steffen/DockerComposeTemplates
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

terraform update

Browse Source
This commit is contained in:
Christian
2022-03-16 17:54:10 +01:00
parent 356872bbc5
commit 5c73779a4a
9 changed files with 228 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
terraform/helm/certmanager.tf Normal file
View File

@@ -0,0 +1,31 @@
resource "kubernetes_namespace" "certmanager" {
metadata {
name = "certmanager"
}
}
resource "helm_release" "certmanager" {
depends_on = [kubernetes_namespace.certmanager]
name = "certmanager"
namespace = "certmanager"
repository = "https://charts.jetstack.io"
chart = "cert-manager"
# Install Kubernetes CRDs
set {
name = "installCRDs"
value = "true"
}
}
# (Optional) Create a Time-Sleep for Certificates and Issuer Manifests to deploy later
# resource "time_sleep" "wait_for_certmanager" {
#
# depends_on = [helm_release.certmanager]
#
# create_duration = "10s"
# }

46
terraform/helm/traefik.tf Normal file
View File

@@ -0,0 +1,46 @@
resource "kubernetes_namespace" "traefik" {
metadata {
name = "traefik"
}
}
resource "helm_release" "traefik" {
depends_on = [kubernetes_namespace.traefik]
name = "traefik"
namespace = "traefik"
repository = "https://helm.traefik.io/traefik"
chart = "traefik"
# Set Traefik as the Default Ingress Controller
set {
name = "ingressClass.enabled"
value = "true"
}
set {
name = "ingressClass.isDefaultClass"
value = "true"
}
# Default Redirect
set {
name = "ports.web.redirectTo"
value = "websecure"
}
# Enable TLS on Websecure
set {
name = "ports.websecure.tls.enabled"
value = "true"
}
# TLS Options (that's not working for some reason...)
set {
name = "tlsOptions.default.minVersion"
value = "VersionTLS12"
}
}

7
terraform/kubectl/manifest.tf Normal file
View File

@@ -0,0 +1,7 @@
resource "kubectl_manifest" "your-manifest-file" {
yaml_body = <<YAML
# Put your Manifest-file Content right here...
# ...
YAML
}

24
terraform/kubectl/provider.tf Normal file
View File

@@ -0,0 +1,24 @@
# Kubectl Provider
# ---
# Initial Provider Configuration for Kubectl
terraform {
required_version = ">= 0.13.0"
required_providers {
kubectl = {
source = "gavinbunney/kubectl"
version = "1.13.1"
}
}
}
# Dynamic Configuration from CIVO Kubernetes deployment
# provider "kubectl" {
# host = "${yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.server}"
# client_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-certificate-data)}"
# client_key = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-key-data)}"
# cluster_ca_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.certificate-authority-data)}"
# load_config_file = false
# }

13
terraform/kubernetes/provider.tf
View File

@@ -1,24 +1,23 @@
# Kubectl Provider
# Kubernetes Provider
# ---
# Initial Provider Configuration for Kubectl
# Initial Provider Configuration for Kubernetes
terraform {
required_version = ">= 0.13.0"
required_providers {
kubectl = {
source = "gavinbunney/kubectl"
version = "1.13.1"
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.8.0"
}
}
}
# Dynamic Configuration from CIVO Kubernetes deployment
# provider "kubectl" {
# provider "kubernetes" {
# host = "${yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.server}"
# client_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-certificate-data)}"
# client_key = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-key-data)}"
# cluster_ca_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.certificate-authority-data)}"
# load_config_file = false
# }

41
terraform/kubernetes/templates/deployment.tf Normal file
View File

@@ -0,0 +1,41 @@
resource "kubernetes_deployment" "your-deployment" {
depends_on = [kubernetes_namespace.your-namespace]
metadata {
name = "your-deployment"
namespace = "your-namespace"
labels = {
app = "your-app-selector"
}
}
spec {
replicas = 1
selector {
match_labels = {
app = "your-app-selector"
}
}
template {
metadata {
labels = {
app = "your-app-selector"
}
}
spec {
container {
image = "your-image:latest"
name = "your-container"
port {
container_port = 80
}
}
}
}
}
}

39
terraform/kubernetes/templates/ingress.tf Normal file
View File

@@ -0,0 +1,39 @@
resource "kubernetes_ingress_v1" "your-ingress" {
depends_on = [kubernetes_namespace.your-namespace]
metadata {
name = "your-ingress"
namespace = "your-namespace"
}
spec {
rule {
host = "your-domain"
http {
path {
path = "/"
backend {
service {
name = "your-service"
port {
number = 80
}
}
}
}
}
}
# (Optional) Add an SSL Certificate
# tls {
# secret_name = "ssl-certificate-object"
# hosts = ["your-domain"]
# }
}
}

15
terraform/kubernetes/templates/secret.tf Normal file
View File

@@ -0,0 +1,15 @@
resource "kubernetes_secret" "cloudflare_api_key_secret" {
depends_on = [kubernetes_namespace.your-namespace-object]
metadata {
name = "cloudflare-api-key-secret"
namespace = "your-namespace"
}
data = {
api-key = var.your-api-key-variable
}
type = "Opaque"
}

19
terraform/kubernetes/templates/service.tf Normal file
View File

@@ -0,0 +1,19 @@
resource "kubernetes_service" "your-service" {
depends_on = [kubernetes_namespace.your-namespace]
metadata {
name = "your-service"
namespace = "your-namespace"
}
spec {
selector = {
app = "your-app-selector"
}
port {
port = 80
}
type = "ClusterIP"
}
}