Make link dependencies explicit
This commit is contained in:
parent
db38793584
commit
1aaf4e5c4b
|
@ -41,7 +41,6 @@ Currently running the following (all links are to the `store.docker.com` links f
|
|||
|
||||
- [Emby](https://store.docker.com/community/images/emby/embyserver) Media Server
|
||||
- [CouchPotato](https://store.docker.com/community/images/linuxserver/couchpotato), auto-download movies
|
||||
- [SickRage](https://store.docker.com/community/images/linuxserver/sickrage), auto-download TV shows
|
||||
- [Transmission](https://store.docker.com/community/images/linuxserver/transmission), to download torrents
|
||||
- [AirSonic](https://store.docker.com/community/images/airsonic/airsonic), for a music server
|
||||
- [Ubooquity](https://store.docker.com/community/images/linuxserver/ubooquity), EBooks server with OPDS support
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
resource "digitalocean_firewall" "web" {
|
||||
name = "web-inbound"
|
||||
|
||||
inbound_rule = [
|
||||
{
|
||||
protocol = "tcp"
|
||||
|
@ -16,6 +17,7 @@ resource "digitalocean_firewall" "web" {
|
|||
|
||||
resource "digitalocean_firewall" "ssh" {
|
||||
name = "ssh-inbound"
|
||||
|
||||
inbound_rule = [
|
||||
{
|
||||
protocol = "tcp"
|
||||
|
@ -32,6 +34,5 @@ resource "digitalocean_firewall" "ssh" {
|
|||
port_range = "24"
|
||||
source_addresses = ["0.0.0.0/0", "::/0"]
|
||||
},
|
||||
|
||||
]
|
||||
}
|
||||
|
|
|
@ -31,10 +31,6 @@ data "docker_registry_image" "gitea" {
|
|||
name = "gitea/gitea:1.4"
|
||||
}
|
||||
|
||||
data "docker_registry_image" "sickrage" {
|
||||
name = "linuxserver/sickrage:latest"
|
||||
}
|
||||
|
||||
data "docker_registry_image" "airsonic" {
|
||||
name = "linuxserver/airsonic:latest"
|
||||
}
|
||||
|
@ -59,10 +55,6 @@ data "docker_registry_image" "headerdebug" {
|
|||
name = "brndnmtthws/nginx-echo-headers:latest"
|
||||
}
|
||||
|
||||
data "docker_registry_image" "cadvisor" {
|
||||
name = "google/cadvisor:latest"
|
||||
}
|
||||
|
||||
data "docker_registry_image" "lychee" {
|
||||
name = "linuxserver/lychee:latest"
|
||||
}
|
||||
|
|
|
@ -51,19 +51,16 @@ resource docker_container "gitea" {
|
|||
content = "${file("${path.module}/conf/humans.txt")}"
|
||||
file = "/data/gitea/public/humans.txt"
|
||||
}
|
||||
|
||||
# Extra Links in header
|
||||
upload {
|
||||
content = "${file("${path.module}/conf/gitea/extra_links.tmpl")}"
|
||||
file = "/data/gitea/templates/custom/extra_links.tmpl"
|
||||
}
|
||||
|
||||
# This is the main configuration file
|
||||
upload {
|
||||
content = "${data.template_file.gitea-config-file.rendered}"
|
||||
file = "/data/gitea/conf/app.ini"
|
||||
}
|
||||
|
||||
memory = 256
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
|
|
|
@ -28,11 +28,6 @@ resource "docker_image" "gitea" {
|
|||
pull_triggers = ["${data.docker_registry_image.gitea.sha256_digest}"]
|
||||
}
|
||||
|
||||
resource "docker_image" "sickrage" {
|
||||
name = "${data.docker_registry_image.sickrage.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.sickrage.sha256_digest}"]
|
||||
}
|
||||
|
||||
resource "docker_image" "airsonic" {
|
||||
name = "${data.docker_registry_image.airsonic.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.airsonic.sha256_digest}"]
|
||||
|
@ -73,11 +68,6 @@ resource "docker_image" "headerdebug" {
|
|||
pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
|
||||
}
|
||||
|
||||
resource "docker_image" "cadvisor" {
|
||||
name = "${data.docker_registry_image.cadvisor.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
|
||||
}
|
||||
|
||||
resource "docker_image" "lychee" {
|
||||
name = "${data.docker_registry_image.lychee.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.lychee.sha256_digest}"]
|
||||
|
|
|
@ -40,5 +40,5 @@ resource "docker_container" "lychee" {
|
|||
"PGID=984",
|
||||
]
|
||||
|
||||
links = ["mariadb"]
|
||||
links = ["${docker_container.mariadb.name}"]
|
||||
}
|
||||
|
|
|
@ -124,7 +124,7 @@ resource "docker_container" "couchpotato" {
|
|||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
|
||||
links = ["transmission"]
|
||||
links = ["{docker_container.transmission.name}"]
|
||||
}
|
||||
|
||||
# resource "docker_container" "airsonic" {
|
||||
|
@ -191,50 +191,6 @@ resource "docker_container" "headerdebug" {
|
|||
))}"
