From 6275e7773d01b2634f1802cbaebc28674ace1b59 Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Wed, 07 Feb 2018 01:15:41 +0530
Subject: [PATCH] Move docker containers to own files
- Will be easier to refactor later
---
main.tf | 1 +
docker/airsonic.tf | 44 ++++++++++++++++++++++++++++++++++++++++++++
docker/couchpotato.tf | 40 ++++++++++++++++++++++++++++++++++++++++
docker/data.tf | 2 --
docker/debug.tf | 18 ++++++++++++++++++
docker/emby.tf | 36 ++++++++++++++++++++++++++++++++++++
docker/headphones.tf | 43 +++++++++++++++++++++++++++++++++++++++++++
docker/lychee.tf | 18 +++++-------------
docker/main.tf | 379 --------------------------------------------------------------------------------
docker/muximux.tf | 31 +++++++++++++++++++++++++++++++
docker/transmission.tf | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
docker/ubooquity.tf | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
docker/wiki.tf | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
monitoring/cadvisor.tf | 19 ++++++-------------
monitoring/main.tf | 18 +++++-------------
monitoring/variables.tf | 4 ++++
docker/conf/humans.txt | 2 +-
17 files changed, 395 insertions(+), 421 deletions(-)
diff --git a/main.tf b/main.tf
index 4ef5466..ad566d2 100644
--- a/main.tf
+++ a/main.tf
@@ -62,6 +62,7 @@
gf-security-admin-password = "${var.gf-security-admin-password}"
domain = "bb8.fun"
transmission = "${module.docker.names-transmission}"
+ traefik-labels = "${var.traefik-common-labels}"
}
module "digitalocean" {
diff --git a/docker/airsonic.tf b/docker/airsonic.tf
new file mode 100644
index 0000000..c246119 100644
--- /dev/null
+++ a/docker/airsonic.tf
@@ -1,0 +1,44 @@
+# resource "docker_container" "airsonic" {
+# name = "airsonic"
+# image = "${docker_image.airsonic.latest}"
+
+# restart = "unless-stopped"
+# destroy_grace_seconds = 30
+# must_run = true
+# memory = 800
+
+# volumes {
+# host_path = "/mnt/xwing/config/airsonic/data"
+# container_path = "/config"
+# }
+
+# volumes {
+# host_path = "/mnt/xwing/media/Music"
+# container_path = "/music"
+# }
+
+# volumes {
+# host_path = "/mnt/xwing/config/airsonic/playlists"
+# container_path = "/playlists"
+# }
+
+# volumes {
+# host_path = "/mnt/xwing/config/airsonic/podcasts"
+# container_path = "/podcasts"
+# }
+
+# labels {
+# "traefik.enable" = "true"
+# "traefik.port" = "4040"
+# "traefik.frontend.rule" = "Host:airsonic.in.${var.domain},airsonic.${var.domain}"
+# "traefik.frontend.passHostHeader" = "true"
+# }
+
+# # lounge:tatooine
+# env = [
+# "PUID=1004",
+# "PGID=1003",
+# "TZ=Asia/Kolkata",
+# "CONTEXT_PATH=https://airsonic.bb8.fun",
+# ]
+# }diff --git a/docker/couchpotato.tf b/docker/couchpotato.tf
new file mode 100644
index 0000000..0fcc605 100644
--- /dev/null
+++ a/docker/couchpotato.tf
@@ -1,0 +1,40 @@
+resource "docker_container" "couchpotato" {
+ name = "couchpotato"
+ image = "${docker_image.couchpotato.latest}"
+
+ volumes {
+ host_path = "/mnt/xwing/config/couchpotato"
+ container_path = "/config"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/DL"
+ container_path = "/downloads"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/Movies"
+ container_path = "/movies"
+ }
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.frontend.auth.basic", "${var.basic_auth}",
+ "traefik.port", 5050,
+ ))}"
+
+ memory = 256
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+
+ # Running as lounge:tatooine
+ env = [
+ "PUID=1004",
+ "PGID=1003",
+ "TZ=Asia/Kolkata",
+ ]
+
+ links = ["{docker_container.transmission.name}"]
+}diff --git a/docker/data.tf b/docker/data.tf
index 0362f29..37d2827 100644
--- a/docker/data.tf
+++ a/docker/data.tf
@@ -8,8 +8,6 @@
name = "jadsonlourenco/mongo-rocks:latest"
}
-# Leave all other apps at latesst
-
data "docker_registry_image" "emby" {
name = "emby/embyserver:latest"
}
diff --git a/docker/debug.tf b/docker/debug.tf
new file mode 100644
