| author | Nemo <me@captnemo.in> | 2019-02-16 15:42:07.0 +05:30:00 |
|---|---|---|
| committer | Nemo <me@captnemo.in> | 2019-02-16 15:42:07.0 +05:30:00 |
| commit | ae985e01a73e7fd60d6eb39700d1a125b0615250 [patch] |
|
| tree | d32b28cb468f98b16abb14dad801fd7bc5fe6c07 |
|
| parent | e4b3620de5ccae069f41a9d2a78654d9efca8846 |
|
| download | ae985e01a73e7fd60d6eb39700d1a125b0615250.tar.gz |
|
Adds dnscrypt-proxy and pihole
pihole commented for now
Diff
dnscrypt-proxy.tf | 15 +++++++++++++++ pihole.tf | 46 ++++++++++++++++++++++++++++++++++++++++++++++ variables.tf | 1 + media/radarr.tf | 4 ++++ modules/container/main.tf | 6 +++++- modules/container/vars.tf | 18 ++++++++++++++++++ 6 files changed, 88 insertions(+), 2 deletions(-) diff --git a/dnscrypt-proxy.tf b/dnscrypt-proxy.tf new file mode 100644 index 0000000..9adb931 100644 --- /dev/null +++ a/dnscrypt-proxy.tf @@ -1,0 +1,15 @@ module "dnscrypt" { name = "dnscrypt-proxy" source = "modules/container" image = "mattbodholdt/dnscrypt-proxy" ports = [{ internal = "53" external = "553" ip = "192.168.1.111" protocol = "udp" }] dns = ["127.0.0.1"] } diff --git a/pihole.tf b/pihole.tf new file mode 100644 index 0000000..2df7c74 100644 --- /dev/null +++ a/pihole.tf @@ -1,0 +1,46 @@ # module "pihole" { # name = "pihole" # source = "modules/container" # web { # expose = true # port = "80" # host = "dns.in.${var.root-domain}" # } # image = "pihole/pihole" # ports = [{ # internal = "53" # external = "53" # ip = "192.168.1.111" # protocol = "udp" # }] # env = [ # "ServerIP=192.168.1.111", # "WEBPASSWORD=${var.pihole_password}", # "DNS1=192.168.1.1:53", # "DNS2=no", # "VIRTUAL_HOST=dns.in.${var.root-domain}", # ] # ports = [{ # internal = "53" # external = "53" # ip = "192.168.1.111" # protocol = "udp" # }] # volumes = [ # { # host_path = "/mnt/xwing/config/pihole" # container_path = "/etc/pihole" # }, # { # host_path = "/mnt/xwing/config/pihole/dnsmasq" # container_path = "/etc/pihole/dnsmasq.d" # }, # ] # # networks = [] # # network_mode = "host" # capabilities = [{ # add = ["NET_ADMIN"] # }] # dns = ["127.0.0.1", "9.9.9.9", "1.1.1.1"] # } diff --git a/variables.tf b/variables.tf index 7a4dce8..16d8053 100644 --- a/variables.tf +++ a/variables.tf @@ -95,3 +95,4 @@ variable "outline_slack_verification_token" {} variable "syncserver_secret" {} variable "pihole_password" {} diff --git a/media/radarr.tf b/media/radarr.tf index d7b7095..0b0e6e1 100644 --- a/media/radarr.tf +++ a/media/radarr.tf @@ -5,6 +5,10 @@ networks = "${list(docker_network.media.id, data.docker_network.bridge.id)}" // TODO: Create a new separate network for DNS // and use that instead dns = ["192.168.1.111"] web { expose = true port = 7878 diff --git a/modules/container/main.tf b/modules/container/main.tf index 248bb55..8a58119 100644 --- a/modules/container/main.tf +++ a/modules/container/main.tf @@ -21,8 +21,10 @@ entrypoint = "${var.entrypoint}" user = "${var.user}" network_mode = "bridge" network_mode = "${var.network_mode}" capabilities = ["${var.capabilities}"] // Only attach the traefik network if // service is exposed to the web networks = ["${concat(var.networks,compact(split(",",lookup(var.web, "expose", "false") == "false" ? "" :"${data.docker_network.traefik.id}")))}"] @@ -32,6 +34,8 @@ volumes = ["${var.volumes}"] devices = ["${var.devices}"] dns = ["${var.dns}"] # Look at this monstrosity # And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618 diff --git a/modules/container/vars.tf b/modules/container/vars.tf index b77fda6..283a9d1 100644 --- a/modules/container/vars.tf +++ a/modules/container/vars.tf @@ -77,6 +77,10 @@ default = "tatooine:$2y$05$iPbatint3Gulbs6kUtyALO9Yq5sBJ..aiF82bcIziH4ytz9nFoPr6,reddit:$2y$05$ghKxSydYCpAT8r2VVMDmWO/BBecghGfLsRJUkr3ii7XxPyxBqp8Oy" } variable "network_mode" { default = "bridge" } variable "resource" { description = "Resource usage for the container" @@ -85,12 +89,24 @@ variable "volumes" { description = "volumes" type = "list" default = [] } variable "capabilities" { description = "capabilities" type = "list" default = [] } variable "devices" { description = "volumes" description = "devices" type = "list" default = [] } variable "dns" { description = "dns" type = "list" default = [] }