Removes mongodb, upgrades wiki

2021-01-08 00:23:14 +05:30 · 2021-01-08 00:23:14 +05:30 · 20cd656e04
parent 373793fcb5
commit 20cd656e04
18 changed files with 84 additions and 337 deletions
--- a/.gitignore
+++ b/.gitignore
@ -8,3 +8,5 @@
 secrets
 k8s/
 k8s2/
+docker/conf/wiki.yml
+plan
--- a/README.md
+++ b/README.md
@ -63,7 +63,6 @@ Currently running the following (all links are to the `store.docker.com` links f
 | miniflux/miniflux                | 2.0.9      | tools                                                |
 | monicahq/monicahq                | latest     | services                                             |
 | odarriba/timemachine             | latest     | tools                                                |
-| percona/percona-server-mongodb   | 3.4        | database                                             |
 | postgres                         | 10-alpine  | database                                             |
 | prom/node-exporter               | v0.15.2    | monitoring                                           |
 | prom/prometheus                  | latest     | monitoring                                           |
--- a/audioserve.tf
+++ b/audioserve.tf
@ -1,36 +0,0 @@
-module "audioserve" {
-  name   = "audioserve"
-  source = "modules/container"
-
-  web {
-    expose = true
-    port   = "3000"
-    host   = "audioserve.${var.root-domain}"
-    auth   = "true"
-  }
-
-  resource {
-    memory      = 256
-    memory_swap = 256
-  }
-
-  command = [
-    "--no-authentication",
-    "/audiobooks",
-  ]
-
-  restart = "always"
-
-  image = "izderadicka/audioserve"
-
-  volumes = [
-    {
-      host_path      = "/mnt/xwing/media/Music/Audiobooks"
-      container_path = "/audiobooks"
-    },
-  ]
-
-  networks_advanced = [{
-    name = "traefik"
-  }]
-}
--- a/db/mongorocks.tf
+++ b/db/mongorocks.tf
@ -1,34 +0,0 @@
-resource "docker_container" "mongorocks" {
-  name  = "mongorocks"
-  image = "${docker_image.percona-mongodb-server.latest}"
-
-  restart               = "unless-stopped"
-  destroy_grace_seconds = 30
-  must_run              = true
-  memory                = 256
-
-  volumes {
-    volume_name    = "${docker_volume.mongorocks_data_volume.name}"
-    container_path = "/data/db"
-    host_path      = "${docker_volume.mongorocks_data_volume.mountpoint}"
-  }
-
-  command = [
-    "--storageEngine=rocksdb",
-    "--httpinterface",
-    "--rest",
-    "--master",
-  ]
-
-  networks = ["${docker_network.mongorocks.id}"]
-}
-
-resource "docker_image" "percona-mongodb-server" {
-  name          = "${data.docker_registry_image.percona-mongodb-server.name}"
-  pull_triggers = ["${data.docker_registry_image.percona-mongodb-server.sha256_digest}"]
-}
-
-# Database versions shouldn't be upgraded
-data "docker_registry_image" "percona-mongodb-server" {
-  name = "percona/percona-server-mongodb:3.4"
-}
--- a/db/network.tf
+++ b/db/network.tf
@ -1,14 +1,3 @@
-resource "docker_network" "mongorocks" {
-  name     = "mongorocks"
-  driver   = "bridge"
-  internal = false
-
-  ipam_config {
-    subnet  = "172.20.0.0/29"
-    gateway = "172.20.0.1"
-  }
-}
-
 resource "docker_network" "postgres" {
  name     = "postgres"
  driver   = "bridge"
--- a/db/outputs.tf
+++ b/db/outputs.tf
@ -1,7 +1,3 @@
-output "networks-mongorocks" {
-  value = "${docker_network.mongorocks.name}"
-}
-
 output "postgres-network-id" {
  value = "${docker_network.postgres.name}"
 }
--- a/db/volumes.tf
+++ b/db/volumes.tf
@ -1,7 +1,3 @@
 resource "docker_volume" "postgres_volume" {
  name = "postgres_volume"
 }
-
-resource "docker_volume" "mongorocks_data_volume" {
-  name = "mongorocks_data_volume"
-}
--- a/docker/conf/wiki.tpl
+++ b/docker/conf/wiki.tpl
@ -0,0 +1,15 @@
+port: 3000
+db:
+  type: postgres
+  host: postgres
+  port: 5432
+  user: wikijs
+  db: wikijs
+  pass: ${DB_PASSWORD}
+ssl:
+  enabled: false
+bindIP: 0.0.0.0
+logLevel: silly
+offline: true
+ha: false
+dataPath: /data
--- a/docker/conf/wiki.yml
+++ b/docker/conf/wiki.yml
@ -1,142 +0,0 @@
-#######################################################################
-# Wiki.js - CONFIGURATION                                             #
-#######################################################################
-# Full explanation + examples in the documentation:
-# https://docs.requarks.io/wiki/install
-# You can use an ENV variable by using $(ENV_VAR_NAME) as the value
-
-# ---------------------------------------------------------------------
-# Title of this site
-# ---------------------------------------------------------------------
-
-title: Scarif Wiki
-
-# ---------------------------------------------------------------------
-# Full public path to the site, without the trailing slash
-# ---------------------------------------------------------------------
-# INCLUDE CLIENT PORT IF NOT 80/443!
-
-host: https://wiki.bb8.fun
-
-# ---------------------------------------------------------------------
-# Port the main server should listen to (80 by default)
-# ---------------------------------------------------------------------
-# To use process.env.PORT, comment the line below:
-
-port: 9999
-
-# ---------------------------------------------------------------------
-# Data Directories
-# ---------------------------------------------------------------------
-
-paths:
-  repo: /repo
-  data: /data
-
-# ---------------------------------------------------------------------
-# Upload Limits
-# ---------------------------------------------------------------------
-# In megabytes (MB)
-
-uploads:
-  maxImageFileSize: 5
-  maxOtherFileSize: 100
-
-# ---------------------------------------------------------------------
-# Site Language
-# ---------------------------------------------------------------------
-# Possible values: en, de, es, fa, fr, ja, ko, nl, pt, ru, sr, tr or zh
-
-lang: en
-
-# Enable for right to left languages (e.g. arabic):
-langRtl: false
-
-# ---------------------------------------------------------------------
-# Site Authentication
-# ---------------------------------------------------------------------
-
-public: true
-
-auth:
-  defaultReadAccess: false
-  local:
-    enabled: true
-  google:
-    enabled: false
-    clientId: GOOGLE_CLIENT_ID
-    clientSecret: GOOGLE_CLIENT_SECRET
-
-# ---------------------------------------------------------------------
-# Secret key to use when encrypting sessions
-# ---------------------------------------------------------------------
-# Use a long and unique random string (256-bit keys are perfect!)
-
-sessionSecret: $(SESSION_SECRET)
-
-# ---------------------------------------------------------------------
-# Database Connection String
-# ---------------------------------------------------------------------
-
-db: mongodb://mongorocks:27017/wiki
-
-# ---------------------------------------------------------------------
-# Git Connection Info (force disabled)
-# ---------------------------------------------------------------------
-
-# git: false
-git:
-  url: https://git.captnemo.in/nemo/wiki
-  branch: master
-#   auth:
-
-#     # Type: basic or ssh
-#     type: ssh
-
-#     # Only for Basic authentication:
-#     username: marty
-#     password: MartyMcFly88
-
-#     # Only for SSH authentication:
-#     privateKey: /etc/wiki/keys/git.pem
-
-#     sslVerify: true
-
-#   # Default email to use as commit author
-#   serverEmail: marty@example.com
-
-#   # Whether to use user email as author in commits
-#   showUserEmail: true
-
-# ---------------------------------------------------------------------
-# Features
-# ---------------------------------------------------------------------
-# You can enable / disable specific features below
-
-features:
-  linebreaks: true
-  mathjax: false
-
-# ---------------------------------------------------------------------
-# External Logging
-# ---------------------------------------------------------------------
-
-externalLogging:
-  bugsnag: false
-  loggly: false
-  papertrail: false
-  rollbar: false
-  sentry: false
-
-# ---------------------------------------------------------------------
-# Color Theme
-# ---------------------------------------------------------------------
-
-theme:
-  primary: indigo
-  alt: blue-grey
-  viewSource: all # all | write | false
-  footer: blue-grey
-  code:
-    dark: true
-    colorize: true
--- a/docker/data.tf
+++ b/docker/data.tf
@ -2,10 +2,6 @@ data "docker_registry_image" "traefik" {
  name = "traefik:1.7"
 }

-data "docker_registry_image" "wikijs" {
-  name = "requarks/wiki:latest"
-}
-
 data "docker_registry_image" "ubooquity" {
  name = "linuxserver/ubooquity:latest"
 }
--- a/docker/images.tf
+++ b/docker/images.tf
@ -3,11 +3,6 @@ resource "docker_image" "traefik17" {
  pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
 }

-resource "docker_image" "wikijs" {
-  name          = "${data.docker_registry_image.wikijs.name}"
-  pull_triggers = ["${data.docker_registry_image.wikijs.sha256_digest}"]
-}
-
 resource "docker_image" "ubooquity" {
  name          = "${data.docker_registry_image.ubooquity.name}"
  pull_triggers = ["${data.docker_registry_image.ubooquity.sha256_digest}"]
--- a/docker/variables.tf
+++ b/docker/variables.tf
@ -51,5 +51,3 @@ variable "ips" {
 }

 # variable "links-mariadb" {}
-
-variable "networks-mongorocks" {}
--- a/docker/wiki.tf
+++ b/docker/wiki.tf
@ -1,54 +0,0 @@
-resource "docker_container" "wiki" {
-  name  = "wiki"
-  image = "${docker_image.wikijs.latest}"
-
-  restart               = "unless-stopped"
-  destroy_grace_seconds = 30
-  must_run              = true
-  memory                = 300
-
-  upload {
-    content = "${file("${path.module}/conf/wiki.yml")}"
-    file    = "/var/wiki/config.yml"
-  }
-
-  volumes {
-    host_path      = "/mnt/xwing/logs/wiki"
-    container_path = "/logs"
-  }
-
-  volumes {
-    host_path      = "/mnt/xwing/data/wiki/repo"
-    container_path = "/repo"
-  }
-
-  volumes {
-    host_path      = "/mnt/xwing/data/wiki/data"
-    container_path = "/data"
-  }
-
-  upload {
-    content = "${file("${path.module}/conf/humans.txt")}"
-    file    = "/var/wiki/assets/humans.txt"
-  }
-
-  // The last header is a workaround for double header traefik bug
-  // This might be actually breaking iframe till the 1.5 Final release.
-
-  labels = "${merge(
-    local.traefik_common_labels,
-    map(
-      "traefik.frontend.rule", "Host:wiki.${var.domain}",
-      "traefik.frontend.passHostHeader", "true",
-      "traefik.port", 9999,
-      "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}",
-    ))}"
-  networks = [
-    "${var.networks-mongorocks}",
-    "${docker_network.traefik.id}",
-  ]
-  env = [
-    "WIKI_ADMIN_EMAIL=me@captnemo.in",
-    "SESSION_SECRET=${var.wiki_session_secret}",
-  ]
-}
--- a/main.tf
+++ b/main.tf
@ -13,7 +13,6 @@ module "docker" {
  cloudflare_key      = "${data.pass_password.cloudflare_key.password}"
  cloudflare_email    = "bb8@captnemo.in"
  wiki_session_secret = "${data.pass_password.wiki_session_secret.password}"
-  networks-mongorocks = "${module.db.networks-mongorocks}"
  ips                 = "${var.ips}"
  domain              = "bb8.fun"
 }
--- a/media/gonic.tf
+++ b/media/gonic.tf
@ -34,41 +34,3 @@ module "gonic" {
    }
  ]
 }
-
-// Run a second instance, just for Audiobooks
-module "gonic-audio" {
-  source = "../modules/container"
-  image  = "sentriz/gonic"
-  name   = "gonic-audio"
-
-  resource {
-    memory      = "256"
-    memory_swap = "256"
-  }
-
-  web {
-    port   = 80
-    host   = "audiobooks.bb8.fun"
-    expose = true
-  }
-
-  env = [
-    "GONIC_SCAN_INTERVAL=60",
-    "GONIC_MUSIC_PATH=/books",
-    "GONIC_DB_PATH=/data/gonic-audio.db"
-  ]
-
-  networks = "${list(docker_network.media.id, data.docker_network.bridge.id)}"
-
-  volumes = [
-    {
-      host_path      = "/mnt/xwing/config/gonic"
-      container_path = "/data"
-    },
-    {
-      host_path      = "/mnt/xwing/media/Music/Audiobooks"
-      container_path = "/books"
-      read_only      = true
-    }
-  ]
-}
--- a/miniflux.tf
+++ b/miniflux.tf
@ -1,7 +1,7 @@
 module "miniflux-container" {
  name   = "miniflux"
  source = "modules/container"
-  image  = "miniflux/miniflux:2.0.19"
+  image  = "miniflux/miniflux:2.0.25"

  web {
    expose = true
--- a/secrets.tf
+++ b/secrets.tf
@ -139,3 +139,6 @@ data "pass_password" "stringer-db-password" {
 data "pass_password" "stringer-secret-token" {
  path = "stringer-secret-token"
 }
+data "pass_password" "wiki-db-password" {
+  path = "wiki-db-password"
+}
--- a/wiki.tf
+++ b/wiki.tf
@ -0,0 +1,63 @@
+data "template_file" "wiki-config" {
+  template = "${file("docker/conf/wiki.tpl")}"
+  vars {
+    DB_PASSWORD = "${data.pass_password.wiki-db-password.password}"
+  }
+}
+
+resource "local_file" "wiki-config" {
+  content  = "${data.template_file.wiki-config.rendered}"
+  filename = "docker/conf/wiki.yml"
+}
+
+module "wiki-container" {
+  name   = "wiki2"
+  source = "modules/container"
+  image  = "requarks/wiki:2"
+
+  resource {
+    memory      = 1024
+    memory_swap = 1024
+  }
+
+  web {
+    expose = true
+    port   = 3000
+    host   = "wiki.bb8.fun"
+  }
+
+  networks_advanced = [
+    {
+      name = "traefik"
+      }, {
+      name = "postgres"
+      }, {
+      name = "external"
+  }]
+
+  uploads = [
+    {
+      content = "${file("docker/conf/wiki.yml")}"
+      file    = "/wiki/config.yml"
+    }
+  ]
+
+  volumes = [{
+    host_path      = "/mnt/xwing/data/wiki/data"
+    container_path = "/data"
+    },
+    {
+      host_path      = "/mnt/xwing/data/wiki/databackup"
+      container_path = "/old/data"
+    },
+    {
+      host_path      = "/mnt/xwing/data/wiki/repo"
+      container_path = "/old/repo"
+  }]
+}
+
+module "wiki-db" {
+  source   = "modules/postgres"
+  name     = "wikijs"
+  password = "${data.pass_password.wiki-db-password.password}"
+}