viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

replace hardcoded namespace with module reference [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2025-12-29 10:23:42 +00:00
parent 450bc96db8
commit f1dde96d80
83 changed files with 411 additions and 403 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/kubernetes/actualbudget/main.tf
View file

@ -18,7 +18,7 @@ resource "kubernetes_namespace" "actualbudget" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "actualbudget" namespace = kubernetes_namespace.actualbudget
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -29,6 +29,7 @@ module "viktor" {
name = "viktor" name = "viktor"
tag = "edge" tag = "edge"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
depends_on = [kubernetes_namespace.actualbudget]
} }
# https://budget-anca.viktorbarzin.me/ # https://budget-anca.viktorbarzin.me/
@ -37,4 +38,5 @@ module "anca" {
name = "anca" name = "anca"
tag = "edge" tag = "edge"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
depends_on = [kubernetes_namespace.actualbudget]
} }

8
modules/kubernetes/audiobookshelf/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "audiobookshelf" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "audiobookshelf" namespace = kubernetes_namespace.audiobookshelf.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "audiobookshelf" { resource "kubernetes_deployment" "audiobookshelf" {
metadata { metadata {
name = "audiobookshelf" name = "audiobookshelf"
namespace = "audiobookshelf" namespace = kubernetes_namespace.audiobookshelf.metadata[0].name
labels = { labels = {
app = "audiobookshelf" app = "audiobookshelf"
} }
@ -103,7 +103,7 @@ resource "kubernetes_deployment" "audiobookshelf" {
resource "kubernetes_service" "audiobookshelf" { resource "kubernetes_service" "audiobookshelf" {
metadata { metadata {
name = "audiobookshelf" name = "audiobookshelf"
namespace = "audiobookshelf" namespace = kubernetes_namespace.audiobookshelf.metadata[0].name
labels = { labels = {
"app" = "audiobookshelf" "app" = "audiobookshelf"
} }
@ -124,7 +124,7 @@ resource "kubernetes_service" "audiobookshelf" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "audiobookshelf" namespace = kubernetes_namespace.audiobookshelf.metadata[0].name
name = "audiobookshelf" name = "audiobookshelf"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {

12
modules/kubernetes/authelia/main.tf
View file

@ -11,12 +11,12 @@ resource "kubernetes_namespace" "authelia" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "authelia" namespace = kubernetes_namespace.authelia.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "helm_release" "authelia" { resource "helm_release" "authelia" {
namespace = "authelia" namespace = kubernetes_namespace.authelia.metadata[0].name
name = "authelia" name = "authelia"
atomic = true atomic = true
@ -32,7 +32,7 @@ resource "helm_release" "authelia" {
# resource "kubernetes_config_map" "configuration" { # resource "kubernetes_config_map" "configuration" {
# metadata { # metadata {
# name = "configuration" # name = "configuration"
# namespace = "authelia" # namespace = kubernetes_namespace.authelia.metadata[0].name
# labels = { # labels = {
# app = "configuration" # app = "configuration"
@ -53,7 +53,7 @@ resource "helm_release" "authelia" {
# resource "kubernetes_deployment" "authelia" { # resource "kubernetes_deployment" "authelia" {
# metadata { # metadata {
# name = "authelia" # name = "authelia"
# namespace = "authelia" # namespace = kubernetes_namespace.authelia.metadata[0].name
# labels = { # labels = {
# app = "authelia" # app = "authelia"
# } # }
@ -119,7 +119,7 @@ resource "helm_release" "authelia" {
# resource "kubernetes_service" "authelia" { # resource "kubernetes_service" "authelia" {
# metadata { # metadata {
# name = "authelia" # name = "authelia"
# namespace = "authelia" # namespace = kubernetes_namespace.authelia.metadata[0].name
# labels = { # labels = {
# "app" = "authelia" # "app" = "authelia"
# } # }
@ -142,7 +142,7 @@ resource "helm_release" "authelia" {
# resource "kubernetes_ingress_v1" "authelia" { # resource "kubernetes_ingress_v1" "authelia" {
# metadata { # metadata {
# name = "authelia" # name = "authelia"
# namespace = "authelia" # namespace = kubernetes_namespace.authelia.metadata[0].name
# annotations = { # annotations = {
# "kubernetes.io/ingress.class" = "nginx" # "kubernetes.io/ingress.class" = "nginx"
# # "nginx.ingress.kubernetes.io/affinity" = "cookie" # # "nginx.ingress.kubernetes.io/affinity" = "cookie"

6
modules/kubernetes/authentik/main.tf
View file

@ -5,7 +5,7 @@ variable "postgres_password" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "authentik" namespace = kubernetes_namespace.authentik.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -16,7 +16,7 @@ resource "kubernetes_namespace" "authentik" {
} }
resource "helm_release" "authentik" { resource "helm_release" "authentik" {
namespace = "authentik" namespace = kubernetes_namespace.authentik.metadata[0].name
create_namespace = true create_namespace = true
name = "goauthentik" name = "goauthentik"
@ -34,7 +34,7 @@ resource "helm_release" "authentik" {
resource "kubernetes_ingress_v1" "authentik" { resource "kubernetes_ingress_v1" "authentik" {
metadata { metadata {
name = "authentik" name = "authentik"
namespace = "authentik" namespace = kubernetes_namespace.authentik.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
} }

10
modules/kubernetes/blog/main.tf
View file

@ -12,20 +12,20 @@ resource "kubernetes_namespace" "website" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "website" namespace = kubernetes_namespace.website.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
# module "dockerhub_creds" { # module "dockerhub_creds" {
# source = "../dockerhub_secret" # source = "../dockerhub_secret"
# namespace = "website" # namespace = kubernetes_namespace.website.metadata[0].name
# password = var.dockerhub_password # password = var.dockerhub_password
# } # }
resource "kubernetes_deployment" "blog" { resource "kubernetes_deployment" "blog" {
metadata { metadata {
name = "blog" name = "blog"
namespace = "website" namespace = kubernetes_namespace.website.metadata[0].name
labels = { labels = {
run = "blog" run = "blog"
} }
@ -78,7 +78,7 @@ resource "kubernetes_deployment" "blog" {
resource "kubernetes_service" "blog" { resource "kubernetes_service" "blog" {
metadata { metadata {
name = "blog" name = "blog"
namespace = "website" namespace = kubernetes_namespace.website.metadata[0].name
labels = { labels = {
"run" = "blog" "run" = "blog"
} }
@ -109,7 +109,7 @@ resource "kubernetes_service" "blog" {
resource "kubernetes_ingress_v1" "blog" { resource "kubernetes_ingress_v1" "blog" {
metadata { metadata {
name = "blog-ingress" name = "blog-ingress"
namespace = "website" namespace = kubernetes_namespace.website.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/configuration-snippet" = <<-EOT "nginx.ingress.kubernetes.io/configuration-snippet" = <<-EOT

16
modules/kubernetes/calibre/main.tf
View file

@ -17,14 +17,14 @@ resource "kubernetes_namespace" "calibre" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
# resource "kubernetes_deployment" "calibre" { # resource "kubernetes_deployment" "calibre" {
# metadata { # metadata {
# name = "calibre" # name = "calibre"
# namespace = "calibre" # namespace = kubernetes_namespace.calibre.metadata[0].name
# labels = { # labels = {
# app = "calibre" # app = "calibre"
# } # }
@ -97,7 +97,7 @@ module "tls_secret" {
resource "kubernetes_deployment" "calibre-web-automated" { resource "kubernetes_deployment" "calibre-web-automated" {
metadata { metadata {
name = "calibre-web-automated" name = "calibre-web-automated"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
labels = { labels = {
app = "calibre-web-automated" app = "calibre-web-automated"
} }
@ -196,7 +196,7 @@ resource "kubernetes_deployment" "calibre-web-automated" {
resource "kubernetes_service" "calibre" { resource "kubernetes_service" "calibre" {
metadata { metadata {
name = "calibre" name = "calibre"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
labels = { labels = {
"app" = "calibre" "app" = "calibre"
} }
@ -218,7 +218,7 @@ resource "kubernetes_service" "calibre" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
name = "calibre" name = "calibre"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {
@ -248,7 +248,7 @@ module "ingress" {
resource "kubernetes_deployment" "annas-archive-stacks" { resource "kubernetes_deployment" "annas-archive-stacks" {
metadata { metadata {
name = "annas-archive-stacks" name = "annas-archive-stacks"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
labels = { labels = {
app = "annas-archive-stacks" app = "annas-archive-stacks"
} }
@ -304,7 +304,7 @@ resource "kubernetes_deployment" "annas-archive-stacks" {
resource "kubernetes_service" "annas-archive-stacks" { resource "kubernetes_service" "annas-archive-stacks" {
metadata { metadata {
name = "annas-archive-stacks" name = "annas-archive-stacks"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
labels = { labels = {
"app" = "annas-archive-stacks" "app" = "annas-archive-stacks"
} }
@ -324,7 +324,7 @@ resource "kubernetes_service" "annas-archive-stacks" {
module "stacks-ingress" { module "stacks-ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "calibre" namespace = kubernetes_namespace.calibre.metadata[0].name
name = "stacks" name = "stacks"
service_name = "annas-archive-stacks" service_name = "annas-archive-stacks"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

8
modules/kubernetes/changedetection/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "changedetection" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "changedetection" namespace = kubernetes_namespace.changedetection.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "changedetection" { resource "kubernetes_deployment" "changedetection" {
metadata { metadata {
name = "changedetection" name = "changedetection"
namespace = "changedetection" namespace = kubernetes_namespace.changedetection.metadata[0].name
labels = { labels = {
app = "changedetection" app = "changedetection"
} }
@ -103,7 +103,7 @@ resource "kubernetes_deployment" "changedetection" {
resource "kubernetes_service" "changedetection" { resource "kubernetes_service" "changedetection" {
metadata { metadata {
name = "changedetection" name = "changedetection"
namespace = "changedetection" namespace = kubernetes_namespace.changedetection.metadata[0].name
labels = { labels = {
"app" = "changedetection" "app" = "changedetection"
} }
@ -122,7 +122,7 @@ resource "kubernetes_service" "changedetection" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "changedetection" namespace = kubernetes_namespace.changedetection.metadata[0].name
name = "changedetection" name = "changedetection"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true protected = true

16
modules/kubernetes/cloudflared/cloudflare.tf
View file

@ -72,11 +72,11 @@ resource "cloudflare_zero_trust_tunnel_cloudflared_config" "sof" {
} }
resource "cloudflare_record" "dns_record" { resource "cloudflare_record" "dns_record" {
for_each = local.cloudflare_proxied_names_map # for_each = local.cloudflare_proxied_names_map
# count = length(var.cloudflare_proxied_names) count = length(var.cloudflare_proxied_names)
content = "${var.cloudflare_tunnel_id}.cfargotunnel.com" content = "${var.cloudflare_tunnel_id}.cfargotunnel.com"
# name = var.cloudflare_proxied_names[count.index] name = var.cloudflare_proxied_names[count.index]
name = each.key # name = each.key
proxied = true proxied = true
ttl = 1 ttl = 1
type = "CNAME" type = "CNAME"
@ -84,12 +84,12 @@ resource "cloudflare_record" "dns_record" {
} }
resource "cloudflare_record" "non_proxied_dns_record" { resource "cloudflare_record" "non_proxied_dns_record" {
for_each = local.cloudflare_non_proxied_names_map # for_each = local.cloudflare_non_proxied_names_map
# count = length(var.cloudflare_non_proxied_names) count = length(var.cloudflare_non_proxied_names)
# content = var.non_proxied_names[count.index].ip # content = var.non_proxied_names[count.index].ip
content = var.public_ip content = var.public_ip
# name = var.cloudflare_non_proxied_names[count.index] name = var.cloudflare_non_proxied_names[count.index]
name = each.key # name = each.key
proxied = false proxied = false
ttl = 1 ttl = 1
type = "A" type = "A"

6
modules/kubernetes/cloudflared/main.tf
View file

@ -10,14 +10,14 @@ resource "kubernetes_namespace" "cloudflared" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "cloudflared" namespace = kubernetes_namespace.cloudflared.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "cloudflared" { resource "kubernetes_deployment" "cloudflared" {
metadata { metadata {
name = "cloudflared" name = "cloudflared"
namespace = "cloudflared" namespace = kubernetes_namespace.cloudflared.metadata[0].name
labels = { labels = {
app = "cloudflared" app = "cloudflared"
} }
@ -64,7 +64,7 @@ resource "kubernetes_deployment" "cloudflared" {
resource "kubernetes_service" "cloudflared" { resource "kubernetes_service" "cloudflared" {
metadata { metadata {
name = "cloudflared" name = "cloudflared"
namespace = "cloudflared" namespace = kubernetes_namespace.cloudflared.metadata[0].name
labels = { labels = {
"app" = "cloudflared" "app" = "cloudflared"
} }

12
modules/kubernetes/crowdsec/main.tf
View file

@ -9,7 +9,7 @@ variable "crowdsec_dash_machine_password" { type = string } # used for web dash
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "crowdsec" namespace = kubernetes_namespace.crowdsec.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -22,7 +22,7 @@ resource "kubernetes_namespace" "crowdsec" {
resource "kubernetes_config_map" "crowdsec_custom_scenarios" { resource "kubernetes_config_map" "crowdsec_custom_scenarios" {
metadata { metadata {
name = "crowdsec-custom-scenarios" name = "crowdsec-custom-scenarios"
namespace = "crowdsec" namespace = kubernetes_namespace.crowdsec.metadata[0].name
labels = { labels = {
"app.kubernetes.io/name" = "crowdsec" "app.kubernetes.io/name" = "crowdsec"
} }
@ -62,7 +62,7 @@ resource "kubernetes_config_map" "crowdsec_custom_scenarios" {
resource "helm_release" "crowdsec" { resource "helm_release" "crowdsec" {
namespace = "crowdsec" namespace = kubernetes_namespace.crowdsec.metadata[0].name
create_namespace = true create_namespace = true
name = "crowdsec" name = "crowdsec"
atomic = true atomic = true
@ -80,7 +80,7 @@ resource "helm_release" "crowdsec" {
resource "kubernetes_deployment" "crowdsec-web" { resource "kubernetes_deployment" "crowdsec-web" {
metadata { metadata {
name = "crowdsec-web" name = "crowdsec-web"
namespace = "crowdsec" namespace = kubernetes_namespace.crowdsec.metadata[0].name
labels = { labels = {
app = "crowdsec_web" app = "crowdsec_web"
"kubernetes.io/cluster-service" = "true" "kubernetes.io/cluster-service" = "true"
@ -137,7 +137,7 @@ resource "kubernetes_deployment" "crowdsec-web" {
resource "kubernetes_service" "crowdsec-web" { resource "kubernetes_service" "crowdsec-web" {
metadata { metadata {
name = "crowdsec-web" name = "crowdsec-web"
namespace = "crowdsec" namespace = kubernetes_namespace.crowdsec.metadata[0].name
labels = { labels = {
"app" = "crowdsec_web" "app" = "crowdsec_web"
} }
@ -155,7 +155,7 @@ resource "kubernetes_service" "crowdsec-web" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "crowdsec" namespace = kubernetes_namespace.crowdsec.metadata[0].name
name = "crowdsec-web" name = "crowdsec-web"
protected = true protected = true
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

8
modules/kubernetes/cyberchef/main.tf
View file

@ -7,14 +7,14 @@ resource "kubernetes_namespace" "cyberchef" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "cyberchef" namespace = kubernetes_namespace.cyberchef.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "cyberchef" { resource "kubernetes_deployment" "cyberchef" {
metadata { metadata {
name = "cyberchef" name = "cyberchef"
namespace = "cyberchef" namespace = kubernetes_namespace.cyberchef.metadata[0].name
labels = { labels = {
app = "cyberchef" app = "cyberchef"
} }
@ -55,7 +55,7 @@ resource "kubernetes_deployment" "cyberchef" {
resource "kubernetes_service" "cyberchef" { resource "kubernetes_service" "cyberchef" {
metadata { metadata {
name = "cc" name = "cc"
namespace = "cyberchef" namespace = kubernetes_namespace.cyberchef.metadata[0].name
labels = { labels = {
"app" = "cyberchef" "app" = "cyberchef"
} }
@ -76,7 +76,7 @@ resource "kubernetes_service" "cyberchef" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "cyberchef" namespace = kubernetes_namespace.cyberchef.metadata[0].name
name = "cc" name = "cc"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
rybbit_site_id = "7c460afc68c4" rybbit_site_id = "7c460afc68c4"

