forked from public/stack
infra/main: clean up database_users output
This commit is contained in:
parent
de97ffef10
commit
58f9f507de
|
@ -57,10 +57,29 @@ module "digitalocean_database_cluster" {
|
||||||
digitalocean_region = var.region
|
digitalocean_region = var.region
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO: make it output a Kubernetes Secret in env var format, can be piped into
|
# `jq .database_users.value.forgejo | sops --encrypt`
|
||||||
# `jq .database_users.value.forgejo | sops --encrypt` for nice secret gen
|
|
||||||
# Ref: https://github.com/RyanSquared/gitops/blob/b8305292f215f6fe0bed170550b9b869302ab9e2/environments/production/kustomizations/forgejo/forgejo-config.enc.yaml
|
|
||||||
output "database_users" {
|
output "database_users" {
|
||||||
value = module.digitalocean_database_cluster.database_users
|
value = {
|
||||||
|
for db_user in module.digitalocean_database_cluster.database_users:
|
||||||
|
db_user.name => {
|
||||||
|
apiVersion = "v1",
|
||||||
|
kind = "Secret",
|
||||||
|
metadata = {
|
||||||
|
name = "database-configuration",
|
||||||
|
},
|
||||||
|
stringData = {
|
||||||
|
name = db_user.name,
|
||||||
|
dbname = db_user.name,
|
||||||
|
host = module.digitalocean_database_cluster.database_cluster.private_host,
|
||||||
|
port = module.digitalocean_database_cluster.database_cluster.port,
|
||||||
|
password = db_user.password,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
|
output "database" {
|
||||||
|
value = module.digitalocean_database_cluster.database_cluster
|
||||||
sensitive = true
|
sensitive = true
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue