nemo
/
nebula
1
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

Create and use a single traefik network everywhere

This commit is contained in:
Nemo 2018-06-04 13:39:55 +05:30
parent fb6688a3b4
commit 21df4ceea6
37 changed files with 115 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
abstruse/main.tf
View File

@ -17,6 +17,8 @@ resource "docker_container" "abstruse" {
"traefik.frontend.rule","Host:${var.domain}"
))}"
networks = ["${var.traefik-network-id}"]
volumes {
host_path = "/var/run/docker.sock"
container_path = "/var/run/docker.sock"

2
abstruse/variables.tf
View File

@ -5,3 +5,5 @@ variable "domain" {
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}

2
docker/lychee.tf
View File

@ -33,5 +33,5 @@ resource "docker_container" "lychee" {
"PGID=984",
]
links = ["${var.links-mariadb}"]
# links = ["${var.links-mariadb}"]
}

9
docker/network.tf
View File

@ -1,6 +1,5 @@
// This is the default network we use
// for any new container
resource "docker_network" "bb8-default" {
name = "bb8"
driver = "bridge"
resource "docker_network" "traefik" {
name = "traefik"
driver = "bridge"
internal = true
}

4
docker/outputs.tf
View File

@ -6,6 +6,10 @@ output "names-traefik" {
value = "${docker_container.traefik.name}"
}
output "traefik-network-id" {
value = "${docker_network.traefik.id}"
}
output "auth-header" {
value = "${var.basic_auth}"
}

4
docker/traefik.tf
View File

@ -93,6 +93,10 @@ resource "docker_container" "traefik" {
destroy_grace_seconds = 10
must_run = true
// `bridge` is auto-connected for now
// https://github.com/terraform-providers/terraform-provider-docker/issues/10
networks = ["${docker_network.traefik.id}"]
env = [
"CLOUDFLARE_EMAIL=${var.cloudflare_email}",
"CLOUDFLARE_API_KEY=${var.cloudflare_key}",

2
docker/variables.tf
View File

@ -50,6 +50,6 @@ variable "ips" {
type = "map"
}
variable "links-mariadb" {}
# variable "links-mariadb" {}
variable "networks-mongorocks" {}

2
gitea/conf/conf.ini.tpl
View File

@ -87,7 +87,7 @@ DB_TYPE = sqlite3
HOST = mariadb:3306
NAME = gitea
USER = gitea
; PASSWD = "${mysql-password}"
; PASSWD = "mysql-password"
; ; For "postgres" only, either "disable", "require" or "verify-full"
; SSL_MODE = disable
; ; For "sqlite3" and "tidb", use absolute path when you start as service

5
gitea/main.tf
View File

@ -59,10 +59,7 @@ resource "docker_container" "gitea" {
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
links = [
"mariadb",
]
networks = ["${docker_network.gitea.id}"]
networks = ["${docker_network.gitea.id}", "${var.traefik-network-id}"]
}
resource "docker_image" "gitea" {

15
gitea/mysql.tf
View File

@ -1,16 +1 @@
resource "mysql_database" "gitea" {
name = "gitea"
}
resource "mysql_user" "gitea" {
user = "gitea"
host = "%"
plaintext_password = "${var.mysql-password}"
}
resource "mysql_grant" "gitea" {
user = "${mysql_user.gitea.user}"
host = "${mysql_user.gitea.host}"
database = "${mysql_database.gitea.name}"
privileges = ["ALL"]
}

1
gitea/redis.tf
View File

@ -18,4 +18,5 @@ resource "docker_container" "redis" {
resource "docker_image" "redis" {
name = "${data.docker_registry_image.redis.name}"
pull_triggers = ["${data.docker_registry_image.redis.sha256_digest}"]
keep_locally = true
}

2
gitea/variables.tf
View File

@ -13,3 +13,5 @@ variable "internal-token" {}
variable "smtp-password" {}
variable "lfs-jwt-secret" {}
variable "mysql-password" {}
variable "traefik-network-id" {}

2
heimdall/main.tf
View File

@ -19,6 +19,8 @@ resource "docker_container" "heimdall" {
"traefik.frontend.auth.basic", "${var.auth-header}",
))}"
networks = ["${var.traefik-network-id}"]
volumes {
host_path = "/mnt/xwing/config/heimdall"
container_path = "/config"

