womax/vps-k8s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
vps-k8s/stoat/main.tf
T
Antonin Ruan 8d435f9f30 Stoat deployment
2026-02-16 19:26:47 +01:00

875 lines
18 KiB
Terraform
Raw Permalink Blame History

provider "kubernetes" {
config_path = "~/.kube/config"
}
variable "domain" {
type = string
}
variable "smtp" {
type = object({
host = string
username = string
password = string
from = string
})
}
variable "stoat" {
type = object({
subdomain = string
api = object({
name = optional(string, "stoat-api")
port = optional(number, 14702)
image = string
version = string
})
events = object({
name = optional(string, "stoat-events")
port = optional(number, 14703)
image = string
version = string
})
autumn = object({
name = optional(string, "stoat-autumn")
port = optional(number, 14704)
image = string
version = string
})
january = object({
name = optional(string, "stoat-january")
port = optional(number, 14705)
image = string
version = string
})
gifbox = object({
name = optional(string, "stoat-gifbox")
port = optional(number, 14706)
image = string
version = string
})
pushd = object({
name = optional(string, "stoat-pushd")
image = string
version = string
})
crond = object({
name = optional(string, "stoat-crond")
image = string
version = string
})
voice_ingress = object({
name = optional(string, "stoat-voice-ingress")
port = optional(number, 8500)
image = string
version = string
})
web = object({
name = optional(string, "stoat-webapp")
port = optional(number, 80)
image = string
version = string
})
})
}
resource "kubernetes_namespace_v1" "stoat" {
metadata {
name = "stoat"
}
}
resource "kubernetes_config_map_v1" "Revolt" {
metadata {
name = "revolt"
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
data = {
"Revolt.toml" = templatefile("${path.module}/templates/Revolt.toml.tftpl",
{
domain = var.domain
hostname = "${var.stoat.subdomain}.${var.domain}"
smtp = var.smtp
livekit_api_key = var.livekit.api_key
livekit_secret_key = random_password.livekit_api_secret.result
minio_host = var.minio.app_name
minio_user = var.minio.user
minio_pass = random_password.minio.result
mongo_host = var.mongo.app_name
rabbit_host = var.rabbit.app_name
rabbit_port = var.rabbit.port
rabbit_user = var.rabbit.user
rabbit_passwd = random_password.rabbit.result
redis_host = var.redis.app_name
})
"Caddyfile" = templatefile("${path.module}/templates/Caddyfile.tftpl",
{
hostname = "${var.stoat.subdomain}.${var.domain}"
stoat = var.stoat
})
}
}
resource "kubernetes_config_map_v1" "env_web" {
metadata {
name = "env-web"
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
data = {
NGINX_HOST = "chat.ruan.fr"
}
}
resource "kubernetes_ingress_v1" "stoat" {
metadata {
name = "stoat"
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
annotations = {
"cert-manager.io/cluster-issuer" = "letsencrypt"
}
}
spec {
tls {
hosts = [
"${var.stoat.subdomain}.${var.domain}",
"api.${var.stoat.subdomain}.${var.domain}",
"file.${var.stoat.subdomain}.${var.domain}",
"proxy.${var.stoat.subdomain}.${var.domain}",
"events.${var.stoat.subdomain}.${var.domain}",
"gifbox.${var.stoat.subdomain}.${var.domain}",
]
secret_name = "stoat-tls"
}
rule {
host = "${var.stoat.subdomain}.${var.domain}"
http {
path {
path = "/"
path_type = "Prefix"
backend {
service {
name = kubernetes_service_v1.stoat_caddy.metadata[0].name
port {
number = 80
}
}
}
}
}
}
rule {
host = "api.${var.stoat.subdomain}.${var.domain}"
http {
path {
path = "/"
path_type = "Prefix"
backend {
service {
name = kubernetes_service_v1.stoat_api.metadata[0].name
port {
number = var.stoat.api.port
}
}
}
}
}
}
rule {
host = "events.${var.stoat.subdomain}.${var.domain}"
http {
path {
path = "/"
path_type = "Exact"
backend {
service {
name = kubernetes_service_v1.stoat_events.metadata[0].name
port {
number = var.stoat.events.port
}
}
}
}
}
}
rule {
host = "file.${var.stoat.subdomain}.${var.domain}"
http {
path {
path = "/"
path_type = "Prefix"
backend {
service {
name = kubernetes_service_v1.stoat_autumn.metadata[0].name
port {
number = var.stoat.autumn.port
}
}
}
}
}
}
rule {
host = "proxy.${var.stoat.subdomain}.${var.domain}"
http {
path {
path = "/"
path_type = "Prefix"
backend {
service {
name = kubernetes_service_v1.stoat_january.metadata[0].name
port {
number = var.stoat.january.port
}
}
}
}
}
}
rule {
host = "gifbox.${var.stoat.subdomain}.${var.domain}"
http {
path {
path = "/"
path_type = "Prefix"
backend {
service {
name = kubernetes_service_v1.stoat_gifbox.metadata[0].name
port {
number = var.stoat.gifbox.port
}
}
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_caddy" {
metadata {
name = "caddy"
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = "caddy"
}
port {
port = 80
target_port = 80
}
}
}
resource "kubernetes_deployment_v1" "stoat_caddy" {
metadata {
name = "caddy"
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = "caddy"
}
}
template {
metadata {
labels = {
"app" = "caddy"
}
}
spec {
container {
name = "caddy"
image = "docker.io/caddy"
port {
container_port = 80
}
env_from {
config_map_ref {
name = kubernetes_config_map_v1.env_web.metadata[0].name
optional = false
}
}
volume_mount {
name = "revolt"
mount_path = "/etc/caddy/Caddyfile"
sub_path = "Caddyfile"
}
}
volume {
name = "revolt"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_api" {
metadata {
name = var.stoat.api.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.api.name
}
port {
