "dawarich" - namespace = "dawarich" + namespace = kubernetes_namespace.dawarich.metadata[0].name labels = { app = "dawarich" } @@ -218,7 +218,7 @@ resource "kubernetes_deployment" "dawarich" { # resource "kubernetes_deployment" "photon" { # metadata { # name = "photon" -# namespace = "dawarich" +# namespace = kubernetes_namespace.dawarich.metadata[0].name # labels = { # app = "photon" # } @@ -276,7 +276,7 @@ resource "kubernetes_deployment" "dawarich" { resource "kubernetes_service" "dawarich" { metadata { name = "dawarich" - namespace = "dawarich" + namespace = kubernetes_namespace.dawarich.metadata[0].name labels = { "app" = "dawarich" } @@ -298,7 +298,7 @@ resource "kubernetes_service" "dawarich" { # resource "kubernetes_service" "photon" { # metadata { # name = "photon" -# namespace = "dawarich" +# namespace = kubernetes_namespace.dawarich.metadata[0].name # labels = { # "app" = "photon" # } @@ -318,7 +318,7 @@ resource "kubernetes_service" "dawarich" { # } module "ingress" { source = "../ingress_factory" - namespace = "dawarich" + namespace = kubernetes_namespace.dawarich.metadata[0].name name = "dawarich" tls_secret_name = var.tls_secret_name extra_annotations = { diff --git a/modules/kubernetes/descheduler/main.tf b/modules/kubernetes/descheduler/main.tf index 56abaa97..4d49240a 100644 --- a/modules/kubernetes/descheduler/main.tf +++ b/modules/kubernetes/descheduler/main.tf @@ -53,7 +53,7 @@ resource "kubernetes_cluster_role" "descheduler" { resource "kubernetes_service_account" "descheduler" { metadata { name = "descheduler-sa" - namespace = "descheduler" + namespace = kubernetes_namespace.descheduler.metadata[0].name } } @@ -70,12 +70,12 @@ resource "kubernetes_cluster_role_binding" "descheduler" { subject { name = "descheduler-sa" kind = "ServiceAccount" - namespace = "descheduler" + namespace = kubernetes_namespace.descheduler.metadata[0].name } } resource "helm_release" "prometheus" { - namespace = "descheduler" + namespace = kubernetes_namespace.descheduler.metadata[0].name name = "descheduler" repository = "https://kubernetes-sigs.github.io/descheduler/" diff --git a/modules/kubernetes/discount-bandit/main.tf b/modules/kubernetes/discount-bandit/main.tf index 8d6bc658..1d605a84 100644 --- a/modules/kubernetes/discount-bandit/main.tf +++ b/modules/kubernetes/discount-bandit/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "discount-bandit" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "discount-bandit" + namespace = kubernetes_namespace.discount-bandit.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "discount-bandit" { metadata { name = "discount-bandit" - namespace = "discount-bandit" + namespace = kubernetes_namespace.discount-bandit.metadata[0].name labels = { app = "discount-bandit" } @@ -79,7 +79,7 @@ resource "kubernetes_deployment" "discount-bandit" { resource "kubernetes_service" "discount-bandit" { metadata { name = "discount-bandit" - namespace = "discount-bandit" + namespace = kubernetes_namespace.discount-bandit.metadata[0].name labels = { "app" = "discount-bandit" } @@ -101,7 +101,7 @@ resource "kubernetes_service" "discount-bandit" { resource "kubernetes_ingress_v1" "discount-bandit" { metadata { name = "discount-bandit" - namespace = "discount-bandit" + namespace = kubernetes_namespace.discount-bandit.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" } diff --git a/modules/kubernetes/diun/main.tf b/modules/kubernetes/diun/main.tf index 7b7ef9d3..3a075d4d 100644 --- a/modules/kubernetes/diun/main.tf +++ b/modules/kubernetes/diun/main.tf @@ -13,14 +13,14 @@ resource "kubernetes_namespace" "diun" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "diun" + namespace = kubernetes_namespace.diun.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_service_account" "diun" { metadata { name = "diun" - namespace = "diun" + namespace = kubernetes_namespace.diun.metadata[0].name } } @@ -47,14 +47,14 @@ resource "kubernetes_cluster_role_binding" "diun" { subject { kind = "ServiceAccount" name = "diun" - namespace = "diun" + namespace = kubernetes_namespace.diun.metadata[0].name } } resource "kubernetes_deployment" "diun" { metadata { name = "diun" - namespace = "diun" + namespace = kubernetes_namespace.diun.metadata[0].name labels = { app = "diun" } diff --git a/modules/kubernetes/dnscat2/main.tf b/modules/kubernetes/dnscat2/main.tf index 4d8186f1..f5ffcb16 100644 --- a/modules/kubernetes/dnscat2/main.tf +++ b/modules/kubernetes/dnscat2/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "dnscat2" { # module "tls_secret" { # source = "../setup_tls_secret" -# namespace = "dnscat2" +# namespace = kubernetes_namespace.dnscat2.metadata[0].name # tls_secret_name = var.tls_secret_name # } resource "kubernetes_deployment" "dnscat2" { metadata { name = "dnscat2" - namespace = "dnscat2" + namespace = kubernetes_namespace.dnscat2.metadata[0].name labels = { app = "dnscat2" } @@ -43,7 +43,7 @@ resource "kubernetes_deployment" "dnscat2" { stdin = true tty = true port { - name="dns" + name = "dns" container_port = 53 protocol = "UDP" } @@ -60,7 +60,7 @@ resource "kubernetes_deployment" "dnscat2" { resource "kubernetes_service" "dnscat2" { metadata { name = "dnscat2" - namespace = "dnscat2" + namespace = kubernetes_namespace.dnscat2.metadata[0].name labels = { "app" = "dnscat2" } diff --git a/modules/kubernetes/dnscrypt/main.tf b/modules/kubernetes/dnscrypt/main.tf index 753d5ce9..1eec6158 100644 --- a/modules/kubernetes/dnscrypt/main.tf +++ b/modules/kubernetes/dnscrypt/main.tf @@ -7,7 +7,7 @@ resource "kubernetes_namespace" "dnscrypt" { resource "kubernetes_config_map" "dnscrypt" { metadata { name = "dnscrypt-proxy-configmap" - namespace = "dnscrypt" + namespace = kubernetes_namespace.dnscrypt.metadata[0].name } data = { "dnscrypt-proxy.toml" = var.dnscrypt_proxy_toml @@ -17,7 +17,7 @@ resource "kubernetes_config_map" "dnscrypt" { resource "kubernetes_deployment" "dnscrypt" { metadata { name = "dnscrypt-proxy" - namespace = "dnscrypt" + namespace = kubernetes_namespace.dnscrypt.metadata[0].name labels = { app = "dnscrypt-proxy" "kubernetes.io/cluster-service" = "true" @@ -69,7 +69,7 @@ resource "kubernetes_deployment" "dnscrypt" { resource "kubernetes_service" "dnscrypt" { metadata { name = "dnscrypt-proxy" - namespace = "dnscrypt" + namespace = kubernetes_namespace.dnscrypt.metadata[0].name labels = { "app" = "dnscrypt-proxy" } diff --git a/modules/kubernetes/drone/main.tf b/modules/kubernetes/drone/main.tf index 1db2ebbb..de9c02a6 100644 --- a/modules/kubernetes/drone/main.tf +++ b/modules/kubernetes/drone/main.tf @@ -23,14 +23,14 @@ resource "kubernetes_namespace" "drone" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_config_map" "git_crypt_key" { metadata { name = "git-crypt-key" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name } data = { @@ -41,7 +41,7 @@ resource "kubernetes_config_map" "git_crypt_key" { resource "kubernetes_deployment" "drone_server" { metadata { name = "drone-server" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name labels = { app = "drone" } @@ -136,7 +136,7 @@ resource "kubernetes_deployment" "drone_server" { resource "kubernetes_service" "drone" { metadata { name = "drone" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name labels = { app = "drone" } @@ -155,7 +155,7 @@ resource "kubernetes_service" "drone" { module "ingress" { source = "../ingress_factory" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name name = "drone" tls_secret_name = var.tls_secret_name # protected = true @@ -196,7 +196,7 @@ resource "kubernetes_cluster_role_binding" "drone" { subject { kind = "ServiceAccount" name = "default" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name } role_ref { kind = "ClusterRole" @@ -209,7 +209,7 @@ resource "kubernetes_cluster_role_binding" "drone" { resource "kubernetes_deployment" "drone_runner" { metadata { name = "drone-runner" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name labels = { app = "drone-runner" } @@ -284,7 +284,7 @@ resource "kubernetes_deployment" "drone_runner" { resource "kubernetes_deployment" "drone_runner_secret" { metadata { name = "drone-runner-secret" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name labels = { app = "drone-runner-secret" } @@ -339,7 +339,7 @@ resource "kubernetes_deployment" "drone_runner_secret" { resource "kubernetes_service" "drone_runner_secret" { metadata { name = "drone-runner-secret" - namespace = "drone" + namespace = kubernetes_namespace.drone.metadata[0].name labels = { app = "drone-runner-secret" } diff --git a/modules/kubernetes/echo/main.tf b/modules/kubernetes/echo/main.tf index 015b9f7b..e668d87c 100644 --- a/modules/kubernetes/echo/main.tf +++ b/modules/kubernetes/echo/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "echo" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "echo" + namespace = kubernetes_namespace.echo.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "echo" { metadata { name = "echo" - namespace = "echo" + namespace = kubernetes_namespace.echo.metadata[0].name labels = { app = "echo" } @@ -55,7 +55,7 @@ resource "kubernetes_deployment" "echo" { resource "kubernetes_service" "echo" { metadata { name = "echo" - namespace = "echo" + namespace = kubernetes_namespace.echo.metadata[0].name labels = { "app" = "echo" } @@ -75,7 +75,7 @@ resource "kubernetes_service" "echo" { module "ingress" { source = "../ingress_factory" - namespace = "echo" + namespace = kubernetes_namespace.echo.metadata[0].name name = "echo" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/excalidraw/main.tf b/modules/kubernetes/excalidraw/main.tf index 979e34ad..206f8879 100644 --- a/modules/kubernetes/excalidraw/main.tf +++ b/modules/kubernetes/excalidraw/main.tf @@ -1,6 +1,6 @@ variable "tls_secret_name" {} -resource "kubernetes_namespace" "finance_app" { +resource "kubernetes_namespace" "excalidraw" { metadata { name = "excalidraw" labels = { @@ -12,14 +12,14 @@ resource "kubernetes_namespace" "finance_app" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "excalidraw" + namespace = kubernetes_namespace.excalidraw.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "excalidraw" { metadata { name = "excalidraw" - namespace = "excalidraw" + namespace = kubernetes_namespace.excalidraw.metadata[0].name labels = { app = "excalidraw" } @@ -54,7 +54,7 @@ resource "kubernetes_deployment" "excalidraw" { resource "kubernetes_service" "draw" { metadata { name = "draw" - namespace = "excalidraw" + namespace = kubernetes_namespace.excalidraw.metadata[0].name labels = { app = "excalidraw" } @@ -73,7 +73,7 @@ resource "kubernetes_service" "draw" { module "ingress" { source = "../ingress_factory" - namespace = "excalidraw" + namespace = kubernetes_namespace.excalidraw.metadata[0].name name = "draw" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/f1-stream/main.tf b/modules/kubernetes/f1-stream/main.tf index 6239e9ac..bb0569bb 100644 --- a/modules/kubernetes/f1-stream/main.tf +++ b/modules/kubernetes/f1-stream/main.tf @@ -12,7 +12,7 @@ resource "kubernetes_namespace" "f1-stream" { resource "kubernetes_deployment" "f1-stream" { metadata { name = "f1-stream" - namespace = "f1-stream" + namespace = kubernetes_namespace.f1-stream.metadata[0].name labels = { app = "f1-stream" } @@ -57,7 +57,7 @@ resource "kubernetes_deployment" "f1-stream" { resource "kubernetes_service" "f1-stream" { metadata { name = "f1" - namespace = "f1-stream" + namespace = kubernetes_namespace.f1-stream.metadata[0].name labels = { "app" = "f1-stream" } @@ -75,14 +75,14 @@ resource "kubernetes_service" "f1-stream" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "f1-stream" + namespace = kubernetes_namespace.f1-stream.metadata[0].name tls_secret_name = var.tls_secret_name } module "ingress" { source = "../ingress_factory" - namespace = "f1-stream" + namespace = kubernetes_namespace.f1-stream.metadata[0].name name = "f1" tls_secret_name = var.tls_secret_name extra_annotations = { diff --git a/modules/kubernetes/finance_app/main.tf b/modules/kubernetes/finance_app/main.tf index feccb7d4..b2539e4d 100644 --- a/modules/kubernetes/finance_app/main.tf +++ b/modules/kubernetes/finance_app/main.tf @@ -23,7 +23,7 @@ resource "kubernetes_namespace" "finance_app" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "finance-app" + namespace = kubernetes_namespace.finance_app.