2
heimdall/variables.tf
View File

@ -9,3 +9,5 @@ variable "auth-header" {
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}

83
main.tf
View File

@ -20,7 +20,8 @@ module "docker" {
cloudflare_key = "${var.cloudflare_key}"
cloudflare_email = "bb8@captnemo.in"
wiki_session_secret = "${var.wiki_session_secret}"
links-mariadb = "${module.db.names-mariadb}"
# links-mariadb = "${module.db.names-mariadb}"
networks-mongorocks = "${module.db.networks-mongorocks}"
ips = "${var.ips}"
domain = "bb8.fun"
@ -51,58 +52,68 @@ module "gitea" {
smtp-password = "${var.gitea-smtp-password}"
lfs-jwt-secret = "${var.gitea-lfs-jwt-secret}"
mysql-password = "${var.gitea-mysql-password}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "opml" {
source = "opml"
domain = "opml.bb8.fun"
client-id = "${var.opml-github-client-id}"
client-secret = "${var.opml-github-client-secret}"
traefik-labels = "${var.traefik-common-labels}"
source = "opml"
domain = "opml.bb8.fun"
client-id = "${var.opml-github-client-id}"
client-secret = "${var.opml-github-client-secret}"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "radicale" {
source = "radicale"
domain = "radicale.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
source = "radicale"
domain = "radicale.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "tt-rss" {
source = "tt-rss"
domain = "rss.captnemo.in"
mysql_password = "${var.mysql-ttrss-password}"
links-db = "${module.db.names-mariadb}"
traefik-labels = "${var.traefik-common-labels}"
source = "tt-rss"
domain = "rss.captnemo.in"
mysql_password = "${var.mysql-ttrss-password}"
links-db = "${module.db.names-mariadb}"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "requestbin" {
source = "requestbin"
domain = "requestbin.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
source = "requestbin"
domain = "requestbin.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "resilio" {
source = "resilio"
domain = "sync.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
ips = "${var.ips}"
source = "resilio"
domain = "sync.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
ips = "${var.ips}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "heimdall" {
source = "heimdall"
domain = "bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
auth-header = "${module.docker.auth-header}"
source = "heimdall"
domain = "bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
auth-header = "${module.docker.auth-header}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "media" {
source = "media"
domain = "bb8.fun"
links-mariadb = "${module.db.names-mariadb}"
source = "media"
domain = "bb8.fun"
# links-mariadb = "${module.db.names-mariadb}"
traefik-labels = "${var.traefik-common-labels}"
airsonic-smtp-password = "${var.airsonic-smtp-password}"
airsonic-db-password = "${var.mysql_airsonic_password}"
ips = "${var.ips}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "monitoring" {
@ -113,6 +124,7 @@ module "monitoring" {
traefik-labels = "${var.traefik-common-labels}"
ips = "${var.ips}"
links-traefik = "${module.docker.names-traefik}"
traefik-network-id = "${module.docker.traefik-network-id}"
}
module "digitalocean" {
@ -120,13 +132,14 @@ module "digitalocean" {
}
// Used to force access to ISP related resources
module "tinyproxy" {
source = "tinyproxy"
ips = "${var.ips}"
}
# module "tinyproxy" {
# source = "tinyproxy"
# ips = "${var.ips}"
# }
module "abstruse" {
source = "abstruse"
domain = "ci.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
source = "abstruse"
domain = "ci.bb8.fun"
traefik-labels = "${var.traefik-common-labels}"
traefik-network-id = "${module.docker.traefik-network-id}"
}

3
media/airsonic.tf
View File

@ -47,7 +47,8 @@ resource "docker_container" "airsonic" {
"TZ=Asia/Kolkata",
"JAVA_OPTS=-Xmx512m",
]
links = ["${var.links-mariadb}"]
# links = ["${var.links-mariadb}"]
}
resource "docker_image" "airsonic" {

2
media/emby.tf
View File

@ -20,6 +20,8 @@ resource "docker_container" "emby" {
"traefik.port", 8096,
))}"
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
memory = 2048
restart = "unless-stopped"
destroy_grace_seconds = 10

4
media/jackett.tf
View File

@ -26,11 +26,11 @@ resource "docker_container" "jackett" {
container_path = "/config"
}
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
env = [
"PUID=1004",
"PGID=1003",
"TZ=Asia/Kolkata",
]
# links = ["${var.links-emby}"]
}

