mirror of
https://github.com/k3s-io/k3s-ansible.git
synced 2024-07-02 11:35:06 +02:00
55 lines
1.5 KiB
HCL
55 lines
1.5 KiB
HCL
|
|
data "google_dns_managed_zone" "env_dns_zone" {
|
|
name = "personal"
|
|
}
|
|
|
|
resource "google_service_account" "external_dns" {
|
|
account_id = "homelab-dns"
|
|
}
|
|
|
|
resource "google_dns_managed_zone_iam_member" "member" {
|
|
# project = google_dns_managed_zone.default.project
|
|
managed_zone = data.google_dns_managed_zone.env_dns_zone.name
|
|
role = "roles/dns.admin"
|
|
member = "serviceAccount:${google_service_account.external_dns.email}"
|
|
}
|
|
|
|
resource "google_project_iam_member" "external-dns" {
|
|
project = "robertb724-personal"
|
|
role = "roles/dns.admin"
|
|
member = "serviceAccount:${google_service_account.external_dns.email}"
|
|
}
|
|
|
|
resource "google_service_account_key" "external_dns_creds" {
|
|
service_account_id = google_service_account.external_dns.name
|
|
}
|
|
|
|
resource "kubernetes_namespace" "external_dns" {
|
|
metadata {
|
|
name = "external-dns"
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_secret" "external_dns_creds" {
|
|
metadata {
|
|
name = "gcp-sa-key"
|
|
namespace = kubernetes_namespace.external_dns.metadata[0].name
|
|
}
|
|
data = {
|
|
"credentials.json" = base64decode(google_service_account_key.external_dns_creds.private_key)
|
|
}
|
|
}
|
|
|
|
resource "helm_release" "external_dns" {
|
|
name = "external-dns"
|
|
repository = "https://kubernetes-sigs.github.io/external-dns/"
|
|
namespace = kubernetes_namespace.external_dns.metadata[0].name
|
|
chart = "external-dns"
|
|
values = [file("${path.module}/values/external-dns.values.yaml")]
|
|
version = "1.14.3"
|
|
|
|
|
|
depends_on = [kubernetes_secret.external_dns_creds]
|
|
|
|
}
|