🏡 index : github.com/captn3m0/nebula.git

author Nemo <me@captnemo.in> 2018-06-27 10:12:28.0 +05:30:00
committer Nemo <me@captnemo.in> 2018-06-27 10:12:28.0 +05:30:00
commit
c44c8f0249619c7a5eed29de39297e13ce4cb171 [patch]
tree
41ed7ec211efe75191193b275ed5575df0a2e965
parent
cd3303482626f97156ef608b433d0ff16f3f1adf
download
c44c8f0249619c7a5eed29de39297e13ce4cb171.tar.gz

Adds postgres server and switches ttrss



Diff

 main.tf               | 19 +++++++++++--------
 providers.tf          |  8 ++++++++
 variables.tf          |  4 ++++
 db/network.tf         | 21 +++++++++++++++++++--
 db/outputs.tf         |  4 ++++
 db/postgres.tf        | 45 +++++++++++++++++++++++++++++++++++++++++++++
 db/variables.tf       |  6 ++++++
 db/volumes.tf         |  4 ++++
 tt-rss/db-postgres.tf | 10 ++++++++++
 tt-rss/db.tf          | 16 ----------------
 tt-rss/main.tf        |  4 +---
 tt-rss/variables.tf   |  2 +-
 12 files changed, 110 insertions(+), 33 deletions(-)

diff --git a/main.tf b/main.tf
index 97f1f1f..9a96c91 100644
--- a/main.tf
+++ a/main.tf
@@ -26,9 +26,10 @@
}

module "db" {

  source              = "db"
  mysql_root_password = "${var.mysql_root_password}"
  ips                 = "${var.ips}"
  source                 = "db"
  mysql_root_password    = "${var.mysql_root_password}"
  postgres-root-password = "${var.postgres-root-password}"
  ips                    = "${var.ips}"
}

module "timemachine" {

@@ -71,12 +72,12 @@
}

module "tt-rss" {

  source             = "tt-rss"
  domain             = "rss.captnemo.in"
  mysql_password     = "${var.mysql-ttrss-password}"
  links-db           = "${module.db.names-mariadb}"
  traefik-labels     = "${var.traefik-common-labels}"
  traefik-network-id = "${module.docker.traefik-network-id}"
  source              = "tt-rss"
  domain              = "rss.captnemo.in"
  mysql_password      = "${var.mysql-ttrss-password}"
  traefik-labels      = "${var.traefik-common-labels}"
  traefik-network-id  = "${module.docker.traefik-network-id}"
  postgres-network-id = "${module.db.postgres-network-id}"
}

module "rss-bridge" {

diff --git a/providers.tf b/providers.tf
index 39a8f54..94d9629 100644
--- a/providers.tf
+++ a/providers.tf
@@ -14,6 +14,14 @@
  password = "${var.mysql_root_password}"
}

provider "postgresql" {

  host     = "postgres.in.bb8.fun"
  port     = 5432
  username = "postgres"
  password = "${var.postgres-root-password}"
  sslmode  = "disable"
}

provider "digitalocean" {

  token = "${var.digitalocean-token}"
}
diff --git a/variables.tf b/variables.tf
index d8156f7..155b15c 100644
--- a/variables.tf
+++ a/variables.tf
@@ -15,6 +15,10 @@
  type = "string"
}

variable "postgres-root-password" {

  type = "string"
}

variable "mysql_lychee_password" {}

variable "mysql_airsonic_password" {}
diff --git a/db/network.tf b/db/network.tf
index 414a775..b7aee32 100644
--- a/db/network.tf
+++ a/db/network.tf
@@ -1,6 +1,7 @@
resource "docker_network" "mariadb" {

  name   = "mariadb"
  driver = "bridge"
  name     = "mariadb"
  driver   = "bridge"
  internal = true

  ipam_config {

    subnet  = "172.19.0.0/28"
@@ -9,11 +10,23 @@
}

resource "docker_network" "mongorocks" {

  name   = "mongorocks"
  driver = "bridge"
  name     = "mongorocks"
  driver   = "bridge"
  internal = true

  ipam_config {

    subnet  = "172.20.0.0/29"
    gateway = "172.20.0.1"
  }
}

resource "docker_network" "postgres" {

  name     = "postgres"
  driver   = "bridge"
  internal = true

  ipam_config {

    subnet  = "172.20.0.8/29"
    gateway = "172.20.0.9"
  }
}
diff --git a/db/outputs.tf b/db/outputs.tf
index 12eb24f..44e6640 100644
--- a/db/outputs.tf
+++ a/db/outputs.tf
@@ -5,3 +5,7 @@
output "networks-mongorocks" {

  value = "${docker_network.mongorocks.name}"
}

output "postgres-network-id" {

  value = "${docker_network.postgres.name}"
}
diff --git a/db/postgres.tf b/db/postgres.tf
new file mode 100644
index 0000000..ef905f8 100644
--- /dev/null
+++ a/db/postgres.tf
@@ -1,0 +1,45 @@
resource "docker_container" "postgres" {

  name  = "postgres"
  image = "${docker_image.postgres.latest}"

  volumes {

    volume_name    = "${docker_volume.postgres_volume.name}"
    container_path = "/var/lib/postgresql/data"
    host_path      = "${docker_volume.postgres_volume.mountpoint}"
  }