2
media/lidarr.tf
View File

@ -43,5 +43,5 @@ resource "docker_container" "lidarr" {
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
}

2
media/radarr.tf
View File

@ -44,5 +44,5 @@ resource "docker_container" "radarr" {
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
}

2
media/sonarr.tf
View File

@ -43,5 +43,5 @@ resource "docker_container" "sonarr" {
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
}

2
media/transmission.tf
View File

@ -42,7 +42,7 @@ resource "docker_container" "transmission" {
"TZ=Asia/Kolkata",
]
networks = ["${docker_network.media.id}"]
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
memory = 1024
restart = "unless-stopped"

5
media/variables.tf
View File

@ -2,8 +2,9 @@ variable "domain" {
type = "string"
}
variable "links-mariadb" {}
# variable "links-mariadb" {}
variable "airsonic-smtp-password" {}
variable "airsonic-db-password" {}
variable "traefik-labels" {
@ -18,3 +19,5 @@ variable "basic_auth" {
variable "ips" {
type = "map"
}
variable "traefik-network-id" {}

2
monitoring/cadvisor.tf
View File

@ -36,6 +36,8 @@ resource "docker_container" "cadvisor" {
container_path = "/var/run"
}
networks = ["${var.traefik-network-id}"]
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 8080,

3
monitoring/grafana.tf
View File

@ -13,7 +13,8 @@ resource "docker_container" "grafana" {
container_path = "/var/lib/grafana"
}
links = ["${docker_container.prometheus.name}"]
links = ["${docker_container.prometheus.name}"]
networks = ["${var.traefik-network-id}"]
env = [
# Keep this disabled unless bringing up a new grafana instance

2
monitoring/variables.tf
View File

@ -37,3 +37,5 @@ variable "traefik-labels" {
variable "ips" {
type = "map"
}
variable "traefik-network-id" {}

2
opml/main.tf
View File

@ -19,7 +19,7 @@ resource "docker_container" "opml" {
destroy_grace_seconds = 10
must_run = true
networks = ["${docker_network.opml.id}"]
networks = ["${docker_network.opml.id}", "${var.traefik-network-id}"]
}
resource "docker_image" "opml" {

1
opml/redis.tf
View File

@ -18,4 +18,5 @@ resource "docker_container" "redis" {
resource "docker_image" "redis" {
name = "${data.docker_registry_image.redis.name}"
pull_triggers = ["${data.docker_registry_image.redis.sha256_digest}"]
keep_locally = true
}

2
opml/variables.tf
View File

@ -5,3 +5,5 @@ variable "traefik-labels" {
variable "domain" {}
variable "client-id" {}
variable "client-secret" {}
variable "traefik-network-id" {}

2
radicale/main.tf
View File

@ -42,6 +42,8 @@ resource "docker_container" "radicale" {
file = "/config/users"
}
networks = ["${var.traefik-network-id}"]
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true

2
radicale/variables.tf
View File

@ -5,3 +5,5 @@ variable "domain" {
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}

2
requestbin/main.tf
View File

@ -17,6 +17,8 @@ resource "docker_container" "requestbin" {
"traefik.frontend.rule","Host:${var.domain}"
))}"
networks = ["${var.traefik-network-id}"]
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true

2
requestbin/variables.tf
View File

@ -5,3 +5,5 @@ variable "domain" {
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}

2
resilio/main.tf
View File

@ -42,6 +42,8 @@ resource "docker_container" "resilio-sync" {
container_path = "/downloads"
}
networks = ["${var.traefik-network-id}"]
labels = "${merge(
var.traefik-labels,
map(

2
resilio/variables.tf
View File

@ -7,3 +7,5 @@ variable "ips" {
}
variable "domain" {}
variable "traefik-network-id" {}

2
tt-rss/main.tf
View File

@ -22,6 +22,8 @@ resource "docker_container" "tt-rss" {
container_path = "/config"
}
networks = ["${var.traefik-network-id}"]
links = ["mariadb"]
env = [

2
tt-rss/variables.tf
View File

@ -8,3 +8,5 @@ variable "links-db" {}
variable "traefik-labels" {
type = "map"
}
variable "traefik-network-id" {}