🏡 index : github.com/captn3m0/nebula.git

author Nemo <me@captnemo.in> 2019-09-21 4:59:39.0 +05:30:00
committer Nemo <me@captnemo.in> 2019-09-21 4:59:39.0 +05:30:00
commit
d4370f2b566f160bc5dc8dfa30166feab36f060c [patch]
tree
c2b2512857e5c8cab4dcb108a82928d62f1bcf0a
parent
0633f6113f4f61c63817bba9a9662d71906105fb
download
d4370f2b566f160bc5dc8dfa30166feab36f060c.tar.gz

kaarana.org wordpress website



Diff

 kaarana.tf           | 20 ++++++++++++++++++++
 kayak.tf             | 17 ++++++++---------
 providers.tf         |  9 ++++++++-
 server.tf            |  1 +
 kaarana/database.tf  | 40 ++++++++++++++++++++++++++++++++++++++++
 kaarana/images.tf    | 26 ++++++++++++++++++++++++++
 kaarana/traefik.tf   | 11 +++++++++++
 kaarana/vars.tf      |  8 ++++++++
 kaarana/wordpress.tf | 34 ++++++++++++++++++++++++++++++++++
 9 files changed, 156 insertions(+), 10 deletions(-)

diff --git a/kaarana.tf b/kaarana.tf
new file mode 100644
index 0000000..e0fe45d 100644
--- /dev/null
+++ a/kaarana.tf
@@ -1,0 +1,20 @@
# kaarana related stuff

module "kaarana" {

  source = "./kaarana"

  root_db_password = "${data.pass_password.kaarana-root-db-password.password}"
  db_password      = "${data.pass_password.kaarana-db-password.password}"

  providers = {

    docker = "docker.sydney"
  }
}

data "pass_password" "kaarana-root-db-password" {

  path = "KAARANA_DB_ROOT_PASSWORD"
}

data "pass_password" "kaarana-db-password" {

  path = "KAARANA_DB_PASSWORD"
}
diff --git a/kayak.tf b/kayak.tf
index e76eff2..3b131b8 100644
--- a/kayak.tf
+++ a/kayak.tf
@@ -10,15 +10,14 @@
#     docker = "docker.kayak"
#   }
# }
provider "docker" {

  host          = "tcp://${cloudflare_record.kayak-docker.hostname}:2376"
  version       = "~> 2.0.0"
  alias         = "kayak"
  ca_material   = "${module.kayak.docker_ca_cert}"
  cert_material = "${module.kayak.docker_client_cert}"
  key_material  = "${module.kayak.docker_client_key}"
}

# provider "docker" {
#   host          = "tcp://${cloudflare_record.kayak-docker.hostname}:2376"
#   version       = "~> 2.0.0"
#   alias         = "kayak"
#   ca_material   = "${module.kayak.docker_ca_cert}"
#   cert_material = "${module.kayak.docker_client_cert}"
#   key_material  = "${module.kayak.docker_client_key}"
# }
# resource "cloudflare_record" "kayak-docker" {
#   name   = "docker.kayak"
#   value  = "${module.kayak.droplet_ipv4}"
diff --git a/providers.tf b/providers.tf
index dd9d533..5b660f3 100644
--- a/providers.tf
+++ a/providers.tf
@@ -1,7 +1,14 @@
provider "docker" {

  host      = "tcp://docker.vpn.bb8.fun:2376"
  cert_path = "./secrets/tatooine"
  version   = "~> 2.0.0"
  version   = "~> 2.2.0"
}

provider "docker" {

  host      = "tcp://docker.dovpn.bb8.fun:2376"
  cert_path = "./secrets/sydney"
  version   = "~> 2.2.0"
  alias     = "sydney"
}

provider "kubernetes" {

diff --git a/server.tf b/server.tf
new file mode 100644
index 0000000..8b13789 100644
--- /dev/null
+++ a/server.tf
@@ -1,0 +1,1 @@

