Minor updates
This commit is contained in:
parent
3466da1205
commit
40968e258f
15
README.md
15
README.md
|
@ -15,15 +15,20 @@ The canonical URL for this repo is https://git.captnemo.in/nemo/nebula/. A mirro
|
||||||
|
|
||||||
# modules
|
# modules
|
||||||
|
|
||||||
1. docker: to actually run the services.
|
1. docker: to actually run the services. Catch-all for miscellaneous containers
|
||||||
2. cloudflare: to manage the DNS.
|
2. cloudflare: to manage the DNS.
|
||||||
3. mysql: to create mysql users and databases.
|
3. mysql: to create mysql users and databases.
|
||||||
|
4. media: Media related containers (Jackett, Ombi, Radarr, Sonarr, Daapd)
|
||||||
|
5. Monitoring: Monitoring related resources (Cadvisor, Grafana, NodeExporter, Prometheus, Transmission-Exporter)
|
||||||
|
6. Gitea: Just git.captnemo.in
|
||||||
|
7. tt-rss: Tiny-Tiny RSS Web reader
|
||||||
|
8. Radicale: CardDav/CalDav webserver
|
||||||
|
|
||||||
Self-learning project for terraform/docker.
|
Self-learning project for terraform/docker.
|
||||||
|
|
||||||
# Planned
|
# Planned
|
||||||
|
|
||||||
1. Setup DigitalOcean
|
1. ~Setup DigitalOcean~
|
||||||
2. Add DO infrastructure via ansible
|
2. Add DO infrastructure via ansible
|
||||||
3. ~Add traefik for proper proxying~
|
3. ~Add traefik for proper proxying~
|
||||||
4. Maybe add docker swarm (or k8s?) across both the servers. Might setup the k8s API on the Raspberry Pi.
|
4. Maybe add docker swarm (or k8s?) across both the servers. Might setup the k8s API on the Raspberry Pi.
|
||||||
|
@ -40,7 +45,9 @@ Currently running the following (all links are to the `store.docker.com` links f
|
||||||
## Media
|
## Media
|
||||||
|
|
||||||
- [Emby](https://store.docker.com/community/images/emby/embyserver) Media Server
|
- [Emby](https://store.docker.com/community/images/emby/embyserver) Media Server
|
||||||
- [CouchPotato](https://store.docker.com/community/images/linuxserver/couchpotato), auto-download movies
|
- ~[CouchPotato](https://store.docker.com/community/images/linuxserver/couchpotato), auto-download movies~
|
||||||
|
- [Radarr](https://store.docker.com/community/images/linuxserver/radarr), auto-download movies
|
||||||
|
- [Sonarr](https://store.docker.com/community/images/linuxserver/sonarr), auto-download TV Shows
|
||||||
- [Transmission](https://store.docker.com/community/images/linuxserver/transmission), to download torrents
|
- [Transmission](https://store.docker.com/community/images/linuxserver/transmission), to download torrents
|
||||||
- [AirSonic](https://store.docker.com/community/images/airsonic/airsonic), for a music server
|
- [AirSonic](https://store.docker.com/community/images/airsonic/airsonic), for a music server
|
||||||
- [Ubooquity](https://store.docker.com/community/images/linuxserver/ubooquity), EBooks server with OPDS support
|
- [Ubooquity](https://store.docker.com/community/images/linuxserver/ubooquity), EBooks server with OPDS support
|
||||||
|
@ -58,7 +65,7 @@ Currently running the following (all links are to the `store.docker.com` links f
|
||||||
- [Radicale](https://store.docker.com/community/images/tomsquest/docker-radicale), for a CalDav/Carddav server
|
- [Radicale](https://store.docker.com/community/images/tomsquest/docker-radicale), for a CalDav/Carddav server
|
||||||
- [Gitea](https://store.docker.com/community/images/gitea/gitea), git server
|
- [Gitea](https://store.docker.com/community/images/gitea/gitea), git server
|
||||||
|
|
||||||
6 out of the above images are from the excellent [LinuxServer.io](https://www.linuxserver.io), and they're doing great work :+1:
|