index 0000000..c14bc65 100644
--- /dev/null
+++ a/docker/debug.tf
@@ -1,0 +1,18 @@
+resource "docker_container" "headerdebug" {
+ name = "headerdebug"
+ image = "${docker_image.headerdebug.latest}"
+
+ restart = "unless-stopped"
+ destroy_grace_seconds = 30
+ must_run = true
+
+ memory = 16
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}",
+ "traefik.port", 8080,
+ "traefik.enable", "true",
+ ))}"
+}diff --git a/docker/emby.tf b/docker/emby.tf
new file mode 100644
index 0000000..c3f09e1 100644
--- /dev/null
+++ a/docker/emby.tf
@@ -1,0 +1,36 @@
+resource "docker_container" "emby" {
+ name = "emby"
+ image = "${docker_image.emby.latest}"
+
+ volumes {
+ host_path = "/mnt/xwing/config/emby"
+ container_path = "/config"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media"
+ container_path = "/media"
+ }
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.frontend.rule", "Host:emby.in.${var.domain},emby.${var.domain}",
+ "traefik.frontend.passHostHeader", "true",
+ "traefik.port", 8096,
+ ))}"
+
+ memory = 2048
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+
+ # Running as lounge:tatooine
+ env = [
+ "APP_USER=lounge",
+ "APP_UID=1004",
+ "APP_GID=1003",
+ "APP_CONFIG=/mnt/xwing/config",
+ "TZ=Asia/Kolkata",
+ ]
+}diff --git a/docker/headphones.tf b/docker/headphones.tf
new file mode 100644
index 0000000..bda2c44 100644
--- /dev/null
+++ a/docker/headphones.tf
@@ -1,0 +1,43 @@
+resource "docker_container" "headphones" {
+ name = "headphones"
+ image = "${docker_image.headphones.latest}"
+
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+ memory = 128
+
+ volumes {
+ host_path = "/mnt/xwing/config/headphones"
+ container_path = "/config"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/DL"
+ container_path = "/downloads"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/Music"
+ container_path = "/music"
+ }
+
+ upload {
+ content = "${file("${path.module}/conf/headphones.ini")}"
+ file = "/config/config.ini"
+ }
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.frontend.auth.basic", "${var.basic_auth}",
+ "traefik.port", 8181,
+ ))}"
+
+ # lounge:tatooine
+ env = [
+ "PUID=1004",
+ "PGID=1003",
+ "TZ=Asia/Kolkata",
+ ]
+}diff --git a/docker/lychee.tf b/docker/lychee.tf
index 4f40ae8..3f5476b 100644
--- a/docker/lychee.tf
+++ a/docker/lychee.tf
@@ -21,19 +21,11 @@
file = "/config/lychee/user.ini"
}
- labels {
- "traefik.port" = 80
- "traefik.frontend.passHostHeader" = "false"
- "traefik.enable" = "true"
- "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
- "traefik.frontend.headers.STSIncludeSubdomains" = "false"
- "traefik.frontend.headers.contentTypeNosniff" = "true"
- "traefik.frontend.headers.browserXSSFilter" = "true"
- "traefik.frontend.headers.STSSeconds" = "2592000"
- "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
- "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
- "traefik.frontend.rule" = "Host:pics.${var.domain},pics.in.${var.domain}"
- }
+ labels = "${merge(
+ locals.traefik_common_labels, map(
+ "traefik.port", 80,
+ "traefik.frontend.rule","Host:pics.${var.domain},pics.in.${var.domain}"
+ ))}"
env = [
"PUID=986",
diff --git a/docker/main.tf b/docker/main.tf
index 1436b3a..e69de29 100644
--- a/docker/main.tf
+++ a/docker/main.tf
@@ -1,379 +1,0 @@
-resource docker_container "transmission" {
- name = "transmission"
- image = "${docker_image.transmission.latest}"
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.auth.basic", "${var.basic_auth}",
- "traefik.port", 9091,
- ))}"
-
- ports {
- internal = 51413
- external = 51413
- ip = "${var.ips["eth0"]}"
- protocol = "udp"
- }
-
- volumes {
- host_path = "/mnt/xwing/config/transmission"
- container_path = "/config"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/DL"
- container_path = "/downloads"
- }
-
- volumes {
- host_path = "/mnt/xwing/data/watch/transmission"
- container_path = "/watch"
- }
-
