Switches to locals for common traefik variables
commit 3fc9b585f1992e51cf10867c67501c3d6eed45cb
Author: Nemo <me@captnemo.in>
Date: Sat Jan 6 13:09:21 2018 +0530
minor comments
commit 57ffe866a34bd1bea45aee8b7bd12bd6058850c4
Author: Nemo <me@captnemo.in>
Date: Wed Jan 3 14:42:11 2018 +0530
minor changesg
commit 9e7e169ed59ebd42c6b9ec63d3a69280fb357d58
Author: Nemo <me@captnemo.in>
Date: Tue Jan 2 22:26:01 2018 +0530
Adds note about traefik bug
commit 7b521e20bce246b9aff541a65da420e574b5fe5c
Author: Nemo <me@captnemo.in>
Date: Tue Jan 2 22:22:24 2018 +0530
[refactor] Use traefik_common_labels everywhere
commit 63225a89e2c2c8147528c65208500f8d9578a34d
Author: Nemo <me@captnemo.in>
Date: Tue Dec 26 19:17:21 2017 +0530
More attempts
commit 69040999db55e184a1204d21c96d08fe5dad722f
Author: Nemo <me@captnemo.in>
Date: Tue Dec 26 19:02:50 2017 +0530
fix trailing comma
commit 99a3637308ed0491dfa81d6a32934e45e9562fc8
Author: Nemo <me@captnemo.in>
Date: Tue Dec 26 18:57:57 2017 +0530
Attempt at using locals for labels
- See
https://stackoverflow.com/questions/47973324/how-to-use-locals-in-terraform-to-repeat-and-merge-blocks
and HELP
Diff
docker/locals.tf | 15 +++++++++++++++
docker/main.tf | 199 ++++++++++++++++++++++++++++++++++----------------------------------------------
docker/traefik.tf | 1 -
3 files changed, 90 insertions(+), 125 deletions(-)
@@ -1,0 +1,15 @@
locals {
traefik_common_labels {
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
}
}
@@ -1,19 +1,13 @@
resource docker_container "transmission" {
name = "transmission"
image = "${docker_image.transmission.latest}"
labels {
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 9091
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.port", 9091,
))}"
ports {
internal = 51413
@@ -68,20 +62,14 @@
container_path = "/media"
}
labels {
"traefik.frontend.rule" = "Host:emby.in.${var.domain},emby.${var.domain}"
"traefik.frontend.passHostHeader" = "true"
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 8096
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.rule", "Host:emby.in.${var.domain},emby.${var.domain}",
"traefik.frontend.passHostHeader", "true",
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.port", 8096,
))}"
memory = 2048
restart = "unless-stopped"
@@ -117,18 +105,12 @@
container_path = "/movies"
}
labels {
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 5050
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.port", 5050,
))}"
memory = 256
restart = "unless-stopped"
@@ -175,17 +157,13 @@
container_path = "/airsonic/podcasts"
}
labels {
"traefik.frontend.rule" = "Host:airsonic.in.${var.domain},airsonic.${var.domain}"
"traefik.frontend.passHostHeader" = "true"
"traefik.port" = 4040
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.rule", "Host:airsonic.in.${var.domain},airsonic.${var.domain}",
"traefik.frontend.passHostHeader", "true",
"traefik.port", 4040,
))}"
}
resource "docker_container" "headerdebug" {
@@ -198,17 +176,13 @@
memory = 16
labels {
"traefik.frontend.rule" = "Host:debug.in.${var.domain}"
"traefik.frontend.passHostHeader" = "true"
"traefik.port" = 8080
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}",
"traefik.port", 8080,
"traefik.enable", "true",
))}"
}
resource "docker_container" "sickrage" {
@@ -236,19 +210,13 @@
container_path = "/tv"
}
labels {
"traefik.frontend.passHostHeader" = "false"
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 8081
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.passHostHeader", "false",
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.port", 8081,
))}"
env = [
"PUID=1004",
@@ -286,18 +254,12 @@
file = "/config/config.ini"
}
labels {
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 8181
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.port", 8181,
))}"
env = [
@@ -394,21 +356,20 @@
volumes {
host_path = "/mnt/xwing/data/wiki/data"
container_path = "/data"
}
labels {
"traefik.frontend.rule" = "Host:wiki.${var.domain}"
"traefik.frontend.passHostHeader" = "true"
"traefik.port" = 9999
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.rule", "Host:wiki.${var.domain}",
"traefik.frontend.passHostHeader", "true",
"traefik.port", 9999,
"traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
))}"
links = ["mongorocks"]
env = [
"WIKI_ADMIN_EMAIL=me@captnemo.in",
"SESSION_SECRET=${var.wiki_session_secret}",
@@ -429,20 +390,15 @@
container_path = "/config"
}
labels {
"traefik.frontend.rule" = "Host:home.in.${var.domain},home.${var.domain}"
"traefik.frontend.passHostHeader" = "false"
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 80
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
"traefik.frontend.headers.frameDeny" = "true"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.port", 80,
"traefik.frontend.headers.frameDeny", "true",
"traefik.frontend.passHostHeader", "false",
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.frontend.rule", "Host:home.in.${var.domain},home.${var.domain}",
))}"
env = [
@@ -490,17 +446,12 @@
container_path = "/var/run"
}
labels {
"traefik.frontend.rule" = "Host:cadvisor.${var.domain}"
"traefik.frontend.auth.basic" = "${var.basic_auth}"
"traefik.port" = 8080
"traefik.enable" = "true"
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
"traefik.frontend.headers.STSSeconds" = "2592000"
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
"traefik.frontend.headers.contentTypeNosniff" = "true"
"traefik.frontend.headers.browserXSSFilter" = "true"
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
}
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.passHostHeader", "true",
"traefik.frontend.auth.basic", "${var.basic_auth}",
"traefik.port", 8080,
))}"
}
@@ -9,7 +9,6 @@
ip = "${var.ips["eth0"]}"
}
ports {
internal = 1111
external = 1111