2017-12-28 12:29:54 +00:00
|
|
|
resource docker_container "grafana" {
|
|
|
|
name = "grafana"
|
|
|
|
image = "${docker_image.grafana.latest}"
|
|
|
|
|
|
|
|
labels {
|
|
|
|
# "traefik.frontend.auth.basic" = "${var.basic_auth}"
|
2018-01-06 09:09:49 +00:00
|
|
|
"traefik.port" = 3000
|
|
|
|
"traefik.enable" = "true"
|
|
|
|
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
|
|
|
|
"traefik.frontend.headers.STSSeconds" = "2592000"
|
|
|
|
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
|
|
|
|
"traefik.frontend.headers.contentTypeNosniff" = "true"
|
|
|
|
"traefik.frontend.headers.browserXSSFilter" = "true"
|
|
|
|
|
2017-12-28 12:29:54 +00:00
|
|
|
# "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
|
|
|
|
# "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
|
|
|
|
}
|
|
|
|
|
|
|
|
volumes {
|
|
|
|
host_path = "/mnt/xwing/data/grafana"
|
|
|
|
container_path = "/var/lib/grafana"
|
|
|
|
}
|
|
|
|
|
|
|
|
links = ["prometheus"]
|
|
|
|
|
2018-01-06 09:09:49 +00:00
|
|
|
env = [
|
|
|
|
"GF_SECURITY_ADMIN_PASSWORD=${var.gf-security-admin-password}",
|
|
|
|
"GF_SERVER_ROOT_URL=https://grafana.${var.domain}",
|
|
|
|
]
|
|
|
|
|
2017-12-28 12:29:54 +00:00
|
|
|
restart = "unless-stopped"
|
|
|
|
destroy_grace_seconds = 10
|
|
|
|
must_run = true
|
|
|
|
}
|
|
|
|
|
|
|
|
resource docker_container "prometheus" {
|
|
|
|
name = "prometheus"
|
|
|
|
image = "${docker_image.prometheus.latest}"
|
|
|
|
|
2018-01-06 09:09:49 +00:00
|
|
|
# prometheus:prometheus
|
|
|
|
user = "985:983"
|
|
|
|
|
2017-12-28 13:20:38 +00:00
|
|
|
command = ["--config.file=/etc/prometheus/prometheus.yml"]
|
2017-12-28 12:29:54 +00:00
|
|
|
|
|
|
|
volumes {
|
|
|
|
host_path = "/mnt/xwing/data/prometheus"
|
|
|
|
container_path = "/prometheus"
|
|
|
|
}
|
|
|
|
|
|
|
|
upload {
|
|
|
|
content = "${file("${path.module}/config/prometheus.yml")}"
|
|
|
|
file = "/etc/prometheus/prometheus.yml"
|
|
|
|
}
|
|
|
|
|
2018-01-06 09:09:49 +00:00
|
|
|
links = ["nodeexporter", "cadvisor"]
|
2017-12-28 12:29:54 +00:00
|
|
|
|
|
|
|
restart = "unless-stopped"
|
|
|
|
destroy_grace_seconds = 10
|
|
|
|
must_run = true
|
|
|
|
}
|
|
|
|
|
|
|
|
resource docker_container "nodeexporter" {
|
|
|
|
name = "nodeexporter"
|
|
|
|
image = "${docker_image.nodeexporter.latest}"
|
|
|
|
|
|
|
|
volumes {
|
|
|
|
host_path = "/proc"
|
|
|
|
container_path = "/host/proc"
|
|
|
|
}
|
|
|
|
|
|
|
|
volumes {
|
|
|
|
host_path = "/sys"
|
|
|
|
container_path = "/host/sys"
|
|
|
|
}
|
|
|
|
|
|
|
|
volumes {
|
|
|
|
host_path = "/"
|
|
|
|
container_path = "/rootfs"
|
|
|
|
read_only = true
|
|
|
|
}
|
|
|
|
|
|
|
|
command = [
|
2018-01-06 08:21:03 +00:00
|
|
|
"--path.procfs=/host/proc",
|
|
|
|
"--path.sysfs=/host/sys",
|
2018-01-06 09:09:49 +00:00
|
|
|
"--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"",
|
2017-12-28 12:29:54 +00:00
|
|
|
]
|
|
|
|
|
|
|
|
restart = "unless-stopped"
|
|
|
|
destroy_grace_seconds = 10
|
|
|
|
must_run = true
|
|
|
|
}
|