diff --git a/docker/conf/traefik.toml b/docker/conf/traefik.toml index a89a0ac..63a86c8 100644 --- a/docker/conf/traefik.toml +++ b/docker/conf/traefik.toml @@ -60,6 +60,9 @@ defaultEntryPoints = ["http", "https"] address = ":1111" readOnly = true +# To enable Traefik to export internal metrics to Prometheus +[web.metrics.prometheus] + [acme] email = "acme@captnemo.in" diff --git a/docker/outputs.tf b/docker/outputs.tf index 0551305..7383805 100644 --- a/docker/outputs.tf +++ b/docker/outputs.tf @@ -13,3 +13,7 @@ output "names-emby" { output "names-mariadb" { value = "${docker_container.mariadb.name}" } + +output "names-traefik" { + value = "${docker_container.traefik.name}" +} diff --git a/gitea/conf/conf.ini.tpl b/gitea/conf/conf.ini.tpl index 0c0da9b..a4b295c 100644 --- a/gitea/conf/conf.ini.tpl +++ b/gitea/conf/conf.ini.tpl @@ -260,11 +260,11 @@ SESSION_LIFE_TIME = 2592000 ; ; This value will be forced to be false in offline mode or Gravatar is disabled. ; ENABLE_FEDERATED_AVATAR = false -; [attachment] +[attachment] ; ; Whether attachments are enabled. Defaults to `true` -; ENABLE = true +ENABLE = true ; ; Path for attachments. Defaults to `data/attachments` -; PATH = data/attachments +PATH = data/attachments ; ; One or more allowed types, e.g. image/jpeg|image/png ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip|application/pdf|text/csv ; ; Max size of each file. Defaults to 32MB @@ -465,4 +465,4 @@ SHOW_FOOTER_TEMPLATE_LOAD_TIME = false [openid] ENABLE_OPENID_SIGNIN = true -ENABLE_OPENID_SIGNUP = false +ENABLE_OPENID_SIGNUP = true diff --git a/main.tf b/main.tf index af5318c..8cb4123 100644 --- a/main.tf +++ b/main.tf @@ -63,6 +63,8 @@ module "monitoring" { domain = "bb8.fun" transmission = "${module.docker.names-transmission}" traefik-labels = "${var.traefik-common-labels}" + ips = "${var.ips}" + links-traefik = "${module.docker.names-traefik}" } module "digitalocean" { diff --git a/monitoring/config/prometheus.yml b/monitoring/config/prometheus.yml index 5cfe42a..764b722 100644 --- a/monitoring/config/prometheus.yml +++ b/monitoring/config/prometheus.yml @@ -23,5 +23,10 @@ scrape_configs: static_configs: - targets: ['transmission-exporter:19091'] + - job_name: 'traefik' + scrape_interval: 5s + static_configs: + - targets: ['traefik:1111'] + rule_files: - "alert.rules" diff --git a/monitoring/grafana.tf b/monitoring/grafana.tf new file mode 100644 index 0000000..54b86c0 --- /dev/null +++ b/monitoring/grafana.tf @@ -0,0 +1,26 @@ +resource docker_container "grafana" { + name = "grafana" + image = "${docker_image.grafana.latest}" + + labels = "${merge( + var.traefik-labels, map( + "traefik.port", 3000, + "traefik.frontend.rule","Host:grafana.${var.domain}" + ))}" + + volumes { + host_path = "/mnt/xwing/data/grafana" + container_path = "/var/lib/grafana" + } + + links = ["${docker_container.prometheus.name}"] + + env = [ + "GF_SECURITY_ADMIN_PASSWORD=${var.gf-security-admin-password}", + "GF_SERVER_ROOT_URL=https://grafana.${var.domain}", + ] + + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true +} diff --git a/monitoring/main.tf b/monitoring/main.tf index eea6909..8b13789 100644 --- a/monitoring/main.tf +++ b/monitoring/main.tf @@ -1,83 +1 @@ -resource docker_container "grafana" { - name = "grafana" - image = "${docker_image.grafana.latest}" - labels = "${merge( - var.traefik-labels, map( - "traefik.port", 3000, - "traefik.frontend.rule","Host:grafana.${var.domain}" - ))}" - - volumes { - host_path = "/mnt/xwing/data/grafana" - container_path = "/var/lib/grafana" - } - - links = ["${docker_container.prometheus.name}"] - - env = [ - "GF_SECURITY_ADMIN_PASSWORD=${var.gf-security-admin-password}", - "GF_SERVER_ROOT_URL=https://grafana.