strip cluster bootstraps
All checks were successful
AI Code Review / ai-review (pull_request) Successful in 59s
All checks were successful
AI Code Review / ai-review (pull_request) Successful in 59s
This commit is contained in:
@@ -54,152 +54,3 @@ resource "upcloud_kubernetes_node_group" "workers" {
|
||||
env = lookup(var.tags, "Environment", "dev")
|
||||
}
|
||||
}
|
||||
|
||||
# ─── Managed PostgreSQL ──────────────────────────────────────────────
|
||||
|
||||
resource "upcloud_managed_database_postgresql" "main" {
|
||||
name = "${var.prefix}-postgresql"
|
||||
plan = var.pg_plan
|
||||
title = "${var.prefix} PostgreSQL"
|
||||
zone = var.zone
|
||||
|
||||
termination_protection = var.termination_protection
|
||||
|
||||
network {
|
||||
family = "IPv4"
|
||||
name = "pg-private"
|
||||
type = "private"
|
||||
uuid = upcloud_network.kubernetes.id
|
||||
}
|
||||
|
||||
properties {
|
||||
public_access = false
|
||||
version = var.pg_version
|
||||
}
|
||||
|
||||
labels = var.tags
|
||||
}
|
||||
|
||||
resource "upcloud_managed_database_logical_database" "keycloak" {
|
||||
service = upcloud_managed_database_postgresql.main.id
|
||||
name = "keycloak"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_database_logical_database" "gitlab" {
|
||||
service = upcloud_managed_database_postgresql.main.id
|
||||
name = "gitlabhq_production"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_database_user" "keycloak" {
|
||||
service = upcloud_managed_database_postgresql.main.id
|
||||
username = "keycloak"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_database_user" "gitlab" {
|
||||
service = upcloud_managed_database_postgresql.main.id
|
||||
username = "gitlab"
|
||||
}
|
||||
|
||||
# ─── Managed Valkey ──────────────────────────────────────────────────
|
||||
|
||||
resource "upcloud_managed_database_valkey" "main" {
|
||||
name = "${var.prefix}-valkey"
|
||||
plan = var.valkey_plan
|
||||
title = "${var.prefix} Valkey"
|
||||
zone = var.zone
|
||||
|
||||
termination_protection = var.termination_protection
|
||||
|
||||
network {
|
||||
family = "IPv4"
|
||||
name = "valkey-private"
|
||||
type = "private"
|
||||
uuid = upcloud_network.kubernetes.id
|
||||
}
|
||||
|
||||
properties {
|
||||
public_access = false
|
||||
}
|
||||
|
||||
labels = var.tags
|
||||
}
|
||||
|
||||
# ─── Managed Object Storage ─────────────────────────────────────────
|
||||
|
||||
resource "upcloud_managed_object_storage" "main" {
|
||||
name = "${var.prefix}-objsto"
|
||||
region = var.objstore_region
|
||||
configured_status = "started"
|
||||
|
||||
network {
|
||||
family = "IPv4"
|
||||
name = "objsto-private"
|
||||
type = "private"
|
||||
uuid = upcloud_network.kubernetes.id
|
||||
}
|
||||
|
||||
labels = var.tags
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_user" "gitlab" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
username = "${var.prefix}-gitlab"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_user_access_key" "gitlab" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
username = upcloud_managed_object_storage_user.gitlab.username
|
||||
status = "Active"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_policy" "gitlab" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "gitlab-full-access"
|
||||
description = "Full S3 access for GitLab"
|
||||
document = urlencode(jsonencode({
|
||||
Version = "2012-10-17"
|
||||
Statement = [
|
||||
{
|
||||
Effect = "Allow"
|
||||
Action = ["s3:*"]
|
||||
Resource = "*"
|
||||
}
|
||||
]
|
||||
}))
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_user_policy" "gitlab" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
username = upcloud_managed_object_storage_user.gitlab.username
|
||||
name = upcloud_managed_object_storage_policy.gitlab.name
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_bucket" "gitlab_artifacts" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "${var.prefix}-gitlab-artifacts"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_bucket" "gitlab_uploads" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "${var.prefix}-gitlab-uploads"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_bucket" "gitlab_packages" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "${var.prefix}-gitlab-packages"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_bucket" "gitlab_lfs" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "${var.prefix}-gitlab-lfs"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_bucket" "gitlab_registry" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "${var.prefix}-gitlab-registry"
|
||||
}
|
||||
|
||||
resource "upcloud_managed_object_storage_bucket" "gitlab_backups" {
|
||||
service_uuid = upcloud_managed_object_storage.main.id
|
||||
name = "${var.prefix}-gitlab-backups"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user