Refactor kubernetes stuff a bit
This commit is contained in:
parent
de2729c239
commit
24484ccc7e
38
k8s-test/core/.terraform.lock.hcl
generated
Normal file
38
k8s-test/core/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,38 @@
|
||||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/hashicorp/helm" {
|
||||
version = "2.4.1"
|
||||
hashes = [
|
||||
"h1:aFvUq5HOEwFV/3e7DGU45zDf6j2SThDRjaCAeY2Qfss=",
|
||||
"zh:07517b24ea2ce4a1d3be3b88c3efc7fb452cd97aea8fac93ca37a08a8ec06e14",
|
||||
"zh:11ef6118ed03a1b40ff66adfe21b8707ece0568dae1347ddfbcff8452c0655d5",
|
||||
"zh:1ae07e9cc6b088a6a68421642c05e2fa7d00ed03e9401e78c258cf22a239f526",
|
||||
"zh:1c5b4cd44033a0d7bf7546df930c55aa41db27b70b3bca6d145faf9b9a2da772",
|
||||
"zh:256413132110ddcb0c3ea17c7b01123ad2d5b70565848a77c5ccc22a3f32b0dd",
|
||||
"zh:4ab46fd9aadddef26604382bc9b49100586647e63ef6384e0c0c3f010ff2f66e",
|
||||
"zh:5a35d23a9f08c36fceda3cef7ce2c7dc5eca32e5f36494de695e09a5007122f0",
|
||||
"zh:8e9823a1e5b985b63fe283b755a821e5011a58112447d42fb969c7258ed57ed3",
|
||||
"zh:8f79722eba9bf77d341edf48a1fd51a52d93ec31d9cac9ba8498a3a061ea4a7f",
|
||||
"zh:b2ea782848b10a343f586ba8ee0cf4d7ff65aa2d4b144eea5bbd8f9801b54c67",
|
||||
"zh:e72d1ccf8a75d8e8456c6bb4d843fd4deb0e962ad8f167fa84cf17f12c12304e",
|
||||
]
|
||||
}
|
||||
|
||||
provider "registry.terraform.io/hashicorp/kubernetes" {
|
||||
version = "2.8.0"
|
||||
hashes = [
|
||||
"h1:LZLKGKTlBmG8jtMBdZ4ZMe+r15OQLSMYV0DktfROk+Y=",
|
||||
"zh:0cf42c17c05ae5f0f5eb4b2c375dd2068960b97392e50823e47b2cee7b5e01be",
|
||||
"zh:29e3751eceae92c7400a17fe3a5394ed761627bcadfda66e7ac91d6485c37927",
|
||||
"zh:2d95584504c651e1e2e49fbb5fae1736e32a505102c3dbd2c319b26884a7d3d5",
|
||||
"zh:4a5f1d915c19e7c7b4f04d7d68f82db2c872dad75b9e6f33a6ddce43aa160405",
|
||||
"zh:4b959187fd2c884a4c6606e1c4edc7b506ec4cadb2742831f37aca1463eb349d",
|
||||
"zh:5e76a2b81c93d9904d50c2a703845f79d2b080c2f87c07ef8f168592033d638f",
|
||||
"zh:c5aa21a7168f96afa4b4776cbd7eefd3e1f47d48430dce75c7f761f2d2fac77b",
|
||||
"zh:d45e8bd98fc6752ea087e744efdafb209e7ec5a4224f9affee0a24fb51d26bb9",
|
||||
"zh:d4739255076ed7f3ac2a06aef89e8e48a87667f3e470c514ce2185c0569cc1fb",
|
||||
"zh:dbd2f11529a422ffd17040a70c0cc2802b7f1be2499e976dc22f1138d022b1b4",
|
||||
"zh:dbd5357082b2485bb9978bce5b6d508d6b431d15c53bfa1fcc2781131826b5d8",
|
||||
]
|
||||
}
|
15
k8s-test/core/main.tf
Normal file
15
k8s-test/core/main.tf
Normal file
@ -0,0 +1,15 @@
|
||||
resource "helm_release" "traefik" {
|
||||
name = "traefik"
|
||||
repository = "https://helm.traefik.io/traefik"
|
||||
chart = "traefik"
|
||||
|
||||
set {
|
||||
name = "ingressClass.enabled"
|
||||
value = true
|
||||
}
|
||||
|
||||
set {
|
||||
name = "ingressClass.isDefaultClass"
|
||||
value = true
|
||||
}
|
||||
}
|