|
||||
}
|
||||
|
||||
resource "docker_container" "sickrage" {
|
||||
name = "sickrage"
|
||||
image = "${docker_image.sickrage.latest}"
|
||||
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
must_run = true
|
||||
|
||||
memory = 512
|
||||
|
||||
volumes {
|
||||
host_path = "/mnt/xwing/config/sickrage"
|
||||
container_path = "/config"
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/mnt/xwing/media/DL"
|
||||
container_path = "/downloads"
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/mnt/xwing/media/TV"
|
||||
container_path = "/tv"
|
||||
}
|
||||
|
||||
labels = "${merge(
|
||||
local.traefik_common_labels,
|
||||
map(
|
||||
"traefik.frontend.passHostHeader", "false",
|
||||
"traefik.frontend.auth.basic", "${var.basic_auth}",
|
||||
"traefik.port", 8081,
|
||||
))}"
|
||||
|
||||
env = [
|
||||
"PUID=1004",
|
||||
"PGID=1003",
|
||||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
|
||||
links = [
|
||||
"transmission",
|
||||
]
|
||||
}
|
||||
|
||||
resource "docker_container" "headphones" {
|
||||
name = "headphones"
|
||||
image = "${docker_image.headphones.latest}"
|
||||
|
@ -384,7 +340,7 @@ resource "docker_container" "wiki" {
|
|||
"traefik.port", 9999,
|
||||
"traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
|
||||
))}"
|
||||
links = ["mongorocks"]
|
||||
links = ["${docker_container.mongorocks.name}"]
|
||||
env = [
|
||||
"WIKI_ADMIN_EMAIL=me@captnemo.in",
|
||||
"SESSION_SECRET=${var.wiki_session_secret}",
|
||||
|
@ -422,51 +378,3 @@ resource "docker_container" "muximux" {
|
|||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
}
|
||||
|
||||
resource "docker_container" "cadvisor" {
|
||||
name = "cadvisor"
|
||||
image = "${docker_image.cadvisor.latest}"
|
||||
memory = 512
|
||||
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
must_run = true
|
||||
|
||||
volumes {
|
||||
host_path = "/"
|
||||
container_path = "/rootfs"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/sys"
|
||||
container_path = "/sys"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/var/lib/docker"
|
||||
container_path = "/var/lib/docker"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/dev/disk"
|
||||
container_path = "/dev/disk"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/var/run"
|
||||
container_path = "/var/run"
|
||||
}
|
||||
|
||||
labels = "${merge(
|
||||
local.traefik_common_labels,
|
||||
map(
|
||||
|
||||
"traefik.frontend.passHostHeader", "true",
|
||||
"traefik.frontend.auth.basic", "${var.basic_auth}",
|
||||
"traefik.port", 8080,
|
||||
))}"
|
||||
}
|
||||
|
|
|
@ -1,3 +1,15 @@
|
|||
output "lychee-ip" {
|
||||
value = "${docker_container.lychee.ip_address}"
|
||||
}
|
||||
|
||||
output "names-transmission" {
|
||||
value = "${docker_container.transmission.name}"
|
||||
}
|
||||
|
||||
output "names-emby" {
|
||||
value = "${docker_container.emby.name}"
|
||||
}
|
||||
|
||||
output "names-mariadb" {
|
||||
value = "${docker_container.mariadb.name}"
|
||||
}
|
||||
|
|
4
main.tf
4
main.tf
|
@ -37,17 +37,21 @@ module "tt-rss" {
|
|||
source = "tt-rss"
|
||||
domain = "rss.captnemo.in"
|
||||
mysql_password = "${var.mysql-ttrss-password}"
|
||||
links-db = "${module.docker.names-mariadb}"
|
||||
}
|
||||
|
||||
module "media" {
|
||||
source = "media"
|
||||
domain = "bb8.fun"
|
||||
links-emby = "${module.docker.names-emby}"
|
||||
links-transmission = "${module.docker.names-transmission}"
|
||||
}
|
||||
|
||||
module "monitoring" {
|
||||
source = "monitoring"
|
||||
gf-security-admin-password = "${var.gf-security-admin-password}"
|
||||
domain = "bb8.fun"
|
||||
transmission = "${module.docker.names-transmission}"
|
||||
}
|
||||
|
||||
module "digitalocean" {
|
||||
|
|
|
@ -36,5 +36,5 @@ resource docker_container "ombi" {
|
|||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
|
||||
links = ["emby"]
|
||||
links = ["${var.links-emby}"]
|
||||
}
|
||||
|
|
|
@ -51,5 +51,5 @@ resource docker_container "radarr" {
|
|||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
|
||||
links = ["emby", "transmission"]
|
||||
links = ["${var.links-emby}", "${var.links-transmission}"]
|
||||
}
|
||||
|
|
|
@ -49,5 +49,5 @@ resource docker_container "sonarr" {
|
|||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
|
||||
links = ["emby", "transmission"]
