11terraform {
22 required_providers {
33 kubernetes =
4- source = " hashicorp/kubernetes"
5- version = " >= 2.0.0"
4+ source = " hashicorp/kubernetes"
5+ version = " >= 2.0.0"
66 }
77 }
88
99 backend "s3" {
10- bucket = " tasknote"
11- key = " kubernetes/terraform.tfstate"
12- region = " auto"
13- endpoints = = " https://d17eb09b6bce2f90e16e800bb2a6baf9.r2.cloudflarestorage.com"
14- }
10+ bucket = " tasknote"
11+ key = " kubernetes/terraform.tfstate"
12+ region = " auto"
13+ endpoints = = " https://d17eb09b6bce2f90e16e800bb2a6baf9.r2.cloudflarestorage.com"
1514 skip_credentials_validation = true
16- skip_region_validation = true
17- skip_requesting_account_id = true
18- skip_metadata_api_check = true
19- skip_s3_checksum = true
15+ skip_region_validation = true
16+ skip_requesting_account_id = true
17+ skip_metadata_api_check = true
18+ skip_s3_checksum = true
2019 }
2120}
2221
@@ -25,47 +24,47 @@ provider "kubernetes" {
2524}
2625
2726variable "db_user" {
28- type = string
27+ type = string
2928 sensitive = true
3029}
3130
3231variable "db_password" {
33- type = string
32+ type = string
3433 sensitive = true
3534}
3635
3736variable "db_name" {
38- type = string
37+ type = string
3938 sensitive = true
4039}
4140
4241variable "security_key" {
43- type = string
44- sensitive = true
42+ type = string
43+ sensitive = true
4544}
4645
4746variable "mailgun_apikey" {
48- type = string
47+ type = string
4948 sensitive = true
5049}
5150
5251variable "cors_allowed_origins" {
53- type = string
52+ type = string
5453 default = " https://tasknote.darkroasted.vps-kinghost.net"
5554}
5655
5756variable "root_log_level" {
58- type = string
57+ type = string
5958 default = " INFO"
6059}
6160
6261variable "backend_image" {
63- type = string
62+ type = string
6463 default = " pull ghcr.io/rmcampos/tasknote/api:15"
6564}
6665
6766variable "frontend_image" {
68- type = string
67+ type = string
6968 default = " ghcr.io/rmcampos/tasknote/app:app-v2026.03.17.18"
7069}
7170
@@ -77,22 +76,22 @@ resource "kubernetes_namespace_v1" "tasknote" {
7776
7877resource "kubernetes_secret_v1" "tasknote_secrets" {
7978 metadata {
80- name = " tasknote-secrets"
79+ name = " tasknote-secrets"
8180 namespace = . tasknote . metadata [0 ]. name
8281 }
8382
8483 data =
85- postgres_user = var.db_user
84+ postgres_user = var.db_user
8685 postgres_password = var.db_password
87- postgres_db = var.db_name
88- security_key = var.security_key
89- mailgun_apikey = var.mailgun_apikey
86+ postgres_db = var.db_name
87+ security_key = var.security_key
88+ mailgun_apikey = var.mailgun_apikey
9089 }
9190}
9291
9392resource "kubernetes_persistent_volume_claim_v1" "tasknote_db_data" {
9493 metadata {
95- name = " postgres-data-pvc"
94+ name = " postgres-data-pvc"
9695 namespace = . tasknote . metadata [0 ]. name
9796 }
9897 spec {
@@ -107,7 +106,7 @@ resource "kubernetes_persistent_volume_claim_v1" "tasknote_db_data" {
107106
108107resource "kubernetes_deployment_v1" "tasknote_db" {
109108 metadata {
110- name = " tasknote-db"
109+ name = " tasknote-db"
111110 namespace = . tasknote . metadata [0 ]. name
112111 }
113112 spec {
@@ -118,17 +117,17 @@ resource "kubernetes_deployment_v1" "tasknote_db" {
118117 spec {
119118 container {
120119 image = " postgres:15.8-bookworm"
