2024-07-08 20:27:08 +00:00
|
|
|
terraform {
|
|
|
|
required_providers {
|
|
|
|
proxmox = {
|
|
|
|
source = "Telmate/proxmox"
|
|
|
|
version = "3.0.1-rc3"
|
|
|
|
}
|
|
|
|
talos = {
|
|
|
|
source = "siderolabs/talos"
|
|
|
|
version = "0.5.0"
|
|
|
|
}
|
|
|
|
local = {
|
|
|
|
source = "hashicorp/local"
|
|
|
|
version = "1.4.0"
|
|
|
|
}
|
|
|
|
digitalocean = {
|
|
|
|
source = "digitalocean/digitalocean"
|
|
|
|
version = "~> 2.0"
|
|
|
|
}
|
|
|
|
random = {
|
|
|
|
source = "hashicorp/random"
|
|
|
|
version = "3.6.2"
|
|
|
|
}
|
|
|
|
macaddress = {
|
|
|
|
source = "ivoronin/macaddress"
|
|
|
|
version = "0.3.2"
|
|
|
|
}
|
|
|
|
helm = {
|
|
|
|
source = "hashicorp/helm"
|
|
|
|
version = "2.14.0"
|
|
|
|
}
|
2024-07-10 21:13:36 +00:00
|
|
|
kubernetes = {
|
|
|
|
source = "hashicorp/kubernetes"
|
|
|
|
version = "2.31.0"
|
|
|
|
}
|
2024-07-08 20:27:08 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
provider "proxmox" {
|
|
|
|
# FIXME: Traefik/NGINX breaks this! 500 ERROR
|
|
|
|
pm_api_url = "https://178.63.49.225:8006/api2/json"
|
|
|
|
pm_tls_insecure = true
|
|
|
|
}
|
|
|
|
|
|
|
|
provider "digitalocean" {
|
|
|
|
}
|
|
|
|
|
2024-07-13 22:17:47 +00:00
|
|
|
provider "helm" {
|
|
|
|
alias = "template"
|
|
|
|
}
|
|
|
|
|
2024-07-08 20:27:08 +00:00
|
|
|
provider "helm" {
|
|
|
|
kubernetes {
|
2024-07-13 22:17:47 +00:00
|
|
|
host = local.cluster_endpoint
|
|
|
|
cluster_ca_certificate = base64decode(data.talos_cluster_kubeconfig.this.kubernetes_client_configuration.ca_certificate)
|
|
|
|
exec {
|
|
|
|
api_version = "client.authentication.k8s.io/v1beta1"
|
|
|
|
command = "kubectl"
|
|
|
|
args = [
|
|
|
|
"oidc-login",
|
|
|
|
"get-token",
|
|
|
|
"--oidc-issuer-url", var.oidc_issuer_url,
|
|
|
|
"--oidc-client-id", var.oidc_client_id,
|
|
|
|
"--oidc-extra-scope", "profile",
|
|
|
|
"--grant-type", "password",
|
|
|
|
"--username", var.oidc_username,
|
|
|
|
"--password", var.oidc_password,
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
provider "kubernetes" {
|
|
|
|
host = local.cluster_endpoint
|
|
|
|
cluster_ca_certificate = base64decode(data.talos_cluster_kubeconfig.this.kubernetes_client_configuration.ca_certificate)
|
|
|
|
exec {
|
|
|
|
api_version = "client.authentication.k8s.io/v1beta1"
|
|
|
|
command = "kubectl"
|
|
|
|
args = [
|
|
|
|
"oidc-login",
|
|
|
|
"get-token",
|
|
|
|
"--oidc-issuer-url", var.oidc_issuer_url,
|
|
|
|
"--oidc-client-id", var.oidc_client_id,
|
|
|
|
"--oidc-extra-scope", "profile",
|
|
|
|
"--grant-type", "password",
|
|
|
|
"--username", var.oidc_username,
|
|
|
|
"--password", var.oidc_password,
|
|
|
|
]
|
2024-07-08 20:27:08 +00:00
|
|
|
}
|
|
|
|
}
|