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -49,7 +49,7 @@ module "tls_secret" { # resource "kubernetes_persistent_volume_claim" "finance_app_pvc" { # metadata { # name = "finance-iscsi-pvc" -# namespace = "finance-app" +# namespace = kubernetes_namespace.finance_app.metadata[0].name # } # spec { # access_modes = ["ReadWriteOnce"] @@ -64,7 +64,7 @@ module "tls_secret" { resource "kubernetes_deployment" "finance_app" { metadata { name = "finance-app" - namespace = "finance-app" + namespace = kubernetes_namespace.finance_app.metadata[0].name labels = { app = "finance-app" } @@ -175,7 +175,7 @@ resource "kubernetes_deployment" "finance_app" { resource "kubernetes_deployment" "finance_app_frontend" { metadata { name = "finance-app-frontend" - namespace = "finance-app" + namespace = kubernetes_namespace.finance_app.metadata[0].name labels = { app = "finance-app-frontend" } @@ -210,7 +210,7 @@ resource "kubernetes_deployment" "finance_app_frontend" { resource "kubernetes_service" "finance_app" { metadata { name = "finance-app" - namespace = "finance-app" + namespace = kubernetes_namespace.finance_app.metadata[0].name labels = { app = "finance-app" } @@ -230,7 +230,7 @@ resource "kubernetes_service" "finance_app" { resource "kubernetes_service" "finance_app_frontend" { metadata { name = "finance-app-frontend" - namespace = "finance-app" + namespace = kubernetes_namespace.finance_app.metadata[0].name labels = { app = "finance-app-frontend" } @@ -250,7 +250,7 @@ resource "kubernetes_service" "finance_app_frontend" { resource "kubernetes_ingress_v1" "finance_app" { metadata { name = "finance-app" - namespace = "finance-app" + namespace = kubernetes_namespace.finance_app.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" #"nginx.ingress.kubernetes.io/auth-url"= "https://oauth-provider/auth" diff --git a/modules/kubernetes/forgejo/main.tf b/modules/kubernetes/forgejo/main.tf index 84aaaf24..e495b8a6 100644 --- a/modules/kubernetes/forgejo/main.tf +++ b/modules/kubernetes/forgejo/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "forgejo" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "forgejo" + namespace = kubernetes_namespace.forgejo.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "forgejo" { metadata { name = "forgejo" - namespace = "forgejo" + namespace = kubernetes_namespace.forgejo.metadata[0].name labels = { app = "forgejo" } @@ -76,7 +76,7 @@ resource "kubernetes_deployment" "forgejo" { resource "kubernetes_service" "forgejo" { metadata { name = "forgejo" - namespace = "forgejo" + namespace = kubernetes_namespace.forgejo.metadata[0].name labels = { "app" = "forgejo" } @@ -94,7 +94,7 @@ resource "kubernetes_service" "forgejo" { } module "ingress" { source = "../ingress_factory" - namespace = "forgejo" + namespace = kubernetes_namespace.forgejo.metadata[0].name name = "forgejo" tls_secret_name = var.tls_secret_name extra_annotations = { diff --git a/modules/kubernetes/frigate/main.tf b/modules/kubernetes/frigate/main.tf index 248696dc..261b75bb 100644 --- a/modules/kubernetes/frigate/main.tf +++ b/modules/kubernetes/frigate/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "frigate" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "frigate" + namespace = kubernetes_namespace.frigate.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "frigate" { metadata { name = "frigate" - namespace = "frigate" + namespace = kubernetes_namespace.frigate.metadata[0].name labels = { app = "frigate" } @@ -132,7 +132,7 @@ resource "kubernetes_deployment" "frigate" { resource "kubernetes_service" "frigate" { metadata { name = "frigate" - namespace = "frigate" + namespace = kubernetes_namespace.frigate.metadata[0].name labels = { "app" = "frigate" } @@ -154,7 +154,7 @@ resource "kubernetes_service" "frigate" { resource "kubernetes_service" "frigate-rtsp" { metadata { name = "frigate-rtsp" - namespace = "frigate" + namespace = kubernetes_namespace.frigate.metadata[0].name labels = { "app" = "frigate" } @@ -184,7 +184,7 @@ resource "kubernetes_service" "frigate-rtsp" { module "ingress" { source = "../ingress_factory" - namespace = "frigate" + namespace = kubernetes_namespace.frigate.metadata[0].name name = "frigate" tls_secret_name = var.tls_secret_name protected = true @@ -206,7 +206,7 @@ module "ingress" { module "ingress-internal" { source = "../ingress_factory" - namespace = "frigate" + namespace = kubernetes_namespace.frigate.metadata[0].name name = "frigate-lan" host = "frigate-lan" root_domain = "viktorbarzin.lan" diff --git a/modules/kubernetes/hackmd/main.tf b/modules/kubernetes/hackmd/main.tf index 36fda63d..0d3d6490 100644 --- a/modules/kubernetes/hackmd/main.tf +++ b/modules/kubernetes/hackmd/main.tf @@ -12,14 +12,14 @@ resource "kubernetes_namespace" "hackmd" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "hackmd" + namespace = kubernetes_namespace.hackmd.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "hackmd" { metadata { name = "hackmd" - namespace = "hackmd" + namespace = kubernetes_namespace.hackmd.metadata[0].name labels = { app = "hackmd" "kubernetes.io/cluster-service" = "true" @@ -127,7 +127,7 @@ resource "kubernetes_deployment" "hackmd" { resource "kubernetes_service" "hackmd" { metadata { name = "hackmd" - namespace = "hackmd" + namespace = kubernetes_namespace.hackmd.metadata[0].name labels = { "app" = "hackmd" } @@ -145,7 +145,7 @@ resource "kubernetes_service" "hackmd" { } module "ingress" { source = "../ingress_factory" - namespace = "hackmd" + namespace = kubernetes_namespace.hackmd.metadata[0].name name = "hackmd" tls_secret_name = var.tls_secret_name extra_annotations = { diff --git a/modules/kubernetes/home_assistant/main.tf b/modules/kubernetes/home_assistant/main.tf index a26f3910..38a9119b 100644 --- a/modules/kubernetes/home_assistant/main.tf +++ b/modules/kubernetes/home_assistant/main.tf @@ -11,7 +11,7 @@ resource "kubernetes_namespace" "home_assistant" { resource "kubernetes_config_map" "home_assistant_config_map" { metadata { name = "home-assistant-configmap" - namespace = "home-assistant" + namespace = kubernetes_namespace.home_assistant.metadata[0].name annotations = { "reloader.stakater.com/match" = "true" @@ -28,12 +28,12 @@ resource "kubernetes_config_map" "home_assistant_config_map" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "home-assistant" + namespace = kubernetes_namespace.home_assistant.metadata[0].name tls_secret_name = var.tls_secret_name } resource "helm_release" "home_assistant" { - namespace = "home-assistant" + namespace = kubernetes_namespace.home_assistant.metadata[0].name create_namespace = true name = "home-assistant" @@ -46,7 +46,7 @@ resource "helm_release" "home_assistant" { resource "kubernetes_deployment" "home_assistant" { metadata { name = "home-assistant" - namespace = "home-assistant" + namespace = kubernetes_namespace.home_assistant.metadata[0].name labels = { "app.kubernetes.io/instance" = "home-assistant" @@ -158,7 +158,7 @@ resource "kubernetes_deployment" "home_assistant" { resource "kubernetes_service" "home_assistant" { metadata { name = "home-assistant" - namespace = "home-assistant" + namespace = kubernetes_namespace.home_assistant.metadata[0].name labels = { "app.kubernetes.io/instance" = "home-assistant" @@ -204,7 +204,7 @@ resource "kubernetes_service" "home_assistant" { resource "kubernetes_ingress_v1" "home-assistant-ui" { metadata { name = "home-assistant-ui-ingress" - namespace = "home-assistant" + namespace = kubernetes_namespace.home_assistant.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true" diff --git a/modules/kubernetes/homepage/main.tf b/modules/kubernetes/homepage/main.tf index a61592b1..ecdc421a 100644 --- a/modules/kubernetes/homepage/main.tf +++ b/modules/kubernetes/homepage/main.tf @@ -3,7 +3,7 @@ variable "tls_secret_name" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "homepage" + namespace = kubernetes_namespace.homepage.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -17,7 +17,7 @@ resource "kubernetes_namespace" "homepage" { } resource "helm_release" "homepage" { - namespace = "homepage" + namespace = kubernetes_namespace.homepage.metadata[0].name create_namespace = false name = "homepage" atomic = true diff --git a/modules/kubernetes/immich/main.tf b/modules/kubernetes/immich/main.tf index 3468c1e1..19522715 100644 --- a/modules/kubernetes/immich/main.tf +++ b/modules/kubernetes/immich/main.tf @@ -10,7 +10,7 @@ variable "immich_version" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -23,7 +23,7 @@ resource "kubernetes_namespace" "immich" { resource "kubernetes_deployment" "immich_server" { metadata { name = "immich-server" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name labels = { app = "immich-server" @@ -215,7 +215,7 @@ resource "kubernetes_deployment" "immich_server" { resource "kubernetes_service" "immich-server" { metadata { name = "immich-server" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name labels = { "app" = "immich-server" } @@ -234,7 +234,7 @@ resource "kubernetes_service" "immich-server" { resource "kubernetes_deployment" "immich-postgres" { metadata { name = "immich-postgresql" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name } spec { replicas = 1 @@ -298,7 +298,7 @@ resource "kubernetes_deployment" "immich-postgres" { resource "kubernetes_service" "immich-postgresql" { metadata { name = "immich-postgresql" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name labels = { "app" = "immich-postgresql" } @@ -317,7 +317,7 @@ resource "kubernetes_service" "immich-postgresql" { # If you're having issuewith typesens container exiting prematurely, increase liveliness check # resource "helm_release" "immich" { -# namespace = "immich" +# namespace = kubernetes_namespace.immich.metadata[0].name # name = "immich" # repository = "https://immich-app.github.io/immich-charts" @@ -333,7 +333,7 @@ resource "kubernetes_service" "immich-postgresql" { resource "kubernetes_deployment" "immich-machine-learning" { metadata { name = "immich-machine-learning" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name } spec { replicas = 1 @@ -407,7 +407,7 @@ resource "kubernetes_deployment" "immich-machine-learning" { resource "kubernetes_service" "immich-machine-learning" { metadata { name = "immich-machine-learning" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name labels = { "app" = "immich-machine-learning" } @@ -425,7 +425,7 @@ resource "kubernetes_service" "immich-machine-learning" { resource "kubernetes_ingress_v1" "ingress" { metadata { - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name name = "immich" annotations = { # NOTE: when changing - test video playback from mobile and web! @@ -528,7 +528,7 @@ resource "kubernetes_ingress_v1" "ingress" { resource "kubernetes_cron_job_v1" "postgresql-backup" { metadata { name = "postgresql-backup" - namespace = "immich" + namespace = kubernetes_namespace.immich.metadata[0].name } spec { concurrency_policy = "Replace" @@ -581,7 +581,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" { # resource "kubernetes_deployment" "powertools" { # metadata { # name = "immich-powertools" -# namespace = "immich" +# namespace = kubernetes_namespace.immich.metadata[0].name # labels = { # app = "immich-powertools" # } @@ -665,7 +665,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" { # resource "kubernetes_service" "powertools" { # metadata { # name = "immich-powertools" -# namespace = "immich" +# namespace = kubernetes_namespace.immich.metadata[0].name # labels = { # "app" = "immich-powertools" # } @@ -686,7 +686,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" { # module "ingress-powertools" { # source = "../ingress_factory" -# namespace = "immich" +# namespace = kubernetes_namespace.immich.metadata[0].name # name = "immich-powertools" # tls_secret_name = var.tls_secret_name # protected = true diff --git a/modules/kubernetes/isponsorblocktv/main.tf b/modules/kubernetes/isponsorblocktv/main.tf