Browse Source

Removes mongodb, upgrades wiki

tf-0.12
Nemo 6 months ago
parent
commit
20cd656e04
  1. 2
      .gitignore
  2. 1
      README.md
  3. 36
      audioserve.tf
  4. 34
      db/mongorocks.tf
  5. 11
      db/network.tf
  6. 4
      db/outputs.tf
  7. 4
      db/volumes.tf
  8. 15
      docker/conf/wiki.tpl
  9. 142
      docker/conf/wiki.yml
  10. 4
      docker/data.tf
  11. 5
      docker/images.tf
  12. 2
      docker/variables.tf
  13. 54
      docker/wiki.tf
  14. 1
      main.tf
  15. 38
      media/gonic.tf
  16. 2
      miniflux.tf
  17. 3
      secrets.tf
  18. 63
      wiki.tf

2
.gitignore

@ -8,3 +8,5 @@
secrets
k8s/
k8s2/
docker/conf/wiki.yml
plan

1
README.md

@ -63,7 +63,6 @@ Currently running the following (all links are to the `store.docker.com` links f
| miniflux/miniflux | 2.0.9 | tools |
| monicahq/monicahq | latest | services |
| odarriba/timemachine | latest | tools |
| percona/percona-server-mongodb | 3.4 | database |
| postgres | 10-alpine | database |
| prom/node-exporter | v0.15.2 | monitoring |
| prom/prometheus | latest | monitoring |

36
audioserve.tf

@ -1,36 +0,0 @@
module "audioserve" {
name = "audioserve"
source = "modules/container"
web {
expose = true
port = "3000"
host = "audioserve.${var.root-domain}"
auth = "true"
}
resource {
memory = 256
memory_swap = 256
}
command = [
"--no-authentication",
"/audiobooks",
]
restart = "always"
image = "izderadicka/audioserve"
volumes = [
{
host_path = "/mnt/xwing/media/Music/Audiobooks"
container_path = "/audiobooks"
},
]
networks_advanced = [{
name = "traefik"
}]
}

34
db/mongorocks.tf

@ -1,34 +0,0 @@
resource "docker_container" "mongorocks" {
name = "mongorocks"
image = "${docker_image.percona-mongodb-server.latest}"
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true
memory = 256
volumes {
volume_name = "${docker_volume.mongorocks_data_volume.name}"
container_path = "/data/db"
host_path = "${docker_volume.mongorocks_data_volume.mountpoint}"
}
command = [
"--storageEngine=rocksdb",
"--httpinterface",
"--rest",
"--master",
]
networks = ["${docker_network.mongorocks.id}"]
}
resource "docker_image" "percona-mongodb-server" {
name = "${data.docker_registry_image.percona-mongodb-server.name}"
pull_triggers = ["${data.docker_registry_image.percona-mongodb-server.sha256_digest}"]
}
# Database versions shouldn't be upgraded
data "docker_registry_image" "percona-mongodb-server" {
name = "percona/percona-server-mongodb:3.4"
}

11
db/network.tf

@ -1,14 +1,3 @@
resource "docker_network" "mongorocks" {
name = "mongorocks"
driver = "bridge"
internal = false
ipam_config {
subnet = "172.20.0.0/29"
gateway = "172.20.0.1"
}
}
resource "docker_network" "postgres" {
name = "postgres"
driver = "bridge"

4
db/outputs.tf

@ -1,7 +1,3 @@
output "networks-mongorocks" {
value = "${docker_network.mongorocks.name}"
}
output "postgres-network-id" {
value = "${docker_network.postgres.name}"
}

4
db/volumes.tf

@ -1,7 +1,3 @@
resource "docker_volume" "postgres_volume" {
name = "postgres_volume"
}
resource "docker_volume" "mongorocks_data_volume" {
name = "mongorocks_data_volume"
}

15
docker/conf/wiki.tpl

@ -0,0 +1,15 @@
port: 3000
db:
type: postgres
host: postgres
port: 5432
user: wikijs
db: wikijs
pass: ${DB_PASSWORD}
ssl:
enabled: false
bindIP: 0.0.0.0
logLevel: silly
offline: true
ha: false
dataPath: /data

