chore: allow setting feature flags

Author: drpebcak

data.tf

@@ -6,7 +6,7 @@ data "aws_vpc" "default" {
 data "aws_subnets" "available" {
   filter {
     name   = "vpc-id"
-    values = [data.aws_vpc.default.id ]
+    values = [data.aws_vpc.default.id]
   }
 }
 
@@ -49,22 +49,53 @@ data "cloudinit_config" "k3s_server" {
   part {
     filename     = "init.cfg"
     content_type = "text/cloud-config"
-    content      = templatefile("${path.module}/files/cloud-config-base.yaml", { ssh_keys = var.ssh_keys })
+    content = templatefile("${path.module}/files/cloud-config-base.yaml",
+      {
+        ssh_keys = var.ssh_keys
+    })
   }
 
   part {
     content_type = "text/x-shellscript"
-    content      = templatefile("${path.module}/files/k3s-install.sh", { install_k3s_version = local.install_k3s_version, k3s_exec = local.server_k3s_exec, k3s_cluster_secret = local.k3s_cluster_secret, is_k3s_server = true, k3s_url = aws_lb.server-lb.dns_name, k3s_datastore_endpoint = local.k3s_datastore_endpoint, k3s_datastore_cafile = local.k3s_datastore_cafile, k3s_disable_agent = local.k3s_disable_agent, k3s_tls_san = local.k3s_tls_san, k3s_deploy_traefik = local.k3s_deploy_traefik })
+    content = templatefile("${path.module}/files/k3s-install.sh",
+      {
+        install_k3s_version    = local.install_k3s_version,
+        k3s_exec               = local.server_k3s_exec,
+        k3s_cluster_secret     = local.k3s_cluster_secret,
+        is_k3s_server          = true,
+        k3s_url                = aws_lb.server-lb.dns_name,
+        k3s_datastore_endpoint = local.k3s_datastore_endpoint,
+        k3s_datastore_cafile   = local.k3s_datastore_cafile,
+        k3s_disable_agent      = local.k3s_disable_agent,
+        k3s_tls_san            = local.k3s_tls_san,
+        k3s_deploy_traefik     = local.k3s_deploy_traefik
+    })
   }
 
   part {
     content_type = "text/x-shellscript"
-    content      = templatefile("${path.module}/files/rancher-install.sh", { certmanager_version = local.certmanager_version, letsencrypt_email = local.letsencrypt_email, letsencrypt_environment = local.letsencrypt_environment, rancher_version = local.rancher_version, rancher_hostname = "${local.subdomain}.${local.domain}", install_rancher = local.install_rancher, install_certmanager = local.install_certmanager, rancher_password = local.rancher_password })
+    content = templatefile(
+      "${path.module}/files/rancher-install.sh",
+      { certmanager_version     = local.certmanager_version,
+        letsencrypt_email       = local.letsencrypt_email,
+        letsencrypt_environment = local.letsencrypt_environment,
+        rancher_version         = local.rancher_version,
+        rancher_hostname        = "${local.subdomain}.${local.domain}",
+        install_rancher         = local.install_rancher,
+        install_certmanager     = local.install_certmanager,
+        rancher_password        = local.rancher_password,
+        features                = local.rancher_features
+    })
   }
 
   part {
     content_type = "text/x-shellscript"
-    content      = templatefile("${path.module}/files/register-to-rancher.sh", { is_k3s_server = true, install_rancher = local.install_rancher, registration_command = local.registration_command })
+    content = templatefile("${path.module}/files/register-to-rancher.sh",
+      {
+        is_k3s_server        = true,
+        install_rancher      = local.install_rancher,
+        registration_command = local.registration_command
+    })
   }
 }
 
@@ -76,11 +107,26 @@ data "cloudinit_config" "k3s_agent" {
   part {
     filename     = "init.cfg"
     content_type = "text/cloud-config"
-    content      = templatefile("${path.module}/files/cloud-config-base.yaml", { ssh_keys = var.ssh_keys })
+    content = templatefile("${path.module}/files/cloud-config-base.yaml",
+      {
+        ssh_keys = var.ssh_keys
+    })
   }
 
   part {
     content_type = "text/x-shellscript"
-    content      = templatefile("${path.module}/files/k3s-install.sh", { install_k3s_version = local.install_k3s_version, k3s_exec = local.agent_k3s_exec, k3s_cluster_secret = local.k3s_cluster_secret, is_k3s_server = false, k3s_url = aws_lb.server-lb.dns_name, k3s_datastore_endpoint = local.k3s_datastore_endpoint, k3s_datastore_cafile = local.k3s_datastore_cafile, k3s_disable_agent = local.k3s_disable_agent, k3s_tls_san = local.k3s_tls_san, k3s_deploy_traefik = local.k3s_deploy_traefik })
+    content = templatefile("${path.module}/files/k3s-install.sh",
+      {
+        install_k3s_version    = local.install_k3s_version,
+        k3s_exec               = local.agent_k3s_exec,
+        k3s_cluster_secret     = local.k3s_cluster_secret,
+        is_k3s_server          = false,
+        k3s_url                = aws_lb.server-lb.dns_name,
+        k3s_datastore_endpoint = local.k3s_datastore_endpoint,
+        k3s_datastore_cafile   = local.k3s_datastore_cafile,
+        k3s_disable_agent      = local.k3s_disable_agent,
+        k3s_tls_san            = local.k3s_tls_san,
+        k3s_deploy_traefik     = local.k3s_deploy_traefik
+    })
   }
 }

files/rancher-install.sh

@@ -34,6 +34,9 @@ spec:
       email: ${letsencrypt_email}
       environment: ${letsencrypt_environment}
     bootstrapPassword: ${rancher_password}
+    %{ if features }
+    features: ${features}
+    %{ endif }
 EOF
 %{ endif }
 %{ endif }

main.tf

@@ -72,6 +72,7 @@ locals {
   create_external_nlb            = var.create_external_nlb ? 1 : 0
   registration_command           = var.registration_command
   rancher_password               = var.rancher_password
+  rancher_features               = var.rancher_features
   use_route53                    = var.use_route53 ? local.create_external_nlb : 0
   subdomain                      = var.subdomain != null ? var.subdomain : var.name
   rds_ca_cert_identifier         = var.rds_ca_cert_identifier

variables.tf

@@ -324,3 +324,9 @@ variable "agent_volume_type" {
   description = "Volume Type for K3S Agent nodes"
   type        = string
 }
+
+variable "rancher_features" {
+  default     = null
+  description = "Comma-separated list of feature flags to enable in Rancher"
+  type        = string
+}