Cleaner module for web configuration
Diff
heimdall.tf | 20 ++++++++++++++++++++
miniflux.tf | 8 +++++---
monicahq.tf | 7 ++++---
requestbin.tf | 11 ++++++-----
docker/data.tf | 4 ----
docker/debug.tf | 30 ++++++++++--------------------
heimdall/main.tf | 36 ------------------------------------
heimdall/variables.tf | 13 -------------
modules/container/main.tf | 14 ++++++++++----
modules/container/vars.tf | 32 ++++++++++++++++++++------------
10 files changed, 71 insertions(+), 104 deletions(-)
@@ -1,0 +1,20 @@
module "heimdall" {
name = "heimdall"
source = "modules/container"
image = "linuxserver/heimdall:latest"
web {
expose = true
port = 443
protocol = "https"
basicauth = "true"
host = "home.bb8.fun"
}
networks = "${list(module.docker.traefik-network-id)}"
env = [
"TZ=Asia/Kolkata",
]
}
@@ -1,11 +1,13 @@
module "miniflux-container" {
name = "miniflux"
source = "modules/container"
image = "miniflux/miniflux:2.0.10"
expose-web = true
web-port = 8080
web-domain = "rss.captnemo.in"
web {
expose = true
port = 8080
host = "rss.captnemo.in"
}
networks = "${list(module.docker.traefik-network-id,module.db.postgres-network-id)}"
@@ -1,11 +1,12 @@
module "monicahq-container" {
name = "monica"
source = "modules/container"
image = "monicahq/monicahq:latest"
expose-web = true
web-domain = "monica.${var.root-domain}"
web {
expose = true
host = "monica.${var.root-domain}"
}
networks = "${list(module.docker.traefik-network-id,module.db.postgres-network-id)}"
@@ -1,14 +1,15 @@
module "requestbin" {
name = "requestbin"
source = "./modules/container"
image = "jankysolutions/requestbin:latest"
expose-web = true
web-domain = "requestbin.${var.root-domain}"
networks = "${list(module.docker.traefik-network-id)}"
web {
expose = true
host = "requestbin.${var.root-domain}"
}
networks = "${list(module.docker.traefik-network-id)}"
destroy_grace_seconds = 10
must_run = true
}
@@ -12,10 +12,6 @@
name = "linuxserver/ubooquity:latest"
}
data "docker_registry_image" "headerdebug" {
name = "jmalloc/echo-server:latest"
}
data "docker_registry_image" "lychee" {
name = "linuxserver/lychee:latest"
}
@@ -1,23 +1,11 @@
resource "docker_container" "headerdebug" {
name = "headerdebug"
image = "${docker_image.headerdebug.latest}"
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true
memory = 16
module "echo-server" {
source = "../modules/container"
name = "echo-server"
image = "jmalloc/echo-server:latest"
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}",
"traefik.port", 8080,
"traefik.enable", "true",
))}"
}
resource "docker_image" "headerdebug" {
name = "${data.docker_registry_image.headerdebug.name}"
pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
web {
expose = true
port = 8080
domain = "debug.${var.domain},debug.in.${var.domain}"
}
}
@@ -1,36 +1,0 @@
data "docker_registry_image" "heimdall" {
name = "linuxserver/heimdall:latest"
}
resource "docker_image" "heimdall" {
name = "${data.docker_registry_image.heimdall.name}"
pull_triggers = ["${data.docker_registry_image.heimdall.sha256_digest}"]
}
resource "docker_container" "heimdall" {
name = "heimdall"
image = "${docker_image.heimdall.latest}"
labels = "${merge(
var.traefik-labels, map(
"traefik.port", "443",
"traefik.protocol", "https",
"traefik.frontend.rule","Host:${var.domain}",
"traefik.frontend.auth.basic", "${var.auth-header}",
))}"
networks = ["${var.traefik-network-id}"]
volumes {
host_path = "/mnt/xwing/config/heimdall"
container_path = "/config"
}
env = [
"TZ=Asia/Kolkata",
]
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
}
@@ -1,13 +1,0 @@
variable "domain" {
type = "string"
}
variable "auth-header" {
type = "string"
}
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}
@@ -17,12 +17,18 @@
entrypoint = "${var.entrypoint}"
user = "${var.user}"
networks = ["${var.networks}"]
memory = "${lookup(var.resource, "memory")}"
labels = "${merge(var.labels, var.expose-web ?
labels = "${merge(var.labels, lookup(var.web, "expose", "false") ?
merge(local.traefik-common-labels, map(
"traefik.port", var.web-port,
"traefik.frontend.rule", "Host:${var.web-domain}",
)) : map())}"
"traefik.port", lookup(var.web, "port", "80"),
"traefik.frontend.rule", "Host:${lookup(var.web, "host", "")}",
"traefik.protocol", lookup(var.web, "protocol", "http"),
)) : map(), lookup(var.web, "basicauth", "false") ? map(
"traefik.frontend.auth.basic", var.auth-header
) : map())}"
destroy_grace_seconds = "${var.destroy_grace_seconds}"
must_run = "${var.must_run}"
@@ -64,24 +64,26 @@
default = "X-Powered-By:Allomancy||X-Server:Blackbox"
}
variable "expose-web" {
description = "Whether to expose the application on the web"
default = "false"
}
variable "web" {
description = "Web Configuration"
variable "web-port" {
description = "Port to expose using traefik"
default = "80"
type = "string"
default = {
expose = "false"
port = "80"
host = ""
protocol = "http"
basicauth = "false"
}
}
variable "web-domain" {
description = "Domain to use while exposing the application"
default = ""
type = "string"
variable "auth-header" {
default = "tatooine:$2y$05$iPbatint3Gulbs6kUtyALO9Yq5sBJ..aiF82bcIziH4ytz9nFoPr6,reddit:$2y$05$ghKxSydYCpAT8r2VVMDmWO/BBecghGfLsRJUkr3ii7XxPyxBqp8Oy"
}
variable "resource" {
description = "Resource usage for the container"
variable "web-basicauth" {
description = "Whether to add basic auth check on the application"
default = "false"
default = {
memory = ""
}
}