From dea37a5319999e4f4a66e81cbbad1cfe037b760d Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Tue, 31 Jul 2018 14:07:08 +0530
Subject: [PATCH] Cleaner module for web configuration
---
heimdall.tf | 20 ++++++++++++++++++++
miniflux.tf | 8 +++++---
monicahq.tf | 7 ++++---
requestbin.tf | 11 ++++++-----
docker/data.tf | 4 ----
docker/debug.tf | 30 ++++++++++--------------------
heimdall/main.tf | 36 ------------------------------------
heimdall/variables.tf | 13 -------------
modules/container/main.tf | 14 ++++++++++----
modules/container/vars.tf | 32 ++++++++++++++++++++------------
10 files changed, 71 insertions(+), 104 deletions(-)
diff --git a/heimdall.tf b/heimdall.tf
new file mode 100644
index 0000000..ac18600 100644
--- /dev/null
+++ a/heimdall.tf
@@ -1,0 +1,20 @@
+module "heimdall" {
+ name = "heimdall"
+ source = "modules/container"
+ image = "linuxserver/heimdall:latest"
+
+ // Default is port 80
+ web {
+ expose = true
+ port = 443
+ protocol = "https"
+ basicauth = "true"
+ host = "home.bb8.fun"
+ }
+
+ networks = "${list(module.docker.traefik-network-id)}"
+
+ env = [
+ "TZ=Asia/Kolkata",
+ ]
+}
diff --git a/miniflux.tf b/miniflux.tf
index 6e44ed3..49a3967 100644
--- a/miniflux.tf
+++ a/miniflux.tf
@@ -1,11 +1,13 @@
module "miniflux-container" {
name = "miniflux"
source = "modules/container"
image = "miniflux/miniflux:2.0.10"
- expose-web = true
- web-port = 8080
- web-domain = "rss.captnemo.in"
+ web {
+ expose = true
+ port = 8080
+ host = "rss.captnemo.in"
+ }
networks = "${list(module.docker.traefik-network-id,module.db.postgres-network-id)}"
diff --git a/monicahq.tf b/monicahq.tf
index d3df47a..fdd2be3 100644
--- a/monicahq.tf
+++ a/monicahq.tf
@@ -1,11 +1,12 @@
module "monicahq-container" {
name = "monica"
source = "modules/container"
image = "monicahq/monicahq:latest"
- // Default is port 80
- expose-web = true
- web-domain = "monica.${var.root-domain}"
+ web {
+ expose = true
+ host = "monica.${var.root-domain}"
+ }
networks = "${list(module.docker.traefik-network-id,module.db.postgres-network-id)}"
diff --git a/requestbin.tf b/requestbin.tf
index ebfd84a..596d1fd 100644
--- a/requestbin.tf
+++ a/requestbin.tf
@@ -1,14 +1,15 @@
module "requestbin" {
name = "requestbin"
source = "./modules/container"
image = "jankysolutions/requestbin:latest"
// Default is port 80
- expose-web = true
- web-domain = "requestbin.${var.root-domain}"
-
- networks = "${list(module.docker.traefik-network-id)}"
-
+ web {
+ expose = true
+ host = "requestbin.${var.root-domain}"
+ }
+
+ networks = "${list(module.docker.traefik-network-id)}"
destroy_grace_seconds = 10
must_run = true
}
diff --git a/docker/data.tf b/docker/data.tf
index 5571d19..eb7a06d 100644
--- a/docker/data.tf
+++ a/docker/data.tf
@@ -12,10 +12,6 @@
name = "linuxserver/ubooquity:latest"
}
-data "docker_registry_image" "headerdebug" {
- name = "jmalloc/echo-server:latest"
-}
-
data "docker_registry_image" "lychee" {
name = "linuxserver/lychee:latest"
}
diff --git a/docker/debug.tf b/docker/debug.tf
index c9b34a6..40011ef 100644
--- a/docker/debug.tf
+++ a/docker/debug.tf
@@ -1,23 +1,11 @@
-resource "docker_container" "headerdebug" {
- name = "headerdebug"
- image = "${docker_image.headerdebug.latest}"
- restart = "unless-stopped"
- destroy_grace_seconds = 30
- must_run = true
- memory = 16
+module "echo-server" {
+ source = "../modules/container"
+ name = "echo-server"
+ image = "jmalloc/echo-server:latest"
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}",
- "traefik.port", 8080,
- "traefik.enable", "true",
- ))}"
-}
-
-# Helps debug traefik reverse proxy headers
-# Highly recommended!
