From b8d35e54acafbda00958e691938087430cea6bef Mon Sep 17 00:00:00 2001
From: Tamas Kiss <kiss.tamas94@gmail.com>
Date: Fri, 27 May 2022 16:08:11 +0200
Subject: [PATCH] import: traefik helm release

---
 README.md  |  1 +
 locals.tf  |  1 +
 traefik.tf | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 34 insertions(+)
 create mode 100644 traefik.tf

diff --git a/README.md b/README.md
index 085feb6..8c9e321 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,7 @@ The following resources are used by this module:
 
 - [helm_release.coredns](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
 - [helm_release.metrics_server](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
+- [helm_release.traefik](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
 - [kubernetes_cluster_role.ci_cd](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) (resource)
 - [kubernetes_cluster_role.prometheus](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) (resource)
 - [kubernetes_cluster_role_binding.auto_approve_node_csrs](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) (resource)
diff --git a/locals.tf b/locals.tf
index f7be528..84d7d7d 100644
--- a/locals.tf
+++ b/locals.tf
@@ -3,6 +3,7 @@ locals {
   kubernetes_server  = "https://nat.lawndale:6443"
   kubernetes_version = "1.23.5"
   cluster_dns        = "10.32.0.10"
+  traefik_namespace  = "traefik"
 
   bootstrap_token = "${random_password.bootstrap_token_id.result}.${random_password.bootstrap_token_secret.result}"
 
diff --git a/traefik.tf b/traefik.tf
new file mode 100644
index 0000000..57a3692
--- /dev/null
+++ b/traefik.tf
@@ -0,0 +1,32 @@
+resource "helm_release" "traefik" {
+  name             = "traefik"
+  namespace        = local.traefik_namespace
+  create_namespace = true
+
+  repository = "https://helm.traefik.io/traefik"
+  chart      = "traefik"
+
+  values = [
+    jsonencode({
+      rbac = {
+        enabled    = true
+        namespaced = false # traefik works for the whole cluster
+      }
+      podSecurityPolicy = {
+        enabled = false
+      }
+      deployment = {
+        enabled = false
+      }
+      daemonset = {
+        enabled = false
+      }
+      service = {
+        enabled = false
+      }
+      ingressroute = {
+        dashboard = { enabled = false }
+      }
+    })
+  ]
+}