index d34c4314..40773697 100644 --- a/modules/kubernetes/isponsorblocktv/main.tf +++ b/modules/kubernetes/isponsorblocktv/main.tf @@ -15,7 +15,7 @@ resource "kubernetes_namespace" "isponsorblocktv" { resource "kubernetes_deployment" "isponsorblocktv-vermont" { metadata { name = "isponsorblocktv-vermont" - namespace = "isponsorblocktv" + namespace = kubernetes_namespace.isponsorblocktv.metadata[0].name labels = { app = "isponsorblocktv-vermont" } diff --git a/modules/kubernetes/istio/main.tf b/modules/kubernetes/istio/main.tf index 5c964582..3f3021d8 100644 --- a/modules/kubernetes/istio/main.tf +++ b/modules/kubernetes/istio/main.tf @@ -8,13 +8,13 @@ resource "kubernetes_namespace" "istio" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "istio-system" + namespace = kubernetes_namespace.istio.metadata[0].name tls_secret_name = var.tls_secret_name } # to delete all CRDS: kubectl get crd -oname | grep --color=never 'istio.io' | xargs kubectl delete resource "helm_release" "istio-base" { - namespace = "istio-system" + namespace = kubernetes_namespace.istio.metadata[0].name create_namespace = false name = "istio-base" atomic = true @@ -25,7 +25,7 @@ resource "helm_release" "istio-base" { } resource "helm_release" "istiod" { - namespace = "istio-system" + namespace = kubernetes_namespace.istio.metadata[0].name create_namespace = false name = "istiod" atomic = true @@ -36,7 +36,7 @@ resource "helm_release" "istiod" { } resource "helm_release" "istio-gateway" { - namespace = "istio-system" + namespace = kubernetes_namespace.istio.metadata[0].name create_namespace = false name = "istio-gateway" atomic = true @@ -48,7 +48,7 @@ resource "helm_release" "istio-gateway" { # Kiali dashboard resource "helm_release" "kiali" { - namespace = "istio-system" + namespace = kubernetes_namespace.istio.metadata[0].name create_namespace = false name = "kiali" atomic = true @@ -71,7 +71,7 @@ resource "helm_release" "kiali" { resource "kubernetes_secret" "kiali-token" { metadata { name = "kiali-secret" - namespace = "istio-system" + namespace = kubernetes_namespace.istio.metadata[0].name annotations = { "kubernetes.io/service-account.name" : "kiali-service-account" } @@ -83,7 +83,7 @@ resource "kubernetes_secret" "kiali-token" { # resource "kubernetes_ingress_v1" "kiali" { # metadata { # name = "kiali" -# namespace = "istio-system" +# namespace = kubernetes_namespace.istio.metadata[0].name # annotations = { # "kubernetes.io/ingress.class" = "nginx" # "nginx.ingress.kubernetes.io/auth-url" : "https://oauth2.viktorbarzin.me/oauth2/auth" diff --git a/modules/kubernetes/jellyfin/main.tf b/modules/kubernetes/jellyfin/main.tf index 664a2edb..eb7decb7 100644 --- a/modules/kubernetes/jellyfin/main.tf +++ b/modules/kubernetes/jellyfin/main.tf @@ -8,14 +8,14 @@ resource "kubernetes_namespace" "jellyfin" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "jellyfin" + namespace = kubernetes_namespace.jellyfin.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "jellyfin" { metadata { name = "jellyfin" - namespace = "jellyfin" + namespace = kubernetes_namespace.jellyfin.metadata[0].name labels = { app = "jellyfin" } @@ -89,7 +89,7 @@ resource "kubernetes_deployment" "jellyfin" { resource "kubernetes_service" "jellyfin" { metadata { name = "jellyfin" - namespace = "jellyfin" + namespace = kubernetes_namespace.jellyfin.metadata[0].name labels = { "app" = "jellyfin" } @@ -111,7 +111,7 @@ resource "kubernetes_service" "jellyfin" { resource "kubernetes_ingress_v1" "jellyfin" { metadata { name = "jellyfin" - namespace = "jellyfin" + namespace = kubernetes_namespace.jellyfin.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/proxy-body-size" : "5000m" diff --git a/modules/kubernetes/jsoncrack/main.tf b/modules/kubernetes/jsoncrack/main.tf index ee08b9f2..db5d8df3 100644 --- a/modules/kubernetes/jsoncrack/main.tf +++ b/modules/kubernetes/jsoncrack/main.tf @@ -10,14 +10,14 @@ resource "kubernetes_namespace" "jsoncrack" { } module "tls_secret" { source = "../setup_tls_secret" - namespace = "jsoncrack" + namespace = kubernetes_namespace.jsoncrack.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "jsoncrack" { metadata { name = "jsoncrack" - namespace = "jsoncrack" + namespace = kubernetes_namespace.jsoncrack.metadata[0].name labels = { app = "jsoncrack" } @@ -51,7 +51,7 @@ resource "kubernetes_deployment" "jsoncrack" { resource "kubernetes_service" "jsoncrack" { metadata { name = "json" - namespace = "jsoncrack" + namespace = kubernetes_namespace.jsoncrack.metadata[0].name labels = { "app" = "jsoncrack" } @@ -72,7 +72,7 @@ resource "kubernetes_service" "jsoncrack" { module "ingress" { source = "../ingress_factory" - namespace = "jsoncrack" + namespace = kubernetes_namespace.jsoncrack.metadata[0].name name = "json" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/k8s-dashboard/main.tf b/modules/kubernetes/k8s-dashboard/main.tf index 91de202b..ac815daf 100644 --- a/modules/kubernetes/k8s-dashboard/main.tf +++ b/modules/kubernetes/k8s-dashboard/main.tf @@ -32,12 +32,12 @@ resource "kubernetes_namespace" "k8s-dashboard" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name tls_secret_name = var.tls_secret_name } resource "helm_release" "kubernetes-dashboard" { - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name name = "kubernetes-dashboard" repository = "https://kubernetes.github.io/dashboard/" @@ -68,7 +68,7 @@ resource "helm_release" "kubernetes-dashboard" { # resource "kubernetes_secret" "dashboard-token" { # metadata { # name = "dashboard-secret" -# namespace = "kubernetes-dashboard" +# namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name # annotations = { # "kubernetes.io/service-account.name" : "kubernetes-dashboard" # } @@ -79,7 +79,7 @@ resource "helm_release" "kubernetes-dashboard" { module "ingress" { source = "../ingress_factory" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name name = "kubernetes-dashboard" service_name = "kubernetes-dashboard-kong-proxy" host = "k8s" @@ -94,7 +94,7 @@ module "ingress" { resource "kubernetes_service_account" "kubernetes-dashboard" { metadata { name = "kubernetes-dashboard" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name } } @@ -111,7 +111,7 @@ resource "kubernetes_cluster_role_binding" "kubernetes-dashboard" { subject { kind = "ServiceAccount" name = "kubernetes-dashboard" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name } # depends_on = [module.dashboard] } @@ -119,7 +119,7 @@ resource "kubernetes_cluster_role_binding" "kubernetes-dashboard" { resource "kubernetes_secret" "kubernetes-dashboard-admin-token" { metadata { name = "kubernetes-dashboard-admin" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name annotations = { "kubernetes.io/service-account.name" : "kubernetes-dashboard" } @@ -213,21 +213,21 @@ resource "kubernetes_cluster_role_binding" "kubernetes-dashboard-viewonly" { subject { kind = "ServiceAccount" name = "kubernetes-dashboard-viewonly" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name } } resource "kubernetes_service_account" "kubernetes-dashboard-viewonly" { metadata { name = "kubernetes-dashboard-viewonly" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name } } resource "kubernetes_secret" "kubernetes-dashboard-viewonly-token" { metadata { name = "kubernetes-dashboard-viewonly" - namespace = "kubernetes-dashboard" + namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name annotations = { "kubernetes.io/service-account.name" : "kubernetes-dashboard-viewonly" } diff --git a/modules/kubernetes/kafka/main.tf b/modules/kubernetes/kafka/main.tf index 7d5e746c..51e15d5c 100644 --- a/modules/kubernetes/kafka/main.tf +++ b/modules/kubernetes/kafka/main.tf @@ -3,12 +3,12 @@ variable "client_certificate_secret_name" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "kafka" + namespace = kubernetes_namespace.kafka.metadata[0].name tls_secret_name = var.tls_secret_name } resource "helm_release" "kafka" { - namespace = "kafka" + namespace = kubernetes_namespace.kafka.metadata[0].name create_namespace = true name = "kafka" @@ -21,7 +21,7 @@ resource "helm_release" "kafka" { resource "kubernetes_deployment" "kafka-ui" { metadata { name = "kafka-ui" - namespace = "kafka" + namespace = kubernetes_namespace.kafka.metadata[0].name labels = { run = "kafka-ui" } @@ -77,7 +77,7 @@ resource "kubernetes_deployment" "kafka-ui" { resource "kubernetes_service" "kafka-ui" { metadata { name = "kafka-ui" - namespace = "kafka" + namespace = kubernetes_namespace.kafka.metadata[0].name labels = { "run" = "kafka-ui" } @@ -108,7 +108,7 @@ resource "kubernetes_service" "kafka-ui" { resource "kubernetes_ingress_v1" "kafka-ui" { metadata { name = "kafka-ui-ingress" - namespace = "kafka" + namespace = kubernetes_namespace.kafka.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true" diff --git a/modules/kubernetes/kms/main.tf b/modules/kubernetes/kms/main.tf index ebecd53d..4d6d703b 100644 --- a/modules/kubernetes/kms/main.tf +++ b/modules/kubernetes/kms/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "kms" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_config_map" "kms-web-page" { metadata { name = "kms-web-page-config" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name } data = { "index.html" = var.index_html @@ -28,7 +28,7 @@ resource "kubernetes_config_map" "kms-web-page" { resource "kubernetes_deployment" "kms-web-page" { metadata { name = "kms-web-page" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name labels = { "app" = "kms-web-page" "kubernetes.io/cluster-service" = "true" @@ -92,7 +92,7 @@ resource "kubernetes_deployment" "kms-web-page" { resource "kubernetes_service" "kms-web-page" { metadata { name = "kms" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name labels = { "app" = "kms-web-page" } @@ -111,7 +111,7 @@ resource "kubernetes_service" "kms-web-page" { module "ingress" { source = "../ingress_factory" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name name = "kms" tls_secret_name = var.tls_secret_name } @@ -119,7 +119,7 @@ module "ingress" { resource "kubernetes_deployment" "windows_kms" { metadata { name = "kms" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name labels = { app = "kms-service" } @@ -163,7 +163,7 @@ resource "kubernetes_deployment" "windows_kms" { resource "kubernetes_service" "windows_kms" { metadata { name = "windows-kms" - namespace = "kms" + namespace = kubernetes_namespace.kms.metadata[0].name labels = { app = "kms-service" } diff --git a/modules/kubernetes/kured/main.tf b/modules/kubernetes/kured/main.tf index f179524c..4e997fa7 100644 --- a/modules/kubernetes/kured/main.tf +++ b/modules/kubernetes/kured/main.tf @@ -12,12 +12,12 @@ resource "kubernetes_namespace" "kured" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "kured" + namespace = kubernetes_namespace.kured.metadata[0].name tls_secret_name = var.tls_secret_name } resource "helm_release" "kured" { - namespace = "kured" + namespace = kubernetes_namespace.kured.metadata[0].name create_namespace = false name = "kured" diff --git a/modules/kubernetes/linkwarden/main.tf b/modules/kubernetes/linkwarden/main.tf index f92d2725..b16a3fff 100644 --- a/modules/kubernetes/linkwarden/main.tf +++ b/modules/kubernetes/linkwarden/main.tf @@ -11,7 +11,7 @@ resource "kubernetes_namespace" "linkwarden" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "linkwarden" + namespace = kubernetes_namespace.linkwarden.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -24,7 +24,7 @@ resource "random_string" "secret" { resource "kubernetes_deployment" "linkwarden" { metadata { name = "linkwarden" - namespace = "linkwarden" + namespace = kubernetes_namespace.linkwarden.metadata[0].name labels = { app = "linkwarden" } @@ -93,7 +93,7 @@ resource "kubernetes_deployment" "linkwarden" { resource "kubernetes_service" "linkwarden" { metadata { name = "linkwarden" - namespace = "linkwarden" + namespace = kubernetes_namespace.linkwarden.metadata[0].name labels = { app = "linkwarden" } @@ -113,7 +113,7 @@ resource "kubernetes_service" "linkwarden" { module "ingress" { source = "../ingress_factory" - namespace = "linkwarden" + namespace = kubernetes_namespace.linkwarden.metadata[0].name name = "linkwarden" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/mailserver/main.tf b/modules/kubernetes/mailserver/main.tf index 50521baf..2e1b3805 100644 --- a/modules/kubernetes/mailserver/main.tf +++ b/modules/kubernetes/mailserver/main.tf @@ -16,14 +16,14 @@ resource "kubernetes_namespace" "mailserver" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "mailserver" + namespace = kubernetes_namespace.mailserver.