- upload {
- content = "${file("${path.module}/conf/transmission.json")}"
- file = "/config/settings.json"
- }
-
- env = [
- "PGID=1003",
- "PUID=1000",
- "TZ=Asia/Kolkata",
- ]
-
- memory = 1024
- restart = "unless-stopped"
- destroy_grace_seconds = 10
- must_run = true
-}
-
-resource "docker_container" "emby" {
- name = "emby"
- image = "${docker_image.emby.latest}"
-
- volumes {
- host_path = "/mnt/xwing/config/emby"
- container_path = "/config"
- }
-
- volumes {
- host_path = "/mnt/xwing/media"
- container_path = "/media"
- }
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.rule", "Host:emby.in.${var.domain},emby.${var.domain}",
- "traefik.frontend.passHostHeader", "true",
- "traefik.port", 8096,
- ))}"
-
- memory = 2048
- restart = "unless-stopped"
- destroy_grace_seconds = 10
- must_run = true
-
- # Running as lounge:tatooine
- env = [
- "APP_USER=lounge",
- "APP_UID=1004",
- "APP_GID=1003",
- "APP_CONFIG=/mnt/xwing/config",
- "TZ=Asia/Kolkata",
- ]
-}
-
-resource "docker_container" "couchpotato" {
- name = "couchpotato"
- image = "${docker_image.couchpotato.latest}"
-
- volumes {
- host_path = "/mnt/xwing/config/couchpotato"
- container_path = "/config"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/DL"
- container_path = "/downloads"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/Movies"
- container_path = "/movies"
- }
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.auth.basic", "${var.basic_auth}",
- "traefik.port", 5050,
- ))}"
-
- memory = 256
- restart = "unless-stopped"
- destroy_grace_seconds = 10
- must_run = true
-
- # Running as lounge:tatooine
- env = [
- "PUID=1004",
- "PGID=1003",
- "TZ=Asia/Kolkata",
- ]
-
- links = ["{docker_container.transmission.name}"]
-}
-
-# resource "docker_container" "airsonic" {
-# name = "airsonic"
-# image = "${docker_image.airsonic.latest}"
-
-# restart = "unless-stopped"
-# destroy_grace_seconds = 30
-# must_run = true
-# memory = 800
-
-# volumes {
-# host_path = "/mnt/xwing/config/airsonic/data"
-# container_path = "/config"
-# }
-
-# volumes {
-# host_path = "/mnt/xwing/media/Music"
-# container_path = "/music"
-# }
-
-# volumes {
-# host_path = "/mnt/xwing/config/airsonic/playlists"
-# container_path = "/playlists"
-# }
-
-# volumes {
-# host_path = "/mnt/xwing/config/airsonic/podcasts"
-# container_path = "/podcasts"
-# }
-
-# labels {
-# "traefik.enable" = "true"
-# "traefik.port" = "4040"
-# "traefik.frontend.rule" = "Host:airsonic.in.${var.domain},airsonic.${var.domain}"
-# "traefik.frontend.passHostHeader" = "true"
-# }
-
-# # lounge:tatooine
-# env = [
-# "PUID=1004",
-# "PGID=1003",
-# "TZ=Asia/Kolkata",
-# "CONTEXT_PATH=https://airsonic.bb8.fun",
-# ]
-# }
-
-resource "docker_container" "headerdebug" {
- name = "headerdebug"
- image = "${docker_image.headerdebug.latest}"
-
- restart = "unless-stopped"
- destroy_grace_seconds = 30
- must_run = true
-
- memory = 16
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}",
- "traefik.port", 8080,
- "traefik.enable", "true",
- ))}"
-}
-
-resource "docker_container" "headphones" {
- name = "headphones"
- image = "${docker_image.headphones.latest}"
-
- restart = "unless-stopped"
- destroy_grace_seconds = 10
- must_run = true
- memory = 128
-
- volumes {
- host_path = "/mnt/xwing/config/headphones"
- container_path = "/config"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/DL"
- container_path = "/downloads"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/Music"
- container_path = "/music"
- }
-
- upload {
- content = "${file("${path.module}/conf/headphones.ini")}"
- file = "/config/config.ini"
- }
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.auth.basic", "${var.basic_auth}",
- "traefik.port", 8181,
- ))}"
-
- # lounge:tatooine
- env = [
- "PUID=1004",
- "PGID=1003",
- "TZ=Asia/Kolkata",
- ]
-}
-
-resource "docker_container" "ubooquity" {
- name = "ubooquity"