10
modules/kubernetes/dashy/main.tf
View file

@ -3,7 +3,7 @@ variable "tls_secret_name" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "dashy" namespace = kubernetes_namespace.dashy.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -19,7 +19,7 @@ resource "kubernetes_namespace" "dashy" {
resource "kubernetes_config_map" "config" { resource "kubernetes_config_map" "config" {
metadata { metadata {
name = "config" name = "config"
namespace = "dashy" namespace = kubernetes_namespace.dashy.metadata[0].name
annotations = { annotations = {
"reloader.stakater.com/match" = "true" "reloader.stakater.com/match" = "true"
@ -34,7 +34,7 @@ resource "kubernetes_config_map" "config" {
resource "kubernetes_deployment" "dashy" { resource "kubernetes_deployment" "dashy" {
metadata { metadata {
name = "dashy" name = "dashy"
namespace = "dashy" namespace = kubernetes_namespace.dashy.metadata[0].name
labels = { labels = {
app = "dashy" app = "dashy"
} }
@ -85,7 +85,7 @@ resource "kubernetes_deployment" "dashy" {
resource "kubernetes_service" "dashy" { resource "kubernetes_service" "dashy" {
metadata { metadata {
name = "dashy" name = "dashy"
namespace = "dashy" namespace = kubernetes_namespace.dashy.metadata[0].name
labels = { labels = {
app = "dashy" app = "dashy"
} }
@ -105,7 +105,7 @@ resource "kubernetes_service" "dashy" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "dashy" namespace = kubernetes_namespace.dashy.metadata[0].name
name = "dashy" name = "dashy"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true # hidden as we use homepage now protected = true # hidden as we use homepage now

12
modules/kubernetes/dawarich/main.tf
View file

@ -17,14 +17,14 @@ resource "kubernetes_namespace" "dawarich" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "dawarich" namespace = kubernetes_namespace.dawarich.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "dawarich" { resource "kubernetes_deployment" "dawarich" {
metadata { metadata {
name = "dawarich" name = "dawarich"
namespace = "dawarich" namespace = kubernetes_namespace.dawarich.metadata[0].name
labels = { labels = {
app = "dawarich" app = "dawarich"
} }
@ -218,7 +218,7 @@ resource "kubernetes_deployment" "dawarich" {
# resource "kubernetes_deployment" "photon" { # resource "kubernetes_deployment" "photon" {
# metadata { # metadata {
# name = "photon" # name = "photon"
# namespace = "dawarich" # namespace = kubernetes_namespace.dawarich.metadata[0].name
# labels = { # labels = {
# app = "photon" # app = "photon"
# } # }
@ -276,7 +276,7 @@ resource "kubernetes_deployment" "dawarich" {
resource "kubernetes_service" "dawarich" { resource "kubernetes_service" "dawarich" {
metadata { metadata {
name = "dawarich" name = "dawarich"
namespace = "dawarich" namespace = kubernetes_namespace.dawarich.metadata[0].name
labels = { labels = {
"app" = "dawarich" "app" = "dawarich"
} }
@ -298,7 +298,7 @@ resource "kubernetes_service" "dawarich" {
# resource "kubernetes_service" "photon" { # resource "kubernetes_service" "photon" {
# metadata { # metadata {
# name = "photon" # name = "photon"
# namespace = "dawarich" # namespace = kubernetes_namespace.dawarich.metadata[0].name
# labels = { # labels = {
# "app" = "photon" # "app" = "photon"
# } # }
@ -318,7 +318,7 @@ resource "kubernetes_service" "dawarich" {
# } # }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "dawarich" namespace = kubernetes_namespace.dawarich.metadata[0].name
name = "dawarich" name = "dawarich"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {

6
modules/kubernetes/descheduler/main.tf
View file

@ -53,7 +53,7 @@ resource "kubernetes_cluster_role" "descheduler" {
resource "kubernetes_service_account" "descheduler" { resource "kubernetes_service_account" "descheduler" {
metadata { metadata {
name = "descheduler-sa" name = "descheduler-sa"
namespace = "descheduler" namespace = kubernetes_namespace.descheduler.metadata[0].name
} }
} }
@ -70,12 +70,12 @@ resource "kubernetes_cluster_role_binding" "descheduler" {
subject { subject {
name = "descheduler-sa" name = "descheduler-sa"
kind = "ServiceAccount" kind = "ServiceAccount"
namespace = "descheduler" namespace = kubernetes_namespace.descheduler.metadata[0].name
} }
} }
resource "helm_release" "prometheus" { resource "helm_release" "prometheus" {
namespace = "descheduler" namespace = kubernetes_namespace.descheduler.metadata[0].name
name = "descheduler" name = "descheduler"
repository = "https://kubernetes-sigs.github.io/descheduler/" repository = "https://kubernetes-sigs.github.io/descheduler/"

8
modules/kubernetes/discount-bandit/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "discount-bandit" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "discount-bandit" namespace = kubernetes_namespace.discount-bandit.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "discount-bandit" { resource "kubernetes_deployment" "discount-bandit" {
metadata { metadata {
name = "discount-bandit" name = "discount-bandit"
namespace = "discount-bandit" namespace = kubernetes_namespace.discount-bandit.metadata[0].name
labels = { labels = {
app = "discount-bandit" app = "discount-bandit"
} }
@ -79,7 +79,7 @@ resource "kubernetes_deployment" "discount-bandit" {
resource "kubernetes_service" "discount-bandit" { resource "kubernetes_service" "discount-bandit" {
metadata { metadata {
name = "discount-bandit" name = "discount-bandit"
namespace = "discount-bandit" namespace = kubernetes_namespace.discount-bandit.metadata[0].name
labels = { labels = {
"app" = "discount-bandit" "app" = "discount-bandit"
} }
@ -101,7 +101,7 @@ resource "kubernetes_service" "discount-bandit" {
resource "kubernetes_ingress_v1" "discount-bandit" { resource "kubernetes_ingress_v1" "discount-bandit" {
metadata { metadata {
name = "discount-bandit" name = "discount-bandit"
namespace = "discount-bandit" namespace = kubernetes_namespace.discount-bandit.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
} }

8
modules/kubernetes/diun/main.tf
View file

@ -13,14 +13,14 @@ resource "kubernetes_namespace" "diun" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "diun" namespace = kubernetes_namespace.diun.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_service_account" "diun" { resource "kubernetes_service_account" "diun" {
metadata { metadata {
name = "diun" name = "diun"
namespace = "diun" namespace = kubernetes_namespace.diun.metadata[0].name
} }
} }
@ -47,14 +47,14 @@ resource "kubernetes_cluster_role_binding" "diun" {
subject { subject {
kind = "ServiceAccount" kind = "ServiceAccount"
name = "diun" name = "diun"
namespace = "diun" namespace = kubernetes_namespace.diun.metadata[0].name
} }
} }
resource "kubernetes_deployment" "diun" { resource "kubernetes_deployment" "diun" {
metadata { metadata {
name = "diun" name = "diun"
namespace = "diun" namespace = kubernetes_namespace.diun.metadata[0].name
labels = { labels = {
app = "diun" app = "diun"
} }

8
modules/kubernetes/dnscat2/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "dnscat2" {
# module "tls_secret" { # module "tls_secret" {
# source = "../setup_tls_secret" # source = "../setup_tls_secret"
# namespace = "dnscat2" # namespace = kubernetes_namespace.dnscat2.metadata[0].name
# tls_secret_name = var.tls_secret_name # tls_secret_name = var.tls_secret_name
# } # }
resource "kubernetes_deployment" "dnscat2" { resource "kubernetes_deployment" "dnscat2" {
metadata { metadata {
name = "dnscat2" name = "dnscat2"
namespace = "dnscat2" namespace = kubernetes_namespace.dnscat2.metadata[0].name
labels = { labels = {
app = "dnscat2" app = "dnscat2"
} }
@ -43,7 +43,7 @@ resource "kubernetes_deployment" "dnscat2" {
stdin = true stdin = true
tty = true tty = true
port { port {
name="dns" name = "dns"
container_port = 53 container_port = 53
protocol = "UDP" protocol = "UDP"
} }
@ -60,7 +60,7 @@ resource "kubernetes_deployment" "dnscat2" {
resource "kubernetes_service" "dnscat2" { resource "kubernetes_service" "dnscat2" {
metadata { metadata {
name = "dnscat2" name = "dnscat2"
namespace = "dnscat2" namespace = kubernetes_namespace.dnscat2.metadata[0].name
labels = { labels = {
"app" = "dnscat2" "app" = "dnscat2"
} }

6
modules/kubernetes/dnscrypt/main.tf
View file

@ -7,7 +7,7 @@ resource "kubernetes_namespace" "dnscrypt" {
resource "kubernetes_config_map" "dnscrypt" { resource "kubernetes_config_map" "dnscrypt" {
metadata { metadata {
name = "dnscrypt-proxy-configmap" name = "dnscrypt-proxy-configmap"
namespace = "dnscrypt" namespace = kubernetes_namespace.dnscrypt.metadata[0].name
} }
data = { data = {
"dnscrypt-proxy.toml" = var.dnscrypt_proxy_toml "dnscrypt-proxy.toml" = var.dnscrypt_proxy_toml
@ -17,7 +17,7 @@ resource "kubernetes_config_map" "dnscrypt" {
resource "kubernetes_deployment" "dnscrypt" { resource "kubernetes_deployment" "dnscrypt" {
metadata { metadata {
name = "dnscrypt-proxy" name = "dnscrypt-proxy"
namespace = "dnscrypt" namespace = kubernetes_namespace.dnscrypt.metadata[0].name
labels = { labels = {
app = "dnscrypt-proxy" app = "dnscrypt-proxy"
"kubernetes.io/cluster-service" = "true" "kubernetes.io/cluster-service" = "true"
@ -69,7 +69,7 @@ resource "kubernetes_deployment" "dnscrypt" {
resource "kubernetes_service" "dnscrypt" { resource "kubernetes_service" "dnscrypt" {
metadata { metadata {
name = "dnscrypt-proxy" name = "dnscrypt-proxy"
namespace = "dnscrypt" namespace = kubernetes_namespace.dnscrypt.metadata[0].name
labels = { labels = {
"app" = "dnscrypt-proxy" "app" = "dnscrypt-proxy"
} }

18
modules/kubernetes/drone/main.tf
View file

@ -23,14 +23,14 @@ resource "kubernetes_namespace" "drone" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_config_map" "git_crypt_key" { resource "kubernetes_config_map" "git_crypt_key" {
metadata { metadata {
name = "git-crypt-key" name = "git-crypt-key"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
} }
data = { data = {
@ -41,7 +41,7 @@ resource "kubernetes_config_map" "git_crypt_key" {
resource "kubernetes_deployment" "drone_server" { resource "kubernetes_deployment" "drone_server" {
metadata { metadata {
name = "drone-server" name = "drone-server"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
labels = { labels = {
app = "drone" app = "drone"
} }
@ -136,7 +136,7 @@ resource "kubernetes_deployment" "drone_server" {
resource "kubernetes_service" "drone" { resource "kubernetes_service" "drone" {
metadata { metadata {
name = "drone" name = "drone"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
labels = { labels = {
app = "drone" app = "drone"
} }
@ -155,7 +155,7 @@ resource "kubernetes_service" "drone" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
name = "drone" name = "drone"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
# protected = true # protected = true
@ -196,7 +196,7 @@ resource "kubernetes_cluster_role_binding" "drone" {
subject { subject {
kind = "ServiceAccount" kind = "ServiceAccount"
name = "default" name = "default"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
} }
role_ref { role_ref {
kind = "ClusterRole" kind = "ClusterRole"
@ -209,7 +209,7 @@ resource "kubernetes_cluster_role_binding" "drone" {
resource "kubernetes_deployment" "drone_runner" { resource "kubernetes_deployment" "drone_runner" {
metadata { metadata {
name = "drone-runner" name = "drone-runner"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
labels = { labels = {
app = "drone-runner" app = "drone-runner"
} }
@ -284,7 +284,7 @@ resource "kubernetes_deployment" "drone_runner" {
resource "kubernetes_deployment" "drone_runner_secret" { resource "kubernetes_deployment" "drone_runner_secret" {
metadata { metadata {
name = "drone-runner-secret" name = "drone-runner-secret"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
labels = { labels = {
app = "drone-runner-secret" app = "drone-runner-secret"
} }
@ -339,7 +339,7 @@ resource "kubernetes_deployment" "drone_runner_secret" {
resource "kubernetes_service" "drone_runner_secret" { resource "kubernetes_service" "drone_runner_secret" {
metadata { metadata {
name = "drone-runner-secret" name = "drone-runner-secret"
namespace = "drone" namespace = kubernetes_namespace.drone.metadata[0].name
labels = { labels = {
app = "drone-runner-secret" app = "drone-runner-secret"
} }

8
modules/kubernetes/echo/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "echo" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "echo" namespace = kubernetes_namespace.echo.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "echo" { resource "kubernetes_deployment" "echo" {
metadata { metadata {
name = "echo" name = "echo"
namespace = "echo" namespace = kubernetes_namespace.echo.metadata[0].name
labels = { labels = {
app = "echo" app = "echo"
} }
@ -55,7 +55,7 @@ resource "kubernetes_deployment" "echo" {
resource "kubernetes_service" "echo" { resource "kubernetes_service" "echo" {
metadata { metadata {
name = "echo" name = "echo"
namespace = "echo" namespace = kubernetes_namespace.echo.metadata[0].name
labels = { labels = {
"app" = "echo" "app" = "echo"
} }
@ -75,7 +75,7 @@ resource "kubernetes_service" "echo" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "echo" namespace = kubernetes_namespace.echo.metadata[0].name
name = "echo" name = "echo"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

10
modules/kubernetes/excalidraw/main.tf
View file

@ -1,6 +1,6 @@
variable "tls_secret_name" {} variable "tls_secret_name" {}
resource "kubernetes_namespace" "finance_app" { resource "kubernetes_namespace" "excalidraw" {
metadata { metadata {
name = "excalidraw" name = "excalidraw"
labels = { labels = {
@ -12,14 +12,14 @@ resource "kubernetes_namespace" "finance_app" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "excalidraw" namespace = kubernetes_namespace.excalidraw.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "excalidraw" { resource "kubernetes_deployment" "excalidraw" {
metadata { metadata {
name = "excalidraw" name = "excalidraw"
namespace = "excalidraw" namespace = kubernetes_namespace.excalidraw.metadata[0].name
labels = { labels = {
app = "excalidraw" app = "excalidraw"
} }
@ -54,7 +54,7 @@ resource "kubernetes_deployment" "excalidraw" {
resource "kubernetes_service" "draw" { resource "kubernetes_service" "draw" {
metadata { metadata {
name = "draw" name = "draw"
namespace = "excalidraw" namespace = kubernetes_namespace.excalidraw.metadata[0].name
labels = { labels = {
app = "excalidraw" app = "excalidraw"
} }
@ -73,7 +73,7 @@ resource "kubernetes_service" "draw" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "excalidraw" namespace = kubernetes_namespace.excalidraw.metadata[0].name
name = "draw" name = "draw"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

8
modules/kubernetes/f1-stream/main.tf
View file

@ -12,7 +12,7 @@ resource "kubernetes_namespace" "f1-stream" {
resource "kubernetes_deployment" "f1-stream" { resource "kubernetes_deployment" "f1-stream" {
metadata { metadata {
name = "f1-stream" name = "f1-stream"
namespace = "f1-stream" namespace = kubernetes_namespace.f1-stream.metadata[0].name
labels = { labels = {
app = "f1-stream" app = "f1-stream"
} }
@ -57,7 +57,7 @@ resource "kubernetes_deployment" "f1-stream" {
resource "kubernetes_service" "f1-stream" { resource "kubernetes_service" "f1-stream" {
metadata { metadata {
name = "f1" name = "f1"
namespace = "f1-stream" namespace = kubernetes_namespace.f1-stream.metadata[0].name
labels = { labels = {
"app" = "f1-stream" "app" = "f1-stream"
} }
@ -75,14 +75,14 @@ resource "kubernetes_service" "f1-stream" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "f1-stream" namespace = kubernetes_namespace.f1-stream.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "f1-stream" namespace = kubernetes_namespace.f1-stream.metadata[0].name
name = "f1" name = "f1"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {

14
modules/kubernetes/finance_app/main.tf
View file

@ -23,7 +23,7 @@ resource "kubernetes_namespace" "finance_app" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "finance-app" namespace = kubernetes_namespace.finance_app.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -49,7 +49,7 @@ module "tls_secret" {
# resource "kubernetes_persistent_volume_claim" "finance_app_pvc" { # resource "kubernetes_persistent_volume_claim" "finance_app_pvc" {
# metadata { # metadata {
# name = "finance-iscsi-pvc" # name = "finance-iscsi-pvc"
# namespace = "finance-app" # namespace = kubernetes_namespace.finance_app.metadata[0].name
# } # }
# spec { # spec {
# access_modes = ["ReadWriteOnce"] # access_modes = ["ReadWriteOnce"]
@ -64,7 +64,7 @@ module "tls_secret" {
resource "kubernetes_deployment" "finance_app" { resource "kubernetes_deployment" "finance_app" {
metadata { metadata {
name = "finance-app" name = "finance-app"
namespace = "finance-app" namespace = kubernetes_namespace.finance_app.metadata[0].name
labels = { labels = {
app = "finance-app" app = "finance-app"
} }
@ -175,7 +175,7 @@ resource "kubernetes_deployment" "finance_app" {
resource "kubernetes_deployment" "finance_app_frontend" { resource "kubernetes_deployment" "finance_app_frontend" {
metadata { metadata {
name = "finance-app-frontend" name = "finance-app-frontend"
namespace = "finance-app" namespace = kubernetes_namespace.finance_app.metadata[0].name
labels = { labels = {
app = "finance-app-frontend" app = "finance-app-frontend"
} }
@ -210,7 +210,7 @@ resource "kubernetes_deployment" "finance_app_frontend" {
resource "kubernetes_service" "finance_app" { resource "kubernetes_service" "finance_app" {
metadata { metadata {
name = "finance-app" name = "finance-app"
namespace = "finance-app" namespace = kubernetes_namespace.finance_app.metadata[0].name
labels = { labels = {
app = "finance-app" app = "finance-app"
} }
@ -230,7 +230,7 @@ resource "kubernetes_service" "finance_app" {
resource "kubernetes_service" "finance_app_frontend" { resource "kubernetes_service" "finance_app_frontend" {
metadata { metadata {
name = "finance-app-frontend" name = "finance-app-frontend"
namespace = "finance-app" namespace = kubernetes_namespace.finance_app.metadata[0].name
labels = { labels = {
app = "finance-app-frontend" app = "finance-app-frontend"
} }
@ -250,7 +250,7 @@ resource "kubernetes_service" "finance_app_frontend" {
resource "kubernetes_ingress_v1" "finance_app" { resource "kubernetes_ingress_v1" "finance_app" {
metadata { metadata {
name = "finance-app" name = "finance-app"
namespace = "finance-app" namespace = kubernetes_namespace.finance_app.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
#"nginx.ingress.kubernetes.io/auth-url"= "https://oauth-provider/auth" #"nginx.ingress.kubernetes.io/auth-url"= "https://oauth-provider/auth"

8
modules/kubernetes/forgejo/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "forgejo" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "forgejo" namespace = kubernetes_namespace.forgejo.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "forgejo" { resource "kubernetes_deployment" "forgejo" {
metadata { metadata {
name = "forgejo" name = "forgejo"
namespace = "forgejo" namespace = kubernetes_namespace.forgejo.metadata[0].name
labels = { labels = {
app = "forgejo" app = "forgejo"
} }
@ -76,7 +76,7 @@ resource "kubernetes_deployment" "forgejo" {
resource "kubernetes_service" "forgejo" { resource "kubernetes_service" "forgejo" {
metadata { metadata {
name = "forgejo" name = "forgejo"
namespace = "forgejo" namespace = kubernetes_namespace.forgejo.metadata[0].name
labels = { labels = {
"app" = "forgejo" "app" = "forgejo"
} }
@ -94,7 +94,7 @@ resource "kubernetes_service" "forgejo" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "forgejo" namespace = kubernetes_namespace.forgejo.metadata[0].name
name = "forgejo" name = "forgejo"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {

12
modules/kubernetes/frigate/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "frigate" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "frigate" namespace = kubernetes_namespace.frigate.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "frigate" { resource "kubernetes_deployment" "frigate" {
metadata { metadata {
name = "frigate" name = "frigate"
namespace = "frigate" namespace = kubernetes_namespace.frigate.metadata[0].name
labels = { labels = {
app = "frigate" app = "frigate"
} }
@ -132,7 +132,7 @@ resource "kubernetes_deployment" "frigate" {
resource "kubernetes_service" "frigate" { resource "kubernetes_service" "frigate" {
metadata { metadata {
name = "frigate" name = "frigate"
namespace = "frigate" namespace = kubernetes_namespace.frigate.metadata[0].name
labels = { labels = {
"app" = "frigate" "app" = "frigate"
} }
@ -154,7 +154,7 @@ resource "kubernetes_service" "frigate" {
resource "kubernetes_service" "frigate-rtsp" { resource "kubernetes_service" "frigate-rtsp" {
metadata { metadata {
name = "frigate-rtsp" name = "frigate-rtsp"
namespace = "frigate" namespace = kubernetes_namespace.frigate.metadata[0].name
labels = { labels = {
"app" = "frigate" "app" = "frigate"
} }
@ -184,7 +184,7 @@ resource "kubernetes_service" "frigate-rtsp" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "frigate" namespace = kubernetes_namespace.frigate.metadata[0].name
name = "frigate" name = "frigate"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true protected = true
@ -206,7 +206,7 @@ module "ingress" {
module "ingress-internal" { module "ingress-internal" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "frigate" namespace = kubernetes_namespace.frigate.metadata[0].name
name = "frigate-lan" name = "frigate-lan"
host = "frigate-lan" host = "frigate-lan"
root_domain = "viktorbarzin.lan" root_domain = "viktorbarzin.lan"

8
modules/kubernetes/hackmd/main.tf
View file

@ -12,14 +12,14 @@ resource "kubernetes_namespace" "hackmd" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "hackmd" namespace = kubernetes_namespace.hackmd.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "hackmd" { resource "kubernetes_deployment" "hackmd" {
metadata { metadata {
name = "hackmd" name = "hackmd"
namespace = "hackmd" namespace = kubernetes_namespace.hackmd.metadata[0].name
labels = { labels = {
app = "hackmd" app = "hackmd"
"kubernetes.io/cluster-service" = "true" "kubernetes.io/cluster-service" = "true"
@ -127,7 +127,7 @@ resource "kubernetes_deployment" "hackmd" {
resource "kubernetes_service" "hackmd" { resource "kubernetes_service" "hackmd" {
metadata { metadata {
name = "hackmd" name = "hackmd"
namespace = "hackmd" namespace = kubernetes_namespace.hackmd.metadata[0].name
labels = { labels = {
"app" = "hackmd" "app" = "hackmd"
} }
@ -145,7 +145,7 @@ resource "kubernetes_service" "hackmd" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "hackmd" namespace = kubernetes_namespace.hackmd.metadata[0].name
name = "hackmd" name = "hackmd"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {

12
modules/kubernetes/home_assistant/main.tf
View file

@ -11,7 +11,7 @@ resource "kubernetes_namespace" "home_assistant" {
resource "kubernetes_config_map" "home_assistant_config_map" { resource "kubernetes_config_map" "home_assistant_config_map" {
metadata { metadata {
name = "home-assistant-configmap" name = "home-assistant-configmap"
namespace = "home-assistant" namespace = kubernetes_namespace.home_assistant.metadata[0].name
annotations = { annotations = {
"reloader.stakater.com/match" = "true" "reloader.stakater.com/match" = "true"
@ -28,12 +28,12 @@ resource "kubernetes_config_map" "home_assistant_config_map" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "home-assistant" namespace = kubernetes_namespace.home_assistant.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "helm_release" "home_assistant" { resource "helm_release" "home_assistant" {
namespace = "home-assistant" namespace = kubernetes_namespace.home_assistant.metadata[0].name
create_namespace = true create_namespace = true
name = "home-assistant" name = "home-assistant"
@ -46,7 +46,7 @@ resource "helm_release" "home_assistant" {
resource "kubernetes_deployment" "home_assistant" { resource "kubernetes_deployment" "home_assistant" {
metadata { metadata {
name = "home-assistant" name = "home-assistant"
namespace = "home-assistant" namespace = kubernetes_namespace.home_assistant.metadata[0].name
labels = { labels = {
"app.kubernetes.io/instance" = "home-assistant" "app.kubernetes.io/instance" = "home-assistant"
@ -158,7 +158,7 @@ resource "kubernetes_deployment" "home_assistant" {
resource "kubernetes_service" "home_assistant" { resource "kubernetes_service" "home_assistant" {
metadata { metadata {
name = "home-assistant" name = "home-assistant"
namespace = "home-assistant" namespace = kubernetes_namespace.home_assistant.metadata[0].name
labels = { labels = {
"app.kubernetes.io/instance" = "home-assistant" "app.kubernetes.io/instance" = "home-assistant"
@ -204,7 +204,7 @@ resource "kubernetes_service" "home_assistant" {
resource "kubernetes_ingress_v1" "home-assistant-ui" { resource "kubernetes_ingress_v1" "home-assistant-ui" {
metadata { metadata {
name = "home-assistant-ui-ingress" name = "home-assistant-ui-ingress"
namespace = "home-assistant" namespace = kubernetes_namespace.home_assistant.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/force-ssl-redirect" = "true" "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true"

4
modules/kubernetes/homepage/main.tf
View file

@ -3,7 +3,7 @@ variable "tls_secret_name" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "homepage" namespace = kubernetes_namespace.homepage.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -17,7 +17,7 @@ resource "kubernetes_namespace" "homepage" {
} }
resource "helm_release" "homepage" { resource "helm_release" "homepage" {
namespace = "homepage" namespace = kubernetes_namespace.homepage.metadata[0].name
create_namespace = false create_namespace = false
name = "homepage" name = "homepage"
atomic = true atomic = true

26
modules/kubernetes/immich/main.tf
View file

@ -10,7 +10,7 @@ variable "immich_version" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -23,7 +23,7 @@ resource "kubernetes_namespace" "immich" {
resource "kubernetes_deployment" "immich_server" { resource "kubernetes_deployment" "immich_server" {
metadata { metadata {
name = "immich-server" name = "immich-server"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
labels = { labels = {
app = "immich-server" app = "immich-server"
@ -215,7 +215,7 @@ resource "kubernetes_deployment" "immich_server" {
resource "kubernetes_service" "immich-server" { resource "kubernetes_service" "immich-server" {
metadata { metadata {
name = "immich-server" name = "immich-server"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
labels = { labels = {
"app" = "immich-server" "app" = "immich-server"
} }
@ -234,7 +234,7 @@ resource "kubernetes_service" "immich-server" {
resource "kubernetes_deployment" "immich-postgres" { resource "kubernetes_deployment" "immich-postgres" {
metadata { metadata {
name = "immich-postgresql" name = "immich-postgresql"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
} }
spec { spec {
replicas = 1 replicas = 1
@ -298,7 +298,7 @@ resource "kubernetes_deployment" "immich-postgres" {
resource "kubernetes_service" "immich-postgresql" { resource "kubernetes_service" "immich-postgresql" {
metadata { metadata {
name = "immich-postgresql" name = "immich-postgresql"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
labels = { labels = {
"app" = "immich-postgresql" "app" = "immich-postgresql"
} }
@ -317,7 +317,7 @@ resource "kubernetes_service" "immich-postgresql" {
# If you're having issuewith typesens container exiting prematurely, increase liveliness check # If you're having issuewith typesens container exiting prematurely, increase liveliness check
# resource "helm_release" "immich" { # resource "helm_release" "immich" {
# namespace = "immich" # namespace = kubernetes_namespace.immich.metadata[0].name
# name = "immich" # name = "immich"
# repository = "https://immich-app.github.io/immich-charts" # repository = "https://immich-app.github.io/immich-charts"
@ -333,7 +333,7 @@ resource "kubernetes_service" "immich-postgresql" {
resource "kubernetes_deployment" "immich-machine-learning" { resource "kubernetes_deployment" "immich-machine-learning" {
metadata { metadata {
name = "immich-machine-learning" name = "immich-machine-learning"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
} }
spec { spec {
replicas = 1 replicas = 1
@ -407,7 +407,7 @@ resource "kubernetes_deployment" "immich-machine-learning" {
resource "kubernetes_service" "immich-machine-learning" { resource "kubernetes_service" "immich-machine-learning" {
metadata { metadata {
name = "immich-machine-learning" name = "immich-machine-learning"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
labels = { labels = {
"app" = "immich-machine-learning" "app" = "immich-machine-learning"
} }
@ -425,7 +425,7 @@ resource "kubernetes_service" "immich-machine-learning" {
resource "kubernetes_ingress_v1" "ingress" { resource "kubernetes_ingress_v1" "ingress" {
metadata { metadata {
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
name = "immich" name = "immich"
annotations = { annotations = {
# NOTE: when changing - test video playback from mobile and web! # NOTE: when changing - test video playback from mobile and web!
@ -528,7 +528,7 @@ resource "kubernetes_ingress_v1" "ingress" {
resource "kubernetes_cron_job_v1" "postgresql-backup" { resource "kubernetes_cron_job_v1" "postgresql-backup" {
metadata { metadata {
name = "postgresql-backup" name = "postgresql-backup"
namespace = "immich" namespace = kubernetes_namespace.immich.metadata[0].name
} }
spec { spec {
concurrency_policy = "Replace" concurrency_policy = "Replace"
@ -581,7 +581,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" {
# resource "kubernetes_deployment" "powertools" { # resource "kubernetes_deployment" "powertools" {
# metadata { # metadata {
# name = "immich-powertools" # name = "immich-powertools"
# namespace = "immich" # namespace = kubernetes_namespace.immich.metadata[0].name
# labels = { # labels = {
# app = "immich-powertools" # app = "immich-powertools"
# } # }
@ -665,7 +665,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" {
# resource "kubernetes_service" "powertools" { # resource "kubernetes_service" "powertools" {
# metadata { # metadata {
# name = "immich-powertools" # name = "immich-powertools"
# namespace = "immich" # namespace = kubernetes_namespace.immich.metadata[0].name
# labels = { # labels = {
# "app" = "immich-powertools" # "app" = "immich-powertools"
# } # }
@ -686,7 +686,7 @@ resource "kubernetes_cron_job_v1" "postgresql-backup" {
# module "ingress-powertools" { # module "ingress-powertools" {
# source = "../ingress_factory" # source = "../ingress_factory"
# namespace = "immich" # namespace = kubernetes_namespace.immich.metadata[0].name
# name = "immich-powertools" # name = "immich-powertools"
# tls_secret_name = var.tls_secret_name # tls_secret_name = var.tls_secret_name
# protected = true # protected = true

2
modules/kubernetes/isponsorblocktv/main.tf
View file

@ -15,7 +15,7 @@ resource "kubernetes_namespace" "isponsorblocktv" {
resource "kubernetes_deployment" "isponsorblocktv-vermont" { resource "kubernetes_deployment" "isponsorblocktv-vermont" {
metadata { metadata {
name = "isponsorblocktv-vermont" name = "isponsorblocktv-vermont"
namespace = "isponsorblocktv" namespace = kubernetes_namespace.isponsorblocktv.metadata[0].name
labels = { labels = {
app = "isponsorblocktv-vermont" app = "isponsorblocktv-vermont"
} }

14
modules/kubernetes/istio/main.tf
View file

@ -8,13 +8,13 @@ resource "kubernetes_namespace" "istio" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "istio-system" namespace = kubernetes_namespace.istio.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
# to delete all CRDS: kubectl get crd -oname | grep --color=never 'istio.io' | xargs kubectl delete # to delete all CRDS: kubectl get crd -oname | grep --color=never 'istio.io' | xargs kubectl delete
resource "helm_release" "istio-base" { resource "helm_release" "istio-base" {
namespace = "istio-system" namespace = kubernetes_namespace.istio.metadata[0].name
create_namespace = false create_namespace = false
name = "istio-base" name = "istio-base"
atomic = true atomic = true
@ -25,7 +25,7 @@ resource "helm_release" "istio-base" {
} }
resource "helm_release" "istiod" { resource "helm_release" "istiod" {
namespace = "istio-system" namespace = kubernetes_namespace.istio.metadata[0].name
create_namespace = false create_namespace = false
name = "istiod" name = "istiod"
atomic = true atomic = true
@ -36,7 +36,7 @@ resource "helm_release" "istiod" {
} }
resource "helm_release" "istio-gateway" { resource "helm_release" "istio-gateway" {
namespace = "istio-system" namespace = kubernetes_namespace.istio.metadata[0].name
create_namespace = false create_namespace = false
name = "istio-gateway" name = "istio-gateway"
atomic = true atomic = true
@ -48,7 +48,7 @@ resource "helm_release" "istio-gateway" {
# Kiali dashboard # Kiali dashboard
resource "helm_release" "kiali" { resource "helm_release" "kiali" {
namespace = "istio-system" namespace = kubernetes_namespace.istio.metadata[0].name
create_namespace = false create_namespace = false
name = "kiali" name = "kiali"
atomic = true atomic = true
@ -71,7 +71,7 @@ resource "helm_release" "kiali" {
resource "kubernetes_secret" "kiali-token" { resource "kubernetes_secret" "kiali-token" {
metadata { metadata {
name = "kiali-secret" name = "kiali-secret"
namespace = "istio-system" namespace = kubernetes_namespace.istio.metadata[0].name
annotations = { annotations = {
"kubernetes.io/service-account.name" : "kiali-service-account" "kubernetes.io/service-account.name" : "kiali-service-account"
} }
@ -83,7 +83,7 @@ resource "kubernetes_secret" "kiali-token" {
# resource "kubernetes_ingress_v1" "kiali" { # resource "kubernetes_ingress_v1" "kiali" {
# metadata { # metadata {
# name = "kiali" # name = "kiali"
# namespace = "istio-system" # namespace = kubernetes_namespace.istio.metadata[0].name
# annotations = { # annotations = {
# "kubernetes.io/ingress.class" = "nginx" # "kubernetes.io/ingress.class" = "nginx"
# "nginx.ingress.kubernetes.io/auth-url" : "https://oauth2.viktorbarzin.me/oauth2/auth" # "nginx.ingress.kubernetes.io/auth-url" : "https://oauth2.viktorbarzin.me/oauth2/auth"