121- name = " postgres"
120+ name = " postgres"
122121 volume_mount {
123- name = " postgres-storage"
122+ name = " postgres-storage"
124123 mount_path = " /var/lib/postgresql/data"
125124 }
126125 env {
127126 name = " POSTGRES_USER"
128127 value_from {
129128 secret_key_ref {
130129 name = . tasknote_secrets . metadata [0 ]. name
131- key = " postgres_user"
130+ key = " postgres_user"
132131 }
133132 }
134133 }
@@ -137,7 +136,7 @@ resource "kubernetes_deployment_v1" "tasknote_db" {
137136 value_from {
138137 secret_key_ref {
139138 name = . tasknote_secrets . metadata [0 ]. name
140- key = " postgres_password"
139+ key = " postgres_password"
141140 }
142141 }
143142 }
@@ -146,7 +145,7 @@ resource "kubernetes_deployment_v1" "tasknote_db" {
146145 value_from {
147146 secret_key_ref {
148147 name = . tasknote_secrets . metadata [0 ]. name
149- key = " postgres_db"
148+ key = " postgres_db"
150149 }
151150 }
152151 }
@@ -165,7 +164,7 @@ resource "kubernetes_deployment_v1" "tasknote_db" {
165164
166165resource "kubernetes_service_v1" "tasknote_db_svc" {
167166 metadata {
168- name = " tasknote-db-svc"
167+ name = " tasknote-db-svc"
169168 namespace = . tasknote . metadata [0 ]. name
170169 }
171170 spec {
@@ -177,7 +176,7 @@ resource "kubernetes_service_v1" "tasknote_db_svc" {
177176
178177resource "kubernetes_deployment_v1" "tasknote_backend" {
179178 metadata {
180- name = " tasknote-backend"
179+ name = " tasknote-backend"
181180 namespace = . tasknote . metadata [0 ]. name
182181 }
183182 spec {
@@ -188,78 +187,78 @@ resource "kubernetes_deployment_v1" "tasknote_backend" {
188187 spec {
189188 container {
190189 image = . backend_image
191- name = " backend"
190+ name = " backend"
192191 env {
193192 name = " POSTGRES_DB"
194- value_from {
193+ value_from {
195194 secret_key_ref {
196195 name = . tasknote_secrets . metadata [0 ]. name
197- key = " postgres_db"
196+ key = " postgres_db"
198197 }
199198 }
200199 }
201200 env {
202- name = " POSTGRES_HOST"
201+ name = " POSTGRES_HOST"
203202 value = " tasknote-db-svc"
204203 }
205204 env {
206205 name = " POSTGRES_USER"
207206 value_from {
208207 secret_key_ref {
209208 name = . tasknote_secrets . metadata [0 ]. name
210- key = " postgres_user"
209+ key = " postgres_user"
211210 }
212211 }
213212 }
214213 env {
215214 name = " POSTGRES_PASSWORD"
216- value_from {
215+ value_from {
217216 secret_key_ref {
218217 name = . tasknote_secrets . metadata [0 ]. name
219- key = " postgres_password"
218+ key = " postgres_password"
220219 }
221220 }
222221 }
223222 env {
224- name = " POSTGRES_PORT"
223+ name = " POSTGRES_PORT"
225224 value = " 5432"
226225 }
227226 env {
228- name = " CORS_ALLOWED_ORIGINS"
227+ name = " CORS_ALLOWED_ORIGINS"
229228 value = . cors_allowed_origins
230229 }
231230 env {
232- name = " SERVER_SERVLET_CONTEXT_PATH"
231+ name = " SERVER_SERVLET_CONTEXT_PATH"
233232 value = " /"
234233 }
235234 env {
236- name = " ROOT_LOG_LEVEL"
235+ name = " ROOT_LOG_LEVEL"
237236 value = . root_log_level
238237 }
239238 env {
240239 name = " SECURITY_KEY"
241- value_from {
240+ value_from {
242241 secret_key_ref {
243242 name = . tasknote_secrets . metadata [0 ]. name
244- key = " security_key"
243+ key = " security_key"
245244 }
246245 }