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_config_map" "mailserver_env_config" { metadata { name = "mailserver.env.config" - namespace = "mailserver" + namespace = kubernetes_namespace.mailserver.metadata[0].name labels = { app = "mailserver" } @@ -61,7 +61,7 @@ resource "kubernetes_config_map" "mailserver_env_config" { resource "kubernetes_config_map" "mailserver_config" { metadata { name = "mailserver.config" - namespace = "mailserver" + namespace = kubernetes_namespace.mailserver.metadata[0].name labels = { app = "mailserver" @@ -98,7 +98,7 @@ resource "kubernetes_config_map" "mailserver_config" { # resource "kubernetes_config_map" "user_patches" { # metadata { # name = "user-patches" -# namespace = "mailserver" +# namespace = kubernetes_namespace.mailserver.metadata[0].name # labels = { # "app" = "mailserver" # } @@ -116,7 +116,7 @@ resource "kubernetes_config_map" "mailserver_config" { resource "kubernetes_secret" "opendkim_key" { metadata { name = "mailserver.opendkim.key" - namespace = "mailserver" + namespace = kubernetes_namespace.mailserver.metadata[0].name labels = { "app" = "mailserver" } @@ -131,7 +131,7 @@ resource "kubernetes_secret" "opendkim_key" { resource "kubernetes_deployment" "mailserver" { metadata { name = "mailserver" - namespace = "mailserver" + namespace = kubernetes_namespace.mailserver.metadata[0].name labels = { "app" = "mailserver" } @@ -383,7 +383,7 @@ resource "kubernetes_deployment" "mailserver" { resource "kubernetes_service" "mailserver" { metadata { name = "mailserver" - namespace = "mailserver" + namespace = kubernetes_namespace.mailserver.metadata[0].name labels = { app = "mailserver" diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf index 2c80d020..dbbf5bf9 100644 --- a/modules/kubernetes/main.tf +++ b/modules/kubernetes/main.tf @@ -122,9 +122,9 @@ variable "defcon_level" { } locals { defcon_modules = { - 1 : ["wireguard", "technitium", "headscale", "nginx-ingress", "xray", "authentik", "cloudflare", "authelia"], # Critical connectivity services - 2 : ["vaultwarden", "redis", "immich", "nvidia", "metrics-server", "uptime-kuma", "crowdsec"], # Storage and other db services - 3 : ["k8s-dashboard", "reverse-proxy"], # Cluster admin services + 1 : ["wireguard", "technitium", "headscale", "nginx-ingress", "xray", "authentik", "cloudflare", "authelia", "monitoring"], # Critical connectivity services + 2 : ["vaultwarden", "redis", "immich", "nvidia", "metrics-server", "uptime-kuma", "crowdsec"], # Storage and other db services + 3 : ["k8s-dashboard", "reverse-proxy"], # Cluster admin services 4 : [ "mailserver", "shadowsocks", "webhook_handler", "tuya-bridge", "dawarich", "owntracks", "nextcloud", "calibre", "onlyoffice", "f1-stream", "rybbit", "isponsorblocktv", "actualbudget" @@ -147,7 +147,7 @@ locals { resource "null_resource" "core_services" { # List all the core modules that must be provisioned first depends_on = [ - module.metallb, module.dbaas, module.monitoring, module.technitium, module.vaultwarden, module.reverse-proxy, + module.metallb, module.dbaas, module.technitium, module.vaultwarden, module.reverse-proxy, module.redis, module.nginx-ingress, module.crowdsec, module.cloudflared, module.metrics-server, module.authentik, module.nvidia, ] @@ -263,6 +263,7 @@ module "metallb" { module "monitoring" { source = "./monitoring" tls_secret_name = var.tls_secret_name + for_each = contains(local.active_modules, "monitoring") ? { monitoring = true } : {} alertmanager_account_password = var.alertmanager_account_password idrac_username = var.idrac_username idrac_password = var.idrac_password diff --git a/modules/kubernetes/matrix/main.tf b/modules/kubernetes/matrix/main.tf index b15cb947..bd025f73 100644 --- a/modules/kubernetes/matrix/main.tf +++ b/modules/kubernetes/matrix/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "matrix" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "matrix" + namespace = kubernetes_namespace.matrix.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "matrix" { metadata { name = "matrix" - namespace = "matrix" + namespace = kubernetes_namespace.matrix.metadata[0].name labels = { app = "matrix" } @@ -71,7 +71,7 @@ resource "kubernetes_deployment" "matrix" { resource "kubernetes_service" "matrix" { metadata { name = "matrix" - namespace = "matrix" + namespace = kubernetes_namespace.matrix.metadata[0].name labels = { "app" = "matrix" } @@ -91,7 +91,7 @@ resource "kubernetes_service" "matrix" { module "ingress" { source = "../ingress_factory" - namespace = "matrix" + namespace = kubernetes_namespace.matrix.metadata[0].name name = "matrix" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/meshcentral/main.tf b/modules/kubernetes/meshcentral/main.tf index 37bce988..12609f05 100644 --- a/modules/kubernetes/meshcentral/main.tf +++ b/modules/kubernetes/meshcentral/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "meshcentral" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "meshcentral" + namespace = kubernetes_namespace.meshcentral.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "meshcentral" { metadata { name = "meshcentral" - namespace = "meshcentral" + namespace = kubernetes_namespace.meshcentral.metadata[0].name labels = { app = "meshcentral" } @@ -120,7 +120,7 @@ resource "kubernetes_deployment" "meshcentral" { resource "kubernetes_service" "meshcentral" { metadata { name = "meshcentral" - namespace = "meshcentral" + namespace = kubernetes_namespace.meshcentral.metadata[0].name labels = { "app" = "meshcentral" } @@ -140,7 +140,7 @@ resource "kubernetes_service" "meshcentral" { module "ingress" { source = "../ingress_factory" - namespace = "meshcentral" + namespace = kubernetes_namespace.meshcentral.metadata[0].name name = "meshcentral" tls_secret_name = var.tls_secret_name port = 443 diff --git a/modules/kubernetes/metrics-server/main.tf b/modules/kubernetes/metrics-server/main.tf index 7de0347f..8e1d0257 100644 --- a/modules/kubernetes/metrics-server/main.tf +++ b/modules/kubernetes/metrics-server/main.tf @@ -11,14 +11,12 @@ resource "kubernetes_namespace" "metrics-server" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "metrics-server" + namespace = kubernetes_namespace.metrics-server.metadata[0].name tls_secret_name = var.tls_secret_name - - depends_on = [kubernetes_namespace.metrics-server] } resource "helm_release" "metrics-server" { - namespace = "metrics-server" + namespace = kubernetes_namespace.metrics-server.metadata[0].name create_namespace = false name = "metrics-server" atomic = true @@ -27,6 +25,4 @@ resource "helm_release" "metrics-server" { chart = "metrics-server" values = [templatefile("${path.module}/values.yaml", {})] - - depends_on = [kubernetes_namespace.metrics-server] } diff --git a/modules/kubernetes/monitoring/grafana.tf b/modules/kubernetes/monitoring/grafana.tf index e31ce1a9..9e96247f 100644 --- a/modules/kubernetes/monitoring/grafana.tf +++ b/modules/kubernetes/monitoring/grafana.tf @@ -43,7 +43,7 @@ resource "kubernetes_persistent_volume" "alertmanager_pv" { # resource "kubernetes_persistent_volume_claim" "grafana_pvc" { # metadata { # name = "grafana-pvc" -# namespace = "monitoring" +# namespace = kubernetes_namespace.monitoring.metadata[0].name # } # spec { # access_modes = ["ReadWriteOnce"] @@ -56,7 +56,7 @@ resource "kubernetes_persistent_volume" "alertmanager_pv" { # } resource "helm_release" "grafana" { - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name create_namespace = true name = "grafana" atomic = true diff --git a/modules/kubernetes/monitoring/idrac.tf b/modules/kubernetes/monitoring/idrac.tf index c527afd3..b539a863 100644 --- a/modules/kubernetes/monitoring/idrac.tf +++ b/modules/kubernetes/monitoring/idrac.tf @@ -2,7 +2,7 @@ resource "kubernetes_config_map" "redfish-config" { metadata { name = "redfish-exporter-config" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name annotations = { "reloader.stakater.com/match" = "true" @@ -28,7 +28,7 @@ resource "kubernetes_config_map" "redfish-config" { resource "kubernetes_deployment" "idrac-redfish" { metadata { name = "idrac-redfish-exporter" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name labels = { app = "idrac-redfish-exporter" } @@ -78,7 +78,7 @@ resource "kubernetes_deployment" "idrac-redfish" { resource "kubernetes_service" "idrac-redfish-exporter" { metadata { name = "idrac-redfish-exporter" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name labels = { "app" = "idrac-redfish-exporter" } @@ -103,7 +103,7 @@ resource "kubernetes_service" "idrac-redfish-exporter" { module "idrac-redfish-exporter-ingress" { source = "../ingress_factory" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name name = "idrac-redfish-exporter" root_domain = "viktorbarzin.lan" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/monitoring/loki.tf b/modules/kubernetes/monitoring/loki.tf index ef782552..2be69371 100644 --- a/modules/kubernetes/monitoring/loki.tf +++ b/modules/kubernetes/monitoring/loki.tf @@ -1,5 +1,5 @@ # resource "helm_release" "loki" { -# namespace = "monitoring" +# namespace = kubernetes_namespace.monitoring.metadata[0].name # create_namespace = true # name = "loki" @@ -54,7 +54,7 @@ # https://grafana.com/docs/alloy/latest/configure/kubernetes/ # resource "helm_release" "alloy" { -# namespace = "monitoring" +# namespace = kubernetes_namespace.monitoring.metadata[0].name # create_namespace = true # name = "alloy" @@ -71,7 +71,7 @@ # for n in $(kbn | awk '{print $1}'); do echo $n; s wizard@$n 'sudo sysctl -w fs.inotify.max_user_watches=2099999999; sudo sysctl -w fs.inotify.max_user_instances=2099999999;sudo sysctl -w fs.inotify.max_queued_events=2099999999'; done # resource "helm_release" "k8s-monitoring" { -# namespace = "monitoring" +# namespace = kubernetes_namespace.monitoring.metadata[0].name # create_namespace = true # name = "k8s-monitoring" diff --git a/modules/kubernetes/monitoring/main.tf b/modules/kubernetes/monitoring/main.tf index 2dc87f89..af3d253b 100644 --- a/modules/kubernetes/monitoring/main.tf +++ b/modules/kubernetes/monitoring/main.tf @@ -15,14 +15,23 @@ variable "haos_api_token" { type = string } variable "pve_password" { type = string } variable "grafana_db_password" { type = string } +resource "kubernetes_namespace" "monitoring" { + metadata { + name = "monitoring" + labels = { + "istio-injection" : "disabled" + } + } +} + module "tls_secret" { source = "../setup_tls_secret" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name tls_secret_name = var.tls_secret_name } # Terraform get angry with the 30k values file :/ use ansible until solved # resource "helm_release" "ups_prometheus_snmp_exporter" { -# namespace = "monitoring" +# namespace = kubernetes_namespace.monitoring.metadata[0].name # create_namespace = true # name = "ups_prometheus_exporter" @@ -67,7 +76,7 @@ resource "kubernetes_cron_job_v1" "monitor_prom" { resource "kubernetes_ingress_v1" "status" { metadata { name = "hetrix-redirect-ingress" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/permanent-redirect" = "https://hetrixtools.com/r/38981b548b5d38b052aca8d01285a3f3/" @@ -101,7 +110,7 @@ resource "kubernetes_ingress_v1" "status" { resource "kubernetes_ingress_v1" "status_yotovski" { metadata { name = "hetrix-yotovski-redirect-ingress" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/permanent-redirect" = "https://hetrixtools.com/r/2ba9d7a5e017794db0fd91f0115a8b3b/" diff --git a/modules/kubernetes/monitoring/prometheus.tf b/modules/kubernetes/monitoring/prometheus.tf index 9f714192..12a00b66 100644 --- a/modules/kubernetes/monitoring/prometheus.tf +++ b/modules/kubernetes/monitoring/prometheus.tf @@ -2,7 +2,7 @@ resource "kubernetes_persistent_volume_claim" "prometheus_server_pvc" { metadata { name = "prometheus-iscsi-pvc" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name } spec { @@ -45,7 +45,7 @@ resource "kubernetes_persistent_volume" "prometheus_server_pvc" { } resource "helm_release" "prometheus" { - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name create_namespace = true name = "prometheus" diff --git a/modules/kubernetes/monitoring/pve_exporter.tf b/modules/kubernetes/monitoring/pve_exporter.tf index 0803176e..af20cd19 100644 --- a/modules/kubernetes/monitoring/pve_exporter.tf +++ b/modules/kubernetes/monitoring/pve_exporter.tf @@ -2,7 +2,7 @@ resource "kubernetes_secret" "pve_exporter_config" { metadata { name = "pve-exporter-config" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name } data = { @@ -19,7 +19,7 @@ resource "kubernetes_secret" "pve_exporter_config" { resource "kubernetes_deployment" "pve_exporter" { metadata { name = "proxmox-exporter" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name } spec { @@ -72,7 +72,7 @@ resource "kubernetes_deployment" "pve_exporter" { resource "kubernetes_service" "proxmox-exporter" { metadata { name = "proxmox-exporter" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name labels = { "app" = "proxmox-exporter" } diff --git a/modules/kubernetes/monitoring/snmp_exporter.tf b/modules/kubernetes/monitoring/snmp_exporter.tf index cf632db9..f8c3eeb3 100644 --- a/modules/kubernetes/monitoring/snmp_exporter.tf +++ b/modules/kubernetes/monitoring/snmp_exporter.tf @@ -12,7 +12,7 @@ https://sbcode.net/prometheus/snmp-generate-huawei/ resource "kubernetes_config_map" "snmp-exporter-yaml" { metadata { name = "snmp-exporter-yaml" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name annotations = { "reloader.stakater.com/match" = "true" @@ -27,7 +27,7 @@ resource "kubernetes_config_map" "snmp-exporter-yaml" { resource "kubernetes_deployment" "snmp-exporter" { metadata { name = "snmp-exporter" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name labels = { app = "snmp-exporter" } @@ -77,7 +77,7 @@ resource "kubernetes_deployment" "snmp-exporter" { resource "kubernetes_service" "snmp-exporter" { metadata { name = "snmp-exporter" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name labels = { "app" = "snmp-exporter" } @@ -102,7 +102,7 @@ resource "kubernetes_service" "snmp-exporter" { module "snmp-exporter-ingress" { source = "../ingress_factory" - namespace = "monitoring" + namespace = kubernetes_namespace.monitoring.metadata[0].name name = "snmp-exporter" root_domain = "viktorbarzin.lan" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/n8n/main.tf b/modules/kubernetes/n8n/main.tf index 8aa8d13b..29cd54d0 100644 --- a/modules/kubernetes/n8n/main.tf +++ b/modules/kubernetes/n8n/main.tf @@ -3,11 +3,11 @@ variable "postgresql_password" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "n8n" + namespace = kubernetes_namespace.n8n.metadata[0].name tls_secret_name = var.tls_secret_name } -resource "kubernetes_namespace" "immich" { +resource "kubernetes_namespace" "n8n" { metadata { name = "n8n" } @@ -16,7 +16,7 @@ resource "kubernetes_namespace" "immich" { resource "kubernetes_deployment" "n8n" { metadata { name = "n8n" - namespace = "n8n" + namespace = kubernetes_namespace.n8n.metadata[0].name labels = { app = "n8n" } @@ -112,7 +112,7 @@ resource "kubernetes_deployment" "n8n" { resource "kubernetes_service" "n8n" { metadata { name = "n8n" - namespace = "n8n" + namespace = kubernetes_namespace.n8n.metadata[0].name labels = { "app" = "n8n" } @@ -130,7 +130,7 @@ resource "kubernetes_service" "n8n" { } module "ingress" { source = "../ingress_factory" - namespace = "n8n" + namespace = kubernetes_namespace.n8n.metadata[0].name name = "n8n" tls_secret_name = var.tls_secret_name extra_annotations = { diff --git a/modules/kubernetes/navidrome/main.tf b/modules/kubernetes/navidrome/main.tf index 3fcb9d2c..b1597eaa 100644 --- a/modules/kubernetes/navidrome/main.tf +++ b/modules/kubernetes/navidrome/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "navidrome" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "navidrome" + namespace = kubernetes_namespace.navidrome.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "navidrome" { metadata { name = "navidrome" - namespace = "navidrome" + namespace = kubernetes_namespace.navidrome.metadata[0].name labels = { app = "navidrome" "kubernetes.io/cluster-service" = "true" @@ -94,7 +94,7 @@ resource "kubernetes_deployment" "navidrome" { resource "kubernetes_service" "navidrome" { metadata { name = "navidrome" - namespace = "navidrome" + namespace = kubernetes_namespace.navidrome.metadata[0].name labels = { "app" = "navidrome" } @@ -112,7 +112,7 @@ resource "kubernetes_service" "navidrome" { } module "ingress" { source = "../ingress_factory" - namespace = "navidrome" + namespace = kubernetes_namespace.navidrome.metadata[0].name name = "navidrome" tls_secret_name = var.tls_secret_name rybbit_site_id = "8a3844ff75ba" diff --git a/modules/kubernetes/netbox/main.tf b/modules/kubernetes/netbox/main.tf index 4be28ee8..46c9f58a 100644 --- a/modules/kubernetes/netbox/main.tf +++ b/modules/kubernetes/netbox/main.tf @@ -8,14 +8,14 @@ resource "kubernetes_namespace" "netbox" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "netbox" + namespace = kubernetes_namespace.netbox.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "netbox" { metadata { name = "netbox" - namespace = "netbox" + namespace = kubernetes_namespace.netbox.metadata[0].name labels = { app = "netbox" } @@ -118,7 +118,7 @@ resource "kubernetes_deployment" "netbox" { resource "kubernetes_service" "netbox" { metadata { name = "netbox" - namespace = "netbox" + namespace = kubernetes_namespace.netbox.metadata[0].name labels = { "app" = "netbox" } @@ -138,7 +138,7 @@ resource "kubernetes_service" "netbox" { } module "ingress" { source = "../ingress_factory" - namespace = "netbox" + namespace = kubernetes_namespace.netbox.metadata[0].name name = "netbox" tls_secret_name = var.tls_secret_name protected = true diff --git a/modules/kubernetes/networking-toolbox/main.tf b/modules/kubernetes/networking-toolbox/main.tf index e7cf3771..56abc187 100644 --- a/modules/kubernetes/networking-toolbox/main.tf +++ b/modules/kubernetes/networking-toolbox/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "networking-toolbox" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "networking-toolbox" + namespace = kubernetes_namespace.networking-toolbox.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "networking-toolbox" { metadata { name = "networking-toolbox" - namespace = "networking-toolbox" + namespace = kubernetes_namespace.networking-toolbox.metadata[0].name labels = { app = "networking-toolbox" } @@ -52,7 +52,7 @@ resource "kubernetes_deployment" "networking-toolbox" { resource "kubernetes_service" "networking-toolbox" { metadata { name = "networking-toolbox" - namespace = "networking-toolbox" + namespace = kubernetes_namespace.networking-toolbox.metadata[0].name labels = { "app" = "networking-toolbox" } @@ -72,7 +72,7 @@ resource "kubernetes_service" "networking-toolbox" { module "ingress" { source = "../ingress_factory" - namespace = "networking-toolbox" + namespace = kubernetes_namespace.networking-toolbox.metadata[0].name name = "networking-toolbox" tls_secret_name = var.tls_secret_name protected = true diff --git a/modules/kubernetes/nextcloud/main.tf b/modules/kubernetes/nextcloud/main.tf index 04757403..e33fef1a 100644 --- a/modules/kubernetes/nextcloud/main.tf +++ b/modules/kubernetes/nextcloud/main.tf @@ -3,7 +3,7 @@ variable "db_password" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -17,7 +17,7 @@ resource "kubernetes_namespace" "nextcloud" { } resource "helm_release" "nextcloud" { - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name name = "nextcloud" repository = "https://nextcloud.github.io/helm/" @@ -32,7 +32,7 @@ resource "helm_release" "nextcloud" { # resource "kubernetes_config_map" "config" { # metadata { # name = "config" -# namespace = "nextcloud" +# namespace = kubernetes_namespace.nextcloud.metadata[0].name # annotations = { # "reloader.stakater.com/match" = "true" @@ -47,7 +47,7 @@ resource "helm_release" "nextcloud" { resource "kubernetes_deployment" "whiteboard" { metadata { name = "whiteboard" - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name labels = { app = "whiteboard" } @@ -93,7 +93,7 @@ resource "kubernetes_deployment" "whiteboard" { resource "kubernetes_service" "whiteboard" { metadata { name = "whiteboard" - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name labels = { app = "whiteboard" } @@ -132,7 +132,7 @@ resource "kubernetes_persistent_volume" "nextcloud-data-pv" { resource "kubernetes_persistent_volume_claim" "nextcloud-data-pvc" { metadata { name = "nextcloud-data-pvc" - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name } spec { access_modes = ["ReadWriteOnce"] @@ -147,7 +147,7 @@ resource "kubernetes_persistent_volume_claim" "nextcloud-data-pvc" { module "ingress" { source = "../ingress_factory" - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name name = "nextcloud" tls_secret_name = var.tls_secret_name port = 8080 @@ -162,7 +162,7 @@ module "ingress" { module "whiteboard_ingress" { source = "../ingress_factory" - namespace = "nextcloud" + namespace = kubernetes_namespace.nextcloud.metadata[0].name name = "whiteboard" tls_secret_name = var.tls_secret_name port = 80 diff --git a/modules/kubernetes/ntfy/main.tf b/modules/kubernetes/ntfy/main.tf index a2e6fb9f..7a7d9a5d 100644 --- a/modules/kubernetes/ntfy/main.tf +++ b/modules/kubernetes/ntfy/main.tf @@ -7,14 +7,14 @@ resource "kubernetes_namespace" "ntfy" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "ntfy" + namespace = kubernetes_namespace.ntfy.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "ntfy" { metadata { name = "ntfy" - namespace = "ntfy" + namespace = kubernetes_namespace.ntfy.metadata[0].name labels = { app = "ntfy" } @@ -96,7 +96,7 @@ resource "kubernetes_deployment" "ntfy" { resource "kubernetes_service" "ntfy" { metadata { name = "ntfy" - namespace = "ntfy" + namespace = kubernetes_namespace.ntfy.metadata[0].name labels = { "app" = "ntfy" } @@ -121,7 +121,7 @@ resource "kubernetes_service" "ntfy" { module "ingress" { source = "../ingress_factory" - namespace = "ntfy" + namespace = kubernetes_namespace.ntfy.metadata[0].name name = "ntfy" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/nvidia/main.tf b/modules/kubernetes/nvidia/main.tf index 1bd3f4b2..1948e58e 100644 --- a/modules/kubernetes/nvidia/main.tf +++ b/modules/kubernetes/nvidia/main.tf @@ -2,7 +2,7 @@ variable "tls_secret_name" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "nvidia" + namespace = kubernetes_namespace.nvidia.