Add Gitea and Mail modules with configuration and resources
- Created Gitea module with outputs, provider, and variables for deployment. - Implemented Mail module including configuration for Dovecot and Postfix, along with necessary resources such as secrets, config maps, and deployments. - Added Python script for bcrypt password hashing and integrated it into the Mail module. - Defined persistent volumes and claims for Seafile module, along with Nginx configuration for serving content. - Established necessary variables for all modules to ensure flexibility and configurability.
This commit is contained in:
@@ -0,0 +1,128 @@
|
||||
#
|
||||
# Namespace for Seafile
|
||||
#
|
||||
resource "kubernetes_namespace" "seafile" {
|
||||
metadata {
|
||||
annotations = {
|
||||
name = "seafile"
|
||||
}
|
||||
|
||||
labels = {
|
||||
name = "seafile"
|
||||
}
|
||||
|
||||
name = "seafile"
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Persistent Volume for Seafile data
|
||||
#
|
||||
resource "kubernetes_persistent_volume" "seafile_data" {
|
||||
metadata {
|
||||
name = "seafile-data"
|
||||
labels = {
|
||||
type = "local" # Example label, adjust as needed
|
||||
}
|
||||
}
|
||||
spec {
|
||||
capacity = {
|
||||
storage = "10Gi"
|
||||
}
|
||||
access_modes = ["ReadWriteOnce"]
|
||||
persistent_volume_source {
|
||||
host_path {
|
||||
path = "/opt/seafile-data" # Consider making this configurable via variables
|
||||
}
|
||||
}
|
||||
persistent_volume_reclaim_policy = "Retain" # Or Delete, depending on desired behavior
|
||||
storage_class_name = "manual" # Or your specific storage class
|
||||
volume_mode = "Filesystem"
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Persistent Volume Claim for Seafile data
|
||||
#
|
||||
resource "kubernetes_persistent_volume_claim" "seafile_data" {
|
||||
metadata {
|
||||
name = "seafile-data"
|
||||
namespace = kubernetes_namespace.seafile.metadata[0].name
|
||||
}
|
||||
spec {
|
||||
access_modes = ["ReadWriteOnce"]
|
||||
resources {
|
||||
requests = {
|
||||
storage = "10Gi"
|
||||
}
|
||||
}
|
||||
storage_class_name = "manual" # Must match the PV's storage class
|
||||
volume_name = kubernetes_persistent_volume.seafile_data.metadata[0].name
|
||||
}
|
||||
wait_until_bound = false # Set to true if you need to ensure binding before proceeding
|
||||
}
|
||||
|
||||
#
|
||||
# ConfigMap for Seafile environment variables
|
||||
#
|
||||
resource "kubernetes_config_map" "seafile_env" {
|
||||
metadata {
|
||||
name = "seafile-env"
|
||||
namespace = kubernetes_namespace.seafile.metadata[0].name
|
||||
}
|
||||
data = {
|
||||
# for Seafile server
|
||||
TIME_ZONE = "UTC" # Consider making this configurable
|
||||
SEAFILE_LOG_TO_STDOUT = "false"
|
||||
SITE_ROOT = "/"
|
||||
ENABLE_SEADOC = "false"
|
||||
SEADOC_SERVER_URL = "https://seafile.example.com/sdoc-server" # Replace with actual URL or variable
|
||||
SEAFILE_SERVER_HOSTNAME = "seafile.example.com" # Replace with actual hostname or variable
|
||||
SEAFILE_SERVER_PROTOCOL = "http" # Replace with actual protocol or variable
|
||||
|
||||
# for database - Consider using secrets for credentials
|
||||
SEAFILE_MYSQL_DB_HOST = "<your MySQL host>" # Replace with actual host or variable/secret
|
||||
SEAFILE_MYSQL_DB_PORT = "3306"
|
||||
SEAFILE_MYSQL_DB_USER = "seafile" # Replace with actual user or variable/secret
|
||||
SEAFILE_MYSQL_DB_CCNET_DB_NAME = "ccnet_db"
|
||||
SEAFILE_MYSQL_DB_SEAFILE_DB_NAME = "seafile_db"
|
||||
SEAFILE_MYSQL_DB_SEAHUB_DB_NAME = "seahub_db"
|
||||
|
||||
# Init
|
||||
## for Seafile admin - Consider using secrets
|
||||
INIT_SEAFILE_ADMIN_EMAIL = "<Seafile admin's email>" # Replace with actual email or variable/secret
|
||||
|
||||
## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true) - Consider using secrets
|
||||
INIT_S3_STORAGE_BACKEND_CONFIG = "false"
|
||||
INIT_S3_COMMIT_BUCKET = ""
|
||||
INIT_S3_FS_BUCKET = ""
|
||||
INIT_S3_BLOCK_BUCKET = ""
|
||||
INIT_S3_KEY_ID = ""
|
||||
INIT_S3_USE_V4_SIGNATURE = "true"
|
||||
INIT_S3_AWS_REGION = "us-east-1"
|
||||
INIT_S3_HOST = "s3.us-east-1.amazonaws.com"
|
||||
INIT_S3_USE_HTTPS = "true"
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Service for Seafile
|
||||
#
|
||||
resource "kubernetes_service" "seafile" {
|
||||
metadata {
|
||||
name = "seafile"
|
||||
namespace = kubernetes_namespace.seafile.metadata[0].name
|
||||
}
|
||||
spec {
|
||||
selector = {
|
||||
app = "seafile" # Ensure your Seafile deployment/pod has this label
|
||||
}
|
||||
port {
|
||||
protocol = "TCP"
|
||||
port = 80
|
||||
target_port = 80
|
||||
node_port = 30000 # NodePort might not be ideal for production, consider Ingress or LoadBalancer service type without explicit nodePort
|
||||
}
|
||||
type = "LoadBalancer" # Or ClusterIP/NodePort depending on your needs
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user