diff --git a/main.tf b/main.tf index add3ba4..1b3d938 100644 --- a/main.tf +++ b/main.tf @@ -54,9 +54,8 @@ module "opml" { } module "radicale" { - source = "radicale" - domain = "radicale.bb8.fun" - traefik-network-id = "${module.docker.traefik-network-id}" + source = "radicale" + domain = "radicale.bb8.fun" } module "resilio" { diff --git a/modules/container/main.tf b/modules/container/main.tf index 20d3d73..971eeee 100644 --- a/modules/container/main.tf +++ b/modules/container/main.tf @@ -7,6 +7,10 @@ resource "docker_image" "image" { pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"] } +data "docker_network" "traefik" { + name = "traefik" +} + resource "docker_container" "container" { name = "${var.name}" image = "${docker_image.image.latest}" @@ -16,7 +20,14 @@ resource "docker_container" "container" { command = "${var.command}" entrypoint = "${var.entrypoint}" user = "${var.user}" - networks = ["${var.networks}"] + + // Only attach the traefik network if + // service is exposed to the web + networks = ["${concat(var.networks, split(",", + lookup(var.web, "expose", "false") == "false" ? + "" : + "${data.docker_network.traefik.id}" + ))}"] memory = "${local.resource["memory"]}" diff --git a/providers.tf b/providers.tf index 5080159..136a007 100644 --- a/providers.tf +++ b/providers.tf @@ -1,6 +1,7 @@ provider "docker" { host = "tcp://docker.vpn.bb8.fun:2376" cert_path = "./secrets" + version = "~> 2.0.0" } provider "cloudflare" { diff --git a/radicale/main.tf b/radicale/main.tf index f532d7c..65f5466 100644 --- a/radicale/main.tf +++ b/radicale/main.tf @@ -34,6 +34,4 @@ module "container" { file = "/config/users" }, ] - - networks = ["${var.traefik-network-id}"] } diff --git a/radicale/variables.tf b/radicale/variables.tf index b443d2f..10fc457 100644 --- a/radicale/variables.tf +++ b/radicale/variables.tf @@ -1,5 +1,3 @@ variable "domain" { type = "string" } - -variable "traefik-network-id" {}