Lots of the above images are from the excellent [LinuxServer.io](https://www.linuxserver.io), and they're doing great work :+1:
|
||||||
|
|
||||||
## Security Headers Note
|
## Security Headers Note
|
||||||
|
|
||||||
|
|
|
@ -73,40 +73,41 @@ onHostRule = false
|
||||||
onDemand = false
|
onDemand = false
|
||||||
acmelogging = true
|
acmelogging = true
|
||||||
|
|
||||||
# Waiting till Jan '18 to get wildcard SSL on LE
|
# Get wildcard once possible
|
||||||
|
|
||||||
[[acme.domains]]
|
[[acme.domains]]
|
||||||
main = "bb8.fun"
|
main = "bb8.fun"
|
||||||
sans = [
|
sans = [
|
||||||
|
"ads.bb8.fun",
|
||||||
"airsonic.bb8.fun",
|
"airsonic.bb8.fun",
|
||||||
"airsonic.in.bb8.fun",
|
"apps.bb8.fun",
|
||||||
"cadvisor.bb8.fun",
|
"cadvisor.bb8.fun",
|
||||||
"couchpotato.bb8.fun",
|
|
||||||
"debug.in.bb8.fun",
|
"debug.in.bb8.fun",
|
||||||
"ebooks.bb8.fun",
|
"dns.bb8.fun",
|
||||||
"ebooks.in.bb8.fun",
|
|
||||||
"emby.bb8.fun",
|
"emby.bb8.fun",
|
||||||
"emby.in.bb8.fun",
|
"emby.in.bb8.fun",
|
||||||
"flexget.bb8.fun",
|
"falcon.bb8.fun",
|
||||||
"git.bb8.fun",
|
"ghost.bb8.fun",
|
||||||
"gitea.bb8.fun",
|
|
||||||
"grafana.bb8.fun",
|
"grafana.bb8.fun",
|
||||||
"headphones.bb8.fun",
|
"headphones.bb8.fun",
|
||||||
"home.bb8.fun",
|
"home.bb8.fun",
|
||||||
"home.in.bb8.fun",
|
"info.bb8.fun",
|
||||||
|
"jackett.bb8.fun",
|
||||||
"library.bb8.fun",
|
"library.bb8.fun",
|
||||||
"luke.bb8.fun",
|
"luke.bb8.fun",
|
||||||
"monitoring.bb8.fun",
|
"monitoring.bb8.fun",
|
||||||
"muximux.bb8.fun",
|
"ombi.bb8.fun",
|
||||||
"muximux.in.bb8.fun",
|
|
||||||
"pics.bb8.fun",
|
"pics.bb8.fun",
|
||||||
"pics.in.bb8.fun",
|
"pics.in.bb8.fun",
|
||||||
|
"radarr.bb8.fun",
|
||||||
"read.bb8.fun",
|
"read.bb8.fun",
|
||||||
"read.in.bb8.fun",
|
|
||||||
"rey.bb8.fun",
|
"rey.bb8.fun",
|
||||||
"scan.bb8.fun",
|
"scan.bb8.fun",
|
||||||
|
"sonarr.bb8.fun",
|
||||||
"tatooine.bb8.fun",
|
"tatooine.bb8.fun",
|
||||||
|
"tie.bb8.fun",
|
||||||
"traefik.bb8.fun",
|
"traefik.bb8.fun",
|
||||||
"transmission.bb8.fun",
|
"transmission.bb8.fun",
|
||||||
|
"wifi.bb8.fun",
|
||||||
"wiki.bb8.fun"
|
"wiki.bb8.fun"
|
||||||
]
|
]
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
resource "docker_container" "couchpotato" {
|
|
||||||
name = "couchpotato"
|
|
||||||
image = "${docker_image.couchpotato.latest}"
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/config/couchpotato"
|
|
||||||
container_path = "/config"
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/media/DL"
|
|
||||||
container_path = "/downloads"
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/media/Movies"
|
|
||||||
container_path = "/movies"
|
|
||||||
}
|
|
||||||
|
|
||||||
labels = "${merge(
|
|
||||||
local.traefik_common_labels,
|
|
||||||
map(
|
|
||||||
"traefik.frontend.auth.basic", "${var.basic_auth}",
|
|
||||||
"traefik.port", 5050,
|
|
||||||
))}"
|
|
||||||
|
|
||||||
memory = 256
|
|
||||||
restart = "unless-stopped"
|
|
||||||
destroy_grace_seconds = 10
|
|
||||||
must_run = true
|
|
||||||
|
|
||||||
# Running as lounge:tatooine
|
|
||||||
env = [
|
|
||||||
"PUID=1004",
|
|
||||||
"PGID=1003",
|
|
||||||
"TZ=Asia/Kolkata",
|
|
||||||
]
|
|
||||||
|
|
||||||
links = ["{docker_container.transmission.name}"]
|
|
||||||
}
|
|
|
@ -16,10 +16,6 @@ data "docker_registry_image" "transmission" {
|
||||||
name = "linuxserver/transmission:latest"
|
name = "linuxserver/transmission:latest"
|
||||||
}
|
}
|
||||||
|
|
||||||
data "docker_registry_image" "couchpotato" {
|
|
||||||
name = "linuxserver/couchpotato:latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
data "docker_registry_image" "traefik" {
|
data "docker_registry_image" "traefik" {
|
||||||