22
k8s-test/core/providers.tf
Normal file
22
k8s-test/core/providers.tf
Normal file
@ -0,0 +1,22 @@
|
||||
variable "kube_config_path" {
|
||||
type = string
|
||||
default = "~/.kube/config"
|
||||
}
|
||||
|
||||
variable "kube_config_context" {
|
||||
type = string
|
||||
default = "colima"
|
||||
}
|
||||
|
||||
provider "kubernetes" {
|
||||
config_path = var.kube_config_path
|
||||
config_context = var.kube_config_context
|
||||
}
|
||||
|
||||
provider "helm" {
|
||||
kubernetes {
|
||||
config_path = var.kube_config_path
|
||||
config_context = var.kube_config_context
|
||||
}
|
||||
}
|
||||
|
38
k8s-test/services/.terraform.lock.hcl
generated
Normal file
38
k8s-test/services/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,38 @@
|
||||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/hashicorp/helm" {
|
||||
version = "2.4.1"
|
||||
hashes = [
|
||||
"h1:aFvUq5HOEwFV/3e7DGU45zDf6j2SThDRjaCAeY2Qfss=",
|
||||
"zh:07517b24ea2ce4a1d3be3b88c3efc7fb452cd97aea8fac93ca37a08a8ec06e14",
|
||||
"zh:11ef6118ed03a1b40ff66adfe21b8707ece0568dae1347ddfbcff8452c0655d5",
|
||||
"zh:1ae07e9cc6b088a6a68421642c05e2fa7d00ed03e9401e78c258cf22a239f526",
|
||||
"zh:1c5b4cd44033a0d7bf7546df930c55aa41db27b70b3bca6d145faf9b9a2da772",
|
||||
"zh:256413132110ddcb0c3ea17c7b01123ad2d5b70565848a77c5ccc22a3f32b0dd",
|
||||
"zh:4ab46fd9aadddef26604382bc9b49100586647e63ef6384e0c0c3f010ff2f66e",
|
||||
"zh:5a35d23a9f08c36fceda3cef7ce2c7dc5eca32e5f36494de695e09a5007122f0",
|
||||
"zh:8e9823a1e5b985b63fe283b755a821e5011a58112447d42fb969c7258ed57ed3",
|
||||
"zh:8f79722eba9bf77d341edf48a1fd51a52d93ec31d9cac9ba8498a3a061ea4a7f",
|
||||
"zh:b2ea782848b10a343f586ba8ee0cf4d7ff65aa2d4b144eea5bbd8f9801b54c67",
|
||||
"zh:e72d1ccf8a75d8e8456c6bb4d843fd4deb0e962ad8f167fa84cf17f12c12304e",
|
||||
]
|
||||
}
|
||||
|
||||
provider "registry.terraform.io/hashicorp/kubernetes" {
|
||||
version = "2.8.0"
|
||||
hashes = [
|
||||
"h1:LZLKGKTlBmG8jtMBdZ4ZMe+r15OQLSMYV0DktfROk+Y=",
|
||||
"zh:0cf42c17c05ae5f0f5eb4b2c375dd2068960b97392e50823e47b2cee7b5e01be",
|
||||
"zh:29e3751eceae92c7400a17fe3a5394ed761627bcadfda66e7ac91d6485c37927",
|
||||
"zh:2d95584504c651e1e2e49fbb5fae1736e32a505102c3dbd2c319b26884a7d3d5",
|
||||
"zh:4a5f1d915c19e7c7b4f04d7d68f82db2c872dad75b9e6f33a6ddce43aa160405",
|
||||
"zh:4b959187fd2c884a4c6606e1c4edc7b506ec4cadb2742831f37aca1463eb349d",
|
||||
"zh:5e76a2b81c93d9904d50c2a703845f79d2b080c2f87c07ef8f168592033d638f",
|
||||
"zh:c5aa21a7168f96afa4b4776cbd7eefd3e1f47d48430dce75c7f761f2d2fac77b",
|
||||
"zh:d45e8bd98fc6752ea087e744efdafb209e7ec5a4224f9affee0a24fb51d26bb9",
|
||||
"zh:d4739255076ed7f3ac2a06aef89e8e48a87667f3e470c514ce2185c0569cc1fb",
|
||||
"zh:dbd2f11529a422ffd17040a70c0cc2802b7f1be2499e976dc22f1138d022b1b4",
|