- image = "${docker_image.ubooquity.latest}"
-
- restart = "unless-stopped"
- destroy_grace_seconds = 30
- must_run = true
-
- volumes {
- host_path = "/mnt/xwing/config/ubooquity"
- container_path = "/config"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/EBooks"
- container_path = "/books"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/EBooks"
- container_path = "/files"
- }
-
- volumes {
- host_path = "/mnt/xwing/media/EBooks/Comics"
- container_path = "/comics"
- }
-
- labels {
- "traefik.enable" = "true"
-
- "traefik.admin.port" = 2203
- "traefik.admin.frontend.rule" = "Host:library.${var.domain}"
- "traefik.admin.frontend.auth.basic" = "${var.basic_auth}"
-
- "traefik.read.port" = 2202
- "traefik.read.frontend.rule" = "Host:read.${var.domain}"
-
- "traefik.read.frontend.headers.SSLTemporaryRedirect" = "true"
- "traefik.read.frontend.headers.STSSeconds" = "2592000"
- "traefik.read.frontend.headers.STSIncludeSubdomains" = "false"
- "traefik.read.frontend.headers.contentTypeNosniff" = "true"
- "traefik.read.frontend.headers.browserXSSFilter" = "true"
- "traefik.read.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
- "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
- }
-
- upload {
- content = "${file("${path.module}/conf/ubooquity.json")}"
- file = "/config/preferences.json"
- }
-
- # lounge:tatooine
- env = [
- "PUID=1004",
- "PGID=1003",
- "MAXMEM=800",
- ]
-}
-
-resource "docker_container" "wiki" {
- name = "wiki"
- image = "${docker_image.wikijs.latest}"
-
- restart = "unless-stopped"
- destroy_grace_seconds = 30
- must_run = true
- memory = 300
-
- upload {
- content = "${file("${path.module}/conf/wiki.yml")}"
- file = "/var/wiki/config.yml"
- }
-
- volumes {
- host_path = "/mnt/xwing/logs/wiki"
- container_path = "/logs"
- }
-
- volumes {
- host_path = "/mnt/xwing/data/wiki/repo"
- container_path = "/repo"
- }
-
- volumes {
- host_path = "/mnt/xwing/data/wiki/data"
- container_path = "/data"
- }
-
- upload {
- content = "${file("${path.module}/conf/humans.txt")}"
- file = "/var/wiki/assets/humans.txt"
- }
-
- // The last header is a workaround for double header traefik bug
- // This might be actually breaking iframe till the 1.5 Final release.
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.frontend.rule", "Host:wiki.${var.domain}",
- "traefik.frontend.passHostHeader", "true",
- "traefik.port", 9999,
- "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
- ))}"
- links = ["${docker_container.mongorocks.name}"]
- env = [
- "WIKI_ADMIN_EMAIL=me@captnemo.in",
- "SESSION_SECRET=${var.wiki_session_secret}",
- ]
-}
-
-resource "docker_container" "muximux" {
- name = "muximux"
- image = "${docker_image.muximux.latest}"
- memory = 64
-
- restart = "unless-stopped"
- destroy_grace_seconds = 10
- must_run = true
-
- volumes {
- host_path = "/mnt/xwing/config/muximux"
- container_path = "/config"
- }
-
- labels = "${merge(
- local.traefik_common_labels,
- map(
- "traefik.port", 80,
- "traefik.frontend.headers.frameDeny", "true",
- "traefik.frontend.passHostHeader", "false",
- "traefik.frontend.auth.basic", "${var.basic_auth}",
- "traefik.frontend.rule", "Host:home.in.${var.domain},home.${var.domain}",
- ))}"
-
- # lounge:tatooine
- env = [
- "PUID=1004",
- "PGID=1003",
- "TZ=Asia/Kolkata",
- ]
-}
diff --git a/docker/muximux.tf b/docker/muximux.tf
new file mode 100644
index 0000000..8a7b5bb 100644
--- /dev/null
+++ a/docker/muximux.tf
@@ -1,0 +1,31 @@
+resource "docker_container" "muximux" {
+ name = "muximux"
+ image = "${docker_image.muximux.latest}"
+ memory = 64
+
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+
+ volumes {
+ host_path = "/mnt/xwing/config/muximux"
+ container_path = "/config"
+ }
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.port", 80,
+ "traefik.frontend.headers.frameDeny", "true",
+ "traefik.frontend.passHostHeader", "false",
+ "traefik.frontend.auth.basic", "${var.basic_auth}",
