This repository has been archived by the owner on Jan 27, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapi.tf
128 lines (109 loc) · 4.3 KB
/
api.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
locals {
api = {
image_tags = {
database_layer = "0.3.74"
server = "staging"
api_db_migration = "0.9.0"
}
}
}
module "api_redis" {
source = "github.com/serlo/infrastructure-modules-shared.git//redis?ref=v17.1.2"
namespace = kubernetes_namespace.api_namespace.metadata.0.name
chart_version = "12.6.2"
image_tag = "6.0.10"
node_pool = module.cluster.node_pools.non-preemptible
}
module "api" {
source = "github.com/serlo/infrastructure-modules-api.git//?ref=v14.1.1"
namespace = kubernetes_namespace.api_namespace.metadata.0.name
image_tag = local.api.image_tags.server
image_pull_policy = "Always"
node_pool = module.cluster.node_pools.non-preemptible
environment = "staging"
google_spreadsheet_api = {
active_donors = var.api_active_donors_google_spreadsheet_id
motivation = var.api_motivation_google_spreadsheet_id
secret = var.api_active_donors_google_api_key
}
rocket_chat_api = {
user_id = var.rocket_chat_user_id
auth_token = var.rocket_chat_auth_token
url = "https://community.serlo.org/"
}
mailchimp_api = {
key = var.athene2_php_newsletter_key
}
redis_url = "redis://redis-master:6379"
database_layer = {
image_tag = local.api.image_tags.database_layer
database_url = "mysql://serlo:${var.athene2_database_password_default}@${module.mysql.database_private_ip_address}:3306/serlo"
database_max_connections = 25
sentry_dsn = "https://[email protected]/5649015"
metadata_api_last_changes_date = "2023-06-19T12:00:00Z"
}
api_db_migration = {
enable_cronjob = true
image_tag = local.api.image_tags.api_db_migration
database_url = "mysql://serlo:${var.athene2_database_password_default}@${module.mysql.database_private_ip_address}:3306/serlo"
}
server = {
hydra_host = module.hydra.admin_uri
kratos_public_host = module.kratos.public_uri
kratos_admin_host = module.kratos.admin_uri
kratos_secret = module.kratos.secret
kratos_db_uri = "postgres://${local.postgres_database_username_default}:${var.kpi_kpi_database_password_default}@${module.gcloud_postgres.database_private_ip_address}/kratos"
notification_email_secret = "we do not need this for staging"
swr_queue_dashboard = {
username = var.api_swr_queue_dashboard_username
password = var.api_swr_queue_dashboard_password
}
google_service_account = file("secrets/serlo-org-6bab84a1b1a5.json")
sentry_dsn = "https://[email protected]/5385534"
enmeshed_server_host = "http://enmeshed-connector-helm-chart"
enmeshed_server_secret = var.enmeshed_api_key
enmeshed_webhook_secret = var.enmeshed_api_key
openai_api_key = var.openai_api_key
}
swr_queue_worker = {
concurrency = 1
}
}
module "enmeshed" {
source = "github.com/serlo/infrastructure-modules-shared.git//enmeshed?ref=v17.6.3"
namespace = kubernetes_namespace.api_namespace.metadata.0.name
chart_version = "3.5.5"
transport_base_url = "https://nmshd-bkb.demo.meinbildungsraum.de/"
platform_client_id = var.enmeshed_platform_client_id
platform_client_secret = var.enmeshed_platform_client_secret
api_url = "https://api.${local.domain}"
api_key = var.enmeshed_api_key
}
module "api_server_ingress" {
source = "github.com/serlo/infrastructure-modules-shared.git//ingress?ref=v13.1.0"
name = "api"
namespace = kubernetes_namespace.api_namespace.metadata.0.name
host = "api.${local.domain}"
backend = {
service_name = module.api.server_service_name
service_port = module.api.server_service_port
}
enable_tls = true
enable_cors = true
}
module "enmeshed_ingress" {
source = "github.com/serlo/infrastructure-modules-shared.git//ingress?ref=v13.2.0"
name = "enmeshed"
namespace = kubernetes_namespace.api_namespace.metadata.0.name
host = "enmeshed.${local.domain}"
backend = {
service_name = "enmeshed-connector-helm-chart"
service_port = 80
}
enable_tls = true
}
resource "kubernetes_namespace" "api_namespace" {
metadata {
name = "api"
}
}