||||
"zh:dbd5357082b2485bb9978bce5b6d508d6b431d15c53bfa1fcc2781131826b5d8",
|
||||
]
|
||||
}
|
23
k8s-test/services/authentik/main.tf
Normal file
23
k8s-test/services/authentik/main.tf
Normal file
@ -0,0 +1,23 @@
|
||||
locals {
|
||||
authentik_chart_values = {
|
||||
"ingress.enabled" = true,
|
||||
"ingress.hosts[0].host" = "authentik.dev.homelab"
|
||||
"ingress.hosts[0].paths[0].path" = "/"
|
||||
"ingress.hosts[0].paths[0].pathType" = "Prefix"
|
||||
}
|
||||
}
|
||||
|
||||
resource "helm_release" "authentik" {
|
||||
name = "authentik"
|
||||
repository = "https://charts.goauthentik.io/"
|
||||
chart = "authentik"
|
||||
version = "5.2.2"
|
||||
|
||||
dynamic "set" {
|
||||
for_each = local.authentik_chart_values
|
||||
content {
|
||||
name = set.key
|
||||
value = set.value
|
||||
}
|
||||
}
|
||||
}
|
21
k8s-test/services/blocky/config.yml
Normal file
21
k8s-test/services/blocky/config.yml
Normal file
@ -0,0 +1,21 @@
|
||||
upstream:
|
||||
default:
|
||||
- 1.1.1.1
|
||||
- 1.0.0.1
|
||||
blocking:
|
||||
blackLists:
|
||||
ads:
|
||||
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
|
||||
clientGroupsBlock:
|
||||
default:
|
||||
- ads
|
||||
|
||||
customDNS:
|
||||
customTTL: 1h
|
||||
mapping:
|
||||
# TODO: Use a variable for this
|
||||
dev.homelab: 192.168.2.41
|
||||
|
||||
port: 53
|
||||
httpPort: 4000
|
||||
|
25
k8s-test/services/blocky/main.tf
Normal file
25
k8s-test/services/blocky/main.tf
Normal file
@ -0,0 +1,25 @@
|
||||
locals {
|
||||
blocky_config = file("${path.module}/blocky_config.yml")
|
||||
}
|
||||
|
||||
resource "helm_release" "blocky" {
|
||||
name = "blocky"
|
||||
repository = "https://k8s-at-home.com/charts/"
|
||||
chart = "blocky"
|
||||
|
||||
|
||||
set {
|
||||
name = "env.TZ"
|
||||
value = "America/Los_Angeles"
|
||||
}
|
||||
|
||||
set {
|
||||
name = "metrics.enabled"
|
||||
value = true
|
||||
}
|
||||
|
||||
set {
|
||||
name = "config"
|
||||
value = "${local.blocky_config}"
|
||||
}
|
||||
}
|
21
k8s-test/services/blocky_config.yml
Normal file
21
k8s-test/services/blocky_config.yml
Normal file
@ -0,0 +1,21 @@
|
||||
upstream:
|
||||
default:
|
||||
- 1.1.1.1
|
||||
- 1.0.0.1
|
||||
blocking:
|
||||
blackLists:
|
||||
ads:
|
||||
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
|
||||
clientGroupsBlock:
|
||||
default:
|
||||
- ads
|
||||
|
||||
customDNS:
|
||||
customTTL: 1h
|
||||
mapping:
|
||||
# TODO: Use a variable for this
|
||||
dev.homelab: 192.168.2.41
|
||||
|
||||
port: 53
|
||||
httpPort: 4000
|
||||
|
@ -1,41 +1,3 @@
|
||||
variable "kube_config_path" {
|
||||
type = string
|
||||
default = "~/.kube/config"
|
||||
}
|
||||
|
||||
variable "kube_config_context" {
|
||||
type = string
|
||||
default = "colima"
|
||||
}
|
||||
|