8
modules/kubernetes/jellyfin/main.tf
View file

@ -8,14 +8,14 @@ resource "kubernetes_namespace" "jellyfin" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "jellyfin" namespace = kubernetes_namespace.jellyfin.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "jellyfin" { resource "kubernetes_deployment" "jellyfin" {
metadata { metadata {
name = "jellyfin" name = "jellyfin"
namespace = "jellyfin" namespace = kubernetes_namespace.jellyfin.metadata[0].name
labels = { labels = {
app = "jellyfin" app = "jellyfin"
} }
@ -89,7 +89,7 @@ resource "kubernetes_deployment" "jellyfin" {
resource "kubernetes_service" "jellyfin" { resource "kubernetes_service" "jellyfin" {
metadata { metadata {
name = "jellyfin" name = "jellyfin"
namespace = "jellyfin" namespace = kubernetes_namespace.jellyfin.metadata[0].name
labels = { labels = {
"app" = "jellyfin" "app" = "jellyfin"
} }
@ -111,7 +111,7 @@ resource "kubernetes_service" "jellyfin" {
resource "kubernetes_ingress_v1" "jellyfin" { resource "kubernetes_ingress_v1" "jellyfin" {
metadata { metadata {
name = "jellyfin" name = "jellyfin"
namespace = "jellyfin" namespace = kubernetes_namespace.jellyfin.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/proxy-body-size" : "5000m" "nginx.ingress.kubernetes.io/proxy-body-size" : "5000m"

8
modules/kubernetes/jsoncrack/main.tf
View file

@ -10,14 +10,14 @@ resource "kubernetes_namespace" "jsoncrack" {
} }
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "jsoncrack" namespace = kubernetes_namespace.jsoncrack.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "jsoncrack" { resource "kubernetes_deployment" "jsoncrack" {
metadata { metadata {
name = "jsoncrack" name = "jsoncrack"
namespace = "jsoncrack" namespace = kubernetes_namespace.jsoncrack.metadata[0].name
labels = { labels = {
app = "jsoncrack" app = "jsoncrack"
} }
@ -51,7 +51,7 @@ resource "kubernetes_deployment" "jsoncrack" {
resource "kubernetes_service" "jsoncrack" { resource "kubernetes_service" "jsoncrack" {
metadata { metadata {
name = "json" name = "json"
namespace = "jsoncrack" namespace = kubernetes_namespace.jsoncrack.metadata[0].name
labels = { labels = {
"app" = "jsoncrack" "app" = "jsoncrack"
} }
@ -72,7 +72,7 @@ resource "kubernetes_service" "jsoncrack" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "jsoncrack" namespace = kubernetes_namespace.jsoncrack.metadata[0].name
name = "json" name = "json"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

20
modules/kubernetes/k8s-dashboard/main.tf
View file

@ -32,12 +32,12 @@ resource "kubernetes_namespace" "k8s-dashboard" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "helm_release" "kubernetes-dashboard" { resource "helm_release" "kubernetes-dashboard" {
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
name = "kubernetes-dashboard" name = "kubernetes-dashboard"
repository = "https://kubernetes.github.io/dashboard/" repository = "https://kubernetes.github.io/dashboard/"
@ -68,7 +68,7 @@ resource "helm_release" "kubernetes-dashboard" {
# resource "kubernetes_secret" "dashboard-token" { # resource "kubernetes_secret" "dashboard-token" {
# metadata { # metadata {
# name = "dashboard-secret" # name = "dashboard-secret"
# namespace = "kubernetes-dashboard" # namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
# annotations = { # annotations = {
# "kubernetes.io/service-account.name" : "kubernetes-dashboard" # "kubernetes.io/service-account.name" : "kubernetes-dashboard"
# } # }
@ -79,7 +79,7 @@ resource "helm_release" "kubernetes-dashboard" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
name = "kubernetes-dashboard" name = "kubernetes-dashboard"
service_name = "kubernetes-dashboard-kong-proxy" service_name = "kubernetes-dashboard-kong-proxy"
host = "k8s" host = "k8s"
@ -94,7 +94,7 @@ module "ingress" {
resource "kubernetes_service_account" "kubernetes-dashboard" { resource "kubernetes_service_account" "kubernetes-dashboard" {
metadata { metadata {
name = "kubernetes-dashboard" name = "kubernetes-dashboard"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
} }
} }
@ -111,7 +111,7 @@ resource "kubernetes_cluster_role_binding" "kubernetes-dashboard" {
subject { subject {
kind = "ServiceAccount" kind = "ServiceAccount"
name = "kubernetes-dashboard" name = "kubernetes-dashboard"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
} }
# depends_on = [module.dashboard] # depends_on = [module.dashboard]
} }
@ -119,7 +119,7 @@ resource "kubernetes_cluster_role_binding" "kubernetes-dashboard" {
resource "kubernetes_secret" "kubernetes-dashboard-admin-token" { resource "kubernetes_secret" "kubernetes-dashboard-admin-token" {
metadata { metadata {
name = "kubernetes-dashboard-admin" name = "kubernetes-dashboard-admin"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
annotations = { annotations = {
"kubernetes.io/service-account.name" : "kubernetes-dashboard" "kubernetes.io/service-account.name" : "kubernetes-dashboard"
} }
@ -213,21 +213,21 @@ resource "kubernetes_cluster_role_binding" "kubernetes-dashboard-viewonly" {
subject { subject {
kind = "ServiceAccount" kind = "ServiceAccount"
name = "kubernetes-dashboard-viewonly" name = "kubernetes-dashboard-viewonly"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
} }
} }
resource "kubernetes_service_account" "kubernetes-dashboard-viewonly" { resource "kubernetes_service_account" "kubernetes-dashboard-viewonly" {
metadata { metadata {
name = "kubernetes-dashboard-viewonly" name = "kubernetes-dashboard-viewonly"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
} }
} }
resource "kubernetes_secret" "kubernetes-dashboard-viewonly-token" { resource "kubernetes_secret" "kubernetes-dashboard-viewonly-token" {
metadata { metadata {
name = "kubernetes-dashboard-viewonly" name = "kubernetes-dashboard-viewonly"
namespace = "kubernetes-dashboard" namespace = kubernetes_namespace.k8s-dashboard.metadata[0].name
annotations = { annotations = {
"kubernetes.io/service-account.name" : "kubernetes-dashboard-viewonly" "kubernetes.io/service-account.name" : "kubernetes-dashboard-viewonly"
} }

10
modules/kubernetes/kafka/main.tf
View file

@ -3,12 +3,12 @@ variable "client_certificate_secret_name" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "kafka" namespace = kubernetes_namespace.kafka.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "helm_release" "kafka" { resource "helm_release" "kafka" {
namespace = "kafka" namespace = kubernetes_namespace.kafka.metadata[0].name
create_namespace = true create_namespace = true
name = "kafka" name = "kafka"
@ -21,7 +21,7 @@ resource "helm_release" "kafka" {
resource "kubernetes_deployment" "kafka-ui" { resource "kubernetes_deployment" "kafka-ui" {
metadata { metadata {
name = "kafka-ui" name = "kafka-ui"
namespace = "kafka" namespace = kubernetes_namespace.kafka.metadata[0].name
labels = { labels = {
run = "kafka-ui" run = "kafka-ui"
} }
@ -77,7 +77,7 @@ resource "kubernetes_deployment" "kafka-ui" {
resource "kubernetes_service" "kafka-ui" { resource "kubernetes_service" "kafka-ui" {
metadata { metadata {
name = "kafka-ui" name = "kafka-ui"
namespace = "kafka" namespace = kubernetes_namespace.kafka.metadata[0].name
labels = { labels = {
"run" = "kafka-ui" "run" = "kafka-ui"
} }
@ -108,7 +108,7 @@ resource "kubernetes_service" "kafka-ui" {
resource "kubernetes_ingress_v1" "kafka-ui" { resource "kubernetes_ingress_v1" "kafka-ui" {
metadata { metadata {
name = "kafka-ui-ingress" name = "kafka-ui-ingress"
namespace = "kafka" namespace = kubernetes_namespace.kafka.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/force-ssl-redirect" = "true" "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true"

14
modules/kubernetes/kms/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "kms" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_config_map" "kms-web-page" { resource "kubernetes_config_map" "kms-web-page" {
metadata { metadata {
name = "kms-web-page-config" name = "kms-web-page-config"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
} }
data = { data = {
"index.html" = var.index_html "index.html" = var.index_html
@ -28,7 +28,7 @@ resource "kubernetes_config_map" "kms-web-page" {
resource "kubernetes_deployment" "kms-web-page" { resource "kubernetes_deployment" "kms-web-page" {
metadata { metadata {
name = "kms-web-page" name = "kms-web-page"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
labels = { labels = {
"app" = "kms-web-page" "app" = "kms-web-page"
"kubernetes.io/cluster-service" = "true" "kubernetes.io/cluster-service" = "true"
@ -92,7 +92,7 @@ resource "kubernetes_deployment" "kms-web-page" {
resource "kubernetes_service" "kms-web-page" { resource "kubernetes_service" "kms-web-page" {
metadata { metadata {
name = "kms" name = "kms"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
labels = { labels = {
"app" = "kms-web-page" "app" = "kms-web-page"
} }
@ -111,7 +111,7 @@ resource "kubernetes_service" "kms-web-page" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
name = "kms" name = "kms"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -119,7 +119,7 @@ module "ingress" {
resource "kubernetes_deployment" "windows_kms" { resource "kubernetes_deployment" "windows_kms" {
metadata { metadata {
name = "kms" name = "kms"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
labels = { labels = {
app = "kms-service" app = "kms-service"
} }
@ -163,7 +163,7 @@ resource "kubernetes_deployment" "windows_kms" {
resource "kubernetes_service" "windows_kms" { resource "kubernetes_service" "windows_kms" {
metadata { metadata {
name = "windows-kms" name = "windows-kms"
namespace = "kms" namespace = kubernetes_namespace.kms.metadata[0].name
labels = { labels = {
app = "kms-service" app = "kms-service"
} }

4
modules/kubernetes/kured/main.tf
View file

@ -12,12 +12,12 @@ resource "kubernetes_namespace" "kured" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "kured" namespace = kubernetes_namespace.kured.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "helm_release" "kured" { resource "helm_release" "kured" {
namespace = "kured" namespace = kubernetes_namespace.kured.metadata[0].name
create_namespace = false create_namespace = false
name = "kured" name = "kured"

8
modules/kubernetes/linkwarden/main.tf
View file

@ -11,7 +11,7 @@ resource "kubernetes_namespace" "linkwarden" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "linkwarden" namespace = kubernetes_namespace.linkwarden.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -24,7 +24,7 @@ resource "random_string" "secret" {
resource "kubernetes_deployment" "linkwarden" { resource "kubernetes_deployment" "linkwarden" {
metadata { metadata {
name = "linkwarden" name = "linkwarden"
namespace = "linkwarden" namespace = kubernetes_namespace.linkwarden.metadata[0].name
labels = { labels = {
app = "linkwarden" app = "linkwarden"
} }
@ -93,7 +93,7 @@ resource "kubernetes_deployment" "linkwarden" {
resource "kubernetes_service" "linkwarden" { resource "kubernetes_service" "linkwarden" {
metadata { metadata {
name = "linkwarden" name = "linkwarden"
namespace = "linkwarden" namespace = kubernetes_namespace.linkwarden.metadata[0].name
labels = { labels = {
app = "linkwarden" app = "linkwarden"
} }
@ -113,7 +113,7 @@ resource "kubernetes_service" "linkwarden" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "linkwarden" namespace = kubernetes_namespace.linkwarden.metadata[0].name
name = "linkwarden" name = "linkwarden"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

14
modules/kubernetes/mailserver/main.tf
View file

@ -16,14 +16,14 @@ resource "kubernetes_namespace" "mailserver" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "mailserver" namespace = kubernetes_namespace.mailserver.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_config_map" "mailserver_env_config" { resource "kubernetes_config_map" "mailserver_env_config" {
metadata { metadata {
name = "mailserver.env.config" name = "mailserver.env.config"
namespace = "mailserver" namespace = kubernetes_namespace.mailserver.metadata[0].name
labels = { labels = {
app = "mailserver" app = "mailserver"
} }
@ -61,7 +61,7 @@ resource "kubernetes_config_map" "mailserver_env_config" {
resource "kubernetes_config_map" "mailserver_config" { resource "kubernetes_config_map" "mailserver_config" {
metadata { metadata {
name = "mailserver.config" name = "mailserver.config"
namespace = "mailserver" namespace = kubernetes_namespace.mailserver.metadata[0].name
labels = { labels = {
app = "mailserver" app = "mailserver"
@ -98,7 +98,7 @@ resource "kubernetes_config_map" "mailserver_config" {
# resource "kubernetes_config_map" "user_patches" { # resource "kubernetes_config_map" "user_patches" {
# metadata { # metadata {
# name = "user-patches" # name = "user-patches"
# namespace = "mailserver" # namespace = kubernetes_namespace.mailserver.metadata[0].name
# labels = { # labels = {
# "app" = "mailserver" # "app" = "mailserver"
# } # }
@ -116,7 +116,7 @@ resource "kubernetes_config_map" "mailserver_config" {
resource "kubernetes_secret" "opendkim_key" { resource "kubernetes_secret" "opendkim_key" {
metadata { metadata {
name = "mailserver.opendkim.key" name = "mailserver.opendkim.key"
namespace = "mailserver" namespace = kubernetes_namespace.mailserver.metadata[0].name
labels = { labels = {
"app" = "mailserver" "app" = "mailserver"
} }
@ -131,7 +131,7 @@ resource "kubernetes_secret" "opendkim_key" {
resource "kubernetes_deployment" "mailserver" { resource "kubernetes_deployment" "mailserver" {
metadata { metadata {
name = "mailserver" name = "mailserver"
namespace = "mailserver" namespace = kubernetes_namespace.mailserver.metadata[0].name
labels = { labels = {
"app" = "mailserver" "app" = "mailserver"
} }
@ -383,7 +383,7 @@ resource "kubernetes_deployment" "mailserver" {
resource "kubernetes_service" "mailserver" { resource "kubernetes_service" "mailserver" {
metadata { metadata {
name = "mailserver" name = "mailserver"
namespace = "mailserver" namespace = kubernetes_namespace.mailserver.metadata[0].name
labels = { labels = {
app = "mailserver" app = "mailserver"

9
modules/kubernetes/main.tf
View file

@ -122,9 +122,9 @@ variable "defcon_level" {
} }
locals { locals {
defcon_modules = { defcon_modules = {
1 : ["wireguard", "technitium", "headscale", "nginx-ingress", "xray", "authentik", "cloudflare", "authelia"], # Critical connectivity services 1 : ["wireguard", "technitium", "headscale", "nginx-ingress", "xray", "authentik", "cloudflare", "authelia", "monitoring"], # Critical connectivity services
2 : ["vaultwarden", "redis", "immich", "nvidia", "metrics-server", "uptime-kuma", "crowdsec"], # Storage and other db services 2 : ["vaultwarden", "redis", "immich", "nvidia", "metrics-server", "uptime-kuma", "crowdsec"], # Storage and other db services
3 : ["k8s-dashboard", "reverse-proxy"], # Cluster admin services 3 : ["k8s-dashboard", "reverse-proxy"], # Cluster admin services
4 : [ 4 : [
"mailserver", "shadowsocks", "webhook_handler", "tuya-bridge", "dawarich", "owntracks", "nextcloud", "mailserver", "shadowsocks", "webhook_handler", "tuya-bridge", "dawarich", "owntracks", "nextcloud",
"calibre", "onlyoffice", "f1-stream", "rybbit", "isponsorblocktv", "actualbudget" "calibre", "onlyoffice", "f1-stream", "rybbit", "isponsorblocktv", "actualbudget"
@ -147,7 +147,7 @@ locals {
resource "null_resource" "core_services" { resource "null_resource" "core_services" {
# List all the core modules that must be provisioned first # List all the core modules that must be provisioned first
depends_on = [ depends_on = [
module.metallb, module.dbaas, module.monitoring, module.technitium, module.vaultwarden, module.reverse-proxy, module.metallb, module.dbaas, module.technitium, module.vaultwarden, module.reverse-proxy,
module.redis, module.nginx-ingress, module.crowdsec, module.cloudflared, module.metrics-server, module.authentik, module.redis, module.nginx-ingress, module.crowdsec, module.cloudflared, module.metrics-server, module.authentik,
module.nvidia, module.nvidia,
] ]
@ -263,6 +263,7 @@ module "metallb" {
module "monitoring" { module "monitoring" {
source = "./monitoring" source = "./monitoring"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
for_each = contains(local.active_modules, "monitoring") ? { monitoring = true } : {}
alertmanager_account_password = var.alertmanager_account_password alertmanager_account_password = var.alertmanager_account_password
idrac_username = var.idrac_username idrac_username = var.idrac_username
idrac_password = var.idrac_password idrac_password = var.idrac_password

