-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathlocals.tf
94 lines (91 loc) · 2.72 KB
/
locals.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
locals {
issuers = {
default = {
name = "selfsigned-issuer"
}
ca = { # This value is only used when using the self-signed variant.
name = "ca-issuer"
}
letsencrypt = {
production = {
name = "letsencrypt-prod"
email = var.letsencrypt_issuer_email_main
server = "https://acme-v02.api.letsencrypt.org/directory"
}
staging = {
name = "letsencrypt-staging"
email = var.letsencrypt_issuer_email_main
server = "https://acme-staging-v02.api.letsencrypt.org/directory"
}
}
}
helm_values = [{
cert-manager = {
installCRDs = true
securityContext = {
fsGroup = 999
}
prometheus = {
servicemonitor = {
enabled = var.enable_service_monitor
}
}
replicaCount = var.replicas.controller
resources = {
requests = { for k, v in var.resources.controller.requests : k => v if v != null }
limits = { for k, v in var.resources.controller.limits : k => v if v != null }
}
webhook = {
replicaCount = var.replicas.webhook
resources = {
requests = { for k, v in var.resources.webhook.requests : k => v if v != null }
limits = { for k, v in var.resources.webhook.limits : k => v if v != null }
}
}
cainjector = {
replicaCount = var.replicas.cainjector
resources = {
requests = { for k, v in var.resources.cainjector.requests : k => v if v != null }
limits = { for k, v in var.resources.cainjector.limits : k => v if v != null }
}
}
startupapicheck = {
resources = {
requests = { for k, v in var.resources.startupapicheck.requests : k => v if v != null }
limits = { for k, v in var.resources.startupapicheck.limits : k => v if v != null }
}
}
}
# This structure is overloaded and merged with the values of the same structure coming from the caller modules.
clusterIssuers = {
default = {
name = local.issuers.default.name
}
ca = {
name = local.issuers.ca.name
}
letsencrypt = {
enabled = false
issuers = { for issuer_id, issuer in local.issuers.letsencrypt :
issuer.name => {
email = issuer.email
server = issuer.server
}
}
acme = {
solvers = []
}
}
}
# issuers = {
# default = local.issuers.default
# ca = local.issuers.ca
# letsencrypt = { for issuer_id, issuer in local.issuers.letsencrypt :
# issuer.name => {
# email = issuer.email
# server = issuer.server
# }
# }
# }
}]
}