From e06a21286a7a0d0b8f2243b74fbf2e13d3040020 Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Tue, 30 Jan 2018 01:39:36 +0530
Subject: [PATCH] Adds tt-rss and radarr
---
main.tf | 6 ++++++
variables.tf | 2 ++
docker/traefik.tf | 10 ++++++++++
media/radarr.tf | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
media/sonarr.tf | 2 ++
mysql/main.tf | 4 ----
tt-rss/db.tf | 16 ++++++++++++++++
tt-rss/main.tf | 40 ++++++++++++++++++++++++++++++++++++++++
tt-rss/variables.tf | 5 +++++
docker/conf/traefik.toml | 3 +++
10 files changed, 139 insertions(+), 4 deletions(-)
diff --git a/main.tf b/main.tf
index 60a41bd..318b7a7 100644
--- a/main.tf
+++ a/main.tf
@@ -32,6 +32,12 @@
domain = "radicale.bb8.fun"
}
+module "tt-rss" {
+ source = "tt-rss"
+ domain = "rss.captnemo.in"
+ mysql_password = "${var.mysql-ttrss-password}"
+}
+
module "media" {
source = "media"
domain = "bb8.fun"
diff --git a/variables.tf b/variables.tf
index 8a91d9d..7def103 100644
--- a/variables.tf
+++ a/variables.tf
@@ -21,6 +21,8 @@
variable "mysql_kodi_password" {}
+variable "mysql-ttrss-password" {}
+
variable "wiki_session_secret" {
type = "string"
}
diff --git a/docker/traefik.tf b/docker/traefik.tf
index 678ad37..2867786 100644
--- a/docker/traefik.tf
+++ a/docker/traefik.tf
@@ -57,6 +57,16 @@
file = "/etc/traefik/git.captnemo.in.key"
}
+ upload {
+ content = "${file("/home/nemo/projects/personal/certs/rss.captnemo.in/fullchain.pem")}"
+ file = "/etc/traefik/rss.captnemo.in.crt"
+ }
+
+ upload {
+ content = "${file("/home/nemo/projects/personal/certs/rss.captnemo.in/privkey.pem")}"
+ file = "/etc/traefik/rss.captnemo.in.key"
+ }
+
volumes {
host_path = "/var/run/docker.sock"
container_path = "/var/run/docker.sock"
diff --git a/media/radarr.tf b/media/radarr.tf
new file mode 100644
index 0000000..b198e4d 100644
--- /dev/null
+++ a/media/radarr.tf
@@ -1,0 +1,55 @@
+data "docker_registry_image" "radarr" {
+ name = "linuxserver/radarr:latest"
+}
+
+resource "docker_image" "radarr" {
+ name = "${data.docker_registry_image.radarr.name}"
+ pull_triggers = ["${data.docker_registry_image.radarr.sha256_digest}"]
+}
+
+resource docker_container "radarr" {
+ name = "radarr"
+ image = "${docker_image.radarr.latest}"
+
+ labels {
+ "traefik.port" = 7878
+ "traefik.enable" = "true"
+ "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
+ "traefik.frontend.headers.STSSeconds" = "2592000"
+ "traefik.frontend.headers.STSIncludeSubdomains" = "false"
+ "traefik.frontend.headers.contentTypeNosniff" = "true"
+ "traefik.frontend.headers.browserXSSFilter" = "true"
+ "traefik.frontend.passHostHeader" = "true"
+
+ # TODO: wildcard certs needed!