+ "traefik.frontend.rule", "Host:home.in.${var.domain},home.${var.domain}",
+ ))}"
+
+ # lounge:tatooine
+ env = [
+ "PUID=1004",
+ "PGID=1003",
+ "TZ=Asia/Kolkata",
+ ]
+}
diff --git a/docker/transmission.tf b/docker/transmission.tf
new file mode 100644
index 0000000..d7afb62 100644
--- /dev/null
+++ a/docker/transmission.tf
@@ -1,0 +1,49 @@
+resource docker_container "transmission" {
+ name = "transmission"
+ image = "${docker_image.transmission.latest}"
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.frontend.auth.basic", "${var.basic_auth}",
+ "traefik.port", 9091,
+ ))}"
+
+ ports {
+ internal = 51413
+ external = 51413
+ ip = "${var.ips["eth0"]}"
+ protocol = "udp"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/config/transmission"
+ container_path = "/config"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/DL"
+ container_path = "/downloads"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/data/watch/transmission"
+ container_path = "/watch"
+ }
+
+ upload {
+ content = "${file("${path.module}/conf/transmission.json")}"
+ file = "/config/settings.json"
+ }
+
+ env = [
+ "PGID=1003",
+ "PUID=1000",
+ "TZ=Asia/Kolkata",
+ ]
+
+ memory = 1024
+ restart = "unless-stopped"
+ destroy_grace_seconds = 10
+ must_run = true
+}
diff --git a/docker/ubooquity.tf b/docker/ubooquity.tf
new file mode 100644
index 0000000..bd30ad1 100644
--- /dev/null
+++ a/docker/ubooquity.tf
@@ -1,0 +1,59 @@
+resource "docker_container" "ubooquity" {
+ name = "ubooquity"
+ image = "${docker_image.ubooquity.latest}"
+
+ restart = "unless-stopped"
+ destroy_grace_seconds = 30
+ must_run = true
+
+ volumes {
+ host_path = "/mnt/xwing/config/ubooquity"
+ container_path = "/config"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/EBooks"
+ container_path = "/books"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/EBooks"
+ container_path = "/files"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/media/EBooks/Comics"
+ container_path = "/comics"
+ }
+
+ labels {
+ "traefik.enable" = "true"
+
+ "traefik.admin.port" = 2203
+ "traefik.admin.frontend.rule" = "Host:library.${var.domain}"
+ "traefik.admin.frontend.auth.basic" = "${var.basic_auth}"
+
+ "traefik.read.port" = 2202
+ "traefik.read.frontend.rule" = "Host:read.${var.domain}"
+
+ "traefik.read.frontend.headers.SSLTemporaryRedirect" = "true"
+ "traefik.read.frontend.headers.STSSeconds" = "2592000"
+ "traefik.read.frontend.headers.STSIncludeSubdomains" = "false"
+ "traefik.read.frontend.headers.contentTypeNosniff" = "true"
+ "traefik.read.frontend.headers.browserXSSFilter" = "true"
+ "traefik.read.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
+ "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
+ }
+
+ upload {
+ content = "${file("${path.module}/conf/ubooquity.json")}"
+ file = "/config/preferences.json"
+ }
+
+ # lounge:tatooine
+ env = [
+ "PUID=1004",
+ "PGID=1003",
+ "MAXMEM=800",
+ ]
+}
diff --git a/docker/wiki.tf b/docker/wiki.tf
new file mode 100644
index 0000000..7f54901 100644
--- /dev/null
+++ a/docker/wiki.tf
@@ -1,0 +1,53 @@
+resource "docker_container" "wiki" {
+ name = "wiki"
+ image = "${docker_image.wikijs.latest}"
+
+ restart = "unless-stopped"
+ destroy_grace_seconds = 30
+ must_run = true
+ memory = 300
+
+ upload {
+ content = "${file("${path.module}/conf/wiki.yml")}"
+ file = "/var/wiki/config.yml"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/logs/wiki"
+ container_path = "/logs"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/data/wiki/repo"
+ container_path = "/repo"
+ }
+
+ volumes {
+ host_path = "/mnt/xwing/data/wiki/data"
+ container_path = "/data"
+ }
+
+ upload {
+ content = "${file("${path.module}/conf/humans.txt")}"
+ file = "/var/wiki/assets/humans.txt"
+ }
+
+ // The last header is a workaround for double header traefik bug
+ // This might be actually breaking iframe till the 1.5 Final release.
