From c44c8f0249619c7a5eed29de39297e13ce4cb171 Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Wed, 27 Jun 2018 10:12:28 +0530
Subject: [PATCH] Adds postgres server and switches ttrss
---
main.tf | 19 +++++++++++--------
providers.tf | 8 ++++++++
variables.tf | 4 ++++
db/network.tf | 21 +++++++++++++++++++--
db/outputs.tf | 4 ++++
db/postgres.tf | 45 +++++++++++++++++++++++++++++++++++++++++++++
db/variables.tf | 6 ++++++
db/volumes.tf | 4 ++++
tt-rss/db-postgres.tf | 10 ++++++++++
tt-rss/db.tf | 16 ----------------
tt-rss/main.tf | 4 +---
tt-rss/variables.tf | 2 +-
12 files changed, 110 insertions(+), 33 deletions(-)
diff --git a/main.tf b/main.tf
index 97f1f1f..9a96c91 100644
--- a/main.tf
+++ a/main.tf
@@ -26,9 +26,10 @@
}
module "db" {
- source = "db"
- mysql_root_password = "${var.mysql_root_password}"
- ips = "${var.ips}"
+ source = "db"
+ mysql_root_password = "${var.mysql_root_password}"
+ postgres-root-password = "${var.postgres-root-password}"
+ ips = "${var.ips}"
}
module "timemachine" {
@@ -71,12 +72,12 @@
}
module "tt-rss" {
- source = "tt-rss"
- domain = "rss.captnemo.in"
- mysql_password = "${var.mysql-ttrss-password}"
- links-db = "${module.db.names-mariadb}"
- traefik-labels = "${var.traefik-common-labels}"
- traefik-network-id = "${module.docker.traefik-network-id}"
+ source = "tt-rss"
+ domain = "rss.captnemo.in"
+ mysql_password = "${var.mysql-ttrss-password}"
+ traefik-labels = "${var.traefik-common-labels}"
+ traefik-network-id = "${module.docker.traefik-network-id}"
+ postgres-network-id = "${module.db.postgres-network-id}"
}
module "rss-bridge" {
diff --git a/providers.tf b/providers.tf
index 39a8f54..94d9629 100644
--- a/providers.tf
+++ a/providers.tf
@@ -14,6 +14,14 @@
password = "${var.mysql_root_password}"
}
+provider "postgresql" {
+ host = "postgres.in.bb8.fun"
+ port = 5432
+ username = "postgres"
+ password = "${var.postgres-root-password}"
+ sslmode = "disable"
+}
+
provider "digitalocean" {
token = "${var.digitalocean-token}"
}
diff --git a/variables.tf b/variables.tf
index d8156f7..155b15c 100644
--- a/variables.tf
+++ a/variables.tf
@@ -15,6 +15,10 @@
type = "string"
}
+variable "postgres-root-password" {
+ type = "string"
+}
+
variable "mysql_lychee_password" {}
variable "mysql_airsonic_password" {}
diff --git a/db/network.tf b/db/network.tf
index 414a775..b7aee32 100644
--- a/db/network.tf
+++ a/db/network.tf
@@ -1,6 +1,7 @@
resource "docker_network" "mariadb" {
- name = "mariadb"
- driver = "bridge"
+ name = "mariadb"
+ driver = "bridge"
+ internal = true
ipam_config {
subnet = "172.19.0.0/28"
@@ -9,11 +10,23 @@
}
resource "docker_network" "mongorocks" {
- name = "mongorocks"
- driver = "bridge"
+ name = "mongorocks"
+ driver = "bridge"
+ internal = true
ipam_config {
subnet = "172.20.0.0/29"
gateway = "172.20.0.1"
+ }
+}
+
+resource "docker_network" "postgres" {
+ name = "postgres"
+ driver = "bridge"
+ internal = true
+
+ ipam_config {
+ subnet = "172.20.0.8/29"
+ gateway = "172.20.0.9"
}
}
diff --git a/db/outputs.tf b/db/outputs.tf
index 12eb24f..44e6640 100644
--- a/db/outputs.tf
+++ a/db/outputs.tf
@@ -5,3 +5,7 @@
output "networks-mongorocks" {
value = "${docker_network.mongorocks.name}"
}
+
+output "postgres-network-id" {
+ value = "${docker_network.postgres.name}"
+}
diff --git a/db/postgres.tf b/db/postgres.tf
new file mode 100644
index 0000000..ef905f8 100644
--- /dev/null
+++ a/db/postgres.tf
@@ -1,0 +1,45 @@
