resource "kubernetes_namespace" "mijn-365zon" { metadata { name = "mijn-365zon" } lifecycle { ignore_changes = [metadata] } } resource "kubernetes_config_map" "mijn-365zon-config" { metadata { name = "mijn-365zon-config" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name } data = { AUTH_ORIGIN = "https://mijn.365zon.nl" AUTH_SECRET = "nRm0dT_SD{H<3%Z!" HOST = "0.0.0.0" NEXTAUTH_URL = "https://mijn.365zon.nl" NODE_ENV = "production" NUXT_AUTH_ORIGIN = "https://mijn.365zon.nl" NUXT_AUTH0_AUDIENCE = "https://365zon-prod.giddix.io" NUXT_AUTH0_AUTHORITY = "https://giddix-365zon.eu.auth0.com" NUXT_AUTH0_CLIENT_ID = "z2k0ajnrbqDhPRgiqZxW7ODq9aU9jmLG" NUXT_AUTH0_CLIENT_SECRET = "oIxleJ9QktIRhN3GhGOozVS0ot8HxWCA1eNeZclSu-MQxD0KvtL0H9rsElO9-tnD" NUXT_PUBLIC_API_BASE_URL = "https://365zon-api.giddix.io" NUXT_PUBLIC_APP_DEBUG = false NUXT_PUBLIC_APP_INSIGHTS_ENABLED = true NUXT_PUBLIC_APP_INSIGHTS_INSTRUMENTATION_KEY = "b852a92c-dfbb-4c47-9431-afb9db86d669" NUXT_PUBLIC_APP_INSIGHTS_ROLE_NAME = "px-app-365zon-prod" NUXT_PUBLIC_BRAND_API_SLUG = "365zon" NUXT_PUBLIC_BRAND_SLUG = "365zon" NUXT_PUBLIC_FLOW_DEBUG = false } } resource "kubernetes_manifest" "mijn-365zon-tls" { manifest = { apiVersion = "cert-manager.io/v1" kind = "Certificate" metadata = { name = "mijn-365zon-tls" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name } spec = { secretName = "mijn-365zon-tls" issuerRef = { name = "letsencrypt" kind = "ClusterIssuer" } dnsNames = [ "app.365zon.fourlights.dev", ] } } } resource "kubernetes_manifest" "mijn-365zon-deployment" { manifest = { apiVersion = "apps/v1" kind = "Deployment" metadata = { name = "mijn-365zon" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name } spec = { replicas = 1 selector = { matchLabels = { app = "mijn-365zon" } } template = { metadata = { labels = { app = "mijn-365zon" } } spec = { imagePullSecrets = [ { name = "github" } ] containers = [ { name = "mijn-365zon" image = "ghcr.io/four-lights-nl/mijn-365zon-frontend-365zon:latest" ports = [ { containerPort = 80 } ] envFrom = [ { configMapRef = { name = kubernetes_config_map.mijn-365zon-config.metadata[0].name } } ] resources = { requests = { cpu = "200m" memory = "256Mi" } limits = { cpu = "1" memory = "1Gi" } } } ] } } } } } resource "kubernetes_manifest" "mijn-365zon-service" { manifest = { apiVersion = "v1" kind = "Service" metadata = { name = "mijn-365zon" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name } spec = { selector = { app = "mijn-365zon" } ports = [ { name = "mijn-365zon" port = 80 protocol = "TCP" targetPort = 80 } ] type = "ClusterIP" } } } resource "kubernetes_manifest" "mijn-365zon-preserve-host-middleware" { manifest = { apiVersion = "traefik.io/v1alpha1" kind = "Middleware" metadata = { name = "preserve-host-headers" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name } spec = { headers = { customRequestHeaders = { "X-Forwarded-Proto" = "https" "X-Forwarded-Port" = "443" } } } } } resource "kubernetes_manifest" "mijn-365zon-https-redirect-middleware" { manifest = { apiVersion = "traefik.io/v1alpha1" kind = "Middleware" metadata = { name = "redirect-to-https" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name } spec = { redirectScheme = { permanent = true scheme = "https" } } } } resource "kubernetes_manifest" "mijn-365zon-ingress" { depends_on = [ kubernetes_manifest.mijn-365zon-service, kubernetes_manifest.mijn-365zon-tls, kubernetes_manifest.mijn-365zon-preserve-host-middleware, kubernetes_manifest.mijn-365zon-https-redirect-middleware ] manifest = { apiVersion = "networking.k8s.io/v1" kind = "Ingress" metadata = { name = "mijn-365zon" namespace = kubernetes_namespace.mijn-365zon.metadata[0].name annotations = { "kubernetes.io/ingress.class" = "traefik" "traefik.ingress.kubernetes.io/router.entrypoints" = "web,websecure" "traefik.ingress.kubernetes.io/router.middlewares" = "mijn-365zon-redirect-to-https@kubernetescrd,mijn-365zon-preserve-host-headers@kubernetescrd" } } spec = { ingressClassName = "traefik" rules = [ { host = "mijn.365zon.nl" http = { paths = [ { path = "/" pathType = "Prefix" backend = { service = { name = "mijn-365zon" port = { number = 80 } } } } ] } }, { host = "app.365zon.fourlights.dev" http = { paths = [ { path = "/" pathType = "Prefix" backend = { service = { name = "mijn-365zon" port = { number = 80 } } } } ] } } ] tls = [ { hosts = ["app.365zon.fourlights.dev"], secretName = "mijn-365zon-tls" }, { hosts = ["mijn.365zon.nl"], secretName = "mijn-365zon-nl" } ] } } }