  // This is so that other host-only services can share this
  ports {

    internal = 5432
    external = 5432
    ip       = "${var.ips["eth0"]}"
  }

  // This is a not-so-great idea
  // TODO: Figure out a better way to make terraform SSH and then connect to localhost
  ports {

    internal = 5432
    external = 5432
    ip       = "${var.ips["tun0"]}"
  }

  memory                = 256
  restart               = "unless-stopped"
  destroy_grace_seconds = 10
  must_run              = true

  env = [

    "POSTGRES_PASSWORD=${var.postgres-root-password}",
  ]

  networks = ["${docker_network.postgres.id}"]
}

resource "docker_image" "postgres" {

  name          = "${data.docker_registry_image.postgres.name}"
  pull_triggers = ["${data.docker_registry_image.postgres.sha256_digest}"]
}

data "docker_registry_image" "postgres" {

  name = "postgres:${var.postgres-version}"
}
diff --git a/db/variables.tf b/db/variables.tf
index 708e0b3..555c9fc 100644
--- a/db/variables.tf
+++ a/db/variables.tf
@@ -1,10 +1,16 @@
variable "mariadb-version" {

  description = "mariadb version to use for fetching the docker image"
  default     = "10.2.14"
}

variable "postgres-version" {

  description = "postgres version to use for fetching the docker image"
  default     = "10-alpine"
}

variable "ips" {

  type = "map"
}

variable "mysql_root_password" {}
variable "postgres-root-password" {}
diff --git a/db/volumes.tf b/db/volumes.tf
index 4a066c3..2ad7e2a 100644
--- a/db/volumes.tf
+++ a/db/volumes.tf
@@ -1,7 +1,11 @@
resource "docker_volume" "mariadb_volume" {

  name = "mariadb_volume"
}

resource "docker_volume" "postgres_volume" {

  name = "postgres_volume"
}

resource "docker_volume" "mongorocks_data_volume" {

  name = "mongorocks_data_volume"
}
diff --git a/tt-rss/db-postgres.tf b/tt-rss/db-postgres.tf
new file mode 100644
index 0000000..833a41f 100644
--- /dev/null
+++ a/tt-rss/db-postgres.tf
@@ -1,0 +1,10 @@
resource "postgresql_database" "ttrss" {

  name  = "ttrss"
  owner = "ttrss"
}

resource "postgresql_role" "ttrss" {

  name     = "ttrss"
  login    = true
  password = "${var.mysql_password}"
}
diff --git a/tt-rss/db.tf b/tt-rss/db.tf
deleted file mode 100644
index d790d1e..0000000 100644
--- a/tt-rss/db.tf
+++ /dev/null
@@ -1,16 +1,0 @@
resource "mysql_database" "ttrss" {

  name = "ttrss"
}

resource "mysql_user" "ttrss" {

  user               = "ttrss"
  host               = "%"
  plaintext_password = "${var.mysql_password}"
}

resource "mysql_grant" "ttrss" {

  user       = "${mysql_user.ttrss.user}"
  host       = "${mysql_user.ttrss.host}"
  database   = "${mysql_database.ttrss.name}"
  privileges = ["ALL"]
}
diff --git a/tt-rss/main.tf b/tt-rss/main.tf
index d209401..9e4e7ee 100644
--- a/tt-rss/main.tf
+++ a/tt-rss/main.tf
@@ -22,9 +22,7 @@
    container_path = "/config"
  }

  networks = ["${var.traefik-network-id}"]

  links = ["mariadb"]
  networks = ["${var.traefik-network-id}", "${var.postgres-network-id}"]

  env = [

    "TZ=Asia/Kolkata",
diff --git a/tt-rss/variables.tf b/tt-rss/variables.tf
index d47b922..71629cf 100644
--- a/tt-rss/variables.tf
+++ a/tt-rss/variables.tf
@@ -1,9 +1,9 @@
variable "domain" {

  type = "string"
}

variable "mysql_password" {}
variable "links-db" {}
variable "postgres-network-id" {}

variable "traefik-labels" {

  type = "map"