From 20cd656e04cfe7cb6fe0bab167e4bb9c7d042e81 Mon Sep 17 00:00:00 2001
From: Nemo <commits@captnemo.in>
Date: Fri, 08 Jan 2021 00:23:14 +0530
Subject: [PATCH] Removes mongodb, upgrades wiki
---
.gitignore | 2 ++
README.md | 1 -
audioserve.tf | 36 ------------------------------------
main.tf | 1 -
miniflux.tf | 2 +-
secrets.tf | 3 +++
wiki.tf | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
db/mongorocks.tf | 34 ----------------------------------
db/network.tf | 11 -----------
db/outputs.tf | 4 ----
db/volumes.tf | 4 ----
docker/data.tf | 4 ----
docker/images.tf | 5 -----
docker/variables.tf | 2 --
docker/wiki.tf | 54 ------------------------------------------------------
media/gonic.tf | 38 --------------------------------------
docker/conf/wiki.tpl | 15 +++++++++++++++
docker/conf/wiki.yml | 142 --------------------------------------------------------------------------------
18 files changed, 84 insertions(+), 337 deletions(-)
diff --git a/.gitignore b/.gitignore
index e1e2930..704997f 100644
--- a/.gitignore
+++ a/.gitignore
@@ -8,3 +8,5 @@
secrets
k8s/
k8s2/
+docker/conf/wiki.yml
+plan
diff --git a/README.md b/README.md
index ce2c47a..6e0de4d 100644
--- a/README.md
+++ a/README.md
@@ -63,7 +63,6 @@
| miniflux/miniflux | 2.0.9 | tools |
| monicahq/monicahq | latest | services |
| odarriba/timemachine | latest | tools |
-| percona/percona-server-mongodb | 3.4 | database |
| postgres | 10-alpine | database |
| prom/node-exporter | v0.15.2 | monitoring |
| prom/prometheus | latest | monitoring |
diff --git a/audioserve.tf b/audioserve.tf
deleted file mode 100644
index 2db0629..0000000 100644
--- a/audioserve.tf
+++ /dev/null
@@ -1,36 +1,0 @@
-module "audioserve" {
- name = "audioserve"
- source = "modules/container"
-
- web {
- expose = true
- port = "3000"
- host = "audioserve.${var.root-domain}"
- auth = "true"
- }
-
- resource {
- memory = 256
- memory_swap = 256
- }
-
- command = [
- "--no-authentication",
- "/audiobooks",
- ]
-
- restart = "always"
-
- image = "izderadicka/audioserve"
-
- volumes = [
- {
- host_path = "/mnt/xwing/media/Music/Audiobooks"
- container_path = "/audiobooks"
- },
- ]
-
- networks_advanced = [{
- name = "traefik"
- }]
-}
diff --git a/main.tf b/main.tf
index a5d68a2..cc14ebd 100644
--- a/main.tf
+++ a/main.tf
@@ -13,7 +13,6 @@
cloudflare_key = "${data.pass_password.cloudflare_key.password}"
cloudflare_email = "bb8@captnemo.in"
wiki_session_secret = "${data.pass_password.wiki_session_secret.password}"
- networks-mongorocks = "${module.db.networks-mongorocks}"
ips = "${var.ips}"
domain = "bb8.fun"
}
diff --git a/miniflux.tf b/miniflux.tf
index c63e72e..9a312c9 100644
--- a/miniflux.tf
+++ a/miniflux.tf
@@ -1,7 +1,7 @@
module "miniflux-container" {
name = "miniflux"
source = "modules/container"
- image = "miniflux/miniflux:2.0.19"
+ image = "miniflux/miniflux:2.0.25"
web {
expose = true
diff --git a/secrets.tf b/secrets.tf
index 96e4a1a..6947456 100644
--- a/secrets.tf
+++ a/secrets.tf
@@ -139,3 +139,6 @@
data "pass_password" "stringer-secret-token" {
path = "stringer-secret-token"
}
+data "pass_password" "wiki-db-password" {
+ path = "wiki-db-password"
+}
diff --git a/wiki.tf b/wiki.tf
new file mode 100644
index 0000000..8e743bc 100644
--- /dev/null
+++ a/wiki.tf
@@ -1,0 +1,63 @@
+data "template_file" "wiki-config" {
+ template = "${file("docker/conf/wiki.tpl")}"
+ vars {
+ DB_PASSWORD = "${data.pass_password.wiki-db-password.password}"
+ }
+}
+
+resource "local_file" "wiki-config" {
+ content = "${data.template_file.wiki-config.rendered}"
+ filename = "docker/conf/wiki.yml"
+}
+
+module "wiki-container" {
+ name = "wiki2"
+ source = "modules/container"
+ image = "requarks/wiki:2"
+
+ resource {
+ memory = 1024
+ memory_swap = 1024
+ }
+
+ web {
+ expose = true
+ port = 3000
+ host = "wiki.bb8.fun"
+ }
+
+ networks_advanced = [
+ {
+ name = "traefik"
+ }, {
+ name = "postgres"
+ }, {
+ name = "external"
+ }]
+
+ uploads = [
+ {
+ content = "${file("docker/conf/wiki.yml")}"
+ file = "/wiki/config.yml"
+ }
+ ]
+
+ volumes = [{
+ host_path = "/mnt/xwing/data/wiki/data"
+ container_path = "/data"
+ },
+ {
+ host_path = "/mnt/xwing/data/wiki/databackup"
+ container_path = "/old/data"
+ },
+ {
+ host_path = "/mnt/xwing/data/wiki/repo"
+ container_path = "/old/repo"
+ }]
+}
+
+module "wiki-db" {
+ source = "modules/postgres"
+ name = "wikijs"
+ password = "${data.pass_password.wiki-db-password.password}"
+}
diff --git a/db/mongorocks.tf b/db/mongorocks.tf
deleted file mode 100644
index 5e17519..0000000 100644
--- a/db/mongorocks.tf
+++ /dev/null
@@ -1,34 +1,0 @@
-resource "docker_container" "mongorocks" {
- name = "mongorocks"
- image = "${docker_image.percona-mongodb-server.latest}"
-
- restart = "unless-stopped"
- destroy_grace_seconds = 30
- must_run = true
- memory = 256
-
- volumes {
- volume_name = "${docker_volume.mongorocks_data_volume.name}"
- container_path = "/data/db"
- host_path = "${docker_volume.mongorocks_data_volume.mountpoint}"
- }
-
- command = [
- "--storageEngine=rocksdb",
- "--httpinterface",
- "--rest",
- "--master",
- ]
-
- networks = ["${docker_network.mongorocks.id}"]
-}
-
-resource "docker_image" "percona-mongodb-server" {
- name = "${data.docker_registry_image.percona-mongodb-server.name}"
- pull_triggers = ["${data.docker_registry_image.percona-mongodb-server.sha256_digest}"]
-}
-
-# Database versions shouldn't be upgraded
-data "docker_registry_image" "percona-mongodb-server" {
- name = "percona/percona-server-mongodb:3.4"
-}
diff --git a/db/network.tf b/db/network.tf
index 51783f7..72659f8 100644
--- a/db/network.tf
+++ a/db/network.tf
@@ -1,14 +1,3 @@
-resource "docker_network" "mongorocks" {
- name = "mongorocks"
- driver = "bridge"
- internal = false
-
- ipam_config {
- subnet = "172.20.0.0/29"
- gateway = "172.20.0.1"
- }
-}
-
resource "docker_network" "postgres" {
name = "postgres"
driver = "bridge"
diff --git a/db/outputs.tf b/db/outputs.tf
index 99b38ce..0db41e2 100644
--- a/db/outputs.tf
+++ a/db/outputs.tf
@@ -1,7 +1,3 @@
-output "networks-mongorocks" {
- value = "${docker_network.mongorocks.name}"
-}
-
output "postgres-network-id" {
value = "${docker_network.postgres.name}"
}
diff --git a/db/volumes.tf b/db/volumes.tf
index 677a4a2..7c6a85c 100644
--- a/db/volumes.tf
+++ a/db/volumes.tf
@@ -1,7 +1,3 @@
resource "docker_volume" "postgres_volume" {
name = "postgres_volume"
}
-
-resource "docker_volume" "mongorocks_data_volume" {
- name = "mongorocks_data_volume"
-}
diff --git a/docker/data.tf b/docker/data.tf
index de6834d..7305e7b 100644
--- a/docker/data.tf
+++ a/docker/data.tf
@@ -1,11 +1,7 @@
data "docker_registry_image" "traefik" {
name = "traefik:1.7"
}
-data "docker_registry_image" "wikijs" {
- name = "requarks/wiki:latest"
-}
-
data "docker_registry_image" "ubooquity" {
name = "linuxserver/ubooquity:latest"
}
diff --git a/docker/images.tf b/docker/images.tf
index 17a61f7..583dc7b 100644
--- a/docker/images.tf
+++ a/docker/images.tf
@@ -1,13 +1,8 @@
resource "docker_image" "traefik17" {
name = "${data.docker_registry_image.traefik.name}"
pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
}
-resource "docker_image" "wikijs" {
- name = "${data.docker_registry_image.wikijs.name}"
- pull_triggers = ["${data.docker_registry_image.wikijs.sha256_digest}"]
-}
-
resource "docker_image" "ubooquity" {
name = "${data.docker_registry_image.ubooquity.name}"
pull_triggers = ["${data.docker_registry_image.ubooquity.sha256_digest}"]
diff --git a/docker/variables.tf b/docker/variables.tf
index 6addbd4..bb8a347 100644
--- a/docker/variables.tf
+++ a/docker/variables.tf
@@ -51,5 +51,3 @@
}
# variable "links-mariadb" {}
-
-variable "networks-mongorocks" {}
diff --git a/docker/wiki.tf b/docker/wiki.tf
deleted file mode 100644
index bbfe43e..0000000 100644
--- a/docker/wiki.tf
+++ /dev/null
@@ -1,54 +1,0 @@
-resource "docker_container" "wiki" {
- name = "wiki"
- image = "${docker_image.wikijs.latest}"
-
- restart = "unless-stopped"
- destroy_grace_seconds = 30
- must_run = true
- memory = 300
-
- upload {
- content = "${file("${path.module}/conf/wiki.yml")}"
- file = "/var/wiki/config.yml"
- }
-
- volumes {
- host_path = "/mnt/xwing/logs/wiki"
- container_path = "/logs"
- }
-
- volumes {
- host_path = "/mnt/xwing/data/wiki/repo"
- container_path = "/repo"
- }
-
- volumes {
- host_path = "/mnt/xwing/data/wiki/data"
- container_path = "/data"
- }
-
- upload {
- content = "${file("${path.module}/conf/humans.txt")}"
- file = "/var/wiki/assets/humans.txt"
- }
-
- // The last header is a workaround for double header traefik bug
- // This might be actually breaking iframe till the 1.5 Final release.
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.rule", "Host:wiki.${var.domain}",
- "traefik.frontend.passHostHeader", "true",
- "traefik.port", 9999,
- "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
- ))}"
- networks = [
- "${var.networks-mongorocks}",
- "${docker_network.traefik.id}",
- ]
- env = [
- "WIKI_ADMIN_EMAIL=me@captnemo.in",
- "SESSION_SECRET=${var.wiki_session_secret}",
- ]
-}
diff --git a/media/gonic.tf b/media/gonic.tf
index 7253aa3..54f2277 100644
--- a/media/gonic.tf
+++ a/media/gonic.tf
@@ -34,41 +34,3 @@
}
]
}
-
-// Run a second instance, just for Audiobooks
-module "gonic-audio" {
- source = "../modules/container"
- image = "sentriz/gonic"
- name = "gonic-audio"
-
- resource {
- memory = "256"
- memory_swap = "256"
- }
-
- web {
- port = 80
- host = "audiobooks.bb8.fun"
- expose = true
- }
-
- env = [
- "GONIC_SCAN_INTERVAL=60",
- "GONIC_MUSIC_PATH=/books",
- "GONIC_DB_PATH=/data/gonic-audio.db"
- ]
-
- networks = "${list(docker_network.media.id, data.docker_network.bridge.id)}"
-
- volumes = [
- {
- host_path = "/mnt/xwing/config/gonic"
- container_path = "/data"
- },
- {
- host_path = "/mnt/xwing/media/Music/Audiobooks"
- container_path = "/books"
- read_only = true
- }
- ]
-}
diff --git a/docker/conf/wiki.tpl b/docker/conf/wiki.tpl
new file mode 100644
index 0000000..514458a 100644
--- /dev/null
+++ a/docker/conf/wiki.tpl
@@ -1,0 +1,15 @@
+port: 3000
+db:
+ type: postgres
+ host: postgres
+ port: 5432
+ user: wikijs
+ db: wikijs
+ pass: ${DB_PASSWORD}
+ssl:
+ enabled: false
+bindIP: 0.0.0.0
+logLevel: silly
+offline: true
+ha: false
+dataPath: /data
diff --git a/docker/conf/wiki.yml b/docker/conf/wiki.yml
deleted file mode 100644
index 0b95ad2..0000000 100644
--- a/docker/conf/wiki.yml
+++ /dev/null
@@ -1,142 +1,0 @@
-#######################################################################
-# Wiki.js - CONFIGURATION #
-#######################################################################
-# Full explanation + examples in the documentation:
-# https://docs.requarks.io/wiki/install
-# You can use an ENV variable by using $(ENV_VAR_NAME) as the value
-
-# ---------------------------------------------------------------------
-# Title of this site
-# ---------------------------------------------------------------------
-
-title: Scarif Wiki
-
-# ---------------------------------------------------------------------
-# Full public path to the site, without the trailing slash
-# ---------------------------------------------------------------------
-# INCLUDE CLIENT PORT IF NOT 80/443!
-
-host: https://wiki.bb8.fun
-
-# ---------------------------------------------------------------------
-# Port the main server should listen to (80 by default)
-# ---------------------------------------------------------------------
-# To use process.env.PORT, comment the line below:
-
-port: 9999
-
-# ---------------------------------------------------------------------
-# Data Directories
-# ---------------------------------------------------------------------
-
-paths:
- repo: /repo
- data: /data
-
-# ---------------------------------------------------------------------
-# Upload Limits
-# ---------------------------------------------------------------------
-# In megabytes (MB)
-
-uploads:
- maxImageFileSize: 5
- maxOtherFileSize: 100
-
-# ---------------------------------------------------------------------
-# Site Language
-# ---------------------------------------------------------------------
-# Possible values: en, de, es, fa, fr, ja, ko, nl, pt, ru, sr, tr or zh
-
-lang: en
-
-# Enable for right to left languages (e.g. arabic):
-langRtl: false
-
-# ---------------------------------------------------------------------
-# Site Authentication
-# ---------------------------------------------------------------------
-
-public: true
-
-auth:
- defaultReadAccess: false
- local:
- enabled: true
- google:
- enabled: false
- clientId: GOOGLE_CLIENT_ID
- clientSecret: GOOGLE_CLIENT_SECRET
-
-# ---------------------------------------------------------------------
-# Secret key to use when encrypting sessions
-# ---------------------------------------------------------------------
-# Use a long and unique random string (256-bit keys are perfect!)
-
-sessionSecret: $(SESSION_SECRET)
-
-# ---------------------------------------------------------------------
-# Database Connection String
-# ---------------------------------------------------------------------
-
-db: mongodb://mongorocks:27017/wiki
-
-# ---------------------------------------------------------------------
-# Git Connection Info (force disabled)
-# ---------------------------------------------------------------------
-
-# git: false
-git:
- url: https://git.captnemo.in/nemo/wiki
- branch: master
-# auth:
-
-# # Type: basic or ssh
-# type: ssh
-
-# # Only for Basic authentication:
-# username: marty
-# password: MartyMcFly88
-
-# # Only for SSH authentication:
-# privateKey: /etc/wiki/keys/git.pem
-
-# sslVerify: true
-
-# # Default email to use as commit author
-# serverEmail: marty@example.com
-
-# # Whether to use user email as author in commits
-# showUserEmail: true
-
-# ---------------------------------------------------------------------
-# Features
-# ---------------------------------------------------------------------
-# You can enable / disable specific features below
-
-features:
- linebreaks: true
- mathjax: false
-
-# ---------------------------------------------------------------------
-# External Logging
-# ---------------------------------------------------------------------
-
-externalLogging:
- bugsnag: false
- loggly: false
- papertrail: false
- rollbar: false
- sentry: false
-
-# ---------------------------------------------------------------------
-# Color Theme
-# ---------------------------------------------------------------------
-
-theme:
- primary: indigo
- alt: blue-grey
- viewSource: all # all | write | false
- footer: blue-grey
- code:
- dark: true
- colorize: true
--
rgit 0.1.5