Removes mongodb, upgrades wiki
This commit is contained in:
parent
373793fcb5
commit
20cd656e04
|
@ -8,3 +8,5 @@
|
||||||
secrets
|
secrets
|
||||||
k8s/
|
k8s/
|
||||||
k8s2/
|
k8s2/
|
||||||
|
docker/conf/wiki.yml
|
||||||
|
plan
|
||||||
|
|
|
@ -63,7 +63,6 @@ Currently running the following (all links are to the `store.docker.com` links f
|
||||||
| miniflux/miniflux | 2.0.9 | tools |
|
| miniflux/miniflux | 2.0.9 | tools |
|
||||||
| monicahq/monicahq | latest | services |
|
| monicahq/monicahq | latest | services |
|
||||||
| odarriba/timemachine | latest | tools |
|
| odarriba/timemachine | latest | tools |
|
||||||
| percona/percona-server-mongodb | 3.4 | database |
|
|
||||||
| postgres | 10-alpine | database |
|
| postgres | 10-alpine | database |
|
||||||
| prom/node-exporter | v0.15.2 | monitoring |
|
| prom/node-exporter | v0.15.2 | monitoring |
|
||||||
| prom/prometheus | latest | monitoring |
|
| prom/prometheus | latest | monitoring |
|
||||||
|
|
|
@ -1,36 +0,0 @@
|
||||||
module "audioserve" {
|
|
||||||
name = "audioserve"
|
|
||||||
source = "modules/container"
|
|
||||||
|
|
||||||
web {
|
|
||||||
expose = true
|
|
||||||
port = "3000"
|
|
||||||
host = "audioserve.${var.root-domain}"
|
|
||||||
auth = "true"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource {
|
|
||||||
memory = 256
|
|
||||||
memory_swap = 256
|
|
||||||
}
|
|
||||||
|
|
||||||
command = [
|
|
||||||
"--no-authentication",
|
|
||||||
"/audiobooks",
|
|
||||||
]
|
|
||||||
|
|
||||||
restart = "always"
|
|
||||||
|
|
||||||
image = "izderadicka/audioserve"
|
|
||||||
|
|
||||||
volumes = [
|
|
||||||
{
|
|
||||||
host_path = "/mnt/xwing/media/Music/Audiobooks"
|
|
||||||
container_path = "/audiobooks"
|
|
||||||
},
|
|
||||||
]
|
|
||||||
|
|
||||||
networks_advanced = [{
|
|
||||||
name = "traefik"
|
|
||||||
}]
|
|
||||||
}
|
|
|
@ -1,34 +0,0 @@
|
||||||
resource "docker_container" "mongorocks" {
|
|
||||||
name = "mongorocks"
|
|
||||||
image = "${docker_image.percona-mongodb-server.latest}"
|
|
||||||
|
|
||||||
restart = "unless-stopped"
|
|
||||||
destroy_grace_seconds = 30
|
|
||||||
must_run = true
|
|
||||||
memory = 256
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
volume_name = "${docker_volume.mongorocks_data_volume.name}"
|
|
||||||
container_path = "/data/db"
|
|
||||||
host_path = "${docker_volume.mongorocks_data_volume.mountpoint}"
|
|
||||||
}
|
|
||||||
|
|
||||||
command = [
|
|
||||||
"--storageEngine=rocksdb",
|
|
||||||
"--httpinterface",
|
|
||||||
"--rest",
|
|
||||||
"--master",
|
|
||||||
]
|
|
||||||
|
|
||||||
networks = ["${docker_network.mongorocks.id}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "percona-mongodb-server" {
|
|
||||||
name = "${data.docker_registry_image.percona-mongodb-server.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.percona-mongodb-server.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
# Database versions shouldn't be upgraded
|
|
||||||
data "docker_registry_image" "percona-mongodb-server" {
|
|
||||||
name = "percona/percona-server-mongodb:3.4"
|
|
||||||
}
|
|
|
@ -1,14 +1,3 @@
|
||||||
resource "docker_network" "mongorocks" {
|
|
||||||
name = "mongorocks"
|
|
||||||
driver = "bridge"
|
|
||||||
internal = false
|
|
||||||
|
|
||||||
ipam_config {
|
|
||||||
subnet = "172.20.0.0/29"
|
|
||||||
gateway = "172.20.0.1"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_network" "postgres" {
|
resource "docker_network" "postgres" {
|
||||||
name = "postgres"
|
name = "postgres"
|
||||||
driver = "bridge"
|
driver = "bridge"
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
output "networks-mongorocks" {
|
|
||||||
value = "${docker_network.mongorocks.name}"
|
|
||||||
}
|
|
||||||
|
|
||||||
output "postgres-network-id" {
|
output "postgres-network-id" {
|
||||||
value = "${docker_network.postgres.name}"
|
value = "${docker_network.postgres.name}"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
resource "docker_volume" "postgres_volume" {
|
resource "docker_volume" "postgres_volume" {
|
||||||