|
||||
links = ["${var.links-emby}", "${var.links-transmission}"]
|
||||
}
|
||||
|
|
|
@ -1,3 +1,6 @@
|
|||
variable "domain" {
|
||||
type = "string"
|
||||
}
|
||||
|
||||
variable "links-emby" {}
|
||||
variable "links-transmission" {}
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
resource "docker_container" "cadvisor" {
|
||||
name = "cadvisor"
|
||||
image = "${docker_image.cadvisor.latest}"
|
||||
memory = 512
|
||||
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
must_run = true
|
||||
|
||||
volumes {
|
||||
host_path = "/"
|
||||
container_path = "/rootfs"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/sys"
|
||||
container_path = "/sys"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/var/lib/docker"
|
||||
container_path = "/var/lib/docker"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/dev/disk"
|
||||
container_path = "/dev/disk"
|
||||
read_only = true
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/var/run"
|
||||
container_path = "/var/run"
|
||||
}
|
||||
|
||||
labels {
|
||||
"traefik.frontend.auth.basic" = "${var.basic_auth}"
|
||||
"traefik.port" = 8080
|
||||
"traefik.enable" = "true"
|
||||
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
|
||||
"traefik.frontend.headers.STSSeconds" = "2592000"
|
||||
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
|
||||
"traefik.frontend.headers.contentTypeNosniff" = "true"
|
||||
"traefik.frontend.headers.browserXSSFilter" = "true"
|
||||
"traefik.frontend.passHostHeader" = "true"
|
||||
"traefik.frontend.headers.customFrameOptionsValue" = "ALLOW-FROM https://home.bb8.fun/"
|
||||
"traefik.frontend.headers.customResponseHeaders" = "X-Powered-By:Allomancy||X-Server:Blackbox"
|
||||
}
|
||||
}
|
|
@ -17,3 +17,7 @@ data "docker_registry_image" "nodeexporter" {
|
|||
data "docker_registry_image" "transmission-exporter" {
|
||||
name = "metalmatze/transmission-exporter"
|
||||
}
|
||||
|
||||
data "docker_registry_image" "cadvisor" {
|
||||
name = "google/cadvisor:latest"
|
||||
}
|
||||
|
|
|
@ -17,3 +17,8 @@ resource "docker_image" "transmission-exporter" {
|
|||
name = "${data.docker_registry_image.transmission-exporter.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.transmission-exporter.sha256_digest}"]
|
||||
}
|
||||
|
||||
resource "docker_image" "cadvisor" {
|
||||
name = "${data.docker_registry_image.cadvisor.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@ resource docker_container "grafana" {
|
|||
container_path = "/var/lib/grafana"
|
||||
}
|
||||
|
||||
links = ["prometheus"]
|
||||
links = ["${docker_container.prometheus.name}"]
|
||||
|
||||
env = [
|
||||
"GF_SECURITY_ADMIN_PASSWORD=${var.gf-security-admin-password}",
|
||||
|
@ -52,7 +52,7 @@ resource docker_container "prometheus" {
|
|||
file = "/etc/prometheus/prometheus.yml"
|
||||
}
|
||||
|
||||
links = ["nodeexporter", "cadvisor"]
|
||||
links = ["${docker_container.nodeexporter.name}", "${docker_container.cadvisor.name}"]
|
||||
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
|
|
|
@ -4,7 +4,7 @@ resource docker_container "transmission-exporter" {
|
|||
name = "transmission-exporter"
|
||||
image = "${docker_image.transmission-exporter.latest}"
|
||||
|
||||
links = ["transmission"]
|
||||
links = ["${var.transmission}"]
|
||||
|
||||
env = [
|
||||
"TRANSMISSION_ADDR=http://transmission:9091",
|
||||
|
|
|
@ -6,6 +6,10 @@ variable "domain" {
|
|||
type = "string"
|
||||
}
|
||||
|
||||
variable "transmission" {
|
||||
type = "string"
|
||||
}
|
||||
|
||||
variable "alert-slack-username" {
|
||||
default = "Prometheus"
|
||||
}
|
||||
|
@ -17,3 +21,7 @@ variable "alert-slack-channel" {
|
|||
variable "alert-slack-incoming-webhook" {
|
||||
default = "https://hooks.slack.com/whatever"
|
||||
}
|
||||
|
||||
variable "basic_auth" {
|
||||
default = "tatooine:$2y$05$iPbatint3Gulbs6kUtyALO9Yq5sBJ..aiF82bcIziH4ytz9nFoPr6"
|
||||
}
|
||||
|
|
|
@ -24,7 +24,6 @@ filesystem_folder = /data/collections
|
|||
# http://docs.python.org/library/logging.config.html
|
||||
# config = /config/logging
|
||||
|
||||
|
||||
[headers]
|
||||
|
||||
# Additional HTTP headers
|
||||
|
|
|
@ -3,3 +3,4 @@ variable "domain" {
|
|||
}
|
||||
|
||||
variable "mysql_password" {}
|
||||
variable "links-db" {}
|
||||
|
|
Loading…
Reference in New Issue