8
modules/kubernetes/matrix/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "matrix" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "matrix" namespace = kubernetes_namespace.matrix.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "matrix" { resource "kubernetes_deployment" "matrix" {
metadata { metadata {
name = "matrix" name = "matrix"
namespace = "matrix" namespace = kubernetes_namespace.matrix.metadata[0].name
labels = { labels = {
app = "matrix" app = "matrix"
} }
@ -71,7 +71,7 @@ resource "kubernetes_deployment" "matrix" {
resource "kubernetes_service" "matrix" { resource "kubernetes_service" "matrix" {
metadata { metadata {
name = "matrix" name = "matrix"
namespace = "matrix" namespace = kubernetes_namespace.matrix.metadata[0].name
labels = { labels = {
"app" = "matrix" "app" = "matrix"
} }
@ -91,7 +91,7 @@ resource "kubernetes_service" "matrix" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "matrix" namespace = kubernetes_namespace.matrix.metadata[0].name
name = "matrix" name = "matrix"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

8
modules/kubernetes/meshcentral/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "meshcentral" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "meshcentral" namespace = kubernetes_namespace.meshcentral.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "meshcentral" { resource "kubernetes_deployment" "meshcentral" {
metadata { metadata {
name = "meshcentral" name = "meshcentral"
namespace = "meshcentral" namespace = kubernetes_namespace.meshcentral.metadata[0].name
labels = { labels = {
app = "meshcentral" app = "meshcentral"
} }
@ -120,7 +120,7 @@ resource "kubernetes_deployment" "meshcentral" {
resource "kubernetes_service" "meshcentral" { resource "kubernetes_service" "meshcentral" {
metadata { metadata {
name = "meshcentral" name = "meshcentral"
namespace = "meshcentral" namespace = kubernetes_namespace.meshcentral.metadata[0].name
labels = { labels = {
"app" = "meshcentral" "app" = "meshcentral"
} }
@ -140,7 +140,7 @@ resource "kubernetes_service" "meshcentral" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "meshcentral" namespace = kubernetes_namespace.meshcentral.metadata[0].name
name = "meshcentral" name = "meshcentral"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
port = 443 port = 443

8
modules/kubernetes/metrics-server/main.tf
View file

@ -11,14 +11,12 @@ resource "kubernetes_namespace" "metrics-server" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "metrics-server" namespace = kubernetes_namespace.metrics-server.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
depends_on = [kubernetes_namespace.metrics-server]
} }
resource "helm_release" "metrics-server" { resource "helm_release" "metrics-server" {
namespace = "metrics-server" namespace = kubernetes_namespace.metrics-server.metadata[0].name
create_namespace = false create_namespace = false
name = "metrics-server" name = "metrics-server"
atomic = true atomic = true
@ -27,6 +25,4 @@ resource "helm_release" "metrics-server" {
chart = "metrics-server" chart = "metrics-server"
values = [templatefile("${path.module}/values.yaml", {})] values = [templatefile("${path.module}/values.yaml", {})]
depends_on = [kubernetes_namespace.metrics-server]
} }

4
modules/kubernetes/monitoring/grafana.tf
View file

@ -43,7 +43,7 @@ resource "kubernetes_persistent_volume" "alertmanager_pv" {
# resource "kubernetes_persistent_volume_claim" "grafana_pvc" { # resource "kubernetes_persistent_volume_claim" "grafana_pvc" {
# metadata { # metadata {
# name = "grafana-pvc" # name = "grafana-pvc"
# namespace = "monitoring" # namespace = kubernetes_namespace.monitoring.metadata[0].name
# } # }
# spec { # spec {
# access_modes = ["ReadWriteOnce"] # access_modes = ["ReadWriteOnce"]
@ -56,7 +56,7 @@ resource "kubernetes_persistent_volume" "alertmanager_pv" {
# } # }
resource "helm_release" "grafana" { resource "helm_release" "grafana" {
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
create_namespace = true create_namespace = true
name = "grafana" name = "grafana"
atomic = true atomic = true

8
modules/kubernetes/monitoring/idrac.tf
View file

@ -2,7 +2,7 @@
resource "kubernetes_config_map" "redfish-config" { resource "kubernetes_config_map" "redfish-config" {
metadata { metadata {
name = "redfish-exporter-config" name = "redfish-exporter-config"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
annotations = { annotations = {
"reloader.stakater.com/match" = "true" "reloader.stakater.com/match" = "true"
@ -28,7 +28,7 @@ resource "kubernetes_config_map" "redfish-config" {
resource "kubernetes_deployment" "idrac-redfish" { resource "kubernetes_deployment" "idrac-redfish" {
metadata { metadata {
name = "idrac-redfish-exporter" name = "idrac-redfish-exporter"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
labels = { labels = {
app = "idrac-redfish-exporter" app = "idrac-redfish-exporter"
} }
@ -78,7 +78,7 @@ resource "kubernetes_deployment" "idrac-redfish" {
resource "kubernetes_service" "idrac-redfish-exporter" { resource "kubernetes_service" "idrac-redfish-exporter" {
metadata { metadata {
name = "idrac-redfish-exporter" name = "idrac-redfish-exporter"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
labels = { labels = {
"app" = "idrac-redfish-exporter" "app" = "idrac-redfish-exporter"
} }
@ -103,7 +103,7 @@ resource "kubernetes_service" "idrac-redfish-exporter" {
module "idrac-redfish-exporter-ingress" { module "idrac-redfish-exporter-ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
name = "idrac-redfish-exporter" name = "idrac-redfish-exporter"
root_domain = "viktorbarzin.lan" root_domain = "viktorbarzin.lan"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

6
modules/kubernetes/monitoring/loki.tf
View file

@ -1,5 +1,5 @@
# resource "helm_release" "loki" { # resource "helm_release" "loki" {
# namespace = "monitoring" # namespace = kubernetes_namespace.monitoring.metadata[0].name
# create_namespace = true # create_namespace = true
# name = "loki" # name = "loki"
@ -54,7 +54,7 @@
# https://grafana.com/docs/alloy/latest/configure/kubernetes/ # https://grafana.com/docs/alloy/latest/configure/kubernetes/
# resource "helm_release" "alloy" { # resource "helm_release" "alloy" {
# namespace = "monitoring" # namespace = kubernetes_namespace.monitoring.metadata[0].name
# create_namespace = true # create_namespace = true
# name = "alloy" # name = "alloy"
@ -71,7 +71,7 @@
# for n in $(kbn | awk '{print $1}'); do echo $n; s wizard@$n 'sudo sysctl -w fs.inotify.max_user_watches=2099999999; sudo sysctl -w fs.inotify.max_user_instances=2099999999;sudo sysctl -w fs.inotify.max_queued_events=2099999999'; done # for n in $(kbn | awk '{print $1}'); do echo $n; s wizard@$n 'sudo sysctl -w fs.inotify.max_user_watches=2099999999; sudo sysctl -w fs.inotify.max_user_instances=2099999999;sudo sysctl -w fs.inotify.max_queued_events=2099999999'; done
# resource "helm_release" "k8s-monitoring" { # resource "helm_release" "k8s-monitoring" {
# namespace = "monitoring" # namespace = kubernetes_namespace.monitoring.metadata[0].name
# create_namespace = true # create_namespace = true
# name = "k8s-monitoring" # name = "k8s-monitoring"

17
modules/kubernetes/monitoring/main.tf
View file

@ -15,14 +15,23 @@ variable "haos_api_token" { type = string }
variable "pve_password" { type = string } variable "pve_password" { type = string }
variable "grafana_db_password" { type = string } variable "grafana_db_password" { type = string }
resource "kubernetes_namespace" "monitoring" {
metadata {
name = "monitoring"
labels = {
"istio-injection" : "disabled"
}
}
}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
# Terraform get angry with the 30k values file :/ use ansible until solved # Terraform get angry with the 30k values file :/ use ansible until solved
# resource "helm_release" "ups_prometheus_snmp_exporter" { # resource "helm_release" "ups_prometheus_snmp_exporter" {
# namespace = "monitoring" # namespace = kubernetes_namespace.monitoring.metadata[0].name
# create_namespace = true # create_namespace = true
# name = "ups_prometheus_exporter" # name = "ups_prometheus_exporter"
@ -67,7 +76,7 @@ resource "kubernetes_cron_job_v1" "monitor_prom" {
resource "kubernetes_ingress_v1" "status" { resource "kubernetes_ingress_v1" "status" {
metadata { metadata {
name = "hetrix-redirect-ingress" name = "hetrix-redirect-ingress"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/permanent-redirect" = "https://hetrixtools.com/r/38981b548b5d38b052aca8d01285a3f3/" "nginx.ingress.kubernetes.io/permanent-redirect" = "https://hetrixtools.com/r/38981b548b5d38b052aca8d01285a3f3/"
@ -101,7 +110,7 @@ resource "kubernetes_ingress_v1" "status" {
resource "kubernetes_ingress_v1" "status_yotovski" { resource "kubernetes_ingress_v1" "status_yotovski" {
metadata { metadata {
name = "hetrix-yotovski-redirect-ingress" name = "hetrix-yotovski-redirect-ingress"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/permanent-redirect" = "https://hetrixtools.com/r/2ba9d7a5e017794db0fd91f0115a8b3b/" "nginx.ingress.kubernetes.io/permanent-redirect" = "https://hetrixtools.com/r/2ba9d7a5e017794db0fd91f0115a8b3b/"

4
modules/kubernetes/monitoring/prometheus.tf
View file

@ -2,7 +2,7 @@
resource "kubernetes_persistent_volume_claim" "prometheus_server_pvc" { resource "kubernetes_persistent_volume_claim" "prometheus_server_pvc" {
metadata { metadata {
name = "prometheus-iscsi-pvc" name = "prometheus-iscsi-pvc"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
} }
spec { spec {
@ -45,7 +45,7 @@ resource "kubernetes_persistent_volume" "prometheus_server_pvc" {
} }
resource "helm_release" "prometheus" { resource "helm_release" "prometheus" {
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
create_namespace = true create_namespace = true
name = "prometheus" name = "prometheus"

6
modules/kubernetes/monitoring/pve_exporter.tf
View file

@ -2,7 +2,7 @@
resource "kubernetes_secret" "pve_exporter_config" { resource "kubernetes_secret" "pve_exporter_config" {
metadata { metadata {
name = "pve-exporter-config" name = "pve-exporter-config"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
} }
data = { data = {
@ -19,7 +19,7 @@ resource "kubernetes_secret" "pve_exporter_config" {
resource "kubernetes_deployment" "pve_exporter" { resource "kubernetes_deployment" "pve_exporter" {
metadata { metadata {
name = "proxmox-exporter" name = "proxmox-exporter"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
} }
spec { spec {
@ -72,7 +72,7 @@ resource "kubernetes_deployment" "pve_exporter" {
resource "kubernetes_service" "proxmox-exporter" { resource "kubernetes_service" "proxmox-exporter" {
metadata { metadata {
name = "proxmox-exporter" name = "proxmox-exporter"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
labels = { labels = {
"app" = "proxmox-exporter" "app" = "proxmox-exporter"
} }

8
modules/kubernetes/monitoring/snmp_exporter.tf
View file

@ -12,7 +12,7 @@ https://sbcode.net/prometheus/snmp-generate-huawei/
resource "kubernetes_config_map" "snmp-exporter-yaml" { resource "kubernetes_config_map" "snmp-exporter-yaml" {
metadata { metadata {
name = "snmp-exporter-yaml" name = "snmp-exporter-yaml"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
annotations = { annotations = {
"reloader.stakater.com/match" = "true" "reloader.stakater.com/match" = "true"
@ -27,7 +27,7 @@ resource "kubernetes_config_map" "snmp-exporter-yaml" {
resource "kubernetes_deployment" "snmp-exporter" { resource "kubernetes_deployment" "snmp-exporter" {
metadata { metadata {
name = "snmp-exporter" name = "snmp-exporter"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
labels = { labels = {
app = "snmp-exporter" app = "snmp-exporter"
} }
@ -77,7 +77,7 @@ resource "kubernetes_deployment" "snmp-exporter" {
resource "kubernetes_service" "snmp-exporter" { resource "kubernetes_service" "snmp-exporter" {
metadata { metadata {
name = "snmp-exporter" name = "snmp-exporter"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
labels = { labels = {
"app" = "snmp-exporter" "app" = "snmp-exporter"
} }
@ -102,7 +102,7 @@ resource "kubernetes_service" "snmp-exporter" {
module "snmp-exporter-ingress" { module "snmp-exporter-ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "monitoring" namespace = kubernetes_namespace.monitoring.metadata[0].name
name = "snmp-exporter" name = "snmp-exporter"
root_domain = "viktorbarzin.lan" root_domain = "viktorbarzin.lan"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

10
modules/kubernetes/n8n/main.tf
View file

@ -3,11 +3,11 @@ variable "postgresql_password" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "n8n" namespace = kubernetes_namespace.n8n.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_namespace" "immich" { resource "kubernetes_namespace" "n8n" {
metadata { metadata {
name = "n8n" name = "n8n"
} }
@ -16,7 +16,7 @@ resource "kubernetes_namespace" "immich" {
resource "kubernetes_deployment" "n8n" { resource "kubernetes_deployment" "n8n" {
metadata { metadata {
name = "n8n" name = "n8n"
namespace = "n8n" namespace = kubernetes_namespace.n8n.metadata[0].name
labels = { labels = {
app = "n8n" app = "n8n"
} }
@ -112,7 +112,7 @@ resource "kubernetes_deployment" "n8n" {
resource "kubernetes_service" "n8n" { resource "kubernetes_service" "n8n" {
metadata { metadata {
name = "n8n" name = "n8n"
namespace = "n8n" namespace = kubernetes_namespace.n8n.metadata[0].name
labels = { labels = {
"app" = "n8n" "app" = "n8n"
} }
@ -130,7 +130,7 @@ resource "kubernetes_service" "n8n" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "n8n" namespace = kubernetes_namespace.n8n.metadata[0].name
name = "n8n" name = "n8n"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
extra_annotations = { extra_annotations = {

8
modules/kubernetes/navidrome/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "navidrome" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "navidrome" namespace = kubernetes_namespace.navidrome.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "navidrome" { resource "kubernetes_deployment" "navidrome" {
metadata { metadata {
name = "navidrome" name = "navidrome"
namespace = "navidrome" namespace = kubernetes_namespace.navidrome.metadata[0].name
labels = { labels = {
app = "navidrome" app = "navidrome"
"kubernetes.io/cluster-service" = "true" "kubernetes.io/cluster-service" = "true"
@ -94,7 +94,7 @@ resource "kubernetes_deployment" "navidrome" {
resource "kubernetes_service" "navidrome" { resource "kubernetes_service" "navidrome" {
metadata { metadata {
name = "navidrome" name = "navidrome"
namespace = "navidrome" namespace = kubernetes_namespace.navidrome.metadata[0].name
labels = { labels = {
"app" = "navidrome" "app" = "navidrome"
} }
@ -112,7 +112,7 @@ resource "kubernetes_service" "navidrome" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "navidrome" namespace = kubernetes_namespace.navidrome.metadata[0].name
name = "navidrome" name = "navidrome"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
rybbit_site_id = "8a3844ff75ba" rybbit_site_id = "8a3844ff75ba"

8
modules/kubernetes/netbox/main.tf
View file

@ -8,14 +8,14 @@ resource "kubernetes_namespace" "netbox" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "netbox" namespace = kubernetes_namespace.netbox.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "netbox" { resource "kubernetes_deployment" "netbox" {
metadata { metadata {
name = "netbox" name = "netbox"
namespace = "netbox" namespace = kubernetes_namespace.netbox.metadata[0].name
labels = { labels = {
app = "netbox" app = "netbox"
} }
@ -118,7 +118,7 @@ resource "kubernetes_deployment" "netbox" {
resource "kubernetes_service" "netbox" { resource "kubernetes_service" "netbox" {
metadata { metadata {
name = "netbox" name = "netbox"
namespace = "netbox" namespace = kubernetes_namespace.netbox.metadata[0].name
labels = { labels = {
"app" = "netbox" "app" = "netbox"
} }
@ -138,7 +138,7 @@ resource "kubernetes_service" "netbox" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "netbox" namespace = kubernetes_namespace.netbox.metadata[0].name
name = "netbox" name = "netbox"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true protected = true