142
docker/conf/wiki.yml

@ -1,142 +0,0 @@
#######################################################################
# Wiki.js - CONFIGURATION #
#######################################################################
# Full explanation + examples in the documentation:
# https://docs.requarks.io/wiki/install
# You can use an ENV variable by using $(ENV_VAR_NAME) as the value
# ---------------------------------------------------------------------
# Title of this site
# ---------------------------------------------------------------------
title: Scarif Wiki
# ---------------------------------------------------------------------
# Full public path to the site, without the trailing slash
# ---------------------------------------------------------------------
# INCLUDE CLIENT PORT IF NOT 80/443!
host: https://wiki.bb8.fun
# ---------------------------------------------------------------------
# Port the main server should listen to (80 by default)
# ---------------------------------------------------------------------
# To use process.env.PORT, comment the line below:
port: 9999
# ---------------------------------------------------------------------
# Data Directories
# ---------------------------------------------------------------------
paths:
repo: /repo
data: /data
# ---------------------------------------------------------------------
# Upload Limits
# ---------------------------------------------------------------------
# In megabytes (MB)
uploads:
maxImageFileSize: 5
maxOtherFileSize: 100
# ---------------------------------------------------------------------
# Site Language
# ---------------------------------------------------------------------
# Possible values: en, de, es, fa, fr, ja, ko, nl, pt, ru, sr, tr or zh
lang: en
# Enable for right to left languages (e.g. arabic):
langRtl: false
# ---------------------------------------------------------------------
# Site Authentication
# ---------------------------------------------------------------------
public: true
auth:
defaultReadAccess: false
local:
enabled: true
google:
enabled: false
clientId: GOOGLE_CLIENT_ID
clientSecret: GOOGLE_CLIENT_SECRET
# ---------------------------------------------------------------------
# Secret key to use when encrypting sessions
# ---------------------------------------------------------------------
# Use a long and unique random string (256-bit keys are perfect!)
sessionSecret: $(SESSION_SECRET)
# ---------------------------------------------------------------------
# Database Connection String
# ---------------------------------------------------------------------
db: mongodb://mongorocks:27017/wiki
# ---------------------------------------------------------------------
# Git Connection Info (force disabled)
# ---------------------------------------------------------------------
# git: false
git:
url: https://git.captnemo.in/nemo/wiki
branch: master
# auth:
# # Type: basic or ssh
# type: ssh
# # Only for Basic authentication:
# username: marty
# password: MartyMcFly88
# # Only for SSH authentication:
# privateKey: /etc/wiki/keys/git.pem
# sslVerify: true
# # Default email to use as commit author
# serverEmail: marty@example.com
# # Whether to use user email as author in commits
# showUserEmail: true
# ---------------------------------------------------------------------
# Features
# ---------------------------------------------------------------------
# You can enable / disable specific features below
features:
linebreaks: true
mathjax: false
# ---------------------------------------------------------------------
# External Logging
# ---------------------------------------------------------------------
externalLogging:
bugsnag: false
loggly: false
papertrail: false
rollbar: false
sentry: false
# ---------------------------------------------------------------------
# Color Theme
# ---------------------------------------------------------------------
theme:
primary: indigo
alt: blue-grey
viewSource: all # all | write | false
footer: blue-grey
code:
dark: true
colorize: true

4
docker/data.tf

@ -2,10 +2,6 @@ data "docker_registry_image" "traefik" {
name = "traefik:1.7"
}
data "docker_registry_image" "wikijs" {
name = "requarks/wiki:latest"
}
data "docker_registry_image" "ubooquity" {
name = "linuxserver/ubooquity:latest"
}

5
docker/images.tf

@ -3,11 +3,6 @@ resource "docker_image" "traefik17" {
pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
}
resource "docker_image" "wikijs" {
name = "${data.docker_registry_image.wikijs.name}"
pull_triggers = ["${data.docker_registry_image.wikijs.sha256_digest}"]
}
resource "docker_image" "ubooquity" {
name = "${data.docker_registry_image.ubooquity.name}"
pull_triggers = ["${data.docker_registry_image.ubooquity.sha256_digest}"]

2
docker/variables.tf

@ -51,5 +51,3 @@ variable "ips" {
}
# variable "links-mariadb" {}
variable "networks-mongorocks" {}

