alpha
/
dotfiles
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '964c858507'
${ noResults }
dotfiles/meta/lotus-land-story/main.tf

192 lines
3.5 KiB
Raw Blame History

terraform {
required_providers {
kubernetes = {
source = "hashicorp/kubernetes"
}
helm = {
source = "hashicorp/helm"
}
}
}
provider "helm" {
kubernetes {
config_path = ".kube/config"
}
}
provider "kubernetes" {
config_path = ".kube/config"
}
resource "kubernetes_namespace" "cert_manager" {
metadata {
name = "cert-manager"
}
}
resource "helm_release" "cert_manager" {
name = "cert-manager"
repository = "https://charts.jetstack.io"
chart = "cert-manager"
version = "1.6.1"
namespace = kubernetes_namespace.cert_manager.metadata[0].name
set {
name = "installCRDs"
value = "true"
}
}
resource "kubernetes_manifest" "letsencrypt_staging" {
manifest = {
apiVersion = "cert-manager.io/v1"
kind = "Issuer"
metadata = {
name = "letsencrypt-staging"
namespace = "default"
}
spec = {
acme = {
server = "https://acme-staging-v02.api.letsencrypt.org/directory"
email = var.letsencrypt_email
privateKeySecretRef = {
name = "letsencrypt-staging"
}
solvers = [
{
selector = {}
http01 = {
ingress = {
class = "nginx"
}
}
}
]
}
}
}
}
resource "kubernetes_manifest" "letsencrypt_prod" {
manifest = {
apiVersion = "cert-manager.io/v1"
kind = "Issuer"
metadata = {
name = "letsencrypt-prod"
namespace = "default"
}
spec = {
acme = {
server = "https://acme-v02.api.letsencrypt.org/directory"
email = var.letsencrypt_email
privateKeySecretRef = {
name = "letsencrypt-prod"
}
solvers = [
{
selector = {}
http01 = {
ingress = {
class = "nginx"
}
}
}
]
}
}
}
}
resource "helm_release" "ingress_nginx" {
name = "ingress-nginx"
repository = "https://kubernetes.github.io/ingress-nginx"
chart = "ingress-nginx"
version = "4.0.13"
}
resource "kubernetes_deployment" "kuard" {
metadata {
name = "kuard"
}
spec {
selector {
match_labels = {
app = "kuard"
}
}
replicas = 1
template {
metadata {
labels = {
app = "kuard"
}
}
spec {
container {
image = "gcr.io/kuar-demo/kuard-amd64:1"
image_pull_policy = "Always"
name = "kuard"
port {
container_port = 8080
}
}
}
}
}
}
resource "kubernetes_service" "kuard" {
metadata {
name = "kuard"
}
spec {
port {
port = 80
target_port = 8080
protocol = "TCP"
}
selector = {
app = "kuard"
}
}
}
resource "kubernetes_ingress_v1" "kuard" {
metadata {
name = "kuard"
annotations = {
"kubernetes.io/ingress.class" = "nginx"
"cert-manager.io/issuer" = "letsencrypt-prod"
}
}
spec {
tls {
hosts = [
"kuard.${var.domain}"
]
secret_name = "kuard-tls"
}
rule {
host = "kuard.${var.domain}"
http {
path {
path = "/"
path_type = "Prefix"
backend {
service {
name = "kuard"
port {
number = 80
}
}
}
}
}
}
}
}
Reference in new issue View Git Blame Copy Permalink