From adc90e8a1914f7fabd4964508e6d67ca97042e39 Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Tue, 14 May 2024 23:21:28 -0700
Subject: [PATCH] New namespace and volumes for the vault namespace

---
 lab/cluster/filebrowser.tf | 28 ++++++++++++++++++++++++++++
 lab/cluster/namespace.tf   | 11 +++++++++++
 lab/cluster/volume.tf      | 29 +++++++++++++++++++++++++++++
 3 files changed, 68 insertions(+)
 create mode 100644 lab/cluster/volume.tf

diff --git a/lab/cluster/filebrowser.tf b/lab/cluster/filebrowser.tf
index c6c4509..091f37a 100644
--- a/lab/cluster/filebrowser.tf
+++ b/lab/cluster/filebrowser.tf
@@ -1,3 +1,15 @@
+locals {
+  filebrowser = {
+    # Name that is basically used everywhere
+    name = "filebrowser"
+    # For the claim itself
+    vol = {
+      size = "15Gi"
+      mode = "ReadWriteOnce"
+    }
+  }
+}
+
 resource kubernetes_pod filebrowser {
   metadata {
     name = "filebrowser"
@@ -37,3 +49,19 @@ resource kubernetes_service filebrowser {
     type = "LoadBalancer"
   }
 }
+
+resource kubernetes_persistent_volume_claim filebrowser {
+  metadata {
+    name = "${local.filebrowser.name}-pvc"
+  }
+  spec {
+    access_modes = [ local.filebrowser.vol.mode ]
+    resources {
+      requests = {
+        storage = local.filebrowser.vol.size
+      }
+    }
+    volume_name = "${local.filebrowser.name}-vol"
+  }
+}
+
diff --git a/lab/cluster/namespace.tf b/lab/cluster/namespace.tf
index fe9d2e6..7bfc226 100644
--- a/lab/cluster/namespace.tf
+++ b/lab/cluster/namespace.tf
@@ -1,5 +1,16 @@
+# This namespace is used for things that we need/want to store somewhere secure
 resource kubernetes_namespace vault {
   metadata {
     name = "vault"
   }
 }
+
+# This namespace is for more generic things like a simple nginx page or some 
+# documentation, etc.
+resource kubernetes_namespace web {
+  metadata {
+    name = "web-services"
+  }
+}
+
+
diff --git a/lab/cluster/volume.tf b/lab/cluster/volume.tf
new file mode 100644
index 0000000..5328220
--- /dev/null
+++ b/lab/cluster/volume.tf
@@ -0,0 +1,29 @@
+# Creating the volume for the vault namespace that we can use
+locals {
+  vault = {
+    volume = {
+      modes = [ "ReadWriteOnce" ]
+      name = "vault-vol"
+      size = "25Gi"
+    }
+  }
+}
+
+
+resource kubernetes_persistent_volume vault {
+  metadata {
+    name = local.vault.volume.name
+  }
+  spec {
+    capacity = {
+      storage = local.vault.volume.size
+    }
+    access_modes = local.vault.volume.modes
+    persistent_volume_source {
+      gce_persistent_disk {
+        pd_name = "${local.filebrowser.name}-vol-pd"
+      }
+    }
+  }
+}
+