diff --git a/.gitignore b/.gitignore index e1e2930..704997f 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,5 @@ secrets k8s/ k8s2/ +docker/conf/wiki.yml +plan diff --git a/README.md b/README.md index ce2c47a..6e0de4d 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,6 @@ Currently running the following (all links are to the `store.docker.com` links f | miniflux/miniflux | 2.0.9 | tools | | monicahq/monicahq | latest | services | | odarriba/timemachine | latest | tools | -| percona/percona-server-mongodb | 3.4 | database | | postgres | 10-alpine | database | | prom/node-exporter | v0.15.2 | monitoring | | prom/prometheus | latest | monitoring | diff --git a/audioserve.tf b/audioserve.tf deleted file mode 100644 index 2db0629..0000000 --- a/audioserve.tf +++ /dev/null @@ -1,36 +0,0 @@ -module "audioserve" { - name = "audioserve" - source = "modules/container" - - web { - expose = true - port = "3000" - host = "audioserve.${var.root-domain}" - auth = "true" - } - - resource { - memory = 256 - memory_swap = 256 - } - - command = [ - "--no-authentication", - "/audiobooks", - ] - - restart = "always" - - image = "izderadicka/audioserve" - - volumes = [ - { - host_path = "/mnt/xwing/media/Music/Audiobooks" - container_path = "/audiobooks" - }, - ] - - networks_advanced = [{ - name = "traefik" - }] -} diff --git a/db/mongorocks.tf b/db/mongorocks.tf deleted file mode 100644 index 5e17519..0000000 --- a/db/mongorocks.tf +++ /dev/null @@ -1,34 +0,0 @@ -resource "docker_container" "mongorocks" { - name = "mongorocks" - image = "${docker_image.percona-mongodb-server.latest}" - - restart = "unless-stopped" - destroy_grace_seconds = 30 - must_run = true - memory = 256 - - volumes { - volume_name = "${docker_volume.mongorocks_data_volume.name}" - container_path = "/data/db" - host_path = "${docker_volume.mongorocks_data_volume.mountpoint}" - } - - command = [ - "--storageEngine=rocksdb", - "--httpinterface", - "--rest", - "--master", - ] - - networks = ["${docker_network.mongorocks.id}"] -} - -resource "docker_image" "percona-mongodb-server" { - name = "${data.docker_registry_image.percona-mongodb-server.name}" - pull_triggers = ["${data.docker_registry_image.percona-mongodb-server.sha256_digest}"] -} - -# Database versions shouldn't be upgraded -data "docker_registry_image" "percona-mongodb-server" { - name = "percona/percona-server-mongodb:3.4" -} diff --git a/db/network.tf b/db/network.tf index 51783f7..72659f8 100644 --- a/db/network.tf +++ b/db/network.tf @@ -1,14 +1,3 @@ -resource "docker_network" "mongorocks" { - name = "mongorocks" - driver = "bridge" - internal = false - - ipam_config { - subnet = "172.20.0.0/29" - gateway = "172.20.0.1" - } -} - resource "docker_network" "postgres" { name = "postgres" driver = "bridge" diff --git a/db/outputs.tf b/db/outputs.tf index 99b38ce..0db41e2 100644 --- a/db/outputs.tf +++ b/db/outputs.tf @@ -1,7 +1,3 @@ -output "networks-mongorocks" { - value = "${docker_network.mongorocks.name}" -} - output "postgres-network-id" { value = "${docker_network.postgres.name}" } diff --git a/db/volumes.tf b/db/volumes.tf index 677a4a2..7c6a85c 100644 --- a/db/volumes.tf +++ b/db/volumes.tf @@ -1,7 +1,3 @@ resource "docker_volume" "postgres_volume" { name = "postgres_volume" } - -resource "docker_volume" "mongorocks_data_volume" { - name = "mongorocks_data_volume" -} diff --git a/docker/conf/wiki.tpl b/docker/conf/wiki.tpl new file mode 100644 index 0000000..514458a --- /dev/null +++ b/docker/conf/wiki.tpl @@ -0,0 +1,15 @@ +port: 3000 +db: + type: postgres + host: postgres + port: 5432 + user: wikijs + db: wikijs + pass: ${DB_PASSWORD} +ssl: + enabled: false +bindIP: 0.0.0.0 +logLevel: silly +offline: true +ha: false +dataPath: /data diff --git a/docker/conf/wiki.yml b/docker/conf/wiki.yml deleted file mode 100644 index 0b95ad2..0000000 --- a/docker/conf/wiki.yml +++ /dev/null @@ -1,142 +0,0 @@ -####################################################################### -# Wiki.js - CONFIGURATION # -####################################################################### -# Full explanation + examples in the documentation: -# https://docs.requarks.io/wiki/install -# You can use an ENV variable by using $(ENV_VAR_NAME) as the value - -# --------------------------------------------------------------------- -# Title of this site -# --------------------------------------------------------------------- - -title: Scarif Wiki - -# --------------------------------------------------------------------- -# Full public path to the site, without the trailing slash -# --------------------------------------------------------------------- -# INCLUDE CLIENT PORT IF NOT 80/443! - -host: https://wiki.bb8.fun - -# --------------------------------------------------------------------- -# Port the main server should listen to (80 by default) -# --------------------------------------------------------------------- -# To use process.env.PORT, comment the line below: - -port: 9999 - -# --------------------------------------------------------------------- -# Data Directories -# --------------------------------------------------------------------- - -paths: - repo: /repo - data: /data - -# --------------------------------------------------------------------- -# Upload Limits -# --------------------------------------------------------------------- -# In megabytes (MB) - -uploads: - maxImageFileSize: 5 - maxOtherFileSize: 100 - -# --------------------------------------------------------------------- -# Site Language -# --------------------------------------------------------------------- -# Possible values: en, de, es, fa, fr, ja, ko, nl, pt, ru, sr, tr or zh - -lang: en - -# Enable for right to left languages (e.g. arabic): -langRtl: false - -# --------------------------------------------------------------------- -# Site Authentication -# --------------------------------------------------------------------- - -public: true - -auth: - defaultReadAccess: false - local: - enabled: true - google: - enabled: false - clientId: GOOGLE_CLIENT_ID - clientSecret: GOOGLE_CLIENT_SECRET - -# --------------------------------------------------------------------- -# Secret key to use when encrypting sessions -# --------------------------------------------------------------------- -# Use a long and unique random string (256-bit keys are perfect!) - -sessionSecret: $(SESSION_SECRET) - -# --------------------------------------------------------------------- -# Database Connection String -# --------------------------------------------------------------------- - -db: mongodb://mongorocks:27017/wiki - -# --------------------------------------------------------------------- -# Git Connection Info (force disabled) -# --------------------------------------------------------------------- - -# git: false -git: - url: https://git.captnemo.in/nemo/wiki - branch: master -# auth: - -# # Type: basic or ssh -# type: ssh - -# # Only for Basic authentication: -# username: marty -# password: MartyMcFly88 - -# # Only for SSH authentication: -# privateKey: /etc/wiki/keys/git.pem - -# sslVerify: true - -# # Default email to use as commit author -# serverEmail: marty@example.com - -# # Whether to use user email as author in commits -# showUserEmail: true - -# --------------------------------------------------------------------- -# Features -# --------------------------------------------------------------------- -# You can enable / disable specific features below - -features: - linebreaks: true - mathjax: false - -# --------------------------------------------------------------------- -# External Logging -# --------------------------------------------------------------------- - -externalLogging: - bugsnag: false - loggly: false - papertrail: false - rollbar: false - sentry: false - -# --------------------------------------------------------------------- -# Color Theme -# --------------------------------------------------------------------- - -theme: - primary: indigo - alt: blue-grey - viewSource: all # all | write | false - footer: blue-grey - code: - dark: true - colorize: true diff --git a/docker/data.tf b/docker/data.tf index de6834d..7305e7b 100644 --- a/docker/data.tf +++ b/docker/data.tf @@ -2,10 +2,6 @@ data "docker_registry_image" "traefik" { name = "traefik:1.7" } -data "docker_registry_image" "wikijs" { - name = "requarks/wiki:latest" -} - data "docker_registry_image" "ubooquity" { name = "linuxserver/ubooquity:latest" } diff --git a/docker/images.tf b/docker/images.tf index 17a61f7..583dc7b 100644 --- a/docker/images.tf +++ b/docker/images.tf @@ -3,11 +3,6 @@ resource "docker_image" "traefik17" { pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"] } -resource "docker_image" "wikijs" { - name = "${data.docker_registry_image.wikijs.name}" - pull_triggers = ["${data.docker_registry_image.wikijs.sha256_digest}"] -} - resource "docker_image" "ubooquity" { name = "${data.docker_registry_image.ubooquity.name}" pull_triggers = ["${data.docker_registry_image.ubooquity.sha256_digest}"] diff --git a/docker/variables.tf b/docker/variables.tf index 6addbd4..bb8a347 100644 --- a/docker/variables.tf +++ b/docker/variables.tf @@ -51,5 +51,3 @@ variable "ips" { } # variable "links-mariadb" {} - -variable "networks-mongorocks" {} diff --git a/docker/wiki.tf b/docker/wiki.tf deleted file mode 100644 index bbfe43e..0000000 --- a/docker/wiki.tf +++ /dev/null @@ -1,54 +0,0 @@ -resource "docker_container" "wiki" { - name = "wiki" - image = "${docker_image.wikijs.latest}" - - restart = "unless-stopped" - destroy_grace_seconds = 30 - must_run = true - memory = 300 - - upload { - content = "${file("${path.module}/conf/wiki.yml")}" - file = "/var/wiki/config.yml" - } - - volumes { - host_path = "/mnt/xwing/logs/wiki" - container_path = "/logs" - } - - volumes { - host_path = "/mnt/xwing/data/wiki/repo" - container_path = "/repo" - } - - volumes { - host_path = "/mnt/xwing/data/wiki/data" - container_path = "/data" - } - - upload { - content = "${file("${path.module}/conf/humans.txt")}" - file = "/var/wiki/assets/humans.txt" - } - - // The last header is a workaround for double header traefik bug - // This might be actually breaking iframe till the 1.5 Final release. - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.rule", "Host:wiki.${var.domain}", - "traefik.frontend.passHostHeader", "true", - "traefik.port", 9999, - "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}", - ))}" - networks = [ - "${var.networks-mongorocks}", - "${docker_network.traefik.id}", - ] - env = [ - "WIKI_ADMIN_EMAIL=me@captnemo.in", - "SESSION_SECRET=${var.wiki_session_secret}", - ] -} diff --git a/main.tf b/main.tf index a5d68a2..cc14ebd 100644 --- a/main.tf +++ b/main.tf @@ -13,7 +13,6 @@ module "docker" { cloudflare_key = "${data.pass_password.cloudflare_key.password}" cloudflare_email = "bb8@captnemo.in" wiki_session_secret = "${data.pass_password.wiki_session_secret.password}" - networks-mongorocks = "${module.db.networks-mongorocks}" ips = "${var.ips}" domain = "bb8.fun" } diff --git a/media/gonic.tf b/media/gonic.tf index 7253aa3..54f2277 100644 --- a/media/gonic.tf +++ b/media/gonic.tf @@ -34,41 +34,3 @@ module "gonic" { } ] } - -// Run a second instance, just for Audiobooks -module "gonic-audio" { - source = "../modules/container" - image = "sentriz/gonic" - name = "gonic-audio" - - resource { - memory = "256" - memory_swap = "256" - } - - web { - port = 80 - host = "audiobooks.bb8.fun" - expose = true - } - - env = [ - "GONIC_SCAN_INTERVAL=60", - "GONIC_MUSIC_PATH=/books", - "GONIC_DB_PATH=/data/gonic-audio.db" - ] - - networks = "${list(docker_network.media.id, data.docker_network.bridge.id)}" - - volumes = [ - { - host_path = "/mnt/xwing/config/gonic" - container_path = "/data" - }, - { - host_path = "/mnt/xwing/media/Music/Audiobooks" - container_path = "/books" - read_only = true - } - ] -} diff --git a/miniflux.tf b/miniflux.tf index c63e72e..9a312c9 100644 --- a/miniflux.tf +++ b/miniflux.tf @@ -1,7 +1,7 @@ module "miniflux-container" { name = "miniflux" source = "modules/container" - image = "miniflux/miniflux:2.0.19" + image = "miniflux/miniflux:2.0.25" web { expose = true diff --git a/secrets.tf b/secrets.tf index 96e4a1a..6947456 100644 --- a/secrets.tf +++ b/secrets.tf @@ -139,3 +139,6 @@ data "pass_password" "stringer-db-password" { data "pass_password" "stringer-secret-token" { path = "stringer-secret-token" } +data "pass_password" "wiki-db-password" { + path = "wiki-db-password" +} diff --git a/wiki.tf b/wiki.tf new file mode 100644 index 0000000..8e743bc --- /dev/null +++ b/wiki.tf @@ -0,0 +1,63 @@ +data "template_file" "wiki-config" { + template = "${file("docker/conf/wiki.tpl")}" + vars { + DB_PASSWORD = "${data.pass_password.wiki-db-password.password}" + } +} + +resource "local_file" "wiki-config" { + content = "${data.template_file.wiki-config.rendered}" + filename = "docker/conf/wiki.yml" +} + +module "wiki-container" { + name = "wiki2" + source = "modules/container" + image = "requarks/wiki:2" + + resource { + memory = 1024 + memory_swap = 1024 + } + + web { + expose = true + port = 3000 + host = "wiki.bb8.fun" + } + + networks_advanced = [ + { + name = "traefik" + }, { + name = "postgres" + }, { + name = "external" + }] + + uploads = [ + { + content = "${file("docker/conf/wiki.yml")}" + file = "/wiki/config.yml" + } + ] + + volumes = [{ + host_path = "/mnt/xwing/data/wiki/data" + container_path = "/data" + }, + { + host_path = "/mnt/xwing/data/wiki/databackup" + container_path = "/old/data" + }, + { + host_path = "/mnt/xwing/data/wiki/repo" + container_path = "/old/repo" + }] +} + +module "wiki-db" { + source = "modules/postgres" + name = "wikijs" + password = "${data.pass_password.wiki-db-password.password}" +}