-resource "docker_image" "headerdebug" {
- name = "${data.docker_registry_image.headerdebug.name}"
- pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
+ web {
+ expose = true
+ port = 8080
+ domain = "debug.${var.domain},debug.in.${var.domain}"
+ }
}
diff --git a/heimdall/main.tf b/heimdall/main.tf
deleted file mode 100644
index 61028aa..0000000 100644
--- a/heimdall/main.tf
+++ /dev/null
@@ -1,36 +1,0 @@
-data "docker_registry_image" "heimdall" {
- name = "linuxserver/heimdall:latest"
-}
-
-resource "docker_image" "heimdall" {
- name = "${data.docker_registry_image.heimdall.name}"
- pull_triggers = ["${data.docker_registry_image.heimdall.sha256_digest}"]
-}
-
-resource "docker_container" "heimdall" {
- name = "heimdall"
- image = "${docker_image.heimdall.latest}"
-
- labels = "${merge(
- var.traefik-labels, map(
- "traefik.port", "443",
- "traefik.protocol", "https",
- "traefik.frontend.rule","Host:${var.domain}",
- "traefik.frontend.auth.basic", "${var.auth-header}",
- ))}"
-
- networks = ["${var.traefik-network-id}"]
-
- volumes {
- host_path = "/mnt/xwing/config/heimdall"
- container_path = "/config"
- }
-
- env = [
- "TZ=Asia/Kolkata",
- ]
-
- restart = "unless-stopped"
- destroy_grace_seconds = 10
- must_run = true
-}
diff --git a/heimdall/variables.tf b/heimdall/variables.tf
deleted file mode 100644
index c3f4e61..0000000 100644
--- a/heimdall/variables.tf
+++ /dev/null
@@ -1,13 +1,0 @@
-variable "domain" {
- type = "string"
-}
-
-variable "auth-header" {
- type = "string"
-}
-
-variable "traefik-labels" {
- type = "map"
-}
-
-variable "traefik-network-id" {}
diff --git a/modules/container/main.tf b/modules/container/main.tf
index e67b3af..00e07dd 100644
--- a/modules/container/main.tf
+++ a/modules/container/main.tf
@@ -17,12 +17,18 @@
entrypoint = "${var.entrypoint}"
user = "${var.user}"
networks = ["${var.networks}"]
+ memory = "${lookup(var.resource, "memory")}"
- labels = "${merge(var.labels, var.expose-web ?
+ // Only add traefik labels if web.expose=true
+ // Only add basicauth config if web.basicauth=true
+ labels = "${merge(var.labels, lookup(var.web, "expose", "false") ?
merge(local.traefik-common-labels, map(
- "traefik.port", var.web-port,
- "traefik.frontend.rule", "Host:${var.web-domain}",
- )) : map())}"
+ "traefik.port", lookup(var.web, "port", "80"),
+ "traefik.frontend.rule", "Host:${lookup(var.web, "host", "")}",
+ "traefik.protocol", lookup(var.web, "protocol", "http"),
+ )) : map(), lookup(var.web, "basicauth", "false") ? map(
+ "traefik.frontend.auth.basic", var.auth-header
+ ) : map())}"
destroy_grace_seconds = "${var.destroy_grace_seconds}"
must_run = "${var.must_run}"
diff --git a/modules/container/vars.tf b/modules/container/vars.tf
index d987f54..685c6f5 100644
--- a/modules/container/vars.tf
+++ a/modules/container/vars.tf
@@ -64,24 +64,26 @@
default = "X-Powered-By:Allomancy||X-Server:Blackbox"
}
-variable "expose-web" {
- description = "Whether to expose the application on the web"
- default = "false"
-}
+variable "web" {
+ description = "Web Configuration"
-variable "web-port" {
- description = "Port to expose using traefik"
- default = "80"
- type = "string"
+ default = {
+ expose = "false"
+ port = "80"
+ host = ""
+ protocol = "http"
+ basicauth = "false"
+ }
}
-variable "web-domain" {
- description = "Domain to use while exposing the application"
- default = ""
- type = "string"
+variable "auth-header" {
+ default = "tatooine:$2y$05$iPbatint3Gulbs6kUtyALO9Yq5sBJ..aiF82bcIziH4ytz9nFoPr6,reddit:$2y$05$ghKxSydYCpAT8r2VVMDmWO/BBecghGfLsRJUkr3ii7XxPyxBqp8Oy"
}
+
+variable "resource" {
+ description = "Resource usage for the container"
-variable "web-basicauth" {
- description = "Whether to add basic auth check on the application"
- default = "false"
+ default = {
+ memory = ""
+ }
}
--
rgit 0.1.5