diff --git a/kaarana/database.tf b/kaarana/database.tf
new file mode 100644
index 0000000..48e7473 100644
--- /dev/null
+++ a/kaarana/database.tf
@@ -1,0 +1,40 @@
// Create a small database network
resource "docker_network" "kaarana-db" {

  name = "kaarana-db"

  labels = {

    internal = "true"
    role     = "database"
  }

  internal = true

  ipam_config {

    subnet  = "172.20.0.0/29"
    gateway = "172.20.0.1"
  }
}

// Run a small mySQL container in this subnet

resource "docker_container" "mysql" {

  image = "${docker_image.db.latest}"
  name  = "kaarana-mariadb"

  env = [

    "MYSQL_ROOT_PASSWORD=${var.root_db_password}",
    "MYSQL_USER=${local.username}",
    "MYSQL_PASSWORD=${var.db_password}",
    "MYSQL_DATABASE=${local.database}",
  ]

  volumes {

    host_path      = "/mnt/disk/kaarana-db"
    container_path = "/var/lib/mysql"
  }

  networks_advanced {

    name    = "kaarana-db"
    aliases = ["${local.db_hostname}"]
  }
}
diff --git a/kaarana/images.tf b/kaarana/images.tf
new file mode 100644
index 0000000..f1e3e77 100644
--- /dev/null
+++ a/kaarana/images.tf
@@ -1,0 +1,26 @@
data "docker_registry_image" "wp" {

  name = "wordpress:latest"
}

resource "docker_image" "wp" {

  name          = "wordpress"
  pull_triggers = ["${data.docker_registry_image.wp.sha256_digest}"]
}

data "docker_registry_image" "db" {

  name = "mariadb:10.4"
}

resource "docker_image" "db" {

  name          = "mariadb"
  pull_triggers = ["${data.docker_registry_image.db.sha256_digest}"]
}

data "docker_registry_image" "traefik" {

  name = "traefik:v2.0"
}

resource "docker_image" "traefik" {

  name          = "traefik"
  pull_triggers = ["${data.docker_registry_image.db.sha256_digest}"]
}
diff --git a/kaarana/traefik.tf b/kaarana/traefik.tf
new file mode 100644
index 0000000..59107a6 100644
--- /dev/null
+++ a/kaarana/traefik.tf
@@ -1,0 +1,11 @@
// Create a small database network
resource "docker_network" "traefik" {

  name = "traefik"

  labels = {

    internal = "true"
    role     = "ingress"
  }

  internal = true
}
diff --git a/kaarana/vars.tf b/kaarana/vars.tf
new file mode 100644
index 0000000..a826515 100644
--- /dev/null
+++ a/kaarana/vars.tf
@@ -1,0 +1,8 @@
variable "root_db_password" {}
variable "db_password" {}

locals {

  username    = "wordpress"
  database    = "wordpress"
  db_hostname = "kaarana.db"
}
diff --git a/kaarana/wordpress.tf b/kaarana/wordpress.tf
new file mode 100644
index 0000000..a06e00e 100644
--- /dev/null
+++ a/kaarana/wordpress.tf
@@ -1,0 +1,34 @@
resource "docker_container" "wp" {

  image = "${docker_image.wp.latest}"
  name  = "kaarana-wordpress"

  env = [

    "WORDPRESS_DB_HOST=${local.db_hostname}",
    "WORDPRESS_DB_USER=${local.username}",
    "WORDPRESS_DB_PASSWORD=${var.db_password}",
    "WORDPRESS_DB_NAME=${local.database}",
    "WORDPRESS_TABLE_PREFIX=",
  ]

  volumes {

    host_path      = "/mnt/disk/kaarana-wp"
    container_path = "/var/www/html"
  }

  ports {

    internal = 8080
    external = 8213
    ip       = "10.8.0.1"
  }

  networks_advanced = [

    {
      name = "kaarana-db"
    },
    {
      // TODO: Once configuration/plugins have stabilized
      // remove internet access from wordpress
      name = "bridge"
    },
  ]
}