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -21,7 +21,7 @@ resource "kubernetes_namespace" "nvidia" { resource "kubernetes_config_map" "time_slicing_config" { metadata { name = "time-slicing-config" - namespace = "nvidia" + namespace = kubernetes_namespace.nvidia.metadata[0].name } data = { @@ -41,7 +41,7 @@ resource "kubernetes_config_map" "time_slicing_config" { } resource "helm_release" "nvidia-gpu-operator" { - namespace = "nvidia" + namespace = kubernetes_namespace.nvidia.metadata[0].name name = "nvidia-gpu-operator" repository = "https://helm.ngc.nvidia.com/nvidia" @@ -57,7 +57,7 @@ resource "helm_release" "nvidia-gpu-operator" { resource "kubernetes_deployment" "nvidia-exporter" { metadata { name = "nvidia-exporter" - namespace = "nvidia" + namespace = kubernetes_namespace.nvidia.metadata[0].name labels = { app = "nvidia-exporter" } @@ -106,7 +106,7 @@ resource "kubernetes_deployment" "nvidia-exporter" { resource "kubernetes_service" "nvidia-exporter" { metadata { name = "nvidia-exporter" - namespace = "nvidia" + namespace = kubernetes_namespace.nvidia.metadata[0].name labels = { "app" = "nvidia-exporter" } @@ -127,7 +127,7 @@ resource "kubernetes_service" "nvidia-exporter" { module "ingress" { source = "../ingress_factory" - namespace = "nvidia" + namespace = kubernetes_namespace.nvidia.metadata[0].name name = "nvidia-exporter" root_domain = "viktorbarzin.lan" tls_secret_name = var.tls_secret_name @@ -138,7 +138,7 @@ module "ingress" { # resource "kubernetes_ingress_v1" "nvidia-exporter" { # metadata { # name = "nvidia-exporter" -# namespace = "nvidia" +# namespace = kubernetes_namespace.nvidia.metadata[0].name # annotations = { # "kubernetes.io/ingress.class" = "nginx" # "nginx.ingress.kubernetes.io/whitelist-source-range" : "192.168.1.0/24, 10.0.0.0/8" diff --git a/modules/kubernetes/ollama/main.tf b/modules/kubernetes/ollama/main.tf index 1ff00895..9a4de923 100644 --- a/modules/kubernetes/ollama/main.tf +++ b/modules/kubernetes/ollama/main.tf @@ -8,13 +8,13 @@ resource "kubernetes_namespace" "ollama" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_persistent_volume_claim" "ollama-pvc" { metadata { name = "ollama-pvc" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name } spec { @@ -47,7 +47,7 @@ resource "kubernetes_persistent_volume" "ollama-pv" { } # resource "helm_release" "ollama" { -# namespace = "ollama" +# namespace = kubernetes_namespace.ollama.metadata[0].name # name = "ollama" # repository = "https://otwld.github.io/ollama-helm/" @@ -62,7 +62,7 @@ resource "kubernetes_persistent_volume" "ollama-pv" { resource "kubernetes_deployment" "ollama" { metadata { name = "ollama" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name labels = { app = "ollama" } @@ -126,7 +126,7 @@ resource "kubernetes_deployment" "ollama" { resource "kubernetes_service" "ollama" { metadata { name = "ollama" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name labels = { app = "ollama" } @@ -146,7 +146,7 @@ resource "kubernetes_service" "ollama" { # Allow ollama to be connected to from external apps module "ollama-ingress" { source = "../ingress_factory" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name name = "ollama-server" service_name = "ollama" root_domain = "viktorbarzin.lan" @@ -160,7 +160,7 @@ module "ollama-ingress" { resource "kubernetes_deployment" "ollama-ui" { metadata { name = "ollama-ui" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name labels = { app = "ollama-ui" } @@ -211,7 +211,7 @@ resource "kubernetes_deployment" "ollama-ui" { resource "kubernetes_service" "ollama-ui" { metadata { name = "ollama-ui" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name labels = { app = "dashy" } @@ -231,7 +231,7 @@ resource "kubernetes_service" "ollama-ui" { module "ingress" { source = "../ingress_factory" - namespace = "ollama" + namespace = kubernetes_namespace.ollama.metadata[0].name name = "ollama" service_name = "ollama-ui" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/onlyoffice/main.tf b/modules/kubernetes/onlyoffice/main.tf index 51c5560d..c3c26811 100644 --- a/modules/kubernetes/onlyoffice/main.tf +++ b/modules/kubernetes/onlyoffice/main.tf @@ -13,14 +13,14 @@ resource "kubernetes_namespace" "onlyoffice" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "onlyoffice" + namespace = kubernetes_namespace.onlyoffice.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "onlyoffice-document-server" { metadata { name = "onlyoffice-document-server" - namespace = "onlyoffice" + namespace = kubernetes_namespace.onlyoffice.metadata[0].name labels = { app = "onlyoffice-document-server" } @@ -104,7 +104,7 @@ resource "kubernetes_deployment" "onlyoffice-document-server" { resource "kubernetes_service" "onlyoffice" { metadata { name = "onlyoffice-document-server" - namespace = "onlyoffice" + namespace = kubernetes_namespace.onlyoffice.metadata[0].name labels = { "app" = "onlyoffice-document-server" } @@ -121,7 +121,7 @@ resource "kubernetes_service" "onlyoffice" { } module "ingress" { source = "../ingress_factory" - namespace = "onlyoffice" + namespace = kubernetes_namespace.onlyoffice.metadata[0].name name = "onlyoffice" service_name = "onlyoffice-document-server" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/owntracks/main.tf b/modules/kubernetes/owntracks/main.tf index d589c75d..6e9cce09 100644 --- a/modules/kubernetes/owntracks/main.tf +++ b/modules/kubernetes/owntracks/main.tf @@ -17,7 +17,7 @@ resource "kubernetes_namespace" "owntracks" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "owntracks" + namespace = kubernetes_namespace.owntracks.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -29,7 +29,7 @@ locals { resource "kubernetes_secret" "basic_auth" { metadata { name = "basic-auth-secret" - namespace = "owntracks" + namespace = kubernetes_namespace.owntracks.metadata[0].name } data = { @@ -45,7 +45,7 @@ resource "kubernetes_secret" "basic_auth" { resource "kubernetes_deployment" "owntracks" { metadata { name = "owntracks" - namespace = "owntracks" + namespace = kubernetes_namespace.owntracks.metadata[0].name labels = { app = "owntracks" } @@ -112,7 +112,7 @@ resource "kubernetes_deployment" "owntracks" { resource "kubernetes_service" "owntracks" { metadata { name = "owntracks" - namespace = "owntracks" + namespace = kubernetes_namespace.owntracks.metadata[0].name labels = { "app" = "owntracks" } @@ -133,7 +133,7 @@ resource "kubernetes_service" "owntracks" { module "ingress" { source = "../ingress_factory" - namespace = "owntracks" + namespace = kubernetes_namespace.owntracks.metadata[0].name name = "owntracks" tls_secret_name = var.tls_secret_name port = 443 diff --git a/modules/kubernetes/paperless-ngx/main.tf b/modules/kubernetes/paperless-ngx/main.tf index 67c1ad4f..e847a4f4 100644 --- a/modules/kubernetes/paperless-ngx/main.tf +++ b/modules/kubernetes/paperless-ngx/main.tf @@ -15,7 +15,7 @@ resource "kubernetes_namespace" "paperless-ngx" { } module "tls_secret" { source = "../setup_tls_secret" - namespace = "paperless-ngx" + namespace = kubernetes_namespace.paperless-ngx.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -23,7 +23,7 @@ module "tls_secret" { resource "kubernetes_deployment" "paperless-ngx" { metadata { name = "paperless-ngx" - namespace = "paperless-ngx" + namespace = kubernetes_namespace.paperless-ngx.metadata[0].name labels = { app = "paperless-ngx" } @@ -124,7 +124,7 @@ resource "kubernetes_deployment" "paperless-ngx" { resource "kubernetes_service" "paperless-ngx" { metadata { name = "paperless-ngx" - namespace = "paperless-ngx" + namespace = kubernetes_namespace.paperless-ngx.metadata[0].name labels = { "app" = "paperless-ngx" } @@ -145,7 +145,7 @@ resource "kubernetes_service" "paperless-ngx" { module "ingress" { source = "../ingress_factory" - namespace = "paperless-ngx" + namespace = kubernetes_namespace.paperless-ngx.metadata[0].name name = "paperless-ngx" service_name = "paperless-ngx" host = "pdf" diff --git a/modules/kubernetes/pihole/main.tf b/modules/kubernetes/pihole/main.tf index c7254648..1dc39eb6 100644 --- a/modules/kubernetes/pihole/main.tf +++ b/modules/kubernetes/pihole/main.tf @@ -9,7 +9,7 @@ resource "kubernetes_namespace" "pihole" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "pihole" + namespace = kubernetes_namespace.pihole.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -17,7 +17,7 @@ module "tls_secret" { resource "kubernetes_config_map" "external_conf" { metadata { name = "external-conf" - namespace = "pihole" + namespace = kubernetes_namespace.pihole.metadata[0].name labels = { app = "pihole" @@ -31,7 +31,7 @@ resource "kubernetes_config_map" "external_conf" { resource "kubernetes_deployment" "pihole" { metadata { name = "pihole" - namespace = "pihole" + namespace = kubernetes_namespace.pihole.metadata[0].name labels = { app = "pihole" } @@ -118,7 +118,7 @@ resource "kubernetes_deployment" "pihole" { resource "kubernetes_service" "pihole-dns" { metadata { name = "pihole-dns" - namespace = "pihole" + namespace = kubernetes_namespace.pihole.metadata[0].name labels = { "app" = "pihole" } @@ -144,7 +144,7 @@ resource "kubernetes_service" "pihole-dns" { resource "kubernetes_service" "pihole-web" { metadata { name = "pihole-web" - namespace = "pihole" + namespace = kubernetes_namespace.pihole.metadata[0].name labels = { "app" = "pihole" } @@ -167,7 +167,7 @@ resource "kubernetes_service" "pihole-web" { resource "kubernetes_ingress_v1" "pihole" { metadata { name = "pihole-ingress" - namespace = "pihole" + namespace = kubernetes_namespace.pihole.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on" diff --git a/modules/kubernetes/privatebin/main.tf b/modules/kubernetes/privatebin/main.tf index 7ec3186f..36f63c27 100644 --- a/modules/kubernetes/privatebin/main.tf +++ b/modules/kubernetes/privatebin/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "privatebin" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "privatebin" + namespace = kubernetes_namespace.privatebin.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "privatebin" { metadata { name = "privatebin" - namespace = "privatebin" + namespace = kubernetes_namespace.privatebin.metadata[0].name labels = { app = "privatebin" "kubernetes.io/cluster-service" = "true" @@ -71,7 +71,7 @@ resource "kubernetes_deployment" "privatebin" { resource "kubernetes_service" "privatebin" { metadata { name = "privatebin" - namespace = "privatebin" + namespace = kubernetes_namespace.privatebin.metadata[0].name labels = { "app" = "privatebin" } @@ -90,7 +90,7 @@ resource "kubernetes_service" "privatebin" { module "ingress" { source = "../ingress_factory" - namespace = "privatebin" + namespace = kubernetes_namespace.privatebin.metadata[0].name name = "privatebin" host = "pb" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/real-estate-crawler/main.tf b/modules/kubernetes/real-estate-crawler/main.tf index 099902a6..38d1d628 100644 --- a/modules/kubernetes/real-estate-crawler/main.tf +++ b/modules/kubernetes/real-estate-crawler/main.tf @@ -17,14 +17,14 @@ resource "kubernetes_namespace" "realestate-crawler" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "realestate-crawler-ui" { metadata { name = "realestate-crawler-ui" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name labels = { app = "realestate-crawler-ui" } @@ -68,7 +68,7 @@ resource "kubernetes_deployment" "realestate-crawler-ui" { resource "kubernetes_service" "realestate-crawler-ui" { metadata { name = "realestate-crawler-ui" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name labels = { "app" = "realestate-crawler-ui" } @@ -85,7 +85,7 @@ resource "kubernetes_service" "realestate-crawler-ui" { } # module "ingress" { # source = "../ingress_factory" -# namespace = "realestate-crawler" +# namespace = kubernetes_namespace.realestate-crawler.metadata[0].name # name = "wrongmove" # service_name = "realestate-crawler-ui" # tls_secret_name = var.tls_secret_name @@ -95,7 +95,7 @@ resource "kubernetes_service" "realestate-crawler-ui" { resource "kubernetes_deployment" "realestate-crawler-api" { metadata { name = "realestate-crawler-api" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name labels = { app = "realestate-crawler-api" } @@ -179,7 +179,7 @@ resource "kubernetes_deployment" "realestate-crawler-api" { resource "kubernetes_service" "realestate-crawler-api" { metadata { name = "realestate-crawler-api" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name labels = { "app" = "realestate-crawler-api" } @@ -197,7 +197,7 @@ resource "kubernetes_service" "realestate-crawler-api" { } # module "ingress-api" { # source = "../ingress_factory" -# namespace = "realestate-crawler" +# namespace = kubernetes_namespace.realestate-crawler.metadata[0].name # name = "wrongmove-api" # service_name = "realestate-crawler-api" # tls_secret_name = var.tls_secret_name @@ -206,7 +206,7 @@ resource "kubernetes_service" "realestate-crawler-api" { resource "kubernetes_ingress_v1" "proxied-ingress" { metadata { name = "realestate-crawler" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" "nginx.ingress.kubernetes.io/backend-protocol" = "http" @@ -278,7 +278,7 @@ resource "kubernetes_ingress_v1" "proxied-ingress" { resource "kubernetes_cron_job_v1" "scrape-rightmove" { metadata { name = "scrape-rightmove" - namespace = "realestate-crawler" + namespace = kubernetes_namespace.realestate-crawler.metadata[0].name } spec { concurrency_policy = "Replace" diff --git a/modules/kubernetes/redis/main.tf b/modules/kubernetes/redis/main.tf index d4cf7d64..7750d447 100644 --- a/modules/kubernetes/redis/main.tf +++ b/modules/kubernetes/redis/main.tf @@ -8,14 +8,14 @@ resource "kubernetes_namespace" "redis" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "redis" + namespace = kubernetes_namespace.redis.