Create and use a single traefik network everywhere
Diff
main.tf | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------
abstruse/main.tf | 2 ++
abstruse/variables.tf | 2 ++
docker/lychee.tf | 2 +-
docker/network.tf | 9 ++++-----
docker/outputs.tf | 4 ++++
docker/traefik.tf | 4 ++++
docker/variables.tf | 2 +-
gitea/main.tf | 5 +----
gitea/mysql.tf | 15 ---------------
gitea/redis.tf | 1 +
gitea/variables.tf | 2 ++
heimdall/main.tf | 2 ++
heimdall/variables.tf | 2 ++
media/airsonic.tf | 3 ++-
media/emby.tf | 2 ++
media/jackett.tf | 4 ++--
media/lidarr.tf | 2 +-
media/radarr.tf | 2 +-
media/sonarr.tf | 2 +-
media/transmission.tf | 2 +-
media/variables.tf | 5 ++++-
monitoring/cadvisor.tf | 2 ++
monitoring/grafana.tf | 3 ++-
monitoring/variables.tf | 2 ++
opml/main.tf | 2 +-
opml/redis.tf | 1 +
opml/variables.tf | 2 ++
radicale/main.tf | 2 ++
radicale/variables.tf | 2 ++
requestbin/main.tf | 2 ++
requestbin/variables.tf | 2 ++
resilio/main.tf | 2 ++
resilio/variables.tf | 2 ++
tt-rss/main.tf | 2 ++
tt-rss/variables.tf | 2 ++
gitea/conf/conf.ini.tpl | 2 +-
37 files changed, 115 insertions(+), 72 deletions(-)
@@ -20,7 +20,8 @@
cloudflare_key = "${var.cloudflare_key}"
cloudflare_email = "bb8@captnemo.in"
wiki_session_secret = "${var.wiki_session_secret}"
links-mariadb = "${module.db.names-mariadb}"
networks-mongorocks = "${module.db.networks-mongorocks}"
ips = "${var.ips}"
domain = "bb8.fun"
@@ -51,58 +52,68 @@
smtp-password = "${var.gitea-smtp-password}"
lfs-jwt-secret = "${var.gitea-lfs-jwt-secret}"
mysql-password = "${var.gitea-mysql-password}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "opml" {
source = "opml"
domain = "opml.bb8.fun"
client-id = "${var.opml-github-client-id}"
client-secret = "${var.opml-github-client-secret}"
traefik-labels = "${var.traefik-common-labels}"
source = "opml"
domain = "opml.bb8.fun"
client-id = "${var.opml-github-client-id}"
client-secret = "${var.opml-github-client-secret}"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "radicale" {
source = "radicale"
domain = "radicale.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
source = "radicale"
domain = "radicale.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "tt-rss" {
source = "tt-rss"
domain = "rss.captnemo.in"
mysql_password = "${var.mysql-ttrss-password}"
links-db = "${module.db.names-mariadb}"
traefik-labels = "${var.traefik-common-labels}"
source = "tt-rss"
domain = "rss.captnemo.in"
mysql_password = "${var.mysql-ttrss-password}"
links-db = "${module.db.names-mariadb}"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "requestbin" {
source = "requestbin"
domain = "requestbin.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
source = "requestbin"
domain = "requestbin.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "resilio" {
source = "resilio"
domain = "sync.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
ips = "${var.ips}"
source = "resilio"
domain = "sync.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
ips = "${var.ips}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "heimdall" {
source = "heimdall"
domain = "bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
auth-header = "${module.docker.auth-header}"
source = "heimdall"
domain = "bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
auth-header = "${module.docker.auth-header}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "media" {
source = "media"
domain = "bb8.fun"
links-mariadb = "${module.db.names-mariadb}"
source = "media"
domain = "bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
airsonic-smtp-password = "${var.airsonic-smtp-password}"
airsonic-db-password = "${var.mysql_airsonic_password}"
ips = "${var.ips}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "monitoring" {
@@ -113,6 +124,7 @@
traefik-labels = "${var.traefik-common-labels}"
ips = "${var.ips}"
links-traefik = "${module.docker.names-traefik}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "digitalocean" {
@@ -120,13 +132,14 @@
}
module "tinyproxy" {
source = "tinyproxy"
ips = "${var.ips}"
}
module "abstruse" {
source = "abstruse"
domain = "ci.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
source = "abstruse"
domain = "ci.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
@@ -17,6 +17,8 @@
"traefik.frontend.rule","Host:${var.domain}"
))}"
networks = ["${var.traefik-network-id}"]
volumes {
host_path = "/var/run/docker.sock"
container_path = "/var/run/docker.sock"
@@ -5,3 +5,5 @@
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}
@@ -33,5 +33,5 @@
"PGID=984",
]
links = ["${var.links-mariadb}"]
}
@@ -1,6 +1,5 @@
resource "docker_network" "bb8-default" {
name = "bb8"
driver = "bridge"
resource "docker_network" "traefik" {
name = "traefik"
driver = "bridge"
internal = true
}
@@ -6,6 +6,10 @@
value = "${docker_container.traefik.name}"
}
output "traefik-network-id" {
value = "${docker_network.traefik.id}"
}
output "auth-header" {
value = "${var.basic_auth}"
}
@@ -93,6 +93,10 @@
destroy_grace_seconds = 10
must_run = true
networks = ["${docker_network.traefik.id}"]
env = [
"CLOUDFLARE_EMAIL=${var.cloudflare_email}",
"CLOUDFLARE_API_KEY=${var.cloudflare_key}",
@@ -50,6 +50,6 @@
type = "map"
}
variable "links-mariadb" {}
variable "networks-mongorocks" {}
@@ -59,10 +59,7 @@
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
links = [
"mariadb",
]
networks = ["${docker_network.gitea.id}"]
networks = ["${docker_network.gitea.id}", "${var.traefik-network-id}"]
}
resource "docker_image" "gitea" {
@@ -1,16 +1,1 @@
resource "mysql_database" "gitea" {
name = "gitea"
}
resource "mysql_user" "gitea" {
user = "gitea"
host = "%"
plaintext_password = "${var.mysql-password}"
}
resource "mysql_grant" "gitea" {
user = "${mysql_user.gitea.user}"
host = "${mysql_user.gitea.host}"
database = "${mysql_database.gitea.name}"
privileges = ["ALL"]
}
@@ -18,4 +18,5 @@
resource "docker_image" "redis" {
name = "${data.docker_registry_image.redis.name}"
pull_triggers = ["${data.docker_registry_image.redis.sha256_digest}"]
keep_locally = true
}
@@ -13,3 +13,5 @@
variable "smtp-password" {}
variable "lfs-jwt-secret" {}
variable "mysql-password" {}
variable "traefik-network-id" {}
@@ -19,6 +19,8 @@
"traefik.frontend.auth.basic", "${var.auth-header}",
))}"
networks = ["${var.traefik-network-id}"]
volumes {
host_path = "/mnt/xwing/config/heimdall"
container_path = "/config"
@@ -9,3 +9,5 @@
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}
@@ -47,7 +47,8 @@
"TZ=Asia/Kolkata",
"JAVA_OPTS=-Xmx512m",
]
links = ["${var.links-mariadb}"]
}
resource "docker_image" "airsonic" {
@@ -20,6 +20,8 @@
"traefik.port", 8096,
))}"
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
memory = 2048
restart = "unless-stopped"
destroy_grace_seconds = 10
@@ -26,11 +26,11 @@
container_path = "/config"
}
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
env = [
"PUID=1004",
"PGID=1003",
"TZ=Asia/Kolkata",
]
}
@@ -43,5 +43,5 @@
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
}
@@ -44,5 +44,5 @@
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
}
@@ -43,5 +43,5 @@
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
}
@@ -42,7 +42,7 @@
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
memory = 1024
restart = "unless-stopped"
@@ -1,9 +1,10 @@
variable "domain" {
type = "string"
}
variable "links-mariadb" {}
variable "airsonic-smtp-password" {}
variable "airsonic-db-password" {}
variable "traefik-labels" {
@@ -18,3 +19,5 @@
variable "ips" {
type = "map"
}
variable "traefik-network-id" {}
@@ -36,6 +36,8 @@
container_path = "/var/run"
}
networks = ["${var.traefik-network-id}"]
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 8080,
@@ -13,7 +13,8 @@
container_path = "/var/lib/grafana"
}
links = ["${docker_container.prometheus.name}"]
links = ["${docker_container.prometheus.name}"]
networks = ["${var.traefik-network-id}"]
env = [
@@ -37,3 +37,5 @@
variable "ips" {
type = "map"
}
variable "traefik-network-id" {}
@@ -19,7 +19,7 @@
destroy_grace_seconds = 10
must_run = true
networks = ["${docker_network.opml.id}"]
networks = ["${docker_network.opml.id}", "${var.traefik-network-id}"]
}
resource "docker_image" "opml" {
@@ -18,4 +18,5 @@
resource "docker_image" "redis" {
name = "${data.docker_registry_image.redis.name}"
pull_triggers = ["${data.docker_registry_image.redis.sha256_digest}"]
keep_locally = true
}
@@ -5,3 +5,5 @@
variable "domain" {}
variable "client-id" {}
variable "client-secret" {}
variable "traefik-network-id" {}
@@ -42,6 +42,8 @@
file = "/config/users"
}
networks = ["${var.traefik-network-id}"]
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
@@ -5,3 +5,5 @@
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}
@@ -17,6 +17,8 @@
"traefik.frontend.rule","Host:${var.domain}"
))}"
networks = ["${var.traefik-network-id}"]
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
@@ -5,3 +5,5 @@
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}
@@ -42,6 +42,8 @@
container_path = "/downloads"
}
networks = ["${var.traefik-network-id}"]
labels = "${merge(
var.traefik-labels,
map(
@@ -7,3 +7,5 @@
}
variable "domain" {}
variable "traefik-network-id" {}
@@ -22,6 +22,8 @@
container_path = "/config"
}
networks = ["${var.traefik-network-id}"]
links = ["mariadb"]
env = [
@@ -8,3 +8,5 @@
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}
@@ -87,7 +87,7 @@
HOST = mariadb:3306
NAME = gitea
USER = gitea
; PASSWD = "${mysql-password}"
; PASSWD = "mysql-password"
; ; For "postgres" only, either "disable", "require" or "verify-full"
; SSL_MODE = disable
; ; For "sqlite3" and "tidb", use absolute path when you start as service