+ "traefik.frontend.rule" = "Host:git.${var.domain}"
+ }
+
+ memory = 512
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+
+ volumes {
+ host_path = "/mnt/xwing/config/radarr"
+ container_path = "/config"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/DL"
+ container_path = "/downloads"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/Movies"
+ container_path = "/movies"
+ }
+
+ env = [
+ "PUID=1004",
+ "PGID=1003",
+ "TZ=Asia/Kolkata",
+ ]
+
+ links = ["emby", "transmission"]
+}
diff --git a/media/sonarr.tf b/media/sonarr.tf
index fdda9e5..6c9a451 100644
--- a/media/sonarr.tf
+++ a/media/sonarr.tf
@@ -48,4 +48,6 @@
"PGID=1003",
"TZ=Asia/Kolkata",
]
+
+ links = ["emby", "transmission"]
}
diff --git a/mysql/main.tf b/mysql/main.tf
index d94e904..d3e0200 100644
--- a/mysql/main.tf
+++ a/mysql/main.tf
@@ -1,6 +1,3 @@
-# # This is pending on https://github.com/hashicorp/go-version/pull/34
-
-# Create a Database
resource "mysql_database" "lychee" {
name = "lychee"
}
@@ -18,7 +15,6 @@
privileges = ["ALL"]
}
-# Create a Database
resource "mysql_database" "airsonic" {
name = "airsonic"
}
diff --git a/tt-rss/db.tf b/tt-rss/db.tf
new file mode 100644
index 0000000..d790d1e 100644
--- /dev/null
+++ a/tt-rss/db.tf
@@ -1,0 +1,16 @@
+resource "mysql_database" "ttrss" {
+ name = "ttrss"
+}
+
+resource "mysql_user" "ttrss" {
+ user = "ttrss"
+ host = "%"
+ plaintext_password = "${var.mysql_password}"
+}
+
+resource "mysql_grant" "ttrss" {
+ user = "${mysql_user.ttrss.user}"
+ host = "${mysql_user.ttrss.host}"
+ database = "${mysql_database.ttrss.name}"
+ privileges = ["ALL"]
+}
diff --git a/tt-rss/main.tf b/tt-rss/main.tf
new file mode 100644
index 0000000..572ad6c 100644
--- /dev/null
+++ a/tt-rss/main.tf
@@ -1,0 +1,40 @@
+data "docker_registry_image" "tt-rss" {
+ name = "linuxserver/tt-rss:latest"
+}
+
+resource "docker_image" "tt-rss" {
+ name = "${data.docker_registry_image.tt-rss.name}"
+ pull_triggers = ["${data.docker_registry_image.tt-rss.sha256_digest}"]
+}
+
+resource docker_container "tt-rss" {
+ name = "tt-rss"
+ image = "${docker_image.tt-rss.latest}"
+
+ labels {
+ "traefik.port" = 80
+ "traefik.enable" = "true"
+ "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
+ "traefik.frontend.headers.STSSeconds" = "2592000"
+ "traefik.frontend.headers.STSIncludeSubdomains" = "false"
+ "traefik.frontend.headers.contentTypeNosniff" = "true"
+ "traefik.frontend.headers.browserXSSFilter" = "true"
+ "traefik.frontend.passHostHeader" = "true"
+ "traefik.frontend.rule" = "Host:${var.domain}"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/config/tt-rss"
+ container_path = "/config"
+ }
+
+ links = ["mariadb"]
+
+ env = [
+ "TZ=Asia/Kolkata",
+ ]
+
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+}
diff --git a/tt-rss/variables.tf b/tt-rss/variables.tf
new file mode 100644
index 0000000..882c3d4 100644
--- /dev/null
+++ a/tt-rss/variables.tf
@@ -1,0 +1,5 @@
+variable "domain" {
+ type = "string"
+}
+
+variable "mysql_password" {}
diff --git a/docker/conf/traefik.toml b/docker/conf/traefik.toml
index d9f6805..a016f92 100644
--- a/docker/conf/traefik.toml
+++ a/docker/conf/traefik.toml
@@ -11,6 +11,9 @@
[[entryPoints.https.tls.certificates]]
certFile = "/etc/traefik/git.captnemo.in.crt"
keyFile = "/etc/traefik/git.captnemo.in.key"
+ [[entryPoints.https.tls.certificates]]
+ certFile = "/etc/traefik/rss.captnemo.in.crt"
+ keyFile = "/etc/traefik/rss.captnemo.in.key"
[docker]
# Make sure you mount this as readonly
--
rgit 0.1.5