name = "traefik:cancoillotte-alpine"
|
name = "traefik:cancoillotte-alpine"
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,11 +13,6 @@ resource "docker_image" "transmission" {
|
||||||
pull_triggers = ["${data.docker_registry_image.transmission.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.transmission.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_image" "couchpotato" {
|
|
||||||
name = "${data.docker_registry_image.couchpotato.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.couchpotato.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "traefik" {
|
resource "docker_image" "traefik" {
|
||||||
name = "${data.docker_registry_image.traefik.name}"
|
name = "${data.docker_registry_image.traefik.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.traefik.sha256_digest}"]
|
||||||
|
|
|
@ -7,7 +7,7 @@ resource "docker_image" "daapd" {
|
||||||
pull_triggers = ["${data.docker_registry_image.daapd.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.daapd.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource docker_container "daapd" {
|
resource "docker_container" "daapd" {
|
||||||
name = "daapd"
|
name = "daapd"
|
||||||
image = "${docker_image.daapd.latest}"
|
image = "${docker_image.daapd.latest}"
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
data "docker_registry_image" "jackett" {
|
||||||
|
name = "linuxserver/jackett:latest"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "docker_image" "jackett" {
|
||||||
|
name = "${data.docker_registry_image.jackett.name}"
|
||||||
|
pull_triggers = ["${data.docker_registry_image.jackett.sha256_digest}"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource docker_container "jackett" {
|
||||||
|
name = "jackett"
|
||||||
|
image = "${docker_image.jackett.latest}"
|
||||||
|
|
||||||
|
labels = "${merge(
|
||||||
|
var.traefik-labels, map(
|
||||||
|
"traefik.port", 9117,
|
||||||
|
"traefik.frontend.rule","Host:jackett.${var.domain}"
|
||||||
|
))}"
|
||||||
|
|
||||||
|
restart = "unless-stopped"
|
||||||
|
destroy_grace_seconds = 10
|
||||||
|
must_run = true
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/config/jackett"
|
||||||
|
container_path = "/config"
|
||||||
|
}
|
||||||
|
|
||||||
|
env = [
|
||||||
|
"PUID=1004",
|
||||||
|
"PGID=1003",
|
||||||
|
"TZ=Asia/Kolkata",
|
||||||
|
]
|
||||||
|
|
||||||
|
# links = ["${var.links-emby}"]
|
||||||
|
}
|
|
@ -14,7 +14,7 @@ resource docker_container "ombi" {
|
||||||
labels = "${merge(
|
labels = "${merge(
|
||||||
var.traefik-labels, map(
|
var.traefik-labels, map(
|
||||||
"traefik.port", 3579,
|
"traefik.port", 3579,
|
||||||
"traefik.frontend.rule","Host:rey.${var.domain}"
|
"traefik.frontend.rule","Host:ombi.${var.domain}"
|
||||||
))}"
|
))}"
|
||||||
|
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
|
|
|
@ -15,7 +15,7 @@ resource docker_container "radarr" {
|
||||||
labels = "${merge(
|
labels = "${merge(
|
||||||
var.traefik-labels, map(
|
var.traefik-labels, map(
|
||||||
"traefik.port", 7878,
|
"traefik.port", 7878,
|
||||||
"traefik.frontend.rule","Host:git.${var.domain}"
|
"traefik.frontend.rule","Host:radarr.${var.domain}"
|
||||||
))}"
|
))}"
|
||||||
|
|
||||||
memory = 512
|
memory = 512
|
||||||
|
|
|
@ -14,7 +14,7 @@ resource docker_container "sonarr" {
|
||||||
labels = "${merge(
|
labels = "${merge(
|
||||||
var.traefik-labels, map(
|
var.traefik-labels, map(
|
||||||
"traefik.port", 8989,
|
"traefik.port", 8989,
|
||||||
"traefik.frontend.rule","Host:luke.${var.domain}"
|
"traefik.frontend.rule","Host:sonarr.${var.domain}"
|
||||||
))}"
|
))}"
|
||||||
|
|
||||||
memory = 512
|
memory = 512
|
||||||
|
|
Loading…
Reference in New Issue