Add FreeIPA server

2023-10-04 13:45:27 +01:00 · 2023-10-04 13:45:27 +01:00 · 3e8b46ce33
parent 43e74cba4e
commit 3e8b46ce33
2 changed files with 39 additions and 0 deletions
--- a/main.tf
+++ b/main.tf
@ -300,3 +300,38 @@ alertmanager:
 EOT
  ]
 }
+
+resource "helm_release" "freeipa" {
+  name = "freeipa"
+  namespace = var.freeipa_namespace
+  repository = "https://improwised.github.io/charts/"
+  chart = "freeipa"
+  create_namespace = true
+  values = [
+<<EOT
+hostname: freeipa.${var.domain_suffix}
+args:
+  realm: MD1CLV.IM
+  domain: md1clv.im
+  dspassword: ${var.freeipa_ds_password}
+  adminpassword: ${var.freeipa_admin_password}
+  nohostdns: true
+  nontp: true
+  setupdns: false
+persistence:
+  enabled: true
+  storageclass: ${var.storageclass}
+ingress:
+  enabled: true
+  hostname: freeipa.${var.domain_suffix}
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  tls: true
+  backendProtocol: http
+service:
+  annotations:
+    traefik.ingress.kubernetes.io/service.serversscheme: https
+    traefik.ingress.kubernetes.io/service.serverstransport: default-tls-selfsigned@kubernetescrd
+EOT
+  ]
+}
--- a/vars.tf
+++ b/vars.tf
@ -29,3 +29,7 @@ variable "librenms_namespace" {
 variable "prometheus_namespace" {
  default = "prometheus"
 }
+
+variable "freeipa_namespace" {
+  default = "freeipa"
+}