From 715f2020904878d7ed5f04c155281daffa1465c0 Mon Sep 17 00:00:00 2001
From: RaviAnand Mohabir <moravrav@gmail.com>
Date: Fri, 27 Jan 2023 15:00:55 +0100
Subject: [PATCH] feat: :sparkles: add Shlink Terraform deployment module

---
 .gitignore   |  37 ++++++++++++++++
 main.tf      | 112 +++++++++++++++++++++++++++++++++++++++++++++++
 outputs.tf   |   9 ++++
 variables.tf | 120 +++++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 278 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 main.tf
 create mode 100644 outputs.tf
 create mode 100644 variables.tf

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..d3e6177
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,37 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# Custom
+.env
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..7fe1897
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,112 @@
+terraform {
+  required_providers {
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "2.13.1"
+    }
+  }
+}
+
+locals {
+  match_labels = merge({
+    "app.kubernetes.io/name"     = "shlink"
+    "app.kubernetes.io/instance" = "shlink"
+  }, var.match_labels)
+  labels = merge(local.match_labels, var.labels)
+}
+
+resource "kubernetes_deployment" "shlink" {
+  metadata {
+    name      = "shlink"
+    namespace = var.namespace
+    labels    = local.labels
+  }
+  spec {
+    replicas = 1
+    selector {
+      match_labels = local.labels
+    }
+    template {
+      metadata {
+        labels = local.labels
+        annotations = {
+          "ravianand.me/config-hash" = sha1(jsonencode(merge(
+            kubernetes_config_map.shlink.data,
+            kubernetes_secret.shlink.data
+          )))
+        }
+      }
+      spec {
+        container {
+          image = var.image_registry == "" ? "${var.image_repository}:${var.image_tag}" : "${var.image_registry}/${var.image_repository}:${var.image_tag}"
+          name  = var.container_name
+          args  = ["-config", "/config.yaml"]
+          env {
+            name = "DB_PASSWORD"
+            value_from {
+              secret_key_ref {
+                name = kubernetes_secret.shlink.metadata.0.name
+                key  = "db-password"
+              }
+            }
+          }
+          env_from {
+            config_map_ref {
+              name = kubernetes_config_map.shlink.metadata.0.name
+            }
+          }
+          port {
+            name           = "http"
+            container_port = 8080
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "shlink" {
+  metadata {
+    name      = var.service_name
+    namespace = var.namespace
+    labels    = local.labels
+  }
+  spec {
+    type     = var.service_type
+    selector = local.match_labels
+    port {
+      name        = "http"
+      port        = 8080
+      target_port = "http"
+    }
+  }
+}
+
+resource "kubernetes_secret" "shlink" {
+  metadata {
+    name      = "shlink"
+    namespace = var.namespace
+  }
+  data = {
+    "db-password" = var.db_password
+  }
+}
+
+resource "kubernetes_config_map" "shlink" {
+  metadata {
+    name      = "shlink"
+    namespace = var.namespace
+  }
+  data = {
+    "DEFAULT_DOMAIN"      = var.host
+    "IS_HTTPS_ENABLED"    = var.https
+    "GEOLITE_LICENSE_KEY" = var.geolite_license_key
+    "INITIAL_API_KEY"     = var.initial_api_key
+    "DB_DRIVER"           = var.db_driver
+    "DB_NAME"             = var.db_name
+    "DB_USER"             = var.db_user
+    "DB_HOST"             = var.db_host
+    "DB_PORT"             = var.db_port
+    "REDIS_SERVERS"       = var.redis_servers
+  }
+}
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..efa3b2f
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,9 @@
+output "service_name" {
+  description = "Service name for shlink deployment"
+  value       = kubernetes_service.shlink.metadata.0.name
+}
+
+output "service_port" {
+  description = "Port exposed by the service"
+  value       = kubernetes_service.shlink.spec.0.port.0.name
+}
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..ff107e0
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,120 @@
+variable "namespace" {
+  description = "Namespace where shlink is deployed"
+  type        = string
+  default     = "default"
+}
+
+variable "image_registry" {
+  description = "Image registry, e.g. gcr.io, docker.io"
+  type        = string
+  default     = ""
+}
+
+variable "image_repository" {
+  description = "Image to start for this pod"
+  type        = string
+  default     = "shlinkio/shlink"
+}
+
+variable "image_tag" {
+  description = "Image tag to use"
+  type        = string
+  default     = "stable"
+}
+
+variable "container_name" {
+  description = "Name of the shlink container"
+  type        = string
+  default     = "shlink"
+}
+
+variable "match_labels" {
+  description = "Match labels to add to the shlink deployment, will be merged with labels"
+  type        = map(any)
+  default     = {}
+}
+
+variable "labels" {
+  description = "Labels to add to the shlink deployment"
+  type        = map(any)
+  default     = {}
+}
+
+variable "host" {
+  description = "Public facing hostname for shlink"
+  type        = string
+  default     = "localhost:8080"
+}
+
+variable "https" {
+  description = "Whether HTTPS is enabled for shlink"
+  type        = bool
+  default     = true
+}
+
+variable "geolite_license_key" {
+  description = "Geolite2 license key for visit tracking"
+  type        = string
+  default     = ""
+}
+
+variable "initial_api_key" {
+  description = "Initial API key for admin user"
+  type        = string
+  default     = ""
+}
+
+variable "service_name" {
+  description = "Name of service to deploy"
+  type        = string
+  default     = "shlink"
+}
+
+variable "service_type" {
+  description = "Type of service to deploy"
+  type        = string
+  default     = "ClusterIP"
+}
+
+variable "db_driver" {
+  description = "DB driver to use"
+  type        = string
+  default     = "sqlite"
+}
+
+variable "db_host" {
+  description = "DB hostname"
+  type        = string
+  default     = ""
+}
+
+variable "db_user" {
+  description = "User for database"
+  type        = string
+  default     = ""
+}
+
+variable "db_password" {
+  description = "Password for database"
+  type        = string
+  default     = ""
+}
+
+variable "db_port" {
+  description = "Port for DB"
+  type        = number
+  default     = 5432
+}
+
+variable "db_name" {
+  description = "Database to use"
+  type        = string
+  default     = ""
+}
+
+variable "redis_servers" {
+  description = "Comma-separated list of Redis servers to use, including credentials"
+  type        = string
+  default     = ""
+
+}