name = "postgres_volume"
|
name = "postgres_volume"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_volume" "mongorocks_data_volume" {
|
|
||||||
name = "mongorocks_data_volume"
|
|
||||||
}
|
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
port: 3000
|
||||||
|
db:
|
||||||
|
type: postgres
|
||||||
|
host: postgres
|
||||||
|
port: 5432
|
||||||
|
user: wikijs
|
||||||
|
db: wikijs
|
||||||
|
pass: ${DB_PASSWORD}
|
||||||
|
ssl:
|
||||||
|
enabled: false
|
||||||
|
bindIP: 0.0.0.0
|
||||||
|
logLevel: silly
|
||||||
|
offline: true
|
||||||
|
ha: false
|
||||||
|
dataPath: /data
|
|
@ -1,142 +0,0 @@
|
||||||
#######################################################################
|
|
||||||
# Wiki.js - CONFIGURATION #
|
|
||||||
#######################################################################
|
|
||||||
# Full explanation + examples in the documentation:
|
|
||||||
# https://docs.requarks.io/wiki/install
|
|
||||||
# You can use an ENV variable by using $(ENV_VAR_NAME) as the value
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Title of this site
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
title: Scarif Wiki
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Full public path to the site, without the trailing slash
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# INCLUDE CLIENT PORT IF NOT 80/443!
|
|
||||||
|
|
||||||
host: https://wiki.bb8.fun
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Port the main server should listen to (80 by default)
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# To use process.env.PORT, comment the line below:
|
|
||||||
|
|
||||||
port: 9999
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Data Directories
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
paths:
|
|
||||||
repo: /repo
|
|
||||||
data: /data
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Upload Limits
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# In megabytes (MB)
|
|
||||||
|
|
||||||
uploads:
|
|
||||||
maxImageFileSize: 5
|
|
||||||
maxOtherFileSize: 100
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Site Language
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Possible values: en, de, es, fa, fr, ja, ko, nl, pt, ru, sr, tr or zh
|
|
||||||
|
|
||||||
lang: en
|
|
||||||
|
|
||||||
# Enable for right to left languages (e.g. arabic):
|
|
||||||
langRtl: false
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Site Authentication
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
public: true
|
|
||||||
|
|
||||||
auth:
|
|
||||||
defaultReadAccess: false
|
|
||||||
local:
|
|
||||||
enabled: true
|
|
||||||
google:
|
|
||||||
enabled: false
|
|
||||||
clientId: GOOGLE_CLIENT_ID
|
|
||||||
clientSecret: GOOGLE_CLIENT_SECRET
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Secret key to use when encrypting sessions
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Use a long and unique random string (256-bit keys are perfect!)
|
|
||||||
|
|
||||||
sessionSecret: $(SESSION_SECRET)
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Database Connection String
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
db: mongodb://mongorocks:27017/wiki
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Git Connection Info (force disabled)
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
# git: false
|
|
||||||
git:
|
|
||||||
url: https://git.captnemo.in/nemo/wiki
|
|
||||||
branch: master
|
|
||||||
# auth:
|
|
||||||
|
|
||||||
# # Type: basic or ssh
|
|
||||||
# type: ssh
|
|
||||||
|
|
||||||
# # Only for Basic authentication:
|
|
||||||
# username: marty
|
|
||||||
# password: MartyMcFly88
|
|
||||||
|
|
||||||
# # Only for SSH authentication:
|
|
||||||
# privateKey: /etc/wiki/keys/git.pem
|
|
||||||
|
|
||||||
# sslVerify: true
|
|
||||||
|
|
||||||
# # Default email to use as commit author
|
|
||||||
# serverEmail: marty@example.com
|
|
||||||
|
|
||||||
# # Whether to use user email as author in commits
|
|
||||||
# showUserEmail: true
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Features
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# You can enable / disable specific features below
|
|
||||||
|
|
||||||
features:
|
|
||||||
linebreaks: true
|
|
||||||
mathjax: false
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# External Logging
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
externalLogging:
|
|
||||||
bugsnag: false
|
|
||||||
loggly: false
|
|
||||||
papertrail: false
|
|
||||||
rollbar: false
|
|
||||||
sentry: false
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
# Color Theme
|
|
||||||
# ---------------------------------------------------------------------
|
|
||||||
|
|
||||||
theme:
|
|
||||||
primary: indigo
|
|
||||||
alt: blue-grey
|
|
||||||
viewSource: all # all | write | false
|
|
||||||
footer: blue-grey
|
|
||||||
code:
|
|
||||||
dark: true
|
|
||||||
colorize: true
|
|
|
@ -2,10 +2,6 @@ data "docker_registry_image" "traefik" {
|
||||||
name = "traefik:1.7"
|
name = "traefik:1.7"
|
||||||
}
|
}
|
||||||
|
|
||||||
data "docker_registry_image" "wikijs" {
|
|
||||||
name = "requarks/wiki:latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
data "docker_registry_image" "ubooquity" {
|
data "docker_registry_image" "ubooquity" {
|
||||||
name = "linuxserver/ubooquity:latest"
|
name = "linuxserver/ubooquity:latest"
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,11 +3,6 @@ resource "docker_image" "traefik17" {
|
||||||
pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_image" "wikijs" {
|
|
||||||
name = "${data.docker_registry_image.wikijs.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.wikijs.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "ubooquity" {
|
resource "docker_image" "ubooquity" {
|
||||||
name = "${data.docker_registry_image.ubooquity.name}"
|
name = "${data.docker_registry_image.ubooquity.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.ubooquity.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.ubooquity.sha256_digest}"]
|
||||||
|
|
|
@ -51,5 +51,3 @@ variable "ips" {
|
||||||
}
|
}
|
||||||
|
|
||||||
# variable "links-mariadb" {}
|
# variable "links-mariadb" {}
|
||||||
|
|
||||||
variable "networks-mongorocks" {}
|
|
||||||
|
|
|
@ -1,54 +0,0 @@
|
||||||
resource "docker_container" "wiki" {
|
|
||||||
name = "wiki"
|
|
||||||
image = "${docker_image.wikijs.latest}"
|
|
||||||
|
|
||||||
restart = "unless-stopped"
|
|
||||||
destroy_grace_seconds = 30
|
|
||||||
must_run = true
|
|
||||||
memory = 300
|
|
||||||
|
|
||||||
upload {
|
|
||||||
content = "${file("${path.module}/conf/wiki.yml")}"
|
|
||||||
file = "/var/wiki/config.yml"
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/logs/wiki"
|
|
||||||
container_path = "/logs"
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/data/wiki/repo"
|
|
||||||
container_path = "/repo"
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/data/wiki/data"
|
|
||||||
container_path = "/data"
|
|
||||||
}
|
|
||||||
|
|
||||||
upload {
|
|
||||||
content = "${file("${path.module}/conf/humans.txt")}"
|
|
||||||
file = "/var/wiki/assets/humans.txt"
|
|
||||||
}
|
|
||||||
|
|
||||||
// The last header is a workaround for double header traefik bug
|
|
||||||
// This might be actually breaking iframe till the 1.5 Final release.
|
|
||||||
|
|
||||||
labels = "${merge(
|
|
||||||
local.traefik_common_labels,
|
|
||||||
map(
|
|
||||||
"traefik.frontend.rule", "Host:wiki.${var.domain}",
|
|
||||||
"traefik.frontend.passHostHeader", "true",
|
|
||||||
"traefik.port", 9999,
|
|
||||||
"traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
|
|
||||||
))}"
|
|
||||||
networks = [
|
|
||||||
"${var.networks-mongorocks}",
|
|
||||||
"${docker_network.traefik.id}",
|
|
||||||
]
|
|
||||||
env = [
|
|
||||||
"WIKI_ADMIN_EMAIL=me@captnemo.in",
|
|
||||||
"SESSION_SECRET=${var.wiki_session_secret}",
|
|
||||||
]
|
|
||||||
}
|
|
1
main.tf
1
main.tf
|
@ -13,7 +13,6 @@ module "docker" {
|
||||||
cloudflare_key = "${data.pass_password.cloudflare_key.password}"
|
cloudflare_key = "${data.pass_password.cloudflare_key.password}"
|
||||||
cloudflare_email = "bb8@captnemo.in"
|
cloudflare_email = "bb8@captnemo.in"
|
||||||
wiki_session_secret = "${data.pass_password.wiki_session_secret.password}"
|
wiki_session_secret = "${data.pass_password.wiki_session_secret.password}"
|
||||||
networks-mongorocks = "${module.db.networks-mongorocks}"
|
|
||||||
ips = "${var.ips}"
|
ips = "${var.ips}"
|
||||||
domain = "bb8.fun"
|
domain = "bb8.fun"
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,41 +34,3 @@ module "gonic" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
// Run a second instance, just for Audiobooks
|
|
||||||
module "gonic-audio" {
|
|
||||||
source = "../modules/container"
|
|
||||||
image = "sentriz/gonic"
|
|
||||||
name = "gonic-audio"
|
|
||||||
|
|
||||||
resource {
|
|
||||||
memory = "256"
|
|
||||||
memory_swap = "256"
|
|
||||||
}
|
|
||||||
|
|
||||||
web {
|
|
||||||
port = 80
|
|
||||||
host = "audiobooks.bb8.fun"
|
|
||||||
expose = true
|
|
||||||
}
|
|
||||||
|
|
||||||
env = [
|
|
||||||
"GONIC_SCAN_INTERVAL=60",
|
|
||||||
"GONIC_MUSIC_PATH=/books",
|
|
||||||
"GONIC_DB_PATH=/data/gonic-audio.db"
|
|
||||||
]
|
|
||||||
|
|
||||||
networks = "${list(docker_network.media.id, data.docker_network.bridge.id)}"
|
|
||||||
|
|
||||||
volumes = [
|
|
||||||
{
|
|
||||||
host_path = "/mnt/xwing/config/gonic"
|
|
||||||
container_path = "/data"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
host_path = "/mnt/xwing/media/Music/Audiobooks"
|
|
||||||
container_path = "/books"
|
|
||||||
read_only = true
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
module "miniflux-container" {
|
module "miniflux-container" {
|
||||||
name = "miniflux"
|
name = "miniflux"
|
||||||
source = "modules/container"
|
source = "modules/container"
|
||||||
image = "miniflux/miniflux:2.0.19"
|
image = "miniflux/miniflux:2.0.25"
|
||||||
|
|
||||||
web {
|
web {
|
||||||
expose = true
|
expose = true
|
||||||
|
|
|
@ -139,3 +139,6 @@ data "pass_password" "stringer-db-password" {
|
||||||
data "pass_password" "stringer-secret-token" {
|
data "pass_password" "stringer-secret-token" {
|
||||||
path = "stringer-secret-token"
|
path = "stringer-secret-token"
|
||||||
}
|
}
|
||||||
|
data "pass_password" "wiki-db-password" {
|
||||||
|
path = "wiki-db-password"
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,63 @@
|
||||||
|
data "template_file" "wiki-config" {
|
||||||
|
template = "${file("docker/conf/wiki.tpl")}"
|
||||||
|
vars {
|
||||||
|
DB_PASSWORD = "${data.pass_password.wiki-db-password.password}"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "local_file" "wiki-config" {
|
||||||
|
content = "${data.template_file.wiki-config.rendered}"
|
||||||
|
filename = "docker/conf/wiki.yml"
|
||||||
|
}
|
||||||
|
|
||||||
|
module "wiki-container" {
|
||||||
|
name = "wiki2"
|
||||||
|
source = "modules/container"
|
||||||
|
image = "requarks/wiki:2"
|
||||||
|
|
||||||
|
resource {
|
||||||
|
memory = 1024
|
||||||
|
memory_swap = 1024
|
||||||
|
}
|
||||||
|
|
||||||
|
web {
|
||||||
|
expose = true
|
||||||
|
port = 3000
|
||||||
|
host = "wiki.bb8.fun"
|
||||||
|
}
|
||||||
|
|
||||||
|
networks_advanced = [
|
||||||
|
{
|
||||||
|
name = "traefik"
|
||||||
|
}, {
|
||||||
|
name = "postgres"
|
||||||
|
}, {
|
||||||
|
name = "external"
|
||||||
|
}]
|
||||||
|
|
||||||
|
uploads = [
|
||||||
|
{
|
||||||
|
content = "${file("docker/conf/wiki.yml")}"
|
||||||
|
file = "/wiki/config.yml"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
|
volumes = [{
|
||||||
|
host_path = "/mnt/xwing/data/wiki/data"
|
||||||
|
container_path = "/data"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "/mnt/xwing/data/wiki/databackup"
|
||||||
|
container_path = "/old/data"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "/mnt/xwing/data/wiki/repo"
|
||||||
|
container_path = "/old/repo"
|
||||||
|
}]
|
||||||
|
}
|
||||||
|
|
||||||
|
module "wiki-db" {
|
||||||
|
source = "modules/postgres"
|
||||||
|
name = "wikijs"
|
||||||
|
password = "${data.pass_password.wiki-db-password.password}"
|
||||||
|
}
|
Loading…
Reference in New Issue