+
+ labels = "${merge(
+ local.traefik_common_labels,
+ map(
+ "traefik.frontend.rule", "Host:wiki.${var.domain}",
+ "traefik.frontend.passHostHeader", "true",
+ "traefik.port", 9999,
+ "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
+ ))}"
+
+ links = ["${docker_container.mongorocks.name}"]
+
+ env = [
+ "WIKI_ADMIN_EMAIL=me@captnemo.in",
+ "SESSION_SECRET=${var.wiki_session_secret}",
+ ]
+}
diff --git a/monitoring/cadvisor.tf b/monitoring/cadvisor.tf
index 9383f1c..c062b2b 100644
--- a/monitoring/cadvisor.tf
+++ a/monitoring/cadvisor.tf
@@ -36,17 +36,10 @@
container_path = "/var/run"
}
- labels {
- "traefik.frontend.auth.basic" = "${var.basic_auth}"
- "traefik.port" = 8080
- "traefik.enable" = "true"
- "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
- "traefik.frontend.headers.STSSeconds" = "2592000"
- "traefik.frontend.headers.STSIncludeSubdomains" = "false"
- "traefik.frontend.headers.contentTypeNosniff" = "true"
- "traefik.frontend.headers.browserXSSFilter" = "true"
- "traefik.frontend.passHostHeader" = "true"
- "traefik.frontend.headers.customFrameOptionsValue" = "ALLOW-FROM https://home.bb8.fun/"
- "traefik.frontend.headers.customResponseHeaders" = "X-Powered-By:Allomancy||X-Server:Blackbox"
- }
+ labels = "${merge(
+ var.traefik-labels, map(
+ "traefik.port", 8080,
+ "traefik.frontend.rule","Host:cadvisor.${var.domain}",
+ "traefik.frontend.auth.basic", "${var.basic_auth}"
+ ))}"
}
diff --git a/monitoring/main.tf b/monitoring/main.tf
index 22b8600..eea6909 100644
--- a/monitoring/main.tf
+++ a/monitoring/main.tf
@@ -1,20 +1,12 @@
resource docker_container "grafana" {
name = "grafana"
image = "${docker_image.grafana.latest}"
- labels {
- # "traefik.frontend.auth.basic" = "${var.basic_auth}"
- "traefik.port" = 3000
- "traefik.enable" = "true"
- "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
- "traefik.frontend.headers.STSSeconds" = "2592000"
- "traefik.frontend.headers.STSIncludeSubdomains" = "false"
- "traefik.frontend.headers.contentTypeNosniff" = "true"
- "traefik.frontend.headers.browserXSSFilter" = "true"
-
- # "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
- # "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
- }
+ labels = "${merge(
+ var.traefik-labels, map(
+ "traefik.port", 3000,
+ "traefik.frontend.rule","Host:grafana.${var.domain}"
+ ))}"
volumes {
host_path = "/mnt/xwing/data/grafana"
diff --git a/monitoring/variables.tf b/monitoring/variables.tf
index 5190320..b203384 100644
--- a/monitoring/variables.tf
+++ a/monitoring/variables.tf
@@ -25,3 +25,7 @@
variable "basic_auth" {
default = "tatooine:$2y$05$iPbatint3Gulbs6kUtyALO9Yq5sBJ..aiF82bcIziH4ytz9nFoPr6"
}
+
+variable "traefik-labels" {
+ type = "map"
+}
diff --git a/docker/conf/humans.txt b/docker/conf/humans.txt
index 5929a94..e82208f 100644
--- a/docker/conf/humans.txt
+++ a/docker/conf/humans.txt
@@ -1,10 +1,10 @@
/* TEAM */
Captain: Nemo (Abhay Rana)
Contact: git [at] captnemo.in
Twitter: @captn3m0
/* SITE */
- Last update: Jan 2018
+ Last update: Feb 2018
Language: English
IDE: Sublime Text, Vim
Runs-On: Docker
--
rgit 0.1.5