video-iac/terraform/kubernetes.tf

resource "kubernetes_namespace" "external-dns" {
  depends_on = [local_file.kubeconfig]

  metadata {
    name = "external-dns"
  }
}

resource "kubernetes_secret" "aws_user_external_dns" {
  depends_on = [kubernetes_namespace.external-dns]

  metadata {
    name      = "aws-user-external-dns"
    namespace = "external-dns"
  }

  data = {
    username = aws_iam_access_key.lke-external-dns.id
    password = aws_iam_access_key.lke-external-dns.secret
  }

  type = "kubernetes.io/basic-auth"

}

resource "kubernetes_namespace" "argocd" {
  depends_on = [local_file.kubeconfig]

  metadata {
    name = "argocd"
  }
}

data "aws_secretsmanager_secret" "bitbucket_ssh_argocd_key" {
  name = "bitbucket-ssh-argocd-key"
}

data "aws_secretsmanager_secret_version" "bitbucket_ssh_argocd_key" {
  secret_id = data.aws_secretsmanager_secret.bitbucket_ssh_argocd_key.id
}

resource "kubernetes_secret" "bitbucket_ssh_argocd_key" {
  depends_on = [kubernetes_namespace.argocd]

  metadata {
    name      = "bitbucket-ssh-argocd-key"
    namespace = "argocd"
    labels = {
      "argocd.argoproj.io/secret-type" = "repository"
    }
  }

  data = {
    url           = "git@bitbucket.org:jamkazam/video-iac"
    sshPrivateKey = base64decode(jsondecode(data.aws_secretsmanager_secret_version.bitbucket_ssh_argocd_key.secret_string)["private"])
  }

}

resource "kubernetes_namespace" "coturn" {
  depends_on = [local_file.kubeconfig]

  metadata {
    name = "coturn"
  }
}
resource "kubernetes_config_map" "coturn_pool" {
  metadata {
    name      = "linode-pool"
    namespace = "coturn"
  }

  data = {
    pool = linode_lke_cluster.stg-video-cluster.pool[2].id
  }
}

resource "kubernetes_namespace" "webrtc" {
  depends_on = [local_file.kubeconfig]

  metadata {
    name = "webrtc"
  }
}
resource "kubernetes_config_map" "webrtc_pool" {
  metadata {
    name      = "linode-pool"
    namespace = "webrtc"
  }

  data = {
    pool = linode_lke_cluster.stg-video-cluster.pool[1].id
  }
}