+resource "docker_container" "postgres" {
+ name = "postgres"
+ image = "${docker_image.postgres.latest}"
+
+ volumes {
+ volume_name = "${docker_volume.postgres_volume.name}"
+ container_path = "/var/lib/postgresql/data"
+ host_path = "${docker_volume.postgres_volume.mountpoint}"
+ }
+
+ // This is so that other host-only services can share this
+ ports {
+ internal = 5432
+ external = 5432
+ ip = "${var.ips["eth0"]}"
+ }
+
+ // This is a not-so-great idea
+ // TODO: Figure out a better way to make terraform SSH and then connect to localhost
+ ports {
+ internal = 5432
+ external = 5432
+ ip = "${var.ips["tun0"]}"
+ }
+
+ memory = 256
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+
+ env = [
+ "POSTGRES_PASSWORD=${var.postgres-root-password}",
+ ]
+
+ networks = ["${docker_network.postgres.id}"]
+}
+
+resource "docker_image" "postgres" {
+ name = "${data.docker_registry_image.postgres.name}"
+ pull_triggers = ["${data.docker_registry_image.postgres.sha256_digest}"]
+}
+
+data "docker_registry_image" "postgres" {
+ name = "postgres:${var.postgres-version}"
+}
diff --git a/db/variables.tf b/db/variables.tf
index 708e0b3..555c9fc 100644
--- a/db/variables.tf
+++ a/db/variables.tf
@@ -1,10 +1,16 @@
variable "mariadb-version" {
description = "mariadb version to use for fetching the docker image"
default = "10.2.14"
}
+variable "postgres-version" {
+ description = "postgres version to use for fetching the docker image"
+ default = "10-alpine"
+}
+
variable "ips" {
type = "map"
}
variable "mysql_root_password" {}
+variable "postgres-root-password" {}
diff --git a/db/volumes.tf b/db/volumes.tf
index 4a066c3..2ad7e2a 100644
--- a/db/volumes.tf
+++ a/db/volumes.tf
@@ -1,7 +1,11 @@
resource "docker_volume" "mariadb_volume" {
name = "mariadb_volume"
}
+resource "docker_volume" "postgres_volume" {
+ name = "postgres_volume"
+}
+
resource "docker_volume" "mongorocks_data_volume" {
name = "mongorocks_data_volume"
}
diff --git a/tt-rss/db-postgres.tf b/tt-rss/db-postgres.tf
new file mode 100644
index 0000000..833a41f 100644
--- /dev/null
+++ a/tt-rss/db-postgres.tf
@@ -1,0 +1,10 @@
+resource "postgresql_database" "ttrss" {
+ name = "ttrss"
+ owner = "ttrss"
+}
+
+resource "postgresql_role" "ttrss" {
+ name = "ttrss"
+ login = true
+ password = "${var.mysql_password}"
+}
diff --git a/tt-rss/db.tf b/tt-rss/db.tf
deleted file mode 100644
index d790d1e..0000000 100644
--- a/tt-rss/db.tf
+++ /dev/null
@@ -1,16 +1,0 @@
-resource "mysql_database" "ttrss" {
- name = "ttrss"
-}
-
-resource "mysql_user" "ttrss" {
- user = "ttrss"
- host = "%"
- plaintext_password = "${var.mysql_password}"
-}
-
-resource "mysql_grant" "ttrss" {
- user = "${mysql_user.ttrss.user}"
- host = "${mysql_user.ttrss.host}"
- database = "${mysql_database.ttrss.name}"
- privileges = ["ALL"]
-}
diff --git a/tt-rss/main.tf b/tt-rss/main.tf
index d209401..9e4e7ee 100644
--- a/tt-rss/main.tf
+++ a/tt-rss/main.tf
@@ -22,9 +22,7 @@
container_path = "/config"
}
- networks = ["${var.traefik-network-id}"]
-
- links = ["mariadb"]
+ networks = ["${var.traefik-network-id}", "${var.postgres-network-id}"]
env = [
"TZ=Asia/Kolkata",
diff --git a/tt-rss/variables.tf b/tt-rss/variables.tf
index d47b922..71629cf 100644
--- a/tt-rss/variables.tf
+++ a/tt-rss/variables.tf
@@ -1,9 +1,9 @@
variable "domain" {
type = "string"
}
variable "mysql_password" {}
-variable "links-db" {}
+variable "postgres-network-id" {}
variable "traefik-labels" {
type = "map"
--
rgit 0.1.5