${var.domain}", - ] - - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true -} - -resource docker_container "prometheus" { - name = "prometheus" - image = "${docker_image.prometheus.latest}" - - # prometheus:prometheus - user = "985:983" - - command = ["--config.file=/etc/prometheus/prometheus.yml"] - - volumes { - host_path = "/mnt/xwing/data/prometheus" - container_path = "/prometheus" - } - - upload { - content = "${file("${path.module}/config/prometheus.yml")}" - file = "/etc/prometheus/prometheus.yml" - } - - links = ["${docker_container.nodeexporter.name}", "${docker_container.cadvisor.name}"] - - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true -} - -resource docker_container "nodeexporter" { - name = "nodeexporter" - image = "${docker_image.nodeexporter.latest}" - - volumes { - host_path = "/proc" - container_path = "/host/proc" - } - - volumes { - host_path = "/sys" - container_path = "/host/sys" - } - - volumes { - host_path = "/" - container_path = "/rootfs" - read_only = true - } - - command = [ - "--path.procfs=/host/proc", - "--path.sysfs=/host/sys", - "--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"", - ] - - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true -} diff --git a/monitoring/nodeexporter.tf b/monitoring/nodeexporter.tf new file mode 100644 index 0000000..d15a0f9 --- /dev/null +++ b/monitoring/nodeexporter.tf @@ -0,0 +1,30 @@ +resource docker_container "nodeexporter" { + name = "nodeexporter" + image = "${docker_image.nodeexporter.latest}" + + volumes { + host_path = "/proc" + container_path = "/host/proc" + } + + volumes { + host_path = "/sys" + container_path = "/host/sys" + } + + volumes { + host_path = "/" + container_path = "/rootfs" + read_only = true + } + + command = [ + "--path.procfs=/host/proc", + "--path.sysfs=/host/sys", + "--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"", + ] + + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true +} diff --git a/monitoring/prometheus.tf b/monitoring/prometheus.tf new file mode 100644 index 0000000..c7fbd71 --- /dev/null +++ b/monitoring/prometheus.tf @@ -0,0 +1,36 @@ +resource docker_container "prometheus" { + name = "prometheus" + image = "${docker_image.prometheus.latest}" + + # prometheus:prometheus + user = "985:983" + + ports { + internal = 9090 + external = 9090 + ip = "${var.ips["eth0"]}" + } + + command = ["--config.file=/etc/prometheus/prometheus.yml"] + + volumes { + host_path = "/mnt/xwing/data/prometheus" + container_path = "/prometheus" + } + + upload { + content = "${file("${path.module}/config/prometheus.yml")}" + file = "/etc/prometheus/prometheus.yml" + } + + links = [ + "${docker_container.nodeexporter.name}", + "${docker_container.cadvisor.name}", + "${docker_container.transmission-exporter.name}", + "${var.links-traefik}" + ] + + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true +} diff --git a/monitoring/transmission.tf b/monitoring/transmission.tf index 0ef474b..331dde9 100644 --- a/monitoring/transmission.tf +++ b/monitoring/transmission.tf @@ -1,13 +1,20 @@ # Transmission Exporter for prometheus # https://github.com/metalmatze/transmission-exporter + resource docker_container "transmission-exporter" { name = "transmission-exporter" image = "${docker_image.transmission-exporter.latest}" links = ["${var.transmission}"] + ports { + internal = 19091 + external = 19091 + ip = "${var.ips["eth0"]}" + } + env = [ - "TRANSMISSION_ADDR=http://transmission:9091", + "TRANSMISSION_ADDR=http://${var.transmission}:9091", ] restart = "unless-stopped" diff --git a/monitoring/variables.tf b/monitoring/variables.tf index b203384..95b3dcd 100644 --- a/monitoring/variables.tf +++ b/monitoring/variables.tf @@ -10,6 +10,10 @@ variable "transmission" { type = "string" } +variable "links-traefik" { + type = "string" +} + variable "alert-slack-username" { default = "Prometheus" } @@ -29,3 +33,7 @@ variable "basic_auth" { variable "traefik-labels" { type = "map" } + +variable "ips" { + type = "map" +}