From 53bfd99ad59868b2b413852ba432f5a3c036f6ed Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Sun, 1 Jul 2018 04:17:22 +0530
Subject: [PATCH] Adds miniflux, improves tt-rss

---
 main.tf                 |  9 +++++++++
 miniflux/db-postgres.tf | 10 ++++++++++
 miniflux/main.tf        | 30 ++++++++++++++++++++++++++++++
 miniflux/variables.tf   | 12 ++++++++++++
 monitoring/images.tf    |  1 +
 tt-rss/fastcgi.conf     | 27 +++++++++++++++++++++++++++
 tt-rss/main.tf          |  5 +++++
 variables.tf            |  1 +
 8 files changed, 95 insertions(+)
 create mode 100644 miniflux/db-postgres.tf
 create mode 100644 miniflux/main.tf
 create mode 100644 miniflux/variables.tf
 create mode 100644 tt-rss/fastcgi.conf

diff --git a/main.tf b/main.tf
index 9a96c91..7c272cf 100644
--- a/main.tf
+++ b/main.tf
@@ -80,6 +80,15 @@ module "tt-rss" {
   postgres-network-id = "${module.db.postgres-network-id}"
 }
 
+module "miniflux" {
+  source              = "miniflux"
+  domain              = "miniflux.bb8.fun"
+  db-password         = "${var.miniflux-db-password}"
+  traefik-labels      = "${var.traefik-common-labels}"
+  traefik-network-id  = "${module.docker.traefik-network-id}"
+  postgres-network-id = "${module.db.postgres-network-id}"
+}
+
 module "rss-bridge" {
   source             = "rss-bridge"
   domain             = "rss-bridge.bb8.fun"
diff --git a/miniflux/db-postgres.tf b/miniflux/db-postgres.tf
new file mode 100644
index 0000000..321882a
--- /dev/null
+++ b/miniflux/db-postgres.tf
@@ -0,0 +1,10 @@
+resource "postgresql_database" "miniflux" {
+  name  = "miniflux"
+  owner = "miniflux"
+}
+
+resource "postgresql_role" "miniflux" {
+  name     = "miniflux"
+  login    = true
+  password = "${var.db-password}"
+}
diff --git a/miniflux/main.tf b/miniflux/main.tf
new file mode 100644
index 0000000..63cf4cc
--- /dev/null
+++ b/miniflux/main.tf
@@ -0,0 +1,30 @@
+data "docker_registry_image" "miniflux" {
+  name = "miniflux/miniflux:2.0.8"
+}
+
+resource "docker_image" "miniflux" {
+  name          = "${data.docker_registry_image.miniflux.name}"
+  pull_triggers = ["${data.docker_registry_image.miniflux.sha256_digest}"]
+}
+
+resource "docker_container" "miniflux" {
+  name  = "miniflux"
+  image = "${docker_image.miniflux.latest}"
+
+  labels = "${merge(
+    var.traefik-labels, map(
+      "traefik.port", 8080,
+      "traefik.frontend.rule","Host:${var.domain}"
+  ))}"
+
+  networks = ["${var.traefik-network-id}", "${var.postgres-network-id}"]
+
+  env = [
+    "DATABASE_URL=postgres://miniflux:${var.db-password}@postgres/miniflux?sslmode=disable",
+    "RUN_MIGRATIONS=1",
+  ]
+
+  restart               = "unless-stopped"
+  destroy_grace_seconds = 10
+  must_run              = true
+}
diff --git a/miniflux/variables.tf b/miniflux/variables.tf
new file mode 100644
index 0000000..0d2a082
--- /dev/null
+++ b/miniflux/variables.tf
@@ -0,0 +1,12 @@
+variable "domain" {
+  type = "string"
+}
+
+variable "db-password" {}
+variable "postgres-network-id" {}
+
+variable "traefik-labels" {
+  type = "map"
+}
+
+variable "traefik-network-id" {}
diff --git a/monitoring/images.tf b/monitoring/images.tf
index e448ddc..31dc75b 100644
--- a/monitoring/images.tf
+++ b/monitoring/images.tf
@@ -26,4 +26,5 @@ resource "docker_image" "speedtest" {
 resource "docker_image" "act-exporter" {
   name          = "${data.docker_registry_image.act-exporter.name}"
   pull_triggers = ["${data.docker_registry_image.act-exporter.sha256_digest}"]
+  keep_locally  = true
 }
diff --git a/tt-rss/fastcgi.conf b/tt-rss/fastcgi.conf
new file mode 100644
index 0000000..64a1a27
--- /dev/null
+++ b/tt-rss/fastcgi.conf
@@ -0,0 +1,27 @@
+fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;
+
+fastcgi_read_timeout 300s
diff --git a/tt-rss/main.tf b/tt-rss/main.tf
index 9e4e7ee..894a2cc 100644
--- a/tt-rss/main.tf
+++ b/tt-rss/main.tf
@@ -22,6 +22,11 @@ resource "docker_container" "tt-rss" {
     container_path = "/config"
   }
 
+  upload {
+    content = "${file("${path.module}/fastcgi.conf")}"
+    file    = "/etc/nginx/fastcgi.conf"
+  }
+
   networks = ["${var.traefik-network-id}", "${var.postgres-network-id}"]
 
   env = [
diff --git a/variables.tf b/variables.tf
index 155b15c..09c754e 100644
--- a/variables.tf
+++ b/variables.tf
@@ -82,3 +82,4 @@ variable "timemachine-password-1" {}
 
 variable "opml-github-client-id" {}
 variable "opml-github-client-secret" {}
+variable "miniflux-db-password" {}