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "redis" { metadata { name = "redis" - namespace = "redis" + namespace = kubernetes_namespace.redis.metadata[0].name labels = { app = "redis" } @@ -69,7 +69,7 @@ resource "kubernetes_deployment" "redis" { resource "kubernetes_service" "redis" { metadata { name = "redis" - namespace = "redis" + namespace = kubernetes_namespace.redis.metadata[0].name labels = { app = "redis" } @@ -91,7 +91,7 @@ resource "kubernetes_service" "redis" { } module "ingress" { source = "../ingress_factory" - namespace = "redis" + namespace = kubernetes_namespace.redis.metadata[0].name name = "redis" tls_secret_name = var.tls_secret_name protected = true diff --git a/modules/kubernetes/resume/main.tf b/modules/kubernetes/resume/main.tf index f1ac8b04..f4f6cba1 100644 --- a/modules/kubernetes/resume/main.tf +++ b/modules/kubernetes/resume/main.tf @@ -4,7 +4,7 @@ variable "redis_url" {} module "tls_secret" { source = "../setup_tls_secret" - namespace = "resume" + namespace = kubernetes_namespace.resume.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -17,7 +17,7 @@ resource "kubernetes_namespace" "resume" { resource "kubernetes_deployment" "resume" { metadata { name = "resume" - namespace = "resume" + namespace = kubernetes_namespace.resume.metadata[0].name labels = { app = "resume" } diff --git a/modules/kubernetes/rybbit/main.tf b/modules/kubernetes/rybbit/main.tf index 796a7771..51d212a3 100644 --- a/modules/kubernetes/rybbit/main.tf +++ b/modules/kubernetes/rybbit/main.tf @@ -10,7 +10,7 @@ resource "kubernetes_namespace" "rybbit" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -27,7 +27,7 @@ locals { resource "kubernetes_deployment" "clickhouse" { metadata { name = "clickhouse" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name labels = { app = "clickhouse" } @@ -86,7 +86,7 @@ resource "kubernetes_deployment" "clickhouse" { resource "kubernetes_service" "clickhouse" { metadata { name = "clickhouse" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name labels = { "app" = "clickhouse" } @@ -108,7 +108,7 @@ resource "kubernetes_service" "clickhouse" { resource "kubernetes_deployment" "rybbit" { metadata { name = "rybbit" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name labels = { app = "rybbit" } @@ -199,7 +199,7 @@ resource "kubernetes_deployment" "rybbit" { resource "kubernetes_service" "rybbit" { metadata { name = "rybbit" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name labels = { "app" = "rybbit" } @@ -220,7 +220,7 @@ resource "kubernetes_service" "rybbit" { resource "kubernetes_deployment" "rybbit-client" { metadata { name = "rybbit-client" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name labels = { app = "rybbit-client" } @@ -264,7 +264,7 @@ resource "kubernetes_deployment" "rybbit-client" { resource "kubernetes_service" "rybbit-client" { metadata { name = "rybbit-client" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name labels = { "app" = "rybbit-client" } @@ -286,7 +286,7 @@ resource "kubernetes_service" "rybbit-client" { resource "kubernetes_ingress_v1" "rybbit" { metadata { name = "rybbit" - namespace = "rybbit" + namespace = kubernetes_namespace.rybbit.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" diff --git a/modules/kubernetes/send/main.tf b/modules/kubernetes/send/main.tf index e08f63c9..bf4773f9 100644 --- a/modules/kubernetes/send/main.tf +++ b/modules/kubernetes/send/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "send" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "send" + namespace = kubernetes_namespace.send.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "send" { metadata { name = "send" - namespace = "send" + namespace = kubernetes_namespace.send.metadata[0].name labels = { app = "send" } @@ -90,7 +90,7 @@ resource "kubernetes_deployment" "send" { resource "kubernetes_service" "send" { metadata { name = "send" - namespace = "send" + namespace = kubernetes_namespace.send.metadata[0].name labels = { app = "send" } @@ -108,7 +108,7 @@ resource "kubernetes_service" "send" { } module "ingress" { source = "../ingress_factory" - namespace = "send" + namespace = kubernetes_namespace.send.metadata[0].name name = "send" tls_secret_name = var.tls_secret_name port = 1443 diff --git a/modules/kubernetes/servarr/main.tf b/modules/kubernetes/servarr/main.tf index 97b06a35..7604b8d4 100644 --- a/modules/kubernetes/servarr/main.tf +++ b/modules/kubernetes/servarr/main.tf @@ -8,7 +8,7 @@ resource "kubernetes_namespace" "servarr" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "servarr" + namespace = kubernetes_namespace.servarr.metadata[0].name tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/shadowsocks/main.tf b/modules/kubernetes/shadowsocks/main.tf index fe5f0fed..6dd980e9 100644 --- a/modules/kubernetes/shadowsocks/main.tf +++ b/modules/kubernetes/shadowsocks/main.tf @@ -3,7 +3,7 @@ variable "method" { default = "chacha20-ietf-poly1305" } -resource "kubernetes_namespace" "mailserver" { +resource "kubernetes_namespace" "shadowsocks" { metadata { name = "shadowsocks" # TLS termination seems iffy - I get pfsense MiTM-ing @@ -16,7 +16,7 @@ resource "kubernetes_namespace" "mailserver" { resource "kubernetes_deployment" "shadowsocks" { metadata { name = "shadowsocks" - namespace = "shadowsocks" + namespace = kubernetes_namespace.shadowsocks.metadata[0].name labels = { "app" = "shadowsocks" } @@ -67,7 +67,7 @@ resource "kubernetes_deployment" "shadowsocks" { resource "kubernetes_service" "mailserver" { metadata { name = "shadowsocks" - namespace = "shadowsocks" + namespace = kubernetes_namespace.shadowsocks.metadata[0].name labels = { app = "shadowsocks" diff --git a/modules/kubernetes/stirling-pdf/main.tf b/modules/kubernetes/stirling-pdf/main.tf index 16958bd8..319285e9 100644 --- a/modules/kubernetes/stirling-pdf/main.tf +++ b/modules/kubernetes/stirling-pdf/main.tf @@ -11,14 +11,14 @@ resource "kubernetes_namespace" "stirling-pdf" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "stirling-pdf" + namespace = kubernetes_namespace.stirling-pdf.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "stirling-pdf" { metadata { name = "stirling-pdf" - namespace = "stirling-pdf" + namespace = kubernetes_namespace.stirling-pdf.metadata[0].name labels = { app = "stirling-pdf" } @@ -63,7 +63,7 @@ resource "kubernetes_deployment" "stirling-pdf" { resource "kubernetes_service" "stirling-pdf" { metadata { name = "stirling-pdf" - namespace = "stirling-pdf" + namespace = kubernetes_namespace.stirling-pdf.metadata[0].name labels = { "app" = "stirling-pdf" } @@ -83,7 +83,7 @@ resource "kubernetes_service" "stirling-pdf" { module "ingress" { source = "../ingress_factory" - namespace = "stirling-pdf" + namespace = kubernetes_namespace.stirling-pdf.metadata[0].name name = "stirling-pdf" tls_secret_name = var.tls_secret_name rybbit_site_id = "a55ac54ec749" diff --git a/modules/kubernetes/tandoor/main.tf b/modules/kubernetes/tandoor/main.tf index 984181af..d1aa6c5e 100644 --- a/modules/kubernetes/tandoor/main.tf +++ b/modules/kubernetes/tandoor/main.tf @@ -17,14 +17,14 @@ resource "random_password" "secret_key" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "tandoor" + namespace = kubernetes_namespace.tandoor.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "tandoor" { metadata { name = "tandoor" - namespace = "tandoor" + namespace = kubernetes_namespace.tandoor.metadata[0].name labels = { app = "tandoor" } @@ -144,7 +144,7 @@ resource "kubernetes_deployment" "tandoor" { resource "kubernetes_service" "tandoor" { metadata { name = "tandoor" - namespace = "tandoor" + namespace = kubernetes_namespace.tandoor.metadata[0].name labels = { "app" = "tandoor" } @@ -163,7 +163,7 @@ resource "kubernetes_service" "tandoor" { module "ingress" { source = "../ingress_factory" - namespace = "tandoor" + namespace = kubernetes_namespace.tandoor.metadata[0].name name = "tandoor" tls_secret_name = var.tls_secret_name } diff --git a/modules/kubernetes/technitium/main.tf b/modules/kubernetes/technitium/main.tf index cbca9e40..b3376443 100644 --- a/modules/kubernetes/technitium/main.tf +++ b/modules/kubernetes/technitium/main.tf @@ -13,7 +13,7 @@ resource "kubernetes_namespace" "technitium" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "technitium" + namespace = kubernetes_namespace.technitium.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -21,7 +21,7 @@ resource "kubernetes_deployment" "technitium" { # resource "kubernetes_daemonset" "technitium" { metadata { name = "technitium" - namespace = "technitium" + namespace = kubernetes_namespace.technitium.metadata[0].name labels = { app = "technitium" } @@ -103,7 +103,7 @@ resource "kubernetes_deployment" "technitium" { resource "kubernetes_service" "technitium-web" { metadata { name = "technitium-web" - namespace = "technitium" + namespace = kubernetes_namespace.technitium.metadata[0].name labels = { "app" = "technitium" } @@ -134,7 +134,7 @@ resource "kubernetes_service" "technitium-web" { resource "kubernetes_service" "technitium-dns" { metadata { name = "technitium-dns" - namespace = "technitium" + namespace = kubernetes_namespace.technitium.metadata[0].name labels = { "app" = "technitium" } @@ -162,7 +162,7 @@ resource "kubernetes_service" "technitium-dns" { } module "ingress" { source = "../ingress_factory" - namespace = "technitium" + namespace = kubernetes_namespace.technitium.metadata[0].name name = "technitium" tls_secret_name = var.tls_secret_name port = 5380 @@ -185,7 +185,7 @@ module "ingress" { module "ingress-doh" { source = "../ingress_factory" - namespace = "technitium" + namespace = kubernetes_namespace.technitium.metadata[0].name name = "technitium-doh" tls_secret_name = var.tls_secret_name host = "dns" diff --git a/modules/kubernetes/travel_blog/main.tf b/modules/kubernetes/travel_blog/main.tf index e70faec1..067838c4 100644 --- a/modules/kubernetes/travel_blog/main.tf +++ b/modules/kubernetes/travel_blog/main.tf @@ -11,20 +11,20 @@ resource "kubernetes_namespace" "travel-blog" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "travel-blog" + namespace = kubernetes_namespace.travel-blog.metadata[0].name tls_secret_name = var.tls_secret_name } # module "dockerhub_creds" { # source = "../dockerhub_secret" -# namespace = "website" +# namespace = kubernetes_namespace.travel.metadata[0].name # password = var.dockerhub_password # } resource "kubernetes_deployment" "blog" { metadata { name = "travel-blog" - namespace = "travel-blog" + namespace = kubernetes_namespace.travel-blog.metadata[0].name labels = { run = "travel-blog" } @@ -77,7 +77,7 @@ resource "kubernetes_deployment" "blog" { resource "kubernetes_service" "travel-blog" { metadata { name = "travel-blog" - namespace = "travel-blog" + namespace = kubernetes_namespace.travel-blog.metadata[0].name labels = { "run" = "travel-blog" } @@ -107,7 +107,7 @@ resource "kubernetes_service" "travel-blog" { module "ingress" { source = "../ingress_factory" - namespace = "travel-blog" + namespace = kubernetes_namespace.travel-blog.metadata[0].name name = "travel" tls_secret_name = var.tls_secret_name service_name = "travel-blog" diff --git a/modules/kubernetes/tuya-bridge/main.tf b/modules/kubernetes/tuya-bridge/main.tf index 6e461e63..9545ebf7 100644 --- a/modules/kubernetes/tuya-bridge/main.tf +++ b/modules/kubernetes/tuya-bridge/main.tf @@ -15,14 +15,14 @@ resource "kubernetes_namespace" "tuya-bridge" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "tuya-bridge" + namespace = kubernetes_namespace.tuya-bridge.