port = var.stoat.api.port
target_port = var.stoat.api.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_api" {
metadata {
name = var.stoat.api.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.api.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.api.name
}
}
spec {
container {
name = var.stoat.api.name
image = "${var.stoat.api.image}:${var.stoat.api.version}"
port {
container_port = var.stoat.api.port
}
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_events" {
metadata {
name = var.stoat.events.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.events.name
}
port {
port = var.stoat.events.port
target_port = var.stoat.events.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_events" {
metadata {
name = var.stoat.events.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.events.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.events.name
}
}
spec {
container {
name = var.stoat.events.name
image = "${var.stoat.events.image}:${var.stoat.events.version}"
port {
container_port = var.stoat.events.port
}
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_autumn" {
metadata {
name = var.stoat.autumn.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.autumn.name
}
port {
port = var.stoat.autumn.port
target_port = var.stoat.autumn.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_autumn" {
metadata {
name = var.stoat.autumn.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.autumn.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.autumn.name
}
}
spec {
container {
name = var.stoat.autumn.name
image = "${var.stoat.autumn.image}:${var.stoat.autumn.version}"
port {
container_port = var.stoat.autumn.port
}
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_january" {
metadata {
name = var.stoat.january.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.january.name
}
port {
port = var.stoat.january.port
target_port = var.stoat.january.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_january" {
metadata {
name = var.stoat.january.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.january.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.january.name
}
}
spec {
container {
name = var.stoat.january.name
image = "${var.stoat.january.image}:${var.stoat.january.version}"
port {
container_port = var.stoat.january.port
}
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_gifbox" {
metadata {
name = var.stoat.gifbox.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.gifbox.name
}
port {
port = var.stoat.gifbox.port
target_port = var.stoat.gifbox.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_gifbox" {
metadata {
name = var.stoat.gifbox.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.gifbox.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.gifbox.name
}
}
spec {
container {
name = var.stoat.gifbox.name
image = "${var.stoat.gifbox.image}:${var.stoat.gifbox.version}"
port {
container_port = var.stoat.gifbox.port
}
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_deployment_v1" "stoat_pushd" {
metadata {
name = var.stoat.pushd.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.pushd.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.pushd.name
}
}
spec {
container {
name = var.stoat.pushd.name
image = "${var.stoat.pushd.image}:${var.stoat.pushd.version}"
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_deployment_v1" "stoat_crond" {
metadata {
name = var.stoat.crond.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.crond.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.crond.name
}
}
spec {
container {
name = var.stoat.crond.name
image = "${var.stoat.crond.image}:${var.stoat.crond.version}"
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_voice_ingress" {
metadata {
name = var.stoat.voice_ingress.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.voice_ingress.name
}
port {
port = var.stoat.voice_ingress.port
target_port = var.stoat.voice_ingress.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_voice_ingress" {
metadata {
name = var.stoat.voice_ingress.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.voice_ingress.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.voice_ingress.name
}
}
spec {
container {
name = var.stoat.voice_ingress.name
image = "${var.stoat.voice_ingress.image}:${var.stoat.voice_ingress.version}"
volume_mount {
name = "revolt-toml"
mount_path = "/Revolt.toml"
sub_path = "Revolt.toml"
}
}
volume {
name = "revolt-toml"
config_map {
name = kubernetes_config_map_v1.Revolt.metadata[0].name
optional = false
}
}
}
}
}
}
resource "kubernetes_service_v1" "stoat_web" {
metadata {
name = var.stoat.web.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
selector = {
app = var.stoat.web.name
}
port {
port = var.stoat.web.port
target_port = var.stoat.web.port
}
}
}
resource "kubernetes_deployment_v1" "stoat_web" {
metadata {
name = var.stoat.web.name
namespace = kubernetes_namespace_v1.stoat.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = var.stoat.web.name
}
}
template {
metadata {
labels = {
"app" = var.stoat.web.name
}
}
spec {
container {
name = var.stoat.web.name
image = "${var.stoat.web.image}:${var.stoat.web.version}"
image_pull_policy = "Always"
port {
container_port = var.stoat.web.port
}
env_from {
config_map_ref {
name = kubernetes_config_map_v1.env_web.metadata[0].name
optional = false
}
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink