From d4370f2b566f160bc5dc8dfa30166feab36f060c Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Sat, 21 Sep 2019 04:59:39 +0530
Subject: [PATCH] kaarana.org wordpress website
---
kaarana.tf | 20 ++++++++++++++++++++
kayak.tf | 17 ++++++++---------
providers.tf | 9 ++++++++-
server.tf | 1 +
kaarana/database.tf | 40 ++++++++++++++++++++++++++++++++++++++++
kaarana/images.tf | 26 ++++++++++++++++++++++++++
kaarana/traefik.tf | 11 +++++++++++
kaarana/vars.tf | 8 ++++++++
kaarana/wordpress.tf | 34 ++++++++++++++++++++++++++++++++++
9 files changed, 156 insertions(+), 10 deletions(-)
diff --git a/kaarana.tf b/kaarana.tf
new file mode 100644
index 0000000..e0fe45d 100644
--- /dev/null
+++ a/kaarana.tf
@@ -1,0 +1,20 @@
+# kaarana related stuff
+
+module "kaarana" {
+ source = "./kaarana"
+
+ root_db_password = "${data.pass_password.kaarana-root-db-password.password}"
+ db_password = "${data.pass_password.kaarana-db-password.password}"
+
+ providers = {
+ docker = "docker.sydney"
+ }
+}
+
+data "pass_password" "kaarana-root-db-password" {
+ path = "KAARANA_DB_ROOT_PASSWORD"
+}
+
+data "pass_password" "kaarana-db-password" {
+ path = "KAARANA_DB_PASSWORD"
+}
diff --git a/kayak.tf b/kayak.tf
index e76eff2..3b131b8 100644
--- a/kayak.tf
+++ a/kayak.tf
@@ -10,15 +10,14 @@
# docker = "docker.kayak"
# }
# }
-provider "docker" {
- host = "tcp://${cloudflare_record.kayak-docker.hostname}:2376"
- version = "~> 2.0.0"
- alias = "kayak"
- ca_material = "${module.kayak.docker_ca_cert}"
- cert_material = "${module.kayak.docker_client_cert}"
- key_material = "${module.kayak.docker_client_key}"
-}
-
+# provider "docker" {
+# host = "tcp://${cloudflare_record.kayak-docker.hostname}:2376"
+# version = "~> 2.0.0"
+# alias = "kayak"
+# ca_material = "${module.kayak.docker_ca_cert}"
+# cert_material = "${module.kayak.docker_client_cert}"
+# key_material = "${module.kayak.docker_client_key}"
+# }
# resource "cloudflare_record" "kayak-docker" {
# name = "docker.kayak"
# value = "${module.kayak.droplet_ipv4}"
diff --git a/providers.tf b/providers.tf
index dd9d533..5b660f3 100644
--- a/providers.tf
+++ a/providers.tf
@@ -1,7 +1,14 @@
provider "docker" {
host = "tcp://docker.vpn.bb8.fun:2376"
cert_path = "./secrets/tatooine"
- version = "~> 2.0.0"
+ version = "~> 2.2.0"
+}
+
+provider "docker" {
+ host = "tcp://docker.dovpn.bb8.fun:2376"
+ cert_path = "./secrets/sydney"
+ version = "~> 2.2.0"
+ alias = "sydney"
}
provider "kubernetes" {
diff --git a/server.tf b/server.tf
new file mode 100644
index 0000000..8b13789 100644
--- /dev/null
+++ a/server.tf
@@ -1,0 +1,1 @@
+
diff --git a/kaarana/database.tf b/kaarana/database.tf
new file mode 100644
index 0000000..48e7473 100644
--- /dev/null
+++ a/kaarana/database.tf
@@ -1,0 +1,40 @@
+// Create a small database network
+resource "docker_network" "kaarana-db" {
+ name = "kaarana-db"
+
+ labels = {
+ internal = "true"
+ role = "database"
+ }
+
+ internal = true
+
+ ipam_config {
+ subnet = "172.20.0.0/29"
+ gateway = "172.20.0.1"
+ }
+}
+
+// Run a small mySQL container in this subnet
+
+resource "docker_container" "mysql" {
+ image = "${docker_image.db.latest}"
+ name = "kaarana-mariadb"
+
+ env = [
+ "MYSQL_ROOT_PASSWORD=${var.root_db_password}",
+ "MYSQL_USER=${local.username}",
+ "MYSQL_PASSWORD=${var.db_password}",
+ "MYSQL_DATABASE=${local.database}",
+ ]
+
+ volumes {
+ host_path = "/mnt/disk/kaarana-db"
+ container_path = "/var/lib/mysql"
+ }
+
+ networks_advanced {
+ name = "kaarana-db"
+ aliases = ["${local.db_hostname}"]
+ }
+}
diff --git a/kaarana/images.tf b/kaarana/images.tf
new file mode 100644
index 0000000..f1e3e77 100644
--- /dev/null
+++ a/kaarana/images.tf
@@ -1,0 +1,26 @@
+data "docker_registry_image" "wp" {
+ name = "wordpress:latest"
+}
+
+resource "docker_image" "wp" {
+ name = "wordpress"
+ pull_triggers = ["${data.docker_registry_image.wp.sha256_digest}"]
+}
+
+data "docker_registry_image" "db" {
+ name = "mariadb:10.4"
+}
+
+resource "docker_image" "db" {
+ name = "mariadb"
+ pull_triggers = ["${data.docker_registry_image.db.sha256_digest}"]
+}
+
+data "docker_registry_image" "traefik" {
+ name = "traefik:v2.0"
+}
+
+resource "docker_image" "traefik" {
+ name = "traefik"
+ pull_triggers = ["${data.docker_registry_image.db.sha256_digest}"]
+}
diff --git a/kaarana/traefik.tf b/kaarana/traefik.tf
new file mode 100644
index 0000000..59107a6 100644
--- /dev/null
+++ a/kaarana/traefik.tf
@@ -1,0 +1,11 @@
+// Create a small database network
+resource "docker_network" "traefik" {
+ name = "traefik"
+
+ labels = {
+ internal = "true"
+ role = "ingress"
+ }
+
+ internal = true
+}
diff --git a/kaarana/vars.tf b/kaarana/vars.tf
new file mode 100644
index 0000000..a826515 100644
--- /dev/null
+++ a/kaarana/vars.tf
@@ -1,0 +1,8 @@
+variable "root_db_password" {}
+variable "db_password" {}
+
+locals {
+ username = "wordpress"
+ database = "wordpress"
+ db_hostname = "kaarana.db"
+}
diff --git a/kaarana/wordpress.tf b/kaarana/wordpress.tf
new file mode 100644
index 0000000..a06e00e 100644
--- /dev/null
+++ a/kaarana/wordpress.tf
@@ -1,0 +1,34 @@
+resource "docker_container" "wp" {
+ image = "${docker_image.wp.latest}"
+ name = "kaarana-wordpress"
+
+ env = [
+ "WORDPRESS_DB_HOST=${local.db_hostname}",
+ "WORDPRESS_DB_USER=${local.username}",
+ "WORDPRESS_DB_PASSWORD=${var.db_password}",
+ "WORDPRESS_DB_NAME=${local.database}",
+ "WORDPRESS_TABLE_PREFIX=",
+ ]
+
+ volumes {
+ host_path = "/mnt/disk/kaarana-wp"
+ container_path = "/var/www/html"
+ }
+
+ ports {
+ internal = 8080
+ external = 8213
+ ip = "10.8.0.1"
+ }
+
+ networks_advanced = [
+ {
+ name = "kaarana-db"
+ },
+ {
+ // TODO: Once configuration/plugins have stabilized
+ // remove internet access from wordpress
+ name = "bridge"
+ },
+ ]
+}
--
rgit 0.1.5