247246 }
248247 env {
249- name = " TARGET_ENV"
248+ name = " TARGET_ENV"
250249 value = " production"
251250 }
252251 env {
253252 name = " MAILGUN_APIKEY"
254- value_from {
253+ value_from {
255254 secret_key_ref {
256255 name = . tasknote_secrets . metadata [0 ]. name
257- key = " mailgun_apikey"
256+ key = " mailgun_apikey"
258257 }
259258 }
260259 }
261260 resources {
262- limits = = " 256Mi" = " 500m"
261+ limits = = " 256Mi" = " 500m"
263262 requests = = " 256Mi" = " 250m"
264263 }
265264 }
@@ -270,21 +269,21 @@ resource "kubernetes_deployment_v1" "tasknote_backend" {
270269
271270resource "kubernetes_service_v1" "tasknote_backend_svc" {
272271 metadata {
273- name = " tasknote-backend-svc"
272+ name = " tasknote-backend-svc"
274273 namespace = . tasknote . metadata [0 ]. name
275274 }
276275 spec {
277276 selector = = " tasknote-backend"
278277 port {
279- port = 8585
278+ port = 8585
280279 target_port = 8585
281280 }
282281 }
283282}
284283
285284resource "kubernetes_deployment_v1" "tasknote_frontend" {
286285 metadata {
287- name = " tasknote-frontend"
286+ name = " tasknote-frontend"
288287 namespace = . tasknote . metadata [0 ]. name
289288 }
290289 spec {
@@ -295,10 +294,10 @@ resource "kubernetes_deployment_v1" "tasknote_frontend" {
295294 spec {
296295 container {
297296 image = . frontend_image
298- name = " frontend"
297+ name = " frontend"
299298 port { container_port = 5000 }
300299 env {
301- name = " VITE_BACKEND_SERVER"
300+ name = " VITE_BACKEND_SERVER"
302301 value = " https://tasknoteapi.darkroasted.vps-kinghost.net"
303302 }
304303 }
@@ -309,13 +308,13 @@ resource "kubernetes_deployment_v1" "tasknote_frontend" {
309308
310309resource "kubernetes_service_v1" "tasknote_frontend_svc" {
311310 metadata {
312- name = " tasknote-frontend-svc"
311+ name = " tasknote-frontend-svc"
313312 namespace = . tasknote . metadata [0 ]. name
314313 }
315314 spec {
316315 selector = = " tasknote-app"
317316 port {
318- port = 5000
317+ port = 5000
319318 target_port = 5000
320319 }
321320 type = " ClusterIP"
@@ -325,7 +324,7 @@ resource "kubernetes_service_v1" "tasknote_frontend_svc" {
325324# Unified Ingress for App and API
326325resource "kubernetes_ingress_v1" "tasknote_ingress" {
327326 metadata {
328- name = " tasknote-ingress"
327+ name = " tasknote-ingress"
329328 namespace = . tasknote . metadata [0 ]. name
330329 annotations =
331330 " kubernetes.io/ingress.class" = " traefik"
@@ -334,14 +333,14 @@ resource "kubernetes_ingress_v1" "tasknote_ingress" {
334333 }
335334 spec {
336335 tls {
337- hosts = " tasknote.darkroasted.vps-kinghost.net" " tasknoteapi.darkroasted.vps-kinghost.net"
336+ hosts = " tasknote.darkroasted.vps-kinghost.net" " tasknoteapi.darkroasted.vps-kinghost.net"
338337 secret_name = " tasknote-tls-certs"
339338 }
340339 rule {
341340 host = " tasknote.darkroasted.vps-kinghost.net"
342341 http {
343342 path {
344- path = " /"
343+ path = " /"
345344 path_type = " Prefix"
346345 backend {
347346 service {
@@ -356,7 +355,7 @@ resource "kubernetes_ingress_v1" "tasknote_ingress" {
356355 host = " tasknoteapi.darkroasted.vps-kinghost.net"
357356 http {
358357 path {
359- path = " /"
358+ path = " /"
360359 path_type = " Prefix"
361360 backend {
362361 service {
0 commit comments