8
modules/kubernetes/networking-toolbox/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "networking-toolbox" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "networking-toolbox" namespace = kubernetes_namespace.networking-toolbox.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "networking-toolbox" { resource "kubernetes_deployment" "networking-toolbox" {
metadata { metadata {
name = "networking-toolbox" name = "networking-toolbox"
namespace = "networking-toolbox" namespace = kubernetes_namespace.networking-toolbox.metadata[0].name
labels = { labels = {
app = "networking-toolbox" app = "networking-toolbox"
} }
@ -52,7 +52,7 @@ resource "kubernetes_deployment" "networking-toolbox" {
resource "kubernetes_service" "networking-toolbox" { resource "kubernetes_service" "networking-toolbox" {
metadata { metadata {
name = "networking-toolbox" name = "networking-toolbox"
namespace = "networking-toolbox" namespace = kubernetes_namespace.networking-toolbox.metadata[0].name
labels = { labels = {
"app" = "networking-toolbox" "app" = "networking-toolbox"
} }
@ -72,7 +72,7 @@ resource "kubernetes_service" "networking-toolbox" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "networking-toolbox" namespace = kubernetes_namespace.networking-toolbox.metadata[0].name
name = "networking-toolbox" name = "networking-toolbox"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true protected = true

16
modules/kubernetes/nextcloud/main.tf
View file

@ -3,7 +3,7 @@ variable "db_password" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -17,7 +17,7 @@ resource "kubernetes_namespace" "nextcloud" {
} }
resource "helm_release" "nextcloud" { resource "helm_release" "nextcloud" {
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
name = "nextcloud" name = "nextcloud"
repository = "https://nextcloud.github.io/helm/" repository = "https://nextcloud.github.io/helm/"
@ -32,7 +32,7 @@ resource "helm_release" "nextcloud" {
# resource "kubernetes_config_map" "config" { # resource "kubernetes_config_map" "config" {
# metadata { # metadata {
# name = "config" # name = "config"
# namespace = "nextcloud" # namespace = kubernetes_namespace.nextcloud.metadata[0].name
# annotations = { # annotations = {
# "reloader.stakater.com/match" = "true" # "reloader.stakater.com/match" = "true"
@ -47,7 +47,7 @@ resource "helm_release" "nextcloud" {
resource "kubernetes_deployment" "whiteboard" { resource "kubernetes_deployment" "whiteboard" {
metadata { metadata {
name = "whiteboard" name = "whiteboard"
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
labels = { labels = {
app = "whiteboard" app = "whiteboard"
} }
@ -93,7 +93,7 @@ resource "kubernetes_deployment" "whiteboard" {
resource "kubernetes_service" "whiteboard" { resource "kubernetes_service" "whiteboard" {
metadata { metadata {
name = "whiteboard" name = "whiteboard"
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
labels = { labels = {
app = "whiteboard" app = "whiteboard"
} }
@ -132,7 +132,7 @@ resource "kubernetes_persistent_volume" "nextcloud-data-pv" {
resource "kubernetes_persistent_volume_claim" "nextcloud-data-pvc" { resource "kubernetes_persistent_volume_claim" "nextcloud-data-pvc" {
metadata { metadata {
name = "nextcloud-data-pvc" name = "nextcloud-data-pvc"
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
} }
spec { spec {
access_modes = ["ReadWriteOnce"] access_modes = ["ReadWriteOnce"]
@ -147,7 +147,7 @@ resource "kubernetes_persistent_volume_claim" "nextcloud-data-pvc" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
name = "nextcloud" name = "nextcloud"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
port = 8080 port = 8080
@ -162,7 +162,7 @@ module "ingress" {
module "whiteboard_ingress" { module "whiteboard_ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "nextcloud" namespace = kubernetes_namespace.nextcloud.metadata[0].name
name = "whiteboard" name = "whiteboard"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
port = 80 port = 80

8
modules/kubernetes/ntfy/main.tf
View file

@ -7,14 +7,14 @@ resource "kubernetes_namespace" "ntfy" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "ntfy" namespace = kubernetes_namespace.ntfy.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "ntfy" { resource "kubernetes_deployment" "ntfy" {
metadata { metadata {
name = "ntfy" name = "ntfy"
namespace = "ntfy" namespace = kubernetes_namespace.ntfy.metadata[0].name
labels = { labels = {
app = "ntfy" app = "ntfy"
} }
@ -96,7 +96,7 @@ resource "kubernetes_deployment" "ntfy" {
resource "kubernetes_service" "ntfy" { resource "kubernetes_service" "ntfy" {
metadata { metadata {
name = "ntfy" name = "ntfy"
namespace = "ntfy" namespace = kubernetes_namespace.ntfy.metadata[0].name
labels = { labels = {
"app" = "ntfy" "app" = "ntfy"
} }
@ -121,7 +121,7 @@ resource "kubernetes_service" "ntfy" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "ntfy" namespace = kubernetes_namespace.ntfy.metadata[0].name
name = "ntfy" name = "ntfy"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

14
modules/kubernetes/nvidia/main.tf
View file

@ -2,7 +2,7 @@ variable "tls_secret_name" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "nvidia" namespace = kubernetes_namespace.nvidia.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -21,7 +21,7 @@ resource "kubernetes_namespace" "nvidia" {
resource "kubernetes_config_map" "time_slicing_config" { resource "kubernetes_config_map" "time_slicing_config" {
metadata { metadata {
name = "time-slicing-config" name = "time-slicing-config"
namespace = "nvidia" namespace = kubernetes_namespace.nvidia.metadata[0].name
} }
data = { data = {
@ -41,7 +41,7 @@ resource "kubernetes_config_map" "time_slicing_config" {
} }
resource "helm_release" "nvidia-gpu-operator" { resource "helm_release" "nvidia-gpu-operator" {
namespace = "nvidia" namespace = kubernetes_namespace.nvidia.metadata[0].name
name = "nvidia-gpu-operator" name = "nvidia-gpu-operator"
repository = "https://helm.ngc.nvidia.com/nvidia" repository = "https://helm.ngc.nvidia.com/nvidia"
@ -57,7 +57,7 @@ resource "helm_release" "nvidia-gpu-operator" {
resource "kubernetes_deployment" "nvidia-exporter" { resource "kubernetes_deployment" "nvidia-exporter" {
metadata { metadata {
name = "nvidia-exporter" name = "nvidia-exporter"
namespace = "nvidia" namespace = kubernetes_namespace.nvidia.metadata[0].name
labels = { labels = {
app = "nvidia-exporter" app = "nvidia-exporter"
} }
@ -106,7 +106,7 @@ resource "kubernetes_deployment" "nvidia-exporter" {
resource "kubernetes_service" "nvidia-exporter" { resource "kubernetes_service" "nvidia-exporter" {
metadata { metadata {
name = "nvidia-exporter" name = "nvidia-exporter"
namespace = "nvidia" namespace = kubernetes_namespace.nvidia.metadata[0].name
labels = { labels = {
"app" = "nvidia-exporter" "app" = "nvidia-exporter"
} }
@ -127,7 +127,7 @@ resource "kubernetes_service" "nvidia-exporter" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "nvidia" namespace = kubernetes_namespace.nvidia.metadata[0].name
name = "nvidia-exporter" name = "nvidia-exporter"
root_domain = "viktorbarzin.lan" root_domain = "viktorbarzin.lan"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
@ -138,7 +138,7 @@ module "ingress" {
# resource "kubernetes_ingress_v1" "nvidia-exporter" { # resource "kubernetes_ingress_v1" "nvidia-exporter" {
# metadata { # metadata {
# name = "nvidia-exporter" # name = "nvidia-exporter"
# namespace = "nvidia" # namespace = kubernetes_namespace.nvidia.metadata[0].name
# annotations = { # annotations = {
# "kubernetes.io/ingress.class" = "nginx" # "kubernetes.io/ingress.class" = "nginx"
# "nginx.ingress.kubernetes.io/whitelist-source-range" : "192.168.1.0/24, 10.0.0.0/8" # "nginx.ingress.kubernetes.io/whitelist-source-range" : "192.168.1.0/24, 10.0.0.0/8"

18
modules/kubernetes/ollama/main.tf
View file

@ -8,13 +8,13 @@ resource "kubernetes_namespace" "ollama" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_persistent_volume_claim" "ollama-pvc" { resource "kubernetes_persistent_volume_claim" "ollama-pvc" {
metadata { metadata {
name = "ollama-pvc" name = "ollama-pvc"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
} }
spec { spec {
@ -47,7 +47,7 @@ resource "kubernetes_persistent_volume" "ollama-pv" {
} }
# resource "helm_release" "ollama" { # resource "helm_release" "ollama" {
# namespace = "ollama" # namespace = kubernetes_namespace.ollama.metadata[0].name
# name = "ollama" # name = "ollama"
# repository = "https://otwld.github.io/ollama-helm/" # repository = "https://otwld.github.io/ollama-helm/"
@ -62,7 +62,7 @@ resource "kubernetes_persistent_volume" "ollama-pv" {
resource "kubernetes_deployment" "ollama" { resource "kubernetes_deployment" "ollama" {
metadata { metadata {
name = "ollama" name = "ollama"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
labels = { labels = {
app = "ollama" app = "ollama"
} }
@ -126,7 +126,7 @@ resource "kubernetes_deployment" "ollama" {
resource "kubernetes_service" "ollama" { resource "kubernetes_service" "ollama" {
metadata { metadata {
name = "ollama" name = "ollama"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
labels = { labels = {
app = "ollama" app = "ollama"
} }
@ -146,7 +146,7 @@ resource "kubernetes_service" "ollama" {
# Allow ollama to be connected to from external apps # Allow ollama to be connected to from external apps
module "ollama-ingress" { module "ollama-ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
name = "ollama-server" name = "ollama-server"
service_name = "ollama" service_name = "ollama"
root_domain = "viktorbarzin.lan" root_domain = "viktorbarzin.lan"
@ -160,7 +160,7 @@ module "ollama-ingress" {
resource "kubernetes_deployment" "ollama-ui" { resource "kubernetes_deployment" "ollama-ui" {
metadata { metadata {
name = "ollama-ui" name = "ollama-ui"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
labels = { labels = {
app = "ollama-ui" app = "ollama-ui"
} }
@ -211,7 +211,7 @@ resource "kubernetes_deployment" "ollama-ui" {
resource "kubernetes_service" "ollama-ui" { resource "kubernetes_service" "ollama-ui" {
metadata { metadata {
name = "ollama-ui" name = "ollama-ui"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
labels = { labels = {
app = "dashy" app = "dashy"
} }
@ -231,7 +231,7 @@ resource "kubernetes_service" "ollama-ui" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "ollama" namespace = kubernetes_namespace.ollama.metadata[0].name
name = "ollama" name = "ollama"
service_name = "ollama-ui" service_name = "ollama-ui"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

8
modules/kubernetes/onlyoffice/main.tf
View file

@ -13,14 +13,14 @@ resource "kubernetes_namespace" "onlyoffice" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "onlyoffice" namespace = kubernetes_namespace.onlyoffice.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "onlyoffice-document-server" { resource "kubernetes_deployment" "onlyoffice-document-server" {
metadata { metadata {
name = "onlyoffice-document-server" name = "onlyoffice-document-server"
namespace = "onlyoffice" namespace = kubernetes_namespace.onlyoffice.metadata[0].name
labels = { labels = {
app = "onlyoffice-document-server" app = "onlyoffice-document-server"
} }
@ -104,7 +104,7 @@ resource "kubernetes_deployment" "onlyoffice-document-server" {
resource "kubernetes_service" "onlyoffice" { resource "kubernetes_service" "onlyoffice" {
metadata { metadata {
name = "onlyoffice-document-server" name = "onlyoffice-document-server"
namespace = "onlyoffice" namespace = kubernetes_namespace.onlyoffice.metadata[0].name
labels = { labels = {
"app" = "onlyoffice-document-server" "app" = "onlyoffice-document-server"
} }
@ -121,7 +121,7 @@ resource "kubernetes_service" "onlyoffice" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "onlyoffice" namespace = kubernetes_namespace.onlyoffice.metadata[0].name
name = "onlyoffice" name = "onlyoffice"
service_name = "onlyoffice-document-server" service_name = "onlyoffice-document-server"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

10
modules/kubernetes/owntracks/main.tf
View file

@ -17,7 +17,7 @@ resource "kubernetes_namespace" "owntracks" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "owntracks" namespace = kubernetes_namespace.owntracks.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -29,7 +29,7 @@ locals {
resource "kubernetes_secret" "basic_auth" { resource "kubernetes_secret" "basic_auth" {
metadata { metadata {
name = "basic-auth-secret" name = "basic-auth-secret"
namespace = "owntracks" namespace = kubernetes_namespace.owntracks.metadata[0].name
} }
data = { data = {
@ -45,7 +45,7 @@ resource "kubernetes_secret" "basic_auth" {
resource "kubernetes_deployment" "owntracks" { resource "kubernetes_deployment" "owntracks" {
metadata { metadata {
name = "owntracks" name = "owntracks"
namespace = "owntracks" namespace = kubernetes_namespace.owntracks.metadata[0].name
labels = { labels = {
app = "owntracks" app = "owntracks"
} }
@ -112,7 +112,7 @@ resource "kubernetes_deployment" "owntracks" {
resource "kubernetes_service" "owntracks" { resource "kubernetes_service" "owntracks" {
metadata { metadata {
name = "owntracks" name = "owntracks"
namespace = "owntracks" namespace = kubernetes_namespace.owntracks.metadata[0].name
labels = { labels = {
"app" = "owntracks" "app" = "owntracks"
} }
@ -133,7 +133,7 @@ resource "kubernetes_service" "owntracks" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "owntracks" namespace = kubernetes_namespace.owntracks.metadata[0].name
name = "owntracks" name = "owntracks"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
port = 443 port = 443

8
modules/kubernetes/paperless-ngx/main.tf
View file

@ -15,7 +15,7 @@ resource "kubernetes_namespace" "paperless-ngx" {
} }
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "paperless-ngx" namespace = kubernetes_namespace.paperless-ngx.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -23,7 +23,7 @@ module "tls_secret" {
resource "kubernetes_deployment" "paperless-ngx" { resource "kubernetes_deployment" "paperless-ngx" {
metadata { metadata {
name = "paperless-ngx" name = "paperless-ngx"
namespace = "paperless-ngx" namespace = kubernetes_namespace.paperless-ngx.metadata[0].name
labels = { labels = {
app = "paperless-ngx" app = "paperless-ngx"
} }
@ -124,7 +124,7 @@ resource "kubernetes_deployment" "paperless-ngx" {
resource "kubernetes_service" "paperless-ngx" { resource "kubernetes_service" "paperless-ngx" {
metadata { metadata {
name = "paperless-ngx" name = "paperless-ngx"
namespace = "paperless-ngx" namespace = kubernetes_namespace.paperless-ngx.metadata[0].name
labels = { labels = {
"app" = "paperless-ngx" "app" = "paperless-ngx"
} }
@ -145,7 +145,7 @@ resource "kubernetes_service" "paperless-ngx" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "paperless-ngx" namespace = kubernetes_namespace.paperless-ngx.metadata[0].name
name = "paperless-ngx" name = "paperless-ngx"
service_name = "paperless-ngx" service_name = "paperless-ngx"
host = "pdf" host = "pdf"