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "tuya-bridge" { metadata { name = "tuya-bridge" - namespace = "tuya-bridge" + namespace = kubernetes_namespace.tuya-bridge.metadata[0].name labels = { app = "tuya-bridge" } @@ -72,7 +72,7 @@ resource "kubernetes_deployment" "tuya-bridge" { resource "kubernetes_service" "tuya-bridge" { metadata { name = "tuya-bridge" - namespace = "tuya-bridge" + namespace = kubernetes_namespace.tuya-bridge.metadata[0].name labels = { "app" = "tuya-bridge" } @@ -92,7 +92,7 @@ resource "kubernetes_service" "tuya-bridge" { module "ingress" { source = "../ingress_factory" - namespace = "tuya-bridge" + namespace = kubernetes_namespace.tuya-bridge.metadata[0].name name = "tuya-bridge" tls_secret_name = var.tls_secret_name diff --git a/modules/kubernetes/uptime-kuma/main.tf b/modules/kubernetes/uptime-kuma/main.tf index ee76a93e..19641350 100644 --- a/modules/kubernetes/uptime-kuma/main.tf +++ b/modules/kubernetes/uptime-kuma/main.tf @@ -1,11 +1,5 @@ variable "tls_secret_name" {} -module "tls_secret" { - source = "../setup_tls_secret" - namespace = "uptime-kuma" - tls_secret_name = var.tls_secret_name -} - resource "kubernetes_namespace" "uptime-kuma" { metadata { name = "uptime-kuma" @@ -15,10 +9,16 @@ resource "kubernetes_namespace" "uptime-kuma" { } } +module "tls_secret" { + source = "../setup_tls_secret" + namespace = kubernetes_namespace.uptime-kuma.metadata[0].name + tls_secret_name = var.tls_secret_name +} + resource "kubernetes_deployment" "uptime-kuma" { metadata { name = "uptime-kuma" - namespace = "uptime-kuma" + namespace = kubernetes_namespace.uptime-kuma.metadata[0].name labels = { app = "uptime-kuma" } @@ -73,7 +73,7 @@ resource "kubernetes_deployment" "uptime-kuma" { resource "kubernetes_service" "uptime-kuma" { metadata { name = "uptime-kuma" - namespace = "uptime-kuma" + namespace = kubernetes_namespace.uptime-kuma.metadata[0].name labels = { "app" = "uptime-kuma" } @@ -91,7 +91,7 @@ resource "kubernetes_service" "uptime-kuma" { } module "ingress" { source = "../ingress_factory" - namespace = "uptime-kuma" + namespace = kubernetes_namespace.uptime-kuma.metadata[0].name name = "uptime" tls_secret_name = var.tls_secret_name service_name = "uptime-kuma" @@ -114,7 +114,7 @@ module "ingress" { # resource "kubernetes_cron_job_v1" "sqlite-backup" { # metadata { # name = "backup" -# namespace = "uptime-kuma" +# namespace = kubernetes_namespace.uptime-kuma.metadata[0].name # } # spec { # concurrency_policy = "Replace" diff --git a/modules/kubernetes/vault/main.tf b/modules/kubernetes/vault/main.tf index 8839a717..4f2bde8a 100644 --- a/modules/kubernetes/vault/main.tf +++ b/modules/kubernetes/vault/main.tf @@ -11,7 +11,7 @@ resource "kubernetes_namespace" "vault" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "vault" + namespace = kubernetes_namespace.vault.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -33,8 +33,8 @@ resource "kubernetes_persistent_volume" "vault_data" { } } -resource "helm_release" "prometheus" { - namespace = "vault" +resource "helm_release" "vault" { + namespace = kubernetes_namespace.vault.metadata[0].name create_namespace = true name = "vault" @@ -48,7 +48,7 @@ resource "helm_release" "prometheus" { module "ingress" { source = "../ingress_factory" - namespace = "vault" + namespace = kubernetes_namespace.vault.metadata[0].name name = "vault" service_name = "vault-ui" port = 8200 diff --git a/modules/kubernetes/vaultwarden/main.tf b/modules/kubernetes/vaultwarden/main.tf index 7d053959..62214392 100644 --- a/modules/kubernetes/vaultwarden/main.tf +++ b/modules/kubernetes/vaultwarden/main.tf @@ -12,14 +12,14 @@ resource "kubernetes_namespace" "vaultwarden" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "vaultwarden" + namespace = kubernetes_namespace.vaultwarden.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "vaultwarden" { metadata { name = "vaultwarden" - namespace = "vaultwarden" + namespace = kubernetes_namespace.vaultwarden.metadata[0].name labels = { app = "vaultwarden" } @@ -104,7 +104,7 @@ resource "kubernetes_deployment" "vaultwarden" { resource "kubernetes_service" "vaultwarden" { metadata { name = "vaultwarden" - namespace = "vaultwarden" + namespace = kubernetes_namespace.vaultwarden.metadata[0].name labels = { "app" = "vaultwarden" } @@ -124,7 +124,7 @@ resource "kubernetes_service" "vaultwarden" { module "ingress" { source = "../ingress_factory" - namespace = "vaultwarden" + namespace = kubernetes_namespace.vaultwarden.metadata[0].name name = "vaultwarden" tls_secret_name = var.tls_secret_name rybbit_site_id = "b8fc85e18683" diff --git a/modules/kubernetes/vikunja/main.tf b/modules/kubernetes/vikunja/main.tf index 6cf326f2..15360429 100644 --- a/modules/kubernetes/vikunja/main.tf +++ b/modules/kubernetes/vikunja/main.tf @@ -8,14 +8,14 @@ resource "kubernetes_namespace" "vikunja" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "vikunja" + namespace = kubernetes_namespace.vikunja.metadata[0].name tls_secret_name = var.tls_secret_name } resource "kubernetes_deployment" "vikunja" { metadata { name = "vikunja" - namespace = "vikunja" + namespace = kubernetes_namespace.vikunja.metadata[0].name labels = { app = "vikunja" } @@ -154,7 +154,7 @@ resource "kubernetes_deployment" "vikunja" { resource "kubernetes_service" "vikunja" { metadata { name = "vikunja" - namespace = "vikunja" + namespace = kubernetes_namespace.vikunja.metadata[0].name labels = { "app" = "vikunja" } @@ -176,7 +176,7 @@ resource "kubernetes_service" "vikunja" { resource "kubernetes_service" "api" { metadata { name = "api" - namespace = "vikunja" + namespace = kubernetes_namespace.vikunja.metadata[0].name labels = { "app" = "vikunja" } @@ -198,7 +198,7 @@ resource "kubernetes_service" "api" { resource "kubernetes_ingress_v1" "vikunja" { metadata { name = "vikunja" - namespace = "vikunja" + namespace = kubernetes_namespace.vikunja.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" } diff --git a/modules/kubernetes/wealthfolio/main.tf b/modules/kubernetes/wealthfolio/main.tf index 6a64417d..30c146d0 100644 --- a/modules/kubernetes/wealthfolio/main.tf +++ b/modules/kubernetes/wealthfolio/main.tf @@ -19,7 +19,7 @@ resource "kubernetes_namespace" "wealthfolio" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "wealthfolio" + namespace = kubernetes_namespace.wealthfolio.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -31,7 +31,7 @@ resource "random_string" "random" { resource "kubernetes_deployment" "wealthfolio" { metadata { name = "wealthfolio" - namespace = "wealthfolio" + namespace = kubernetes_namespace.wealthfolio.metadata[0].name labels = { app = "wealthfolio" } @@ -100,7 +100,7 @@ resource "kubernetes_deployment" "wealthfolio" { resource "kubernetes_service" "wealthfolio" { metadata { name = "wealthfolio" - namespace = "wealthfolio" + namespace = kubernetes_namespace.wealthfolio.metadata[0].name labels = { "app" = "wealthfolio" } @@ -120,7 +120,7 @@ resource "kubernetes_service" "wealthfolio" { module "ingress" { source = "../ingress_factory" - namespace = "wealthfolio" + namespace = kubernetes_namespace.wealthfolio.metadata[0].name name = "wealthfolio" tls_secret_name = var.tls_secret_name protected = true diff --git a/modules/kubernetes/webhook_handler/main.tf b/modules/kubernetes/webhook_handler/main.tf index 7af21d5e..b670285f 100644 --- a/modules/kubernetes/webhook_handler/main.tf +++ b/modules/kubernetes/webhook_handler/main.tf @@ -16,7 +16,7 @@ resource "kubernetes_namespace" "webhook-handler" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "webhook-handler" + namespace = kubernetes_namespace.webhook-handler.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -40,7 +40,7 @@ resource "kubernetes_cluster_role_binding" "update_deployment_binding" { subject { kind = "ServiceAccount" name = "default" - namespace = "webhook-handler" + namespace = kubernetes_namespace.webhook-handler.metadata[0].name } role_ref { @@ -54,7 +54,7 @@ resource "kubernetes_cluster_role_binding" "update_deployment_binding" { resource "kubernetes_secret" "ssh-key" { metadata { name = "ssh-key" - namespace = "webhook-handler" + namespace = kubernetes_namespace.webhook-handler.metadata[0].name annotations = { "reloader.stakater.com/match" = "true" @@ -68,7 +68,7 @@ resource "kubernetes_secret" "ssh-key" { resource "kubernetes_deployment" "webhook_handler" { metadata { name = "webhook-handler" - namespace = "webhook-handler" + namespace = kubernetes_namespace.webhook-handler.metadata[0].name labels = { app = "webhook-handler" } @@ -170,7 +170,7 @@ resource "kubernetes_deployment" "webhook_handler" { resource "kubernetes_service" "webhook_handler" { metadata { name = "webhook-handler" - namespace = "webhook-handler" + namespace = kubernetes_namespace.webhook-handler.metadata[0].name labels = { "app" = "webhook-handler" } @@ -190,7 +190,7 @@ resource "kubernetes_service" "webhook_handler" { resource "kubernetes_ingress_v1" "webhook_handler" { metadata { name = "webhook-handler-ingress" - namespace = "webhook-handler" + namespace = kubernetes_namespace.webhook-handler.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "nginx" } diff --git a/modules/kubernetes/xray/main.tf b/modules/kubernetes/xray/main.tf index 6b12c596..1234c0bf 100644 --- a/modules/kubernetes/xray/main.tf +++ b/modules/kubernetes/xray/main.tf @@ -11,7 +11,7 @@ variable "xray_reality_short_ids" { type = list(string) } module "tls_secret" { source = "../setup_tls_secret" - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -24,7 +24,7 @@ resource "kubernetes_namespace" "xray" { resource "kubernetes_config_map" "xray_config" { metadata { name = "xray-config" - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name labels = { app = "xray" @@ -46,7 +46,7 @@ resource "kubernetes_config_map" "xray_config" { resource "kubernetes_deployment" "xray" { metadata { name = "xray" - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name labels = { app = "xray" } @@ -131,7 +131,7 @@ resource "kubernetes_deployment" "xray" { resource "kubernetes_service" "xray" { metadata { name = "xray" - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name labels = { "app" = "xray" } @@ -162,7 +162,7 @@ resource "kubernetes_service" "xray" { resource "kubernetes_service" "xray-reality" { metadata { name = "xray-reality" - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name labels = { "app" = "xray" } @@ -183,7 +183,7 @@ resource "kubernetes_service" "xray-reality" { resource "kubernetes_ingress_v1" "ingress" { metadata { - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name name = "xray" annotations = { "kubernetes.io/ingress.class" = "nginx" @@ -219,7 +219,7 @@ resource "kubernetes_ingress_v1" "ingress" { resource "kubernetes_ingress_v1" "ingress-grpc" { metadata { - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name name = "xray-grpc" annotations = { "kubernetes.io/ingress.class" = "nginx" @@ -257,7 +257,7 @@ resource "kubernetes_ingress_v1" "ingress-grpc" { resource "kubernetes_ingress_v1" "ingress-vless" { metadata { - namespace = "xray" + namespace = kubernetes_namespace.xray.metadata[0].name name = "xray-vless" annotations = { "kubernetes.io/ingress.class" = "nginx" diff --git a/modules/kubernetes/youtube_dl/main.tf b/modules/kubernetes/youtube_dl/main.tf index ff84e5d6..0693de7f 100644 --- a/modules/kubernetes/youtube_dl/main.tf +++ b/modules/kubernetes/youtube_dl/main.tf @@ -11,7 +11,7 @@ resource "kubernetes_namespace" "ytdlp" { module "tls_secret" { source = "../setup_tls_secret" - namespace = "ytdlp" + namespace = kubernetes_namespace.ytdlp.metadata[0].name tls_secret_name = var.tls_secret_name } @@ -19,7 +19,7 @@ resource "kubernetes_deployment" "ytdlp" { # resource "kubernetes_daemonset" "technitium" { metadata { name = "ytdlp" - namespace = "ytdlp" + namespace = kubernetes_namespace.ytdlp.metadata[0].name labels = { app = "ytdlp" } @@ -97,7 +97,7 @@ resource "kubernetes_deployment" "ytdlp" { resource "kubernetes_service" "ytdlp" { metadata { name = "ytdlp" - namespace = "ytdlp" + namespace = kubernetes_namespace.ytdlp.metadata[0].name labels = { "app" = "ytdlp" } @@ -117,7 +117,7 @@ resource "kubernetes_service" "ytdlp" { } module "ingress" { source = "../ingress_factory" - namespace = "ytdlp" + namespace = kubernetes_namespace.ytdlp.metadata[0].name name = "ytdlp" tls_secret_name = var.tls_secret_name host = "yt"