54
docker/wiki.tf

@ -1,54 +0,0 @@
resource "docker_container" "wiki" {
name = "wiki"
image = "${docker_image.wikijs.latest}"
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true
memory = 300
upload {
content = "${file("${path.module}/conf/wiki.yml")}"
file = "/var/wiki/config.yml"
}
volumes {
host_path = "/mnt/xwing/logs/wiki"
container_path = "/logs"
}
volumes {
host_path = "/mnt/xwing/data/wiki/repo"
container_path = "/repo"
}
volumes {
host_path = "/mnt/xwing/data/wiki/data"
container_path = "/data"
}
upload {
content = "${file("${path.module}/conf/humans.txt")}"
file = "/var/wiki/assets/humans.txt"
}
// The last header is a workaround for double header traefik bug
// This might be actually breaking iframe till the 1.5 Final release.
labels = "${merge(
local.traefik_common_labels,
map(
"traefik.frontend.rule", "Host:wiki.${var.domain}",
"traefik.frontend.passHostHeader", "true",
"traefik.port", 9999,
"traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
))}"
networks = [
"${var.networks-mongorocks}",
"${docker_network.traefik.id}",
]
env = [
"WIKI_ADMIN_EMAIL=me@captnemo.in",
"SESSION_SECRET=${var.wiki_session_secret}",
]
}

1
main.tf

@ -13,7 +13,6 @@ module "docker" {
cloudflare_key = "${data.pass_password.cloudflare_key.password}"
cloudflare_email = "bb8@captnemo.in"
wiki_session_secret = "${data.pass_password.wiki_session_secret.password}"
networks-mongorocks = "${module.db.networks-mongorocks}"
ips = "${var.ips}"
domain = "bb8.fun"
}

38
media/gonic.tf

@ -34,41 +34,3 @@ module "gonic" {
}
]
}
// Run a second instance, just for Audiobooks
module "gonic-audio" {
source = "../modules/container"
image = "sentriz/gonic"
name = "gonic-audio"
resource {
memory = "256"
memory_swap = "256"
}
web {
port = 80
host = "audiobooks.bb8.fun"
expose = true
}
env = [
"GONIC_SCAN_INTERVAL=60",
"GONIC_MUSIC_PATH=/books",
"GONIC_DB_PATH=/data/gonic-audio.db"
]
networks = "${list(docker_network.media.id, data.docker_network.bridge.id)}"
volumes = [
{
host_path = "/mnt/xwing/config/gonic"
container_path = "/data"
},
{
host_path = "/mnt/xwing/media/Music/Audiobooks"
container_path = "/books"
read_only = true
}
]
}

2
miniflux.tf

@ -1,7 +1,7 @@
module "miniflux-container" {
name = "miniflux"
source = "modules/container"
image = "miniflux/miniflux:2.0.19"
image = "miniflux/miniflux:2.0.25"
web {
expose = true

3
secrets.tf

@ -139,3 +139,6 @@ data "pass_password" "stringer-db-password" {
data "pass_password" "stringer-secret-token" {
path = "stringer-secret-token"
}
data "pass_password" "wiki-db-password" {
path = "wiki-db-password"
}

63
wiki.tf

@ -0,0 +1,63 @@
data "template_file" "wiki-config" {
template = "${file("docker/conf/wiki.tpl")}"
vars {
DB_PASSWORD = "${data.pass_password.wiki-db-password.password}"
}
}
resource "local_file" "wiki-config" {
content = "${data.template_file.wiki-config.rendered}"
filename = "docker/conf/wiki.yml"
}
module "wiki-container" {
name = "wiki2"
source = "modules/container"
image = "requarks/wiki:2"
resource {
memory = 1024
memory_swap = 1024
}
web {
expose = true
port = 3000
host = "wiki.bb8.fun"
}
networks_advanced = [
{
name = "traefik"
}, {
name = "postgres"
}, {
name = "external"
}]
uploads = [
{
content = "${file("docker/conf/wiki.yml")}"
file = "/wiki/config.yml"
}
]
volumes = [{
host_path = "/mnt/xwing/data/wiki/data"
container_path = "/data"
},
{
host_path = "/mnt/xwing/data/wiki/databackup"
container_path = "/old/data"
},
{
host_path = "/mnt/xwing/data/wiki/repo"
container_path = "/old/repo"
}]
}
module "wiki-db" {
source = "modules/postgres"
name = "wikijs"
password = "${data.pass_password.wiki-db-password.password}"
}
Loading…
Cancel
Save