12
modules/kubernetes/pihole/main.tf
View file

@ -9,7 +9,7 @@ resource "kubernetes_namespace" "pihole" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "pihole" namespace = kubernetes_namespace.pihole.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -17,7 +17,7 @@ module "tls_secret" {
resource "kubernetes_config_map" "external_conf" { resource "kubernetes_config_map" "external_conf" {
metadata { metadata {
name = "external-conf" name = "external-conf"
namespace = "pihole" namespace = kubernetes_namespace.pihole.metadata[0].name
labels = { labels = {
app = "pihole" app = "pihole"
@ -31,7 +31,7 @@ resource "kubernetes_config_map" "external_conf" {
resource "kubernetes_deployment" "pihole" { resource "kubernetes_deployment" "pihole" {
metadata { metadata {
name = "pihole" name = "pihole"
namespace = "pihole" namespace = kubernetes_namespace.pihole.metadata[0].name
labels = { labels = {
app = "pihole" app = "pihole"
} }
@ -118,7 +118,7 @@ resource "kubernetes_deployment" "pihole" {
resource "kubernetes_service" "pihole-dns" { resource "kubernetes_service" "pihole-dns" {
metadata { metadata {
name = "pihole-dns" name = "pihole-dns"
namespace = "pihole" namespace = kubernetes_namespace.pihole.metadata[0].name
labels = { labels = {
"app" = "pihole" "app" = "pihole"
} }
@ -144,7 +144,7 @@ resource "kubernetes_service" "pihole-dns" {
resource "kubernetes_service" "pihole-web" { resource "kubernetes_service" "pihole-web" {
metadata { metadata {
name = "pihole-web" name = "pihole-web"
namespace = "pihole" namespace = kubernetes_namespace.pihole.metadata[0].name
labels = { labels = {
"app" = "pihole" "app" = "pihole"
} }
@ -167,7 +167,7 @@ resource "kubernetes_service" "pihole-web" {
resource "kubernetes_ingress_v1" "pihole" { resource "kubernetes_ingress_v1" "pihole" {
metadata { metadata {
name = "pihole-ingress" name = "pihole-ingress"
namespace = "pihole" namespace = kubernetes_namespace.pihole.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on" "nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on"

8
modules/kubernetes/privatebin/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "privatebin" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "privatebin" namespace = kubernetes_namespace.privatebin.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "privatebin" { resource "kubernetes_deployment" "privatebin" {
metadata { metadata {
name = "privatebin" name = "privatebin"
namespace = "privatebin" namespace = kubernetes_namespace.privatebin.metadata[0].name
labels = { labels = {
app = "privatebin" app = "privatebin"
"kubernetes.io/cluster-service" = "true" "kubernetes.io/cluster-service" = "true"
@ -71,7 +71,7 @@ resource "kubernetes_deployment" "privatebin" {
resource "kubernetes_service" "privatebin" { resource "kubernetes_service" "privatebin" {
metadata { metadata {
name = "privatebin" name = "privatebin"
namespace = "privatebin" namespace = kubernetes_namespace.privatebin.metadata[0].name
labels = { labels = {
"app" = "privatebin" "app" = "privatebin"
} }
@ -90,7 +90,7 @@ resource "kubernetes_service" "privatebin" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "privatebin" namespace = kubernetes_namespace.privatebin.metadata[0].name
name = "privatebin" name = "privatebin"
host = "pb" host = "pb"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

18
modules/kubernetes/real-estate-crawler/main.tf
View file

@ -17,14 +17,14 @@ resource "kubernetes_namespace" "realestate-crawler" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "realestate-crawler-ui" { resource "kubernetes_deployment" "realestate-crawler-ui" {
metadata { metadata {
name = "realestate-crawler-ui" name = "realestate-crawler-ui"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
labels = { labels = {
app = "realestate-crawler-ui" app = "realestate-crawler-ui"
} }
@ -68,7 +68,7 @@ resource "kubernetes_deployment" "realestate-crawler-ui" {
resource "kubernetes_service" "realestate-crawler-ui" { resource "kubernetes_service" "realestate-crawler-ui" {
metadata { metadata {
name = "realestate-crawler-ui" name = "realestate-crawler-ui"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
labels = { labels = {
"app" = "realestate-crawler-ui" "app" = "realestate-crawler-ui"
} }
@ -85,7 +85,7 @@ resource "kubernetes_service" "realestate-crawler-ui" {
} }
# module "ingress" { # module "ingress" {
# source = "../ingress_factory" # source = "../ingress_factory"
# namespace = "realestate-crawler" # namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
# name = "wrongmove" # name = "wrongmove"
# service_name = "realestate-crawler-ui" # service_name = "realestate-crawler-ui"
# tls_secret_name = var.tls_secret_name # tls_secret_name = var.tls_secret_name
@ -95,7 +95,7 @@ resource "kubernetes_service" "realestate-crawler-ui" {
resource "kubernetes_deployment" "realestate-crawler-api" { resource "kubernetes_deployment" "realestate-crawler-api" {
metadata { metadata {
name = "realestate-crawler-api" name = "realestate-crawler-api"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
labels = { labels = {
app = "realestate-crawler-api" app = "realestate-crawler-api"
} }
@ -179,7 +179,7 @@ resource "kubernetes_deployment" "realestate-crawler-api" {
resource "kubernetes_service" "realestate-crawler-api" { resource "kubernetes_service" "realestate-crawler-api" {
metadata { metadata {
name = "realestate-crawler-api" name = "realestate-crawler-api"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
labels = { labels = {
"app" = "realestate-crawler-api" "app" = "realestate-crawler-api"
} }
@ -197,7 +197,7 @@ resource "kubernetes_service" "realestate-crawler-api" {
} }
# module "ingress-api" { # module "ingress-api" {
# source = "../ingress_factory" # source = "../ingress_factory"
# namespace = "realestate-crawler" # namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
# name = "wrongmove-api" # name = "wrongmove-api"
# service_name = "realestate-crawler-api" # service_name = "realestate-crawler-api"
# tls_secret_name = var.tls_secret_name # tls_secret_name = var.tls_secret_name
@ -206,7 +206,7 @@ resource "kubernetes_service" "realestate-crawler-api" {
resource "kubernetes_ingress_v1" "proxied-ingress" { resource "kubernetes_ingress_v1" "proxied-ingress" {
metadata { metadata {
name = "realestate-crawler" name = "realestate-crawler"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/backend-protocol" = "http" "nginx.ingress.kubernetes.io/backend-protocol" = "http"
@ -278,7 +278,7 @@ resource "kubernetes_ingress_v1" "proxied-ingress" {
resource "kubernetes_cron_job_v1" "scrape-rightmove" { resource "kubernetes_cron_job_v1" "scrape-rightmove" {
metadata { metadata {
name = "scrape-rightmove" name = "scrape-rightmove"
namespace = "realestate-crawler" namespace = kubernetes_namespace.realestate-crawler.metadata[0].name
} }
spec { spec {
concurrency_policy = "Replace" concurrency_policy = "Replace"

8
modules/kubernetes/redis/main.tf
View file

@ -8,14 +8,14 @@ resource "kubernetes_namespace" "redis" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "redis" namespace = kubernetes_namespace.redis.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "redis" { resource "kubernetes_deployment" "redis" {
metadata { metadata {
name = "redis" name = "redis"
namespace = "redis" namespace = kubernetes_namespace.redis.metadata[0].name
labels = { labels = {
app = "redis" app = "redis"
} }
@ -69,7 +69,7 @@ resource "kubernetes_deployment" "redis" {
resource "kubernetes_service" "redis" { resource "kubernetes_service" "redis" {
metadata { metadata {
name = "redis" name = "redis"
namespace = "redis" namespace = kubernetes_namespace.redis.metadata[0].name
labels = { labels = {
app = "redis" app = "redis"
} }
@ -91,7 +91,7 @@ resource "kubernetes_service" "redis" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "redis" namespace = kubernetes_namespace.redis.metadata[0].name
name = "redis" name = "redis"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true protected = true

4
modules/kubernetes/resume/main.tf
View file

@ -4,7 +4,7 @@ variable "redis_url" {}
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "resume" namespace = kubernetes_namespace.resume.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -17,7 +17,7 @@ resource "kubernetes_namespace" "resume" {
resource "kubernetes_deployment" "resume" { resource "kubernetes_deployment" "resume" {
metadata { metadata {
name = "resume" name = "resume"
namespace = "resume" namespace = kubernetes_namespace.resume.metadata[0].name
labels = { labels = {
app = "resume" app = "resume"
} }

16
modules/kubernetes/rybbit/main.tf
View file

@ -10,7 +10,7 @@ resource "kubernetes_namespace" "rybbit" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -27,7 +27,7 @@ locals {
resource "kubernetes_deployment" "clickhouse" { resource "kubernetes_deployment" "clickhouse" {
metadata { metadata {
name = "clickhouse" name = "clickhouse"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
labels = { labels = {
app = "clickhouse" app = "clickhouse"
} }
@ -86,7 +86,7 @@ resource "kubernetes_deployment" "clickhouse" {
resource "kubernetes_service" "clickhouse" { resource "kubernetes_service" "clickhouse" {
metadata { metadata {
name = "clickhouse" name = "clickhouse"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
labels = { labels = {
"app" = "clickhouse" "app" = "clickhouse"
} }
@ -108,7 +108,7 @@ resource "kubernetes_service" "clickhouse" {
resource "kubernetes_deployment" "rybbit" { resource "kubernetes_deployment" "rybbit" {
metadata { metadata {
name = "rybbit" name = "rybbit"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
labels = { labels = {
app = "rybbit" app = "rybbit"
} }
@ -199,7 +199,7 @@ resource "kubernetes_deployment" "rybbit" {
resource "kubernetes_service" "rybbit" { resource "kubernetes_service" "rybbit" {
metadata { metadata {
name = "rybbit" name = "rybbit"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
labels = { labels = {
"app" = "rybbit" "app" = "rybbit"
} }
@ -220,7 +220,7 @@ resource "kubernetes_service" "rybbit" {
resource "kubernetes_deployment" "rybbit-client" { resource "kubernetes_deployment" "rybbit-client" {
metadata { metadata {
name = "rybbit-client" name = "rybbit-client"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
labels = { labels = {
app = "rybbit-client" app = "rybbit-client"
} }
@ -264,7 +264,7 @@ resource "kubernetes_deployment" "rybbit-client" {
resource "kubernetes_service" "rybbit-client" { resource "kubernetes_service" "rybbit-client" {
metadata { metadata {
name = "rybbit-client" name = "rybbit-client"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
labels = { labels = {
"app" = "rybbit-client" "app" = "rybbit-client"
} }
@ -286,7 +286,7 @@ resource "kubernetes_service" "rybbit-client" {
resource "kubernetes_ingress_v1" "rybbit" { resource "kubernetes_ingress_v1" "rybbit" {
metadata { metadata {
name = "rybbit" name = "rybbit"
namespace = "rybbit" namespace = kubernetes_namespace.rybbit.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"

8
modules/kubernetes/send/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "send" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "send" namespace = kubernetes_namespace.send.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "send" { resource "kubernetes_deployment" "send" {
metadata { metadata {
name = "send" name = "send"
namespace = "send" namespace = kubernetes_namespace.send.metadata[0].name
labels = { labels = {
app = "send" app = "send"
} }
@ -90,7 +90,7 @@ resource "kubernetes_deployment" "send" {
resource "kubernetes_service" "send" { resource "kubernetes_service" "send" {
metadata { metadata {
name = "send" name = "send"
namespace = "send" namespace = kubernetes_namespace.send.metadata[0].name
labels = { labels = {
app = "send" app = "send"
} }
@ -108,7 +108,7 @@ resource "kubernetes_service" "send" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "send" namespace = kubernetes_namespace.send.metadata[0].name
name = "send" name = "send"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
port = 1443 port = 1443

2
modules/kubernetes/servarr/main.tf
View file

@ -8,7 +8,7 @@ resource "kubernetes_namespace" "servarr" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "servarr" namespace = kubernetes_namespace.servarr.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

6
modules/kubernetes/shadowsocks/main.tf
View file

@ -3,7 +3,7 @@ variable "method" {
default = "chacha20-ietf-poly1305" default = "chacha20-ietf-poly1305"
} }
resource "kubernetes_namespace" "mailserver" { resource "kubernetes_namespace" "shadowsocks" {
metadata { metadata {
name = "shadowsocks" name = "shadowsocks"
# TLS termination seems iffy - I get pfsense MiTM-ing # TLS termination seems iffy - I get pfsense MiTM-ing
@ -16,7 +16,7 @@ resource "kubernetes_namespace" "mailserver" {
resource "kubernetes_deployment" "shadowsocks" { resource "kubernetes_deployment" "shadowsocks" {
metadata { metadata {
name = "shadowsocks" name = "shadowsocks"
namespace = "shadowsocks" namespace = kubernetes_namespace.shadowsocks.metadata[0].name
labels = { labels = {
"app" = "shadowsocks" "app" = "shadowsocks"
} }
@ -67,7 +67,7 @@ resource "kubernetes_deployment" "shadowsocks" {
resource "kubernetes_service" "mailserver" { resource "kubernetes_service" "mailserver" {
metadata { metadata {
name = "shadowsocks" name = "shadowsocks"
namespace = "shadowsocks" namespace = kubernetes_namespace.shadowsocks.metadata[0].name
labels = { labels = {
app = "shadowsocks" app = "shadowsocks"

8
modules/kubernetes/stirling-pdf/main.tf
View file

@ -11,14 +11,14 @@ resource "kubernetes_namespace" "stirling-pdf" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "stirling-pdf" namespace = kubernetes_namespace.stirling-pdf.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "stirling-pdf" { resource "kubernetes_deployment" "stirling-pdf" {
metadata { metadata {
name = "stirling-pdf" name = "stirling-pdf"
namespace = "stirling-pdf" namespace = kubernetes_namespace.stirling-pdf.metadata[0].name
labels = { labels = {
app = "stirling-pdf" app = "stirling-pdf"
} }
@ -63,7 +63,7 @@ resource "kubernetes_deployment" "stirling-pdf" {
resource "kubernetes_service" "stirling-pdf" { resource "kubernetes_service" "stirling-pdf" {
metadata { metadata {
name = "stirling-pdf" name = "stirling-pdf"
namespace = "stirling-pdf" namespace = kubernetes_namespace.stirling-pdf.metadata[0].name
labels = { labels = {
"app" = "stirling-pdf" "app" = "stirling-pdf"
} }
@ -83,7 +83,7 @@ resource "kubernetes_service" "stirling-pdf" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "stirling-pdf" namespace = kubernetes_namespace.stirling-pdf.metadata[0].name
name = "stirling-pdf" name = "stirling-pdf"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
rybbit_site_id = "a55ac54ec749" rybbit_site_id = "a55ac54ec749"

8
modules/kubernetes/tandoor/main.tf
View file

@ -17,14 +17,14 @@ resource "random_password" "secret_key" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "tandoor" namespace = kubernetes_namespace.tandoor.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "tandoor" { resource "kubernetes_deployment" "tandoor" {
metadata { metadata {
name = "tandoor" name = "tandoor"
namespace = "tandoor" namespace = kubernetes_namespace.tandoor.metadata[0].name
labels = { labels = {
app = "tandoor" app = "tandoor"
} }
@ -144,7 +144,7 @@ resource "kubernetes_deployment" "tandoor" {
resource "kubernetes_service" "tandoor" { resource "kubernetes_service" "tandoor" {
metadata { metadata {
name = "tandoor" name = "tandoor"
namespace = "tandoor" namespace = kubernetes_namespace.tandoor.metadata[0].name
labels = { labels = {
"app" = "tandoor" "app" = "tandoor"
} }
@ -163,7 +163,7 @@ resource "kubernetes_service" "tandoor" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "tandoor" namespace = kubernetes_namespace.tandoor.metadata[0].name
name = "tandoor" name = "tandoor"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }

12
modules/kubernetes/technitium/main.tf
View file

@ -13,7 +13,7 @@ resource "kubernetes_namespace" "technitium" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "technitium" namespace = kubernetes_namespace.technitium.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -21,7 +21,7 @@ resource "kubernetes_deployment" "technitium" {
# resource "kubernetes_daemonset" "technitium" { # resource "kubernetes_daemonset" "technitium" {
metadata { metadata {
name = "technitium" name = "technitium"
namespace = "technitium" namespace = kubernetes_namespace.technitium.metadata[0].name
labels = { labels = {
app = "technitium" app = "technitium"
} }
@ -103,7 +103,7 @@ resource "kubernetes_deployment" "technitium" {
resource "kubernetes_service" "technitium-web" { resource "kubernetes_service" "technitium-web" {
metadata { metadata {
name = "technitium-web" name = "technitium-web"
namespace = "technitium" namespace = kubernetes_namespace.technitium.metadata[0].name
labels = { labels = {
"app" = "technitium" "app" = "technitium"
} }
@ -134,7 +134,7 @@ resource "kubernetes_service" "technitium-web" {
resource "kubernetes_service" "technitium-dns" { resource "kubernetes_service" "technitium-dns" {
metadata { metadata {
name = "technitium-dns" name = "technitium-dns"
namespace = "technitium" namespace = kubernetes_namespace.technitium.metadata[0].name
labels = { labels = {
"app" = "technitium" "app" = "technitium"
} }
@ -162,7 +162,7 @@ resource "kubernetes_service" "technitium-dns" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "technitium" namespace = kubernetes_namespace.technitium.metadata[0].name
name = "technitium" name = "technitium"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
port = 5380 port = 5380
@ -185,7 +185,7 @@ module "ingress" {
module "ingress-doh" { module "ingress-doh" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "technitium" namespace = kubernetes_namespace.technitium.metadata[0].name
name = "technitium-doh" name = "technitium-doh"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
host = "dns" host = "dns"

