90 lines
2.4 KiB
HCL
90 lines
2.4 KiB
HCL
locals {
|
|
tld = "fourlights.dev"
|
|
cluster_shortname = "365zon"
|
|
cluster_dns = "${local.cluster_shortname}.${local.tld}"
|
|
node_count = 3
|
|
bridge_dns = "bridge.${local.tld}"
|
|
}
|
|
|
|
module "cluster-init" {
|
|
source = "../../modules/cluster/init-rke2"
|
|
k8s_config_yaml = data.minio_s3_object.k8s_yaml.content
|
|
}
|
|
|
|
module "minio" {
|
|
source = "../../modules/minio"
|
|
wait_on = module.cluster-init.installed
|
|
k8s_config_yaml = data.minio_s3_object.k8s_yaml.content
|
|
|
|
server_dns = local.cluster_dns
|
|
service_name = "storage"
|
|
namespace = "minio"
|
|
|
|
admin_server_dns = local.cluster_dns # Restricted admin access, access via bridge
|
|
|
|
tls = false # TLS termination happens on the bridge ingress
|
|
admin = true
|
|
ingressClass = "nginx"
|
|
storageSize = "40Gi"
|
|
}
|
|
|
|
module "mongodb" {
|
|
source = "../../modules/mongodb"
|
|
wait_on = module.cluster-init.installed
|
|
k8s_config_yaml = data.minio_s3_object.k8s_yaml.content
|
|
|
|
namespace = "mongodb"
|
|
replicas = local.node_count
|
|
}
|
|
|
|
#module "frontend-minio" {
|
|
# source = "../../modules/minio/overlay"
|
|
# wait_on = module.minio.installed
|
|
#
|
|
# name = "frontend"
|
|
# server = module.minio.minio_server
|
|
# access_key = module.minio.minio_access_key
|
|
# secret_key = module.minio.minio_secret_key
|
|
#}
|
|
|
|
module "rabbitmq" {
|
|
source = "../../modules/rabbitmq"
|
|
wait_on = module.cluster-init.installed
|
|
k8s_config_yaml = data.minio_s3_object.k8s_yaml.content
|
|
|
|
server_dns = "local" # Restricted admin access, access via bridge
|
|
|
|
service_name = "rabbitmq"
|
|
namespace = "rabbitmq"
|
|
|
|
tls = false # TLS termination happens on the bridge ingress
|
|
admin = true
|
|
ingressClass = "nginx"
|
|
}
|
|
|
|
# THESE SHOULD BE IN BRIDGE
|
|
# generate ed25519 for argocd: `ssh-keygen -t ed25519 -C "argocd.bridge.fourlights.dev" -f argocd.bridge.fourlights.dev
|
|
# add ed25519.pub to github repo deploy keys
|
|
# add argocd repo secret
|
|
# add argocd updated github.com known hosts
|
|
# add argocd application
|
|
|
|
# setup secrets
|
|
|
|
resource "vault_kv_secret_v2" "cluster" {
|
|
mount = var.cluster
|
|
name = "minio"
|
|
delete_all_versions = true
|
|
|
|
data_json = jsonencode({
|
|
access_key = minio_iam_service_account.cluster.access_key
|
|
secret_key = minio_iam_service_account.cluster.secret_key
|
|
})
|
|
|
|
depends_on = [
|
|
var.wait_on,
|
|
minio_iam_service_account.cluster
|
|
]
|
|
}
|
|
|