||||
provider "kubernetes" {
|
||||
config_path = var.kube_config_path
|
||||
config_context = var.kube_config_context
|
||||
}
|
||||
|
||||
provider "helm" {
|
||||
kubernetes {
|
||||
config_path = var.kube_config_path
|
||||
config_context = var.kube_config_context
|
||||
}
|
||||
}
|
||||
|
||||
resource "helm_release" "traefik" {
|
||||
name = "traefik"
|
||||
repository = "https://helm.traefik.io/traefik"
|
||||
chart = "traefik"
|
||||
|
||||
set {
|
||||
name = "ingressClass.enabled"
|
||||
value = true
|
||||
}
|
||||
|
||||
set {
|
||||
name = "ingressClass.isDefaultClass"
|
||||
value = true
|
||||
}
|
||||
}
|
||||
|
||||
resource "kubernetes_manifest" "traefik_dashboard" {
|
||||
manifest = {
|
||||
apiVersion = "traefik.containo.us/v1alpha1"
|
||||
@ -92,13 +54,43 @@ module "whoami2-ingress" {
|
||||
match_route = "PathPrefix(`/whoami2`)"
|
||||
}
|
||||
|
||||
resource "helm_release" "prom_stack" {
|
||||
name = "kube-prom-stack"
|
||||
repository = "https://prometheus-community.github.io/helm-charts"
|
||||
chart = "kube-prometheus-stack"
|
||||
|
||||
set {
|
||||
name = "alert_manager.enabled"
|
||||
value = false
|
||||
}
|
||||
module "authentik" {
|
||||
source = "./authentik"
|
||||
}
|
||||
|
||||
# locals {
|
||||
# blocky_config = file("${path.module}/blocky_config.yml")
|
||||
# }
|
||||
#
|
||||
# resource "helm_release" "blocky" {
|
||||
# name = "blocky"
|
||||
# repository = "https://k8s-at-home.com/charts/"
|
||||
# chart = "blocky"
|
||||
#
|
||||
#
|
||||
# set {
|
||||
# name = "env.TZ"
|
||||
# value = "America/Los_Angeles"
|
||||
# }
|
||||
#
|
||||
# set {
|
||||
# name = "metrics.enabled"
|
||||
# value = true
|
||||
# }
|
||||
#
|
||||
# set {
|
||||
# name = "config"
|
||||
# value = "${local.blocky_config}"
|
||||
# }
|
||||
# }
|
||||
|
||||
# resource "helm_release" "prom_stack" {
|
||||
# name = "kube-prom-stack"
|
||||
# repository = "https://prometheus-community.github.io/helm-charts"
|
||||
# chart = "kube-prometheus-stack"
|
||||
#
|
||||
# set {
|
||||
# name = "alert_manager.enabled"
|
||||
# value = false
|
||||
# }
|
||||
# }
|
22
k8s-test/services/providers.tf
Normal file
22
k8s-test/services/providers.tf
Normal file
@ -0,0 +1,22 @@
|
||||
variable "kube_config_path" {
|
||||
type = string
|
||||
default = "~/.kube/config"
|
||||
}
|
||||
|
||||
variable "kube_config_context" {
|
||||
type = string
|
||||
default = "colima"
|
||||
}
|
||||
|
||||
provider "kubernetes" {
|
||||
config_path = var.kube_config_path
|
||||
config_context = var.kube_config_context
|
||||
}
|
||||
|
||||
provider "helm" {
|
||||
kubernetes {
|
||||
config_path = var.kube_config_path
|
||||
config_context = var.kube_config_context
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user