Add FreeIPA server

main.tf

@@ -300,3 +300,38 @@ alertmanager:
 EOT
   ]
 }
+
+resource "helm_release" "freeipa" {
+  name = "freeipa"
+  namespace = var.freeipa_namespace
+  repository = "https://improwised.github.io/charts/"
+  chart = "freeipa"
+  create_namespace = true
+  values = [
+<<EOT
+hostname: freeipa.${var.domain_suffix}
+args:
+  realm: MD1CLV.IM
+  domain: md1clv.im
+  dspassword: ${var.freeipa_ds_password}
+  adminpassword: ${var.freeipa_admin_password}
+  nohostdns: true
+  nontp: true
+  setupdns: false
+persistence:
+  enabled: true
+  storageclass: ${var.storageclass}
+ingress:
+  enabled: true
+  hostname: freeipa.${var.domain_suffix}
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  tls: true
+  backendProtocol: http
+service:
+  annotations:
+    traefik.ingress.kubernetes.io/service.serversscheme: https
+    traefik.ingress.kubernetes.io/service.serverstransport: default-tls-selfsigned@kubernetescrd
+EOT
+  ]
+}

vars.tf

@@ -29,3 +29,7 @@ variable "librenms_namespace" {
 variable "prometheus_namespace" {
   default = "prometheus"
 }
+
+variable "freeipa_namespace" {
+  default = "freeipa"
+}