10
modules/kubernetes/travel_blog/main.tf
View file

@ -11,20 +11,20 @@ resource "kubernetes_namespace" "travel-blog" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "travel-blog" namespace = kubernetes_namespace.travel-blog.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
# module "dockerhub_creds" { # module "dockerhub_creds" {
# source = "../dockerhub_secret" # source = "../dockerhub_secret"
# namespace = "website" # namespace = kubernetes_namespace.travel.metadata[0].name
# password = var.dockerhub_password # password = var.dockerhub_password
# } # }
resource "kubernetes_deployment" "blog" { resource "kubernetes_deployment" "blog" {
metadata { metadata {
name = "travel-blog" name = "travel-blog"
namespace = "travel-blog" namespace = kubernetes_namespace.travel-blog.metadata[0].name
labels = { labels = {
run = "travel-blog" run = "travel-blog"
} }
@ -77,7 +77,7 @@ resource "kubernetes_deployment" "blog" {
resource "kubernetes_service" "travel-blog" { resource "kubernetes_service" "travel-blog" {
metadata { metadata {
name = "travel-blog" name = "travel-blog"
namespace = "travel-blog" namespace = kubernetes_namespace.travel-blog.metadata[0].name
labels = { labels = {
"run" = "travel-blog" "run" = "travel-blog"
} }
@ -107,7 +107,7 @@ resource "kubernetes_service" "travel-blog" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "travel-blog" namespace = kubernetes_namespace.travel-blog.metadata[0].name
name = "travel" name = "travel"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
service_name = "travel-blog" service_name = "travel-blog"

8
modules/kubernetes/tuya-bridge/main.tf
View file

@ -15,14 +15,14 @@ resource "kubernetes_namespace" "tuya-bridge" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "tuya-bridge" namespace = kubernetes_namespace.tuya-bridge.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "tuya-bridge" { resource "kubernetes_deployment" "tuya-bridge" {
metadata { metadata {
name = "tuya-bridge" name = "tuya-bridge"
namespace = "tuya-bridge" namespace = kubernetes_namespace.tuya-bridge.metadata[0].name
labels = { labels = {
app = "tuya-bridge" app = "tuya-bridge"
} }
@ -72,7 +72,7 @@ resource "kubernetes_deployment" "tuya-bridge" {
resource "kubernetes_service" "tuya-bridge" { resource "kubernetes_service" "tuya-bridge" {
metadata { metadata {
name = "tuya-bridge" name = "tuya-bridge"
namespace = "tuya-bridge" namespace = kubernetes_namespace.tuya-bridge.metadata[0].name
labels = { labels = {
"app" = "tuya-bridge" "app" = "tuya-bridge"
} }
@ -92,7 +92,7 @@ resource "kubernetes_service" "tuya-bridge" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "tuya-bridge" namespace = kubernetes_namespace.tuya-bridge.metadata[0].name
name = "tuya-bridge" name = "tuya-bridge"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name

20
modules/kubernetes/uptime-kuma/main.tf
View file

@ -1,11 +1,5 @@
variable "tls_secret_name" {} variable "tls_secret_name" {}
module "tls_secret" {
source = "../setup_tls_secret"
namespace = "uptime-kuma"
tls_secret_name = var.tls_secret_name
}
resource "kubernetes_namespace" "uptime-kuma" { resource "kubernetes_namespace" "uptime-kuma" {
metadata { metadata {
name = "uptime-kuma" name = "uptime-kuma"
@ -15,10 +9,16 @@ resource "kubernetes_namespace" "uptime-kuma" {
} }
} }
module "tls_secret" {
source = "../setup_tls_secret"
namespace = kubernetes_namespace.uptime-kuma.metadata[0].name
tls_secret_name = var.tls_secret_name
}
resource "kubernetes_deployment" "uptime-kuma" { resource "kubernetes_deployment" "uptime-kuma" {
metadata { metadata {
name = "uptime-kuma" name = "uptime-kuma"
namespace = "uptime-kuma" namespace = kubernetes_namespace.uptime-kuma.metadata[0].name
labels = { labels = {
app = "uptime-kuma" app = "uptime-kuma"
} }
@ -73,7 +73,7 @@ resource "kubernetes_deployment" "uptime-kuma" {
resource "kubernetes_service" "uptime-kuma" { resource "kubernetes_service" "uptime-kuma" {
metadata { metadata {
name = "uptime-kuma" name = "uptime-kuma"
namespace = "uptime-kuma" namespace = kubernetes_namespace.uptime-kuma.metadata[0].name
labels = { labels = {
"app" = "uptime-kuma" "app" = "uptime-kuma"
} }
@ -91,7 +91,7 @@ resource "kubernetes_service" "uptime-kuma" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "uptime-kuma" namespace = kubernetes_namespace.uptime-kuma.metadata[0].name
name = "uptime" name = "uptime"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
service_name = "uptime-kuma" service_name = "uptime-kuma"
@ -114,7 +114,7 @@ module "ingress" {
# resource "kubernetes_cron_job_v1" "sqlite-backup" { # resource "kubernetes_cron_job_v1" "sqlite-backup" {
# metadata { # metadata {
# name = "backup" # name = "backup"
# namespace = "uptime-kuma" # namespace = kubernetes_namespace.uptime-kuma.metadata[0].name
# } # }
# spec { # spec {
# concurrency_policy = "Replace" # concurrency_policy = "Replace"

8
modules/kubernetes/vault/main.tf
View file

@ -11,7 +11,7 @@ resource "kubernetes_namespace" "vault" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "vault" namespace = kubernetes_namespace.vault.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -33,8 +33,8 @@ resource "kubernetes_persistent_volume" "vault_data" {
} }
} }
resource "helm_release" "prometheus" { resource "helm_release" "vault" {
namespace = "vault" namespace = kubernetes_namespace.vault.metadata[0].name
create_namespace = true create_namespace = true
name = "vault" name = "vault"
@ -48,7 +48,7 @@ resource "helm_release" "prometheus" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "vault" namespace = kubernetes_namespace.vault.metadata[0].name
name = "vault" name = "vault"
service_name = "vault-ui" service_name = "vault-ui"
port = 8200 port = 8200

8
modules/kubernetes/vaultwarden/main.tf
View file

@ -12,14 +12,14 @@ resource "kubernetes_namespace" "vaultwarden" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "vaultwarden" namespace = kubernetes_namespace.vaultwarden.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "vaultwarden" { resource "kubernetes_deployment" "vaultwarden" {
metadata { metadata {
name = "vaultwarden" name = "vaultwarden"
namespace = "vaultwarden" namespace = kubernetes_namespace.vaultwarden.metadata[0].name
labels = { labels = {
app = "vaultwarden" app = "vaultwarden"
} }
@ -104,7 +104,7 @@ resource "kubernetes_deployment" "vaultwarden" {
resource "kubernetes_service" "vaultwarden" { resource "kubernetes_service" "vaultwarden" {
metadata { metadata {
name = "vaultwarden" name = "vaultwarden"
namespace = "vaultwarden" namespace = kubernetes_namespace.vaultwarden.metadata[0].name
labels = { labels = {
"app" = "vaultwarden" "app" = "vaultwarden"
} }
@ -124,7 +124,7 @@ resource "kubernetes_service" "vaultwarden" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "vaultwarden" namespace = kubernetes_namespace.vaultwarden.metadata[0].name
name = "vaultwarden" name = "vaultwarden"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
rybbit_site_id = "b8fc85e18683" rybbit_site_id = "b8fc85e18683"

10
modules/kubernetes/vikunja/main.tf
View file

@ -8,14 +8,14 @@ resource "kubernetes_namespace" "vikunja" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "vikunja" namespace = kubernetes_namespace.vikunja.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
resource "kubernetes_deployment" "vikunja" { resource "kubernetes_deployment" "vikunja" {
metadata { metadata {
name = "vikunja" name = "vikunja"
namespace = "vikunja" namespace = kubernetes_namespace.vikunja.metadata[0].name
labels = { labels = {
app = "vikunja" app = "vikunja"
} }
@ -154,7 +154,7 @@ resource "kubernetes_deployment" "vikunja" {
resource "kubernetes_service" "vikunja" { resource "kubernetes_service" "vikunja" {
metadata { metadata {
name = "vikunja" name = "vikunja"
namespace = "vikunja" namespace = kubernetes_namespace.vikunja.metadata[0].name
labels = { labels = {
"app" = "vikunja" "app" = "vikunja"
} }
@ -176,7 +176,7 @@ resource "kubernetes_service" "vikunja" {
resource "kubernetes_service" "api" { resource "kubernetes_service" "api" {
metadata { metadata {
name = "api" name = "api"
namespace = "vikunja" namespace = kubernetes_namespace.vikunja.metadata[0].name
labels = { labels = {
"app" = "vikunja" "app" = "vikunja"
} }
@ -198,7 +198,7 @@ resource "kubernetes_service" "api" {
resource "kubernetes_ingress_v1" "vikunja" { resource "kubernetes_ingress_v1" "vikunja" {
metadata { metadata {
name = "vikunja" name = "vikunja"
namespace = "vikunja" namespace = kubernetes_namespace.vikunja.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
} }

8
modules/kubernetes/wealthfolio/main.tf
View file

@ -19,7 +19,7 @@ resource "kubernetes_namespace" "wealthfolio" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "wealthfolio" namespace = kubernetes_namespace.wealthfolio.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -31,7 +31,7 @@ resource "random_string" "random" {
resource "kubernetes_deployment" "wealthfolio" { resource "kubernetes_deployment" "wealthfolio" {
metadata { metadata {
name = "wealthfolio" name = "wealthfolio"
namespace = "wealthfolio" namespace = kubernetes_namespace.wealthfolio.metadata[0].name
labels = { labels = {
app = "wealthfolio" app = "wealthfolio"
} }
@ -100,7 +100,7 @@ resource "kubernetes_deployment" "wealthfolio" {
resource "kubernetes_service" "wealthfolio" { resource "kubernetes_service" "wealthfolio" {
metadata { metadata {
name = "wealthfolio" name = "wealthfolio"
namespace = "wealthfolio" namespace = kubernetes_namespace.wealthfolio.metadata[0].name
labels = { labels = {
"app" = "wealthfolio" "app" = "wealthfolio"
} }
@ -120,7 +120,7 @@ resource "kubernetes_service" "wealthfolio" {
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "wealthfolio" namespace = kubernetes_namespace.wealthfolio.metadata[0].name
name = "wealthfolio" name = "wealthfolio"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
protected = true protected = true

12
modules/kubernetes/webhook_handler/main.tf
View file

@ -16,7 +16,7 @@ resource "kubernetes_namespace" "webhook-handler" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "webhook-handler" namespace = kubernetes_namespace.webhook-handler.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -40,7 +40,7 @@ resource "kubernetes_cluster_role_binding" "update_deployment_binding" {
subject { subject {
kind = "ServiceAccount" kind = "ServiceAccount"
name = "default" name = "default"
namespace = "webhook-handler" namespace = kubernetes_namespace.webhook-handler.metadata[0].name
} }
role_ref { role_ref {
@ -54,7 +54,7 @@ resource "kubernetes_cluster_role_binding" "update_deployment_binding" {
resource "kubernetes_secret" "ssh-key" { resource "kubernetes_secret" "ssh-key" {
metadata { metadata {
name = "ssh-key" name = "ssh-key"
namespace = "webhook-handler" namespace = kubernetes_namespace.webhook-handler.metadata[0].name
annotations = { annotations = {
"reloader.stakater.com/match" = "true" "reloader.stakater.com/match" = "true"
@ -68,7 +68,7 @@ resource "kubernetes_secret" "ssh-key" {
resource "kubernetes_deployment" "webhook_handler" { resource "kubernetes_deployment" "webhook_handler" {
metadata { metadata {
name = "webhook-handler" name = "webhook-handler"
namespace = "webhook-handler" namespace = kubernetes_namespace.webhook-handler.metadata[0].name
labels = { labels = {
app = "webhook-handler" app = "webhook-handler"
} }
@ -170,7 +170,7 @@ resource "kubernetes_deployment" "webhook_handler" {
resource "kubernetes_service" "webhook_handler" { resource "kubernetes_service" "webhook_handler" {
metadata { metadata {
name = "webhook-handler" name = "webhook-handler"
namespace = "webhook-handler" namespace = kubernetes_namespace.webhook-handler.metadata[0].name
labels = { labels = {
"app" = "webhook-handler" "app" = "webhook-handler"
} }
@ -190,7 +190,7 @@ resource "kubernetes_service" "webhook_handler" {
resource "kubernetes_ingress_v1" "webhook_handler" { resource "kubernetes_ingress_v1" "webhook_handler" {
metadata { metadata {
name = "webhook-handler-ingress" name = "webhook-handler-ingress"
namespace = "webhook-handler" namespace = kubernetes_namespace.webhook-handler.metadata[0].name
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
} }

16
modules/kubernetes/xray/main.tf
View file

@ -11,7 +11,7 @@ variable "xray_reality_short_ids" { type = list(string) }
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -24,7 +24,7 @@ resource "kubernetes_namespace" "xray" {
resource "kubernetes_config_map" "xray_config" { resource "kubernetes_config_map" "xray_config" {
metadata { metadata {
name = "xray-config" name = "xray-config"
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
labels = { labels = {
app = "xray" app = "xray"
@ -46,7 +46,7 @@ resource "kubernetes_config_map" "xray_config" {
resource "kubernetes_deployment" "xray" { resource "kubernetes_deployment" "xray" {
metadata { metadata {
name = "xray" name = "xray"
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
labels = { labels = {
app = "xray" app = "xray"
} }
@ -131,7 +131,7 @@ resource "kubernetes_deployment" "xray" {
resource "kubernetes_service" "xray" { resource "kubernetes_service" "xray" {
metadata { metadata {
name = "xray" name = "xray"
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
labels = { labels = {
"app" = "xray" "app" = "xray"
} }
@ -162,7 +162,7 @@ resource "kubernetes_service" "xray" {
resource "kubernetes_service" "xray-reality" { resource "kubernetes_service" "xray-reality" {
metadata { metadata {
name = "xray-reality" name = "xray-reality"
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
labels = { labels = {
"app" = "xray" "app" = "xray"
} }
@ -183,7 +183,7 @@ resource "kubernetes_service" "xray-reality" {
resource "kubernetes_ingress_v1" "ingress" { resource "kubernetes_ingress_v1" "ingress" {
metadata { metadata {
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
name = "xray" name = "xray"
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
@ -219,7 +219,7 @@ resource "kubernetes_ingress_v1" "ingress" {
resource "kubernetes_ingress_v1" "ingress-grpc" { resource "kubernetes_ingress_v1" "ingress-grpc" {
metadata { metadata {
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
name = "xray-grpc" name = "xray-grpc"
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"
@ -257,7 +257,7 @@ resource "kubernetes_ingress_v1" "ingress-grpc" {
resource "kubernetes_ingress_v1" "ingress-vless" { resource "kubernetes_ingress_v1" "ingress-vless" {
metadata { metadata {
namespace = "xray" namespace = kubernetes_namespace.xray.metadata[0].name
name = "xray-vless" name = "xray-vless"
annotations = { annotations = {
"kubernetes.io/ingress.class" = "nginx" "kubernetes.io/ingress.class" = "nginx"

8
modules/kubernetes/youtube_dl/main.tf
View file

@ -11,7 +11,7 @@ resource "kubernetes_namespace" "ytdlp" {
module "tls_secret" { module "tls_secret" {
source = "../setup_tls_secret" source = "../setup_tls_secret"
namespace = "ytdlp" namespace = kubernetes_namespace.ytdlp.metadata[0].name
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
} }
@ -19,7 +19,7 @@ resource "kubernetes_deployment" "ytdlp" {
# resource "kubernetes_daemonset" "technitium" { # resource "kubernetes_daemonset" "technitium" {
metadata { metadata {
name = "ytdlp" name = "ytdlp"
namespace = "ytdlp" namespace = kubernetes_namespace.ytdlp.metadata[0].name
labels = { labels = {
app = "ytdlp" app = "ytdlp"
} }
@ -97,7 +97,7 @@ resource "kubernetes_deployment" "ytdlp" {
resource "kubernetes_service" "ytdlp" { resource "kubernetes_service" "ytdlp" {
metadata { metadata {
name = "ytdlp" name = "ytdlp"
namespace = "ytdlp" namespace = kubernetes_namespace.ytdlp.metadata[0].name
labels = { labels = {
"app" = "ytdlp" "app" = "ytdlp"
} }
@ -117,7 +117,7 @@ resource "kubernetes_service" "ytdlp" {
} }
module "ingress" { module "ingress" {
source = "../ingress_factory" source = "../ingress_factory"
namespace = "ytdlp" namespace = kubernetes_namespace.ytdlp.metadata[0].name
name = "ytdlp" name = "ytdlp"
tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
host = "yt" host = "yt"