diff --git a/modules/outline/config.tf b/modules/outline/config.tf new file mode 100644 index 0000000..3f4d894 --- /dev/null +++ b/modules/outline/config.tf @@ -0,0 +1,62 @@ +resource "random_string" "password" { + length = 16 + special = false +} + +resource "random_string" "password_test" { + length = 16 + special = false +} + +locals { + environment = [ + "DATABASE_URL=postgres://${var.db_username}:${random_string.password.result}@${var.db_host}:${var.db_port}/${var.db_name}?ssl_mode=disable", + "DATABASE_URL_TEST=postgres://${var.db_username}:${random_string.password_test.result}@${var.db_host}:${var.db_port}/${var.db_name_test}?ssl_mode=disable", + "SECRET_KEY=${var.secret_key}", + "PORT=3000", + "REDIS_URL=redis://${var.cache_host}:${var.cache_port}", + "URL=https://${var.hostname}", + "DEPLOYMENT=self", + "ENABLE_UPDATES=false", + "SUBDOMAINS_ENABLED=false", + + # Third party signin credentials (at least one is required) + "SLACK_KEY=${var.slack_key}", + + "SLACK_VERIFICATION_TOKEN=${var.slack_verification_token}", + "SLACK_APP_ID=${var.slack_app_id}", + "SLACK_SECRET=${var.slack_secret}", + "GOOGLE_CLIENT_ID=", + "GOOGLE_CLIENT_SECRET=", + + # Comma separated list of domains to be allowed (optional) + # If not set, all Google apps domains are allowed by default + "GOOGLE_ALLOWED_DOMAINS=", + + # Emails configuration (optional) + "SMTP_HOST=smtp.mailgun.org", + + "SMTP_PORT=465", + "SMTP_USERNAME=${var.smtp_username}", + "SMTP_PASSWORD=${var.smtp_password}", + "SMTP_FROM_EMAIL=${var.smtp_email}", + "SMTP_REPLY_EMAIL=${var.reply_email}", + ] + + # Used for showing new releases + # If given, can go around rate limits + # "GITHUB_ACCESS_TOKEN=", + + # Third party credentials (optional) + + # "GOOGLE_ANALYTICS_ID=", + # "BUGSNAG_KEY=", + + # AWS credentials (optional in dev) + # "AWS_ACCESS_KEY_ID=notcheckedindev", + # "AWS_SECRET_ACCESS_KEY=notcheckedindev", + # "AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569", + # "AWS_S3_UPLOAD_BUCKET_NAME=outline-dev", + # "AWS_S3_UPLOAD_MAX_SIZE=26214400", + # "DEBUG=sql,cache,presenters,events", +} diff --git a/modules/outline/data.tf b/modules/outline/data.tf new file mode 100644 index 0000000..b23319b --- /dev/null +++ b/modules/outline/data.tf @@ -0,0 +1,7 @@ +data "docker_registry_image" "redis" { + name = "redis:alpine" +} + +data "docker_network" "postgres" { + name = "postgres" +} diff --git a/modules/outline/database.tf b/modules/outline/database.tf new file mode 100644 index 0000000..44d89eb --- /dev/null +++ b/modules/outline/database.tf @@ -0,0 +1,11 @@ +module "database" { + source = "../postgres" + name = "${var.db_name}" + password = "${random_string.password.result}" +} + +module "database_test" { + source = "../postgres" + name = "${var.db_name_test}" + password = "${random_string.password_test.result}" +} diff --git a/modules/outline/main.tf b/modules/outline/main.tf new file mode 100644 index 0000000..f406230 --- /dev/null +++ b/modules/outline/main.tf @@ -0,0 +1,25 @@ +module "container" { + source = "../container" + name = "outline" + + # Switch to Alpine instead of Default Node for a smaller build + image = "captn3m0/outline:alpine" + + web { + expose = "true" + host = "${var.hostname}" + port = 3000 + } + + resource { + memory = 1024 + memory_swap = 2048 + } + + networks = [ + "${docker_network.outline.id}", + "${data.docker_network.postgres.id}", + ] + + env = "${local.environment}" +} diff --git a/modules/outline/network.tf b/modules/outline/network.tf new file mode 100644 index 0000000..28d2ffe --- /dev/null +++ b/modules/outline/network.tf @@ -0,0 +1,4 @@ +resource "docker_network" "outline" { + name = "outline" + driver = "bridge" +} diff --git a/modules/outline/redis.tf b/modules/outline/redis.tf new file mode 100644 index 0000000..01adddd --- /dev/null +++ b/modules/outline/redis.tf @@ -0,0 +1,22 @@ +resource "docker_container" "redis" { + name = "outline-redis" + image = "${docker_image.redis.latest}" + + volumes { + host_path = "/mnt/xwing/cache/outline" + container_path = "/data" + } + + memory = 128 + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true + + networks = ["${docker_network.outline.id}"] +} + +resource "docker_image" "redis" { + name = "${data.docker_registry_image.redis.name}" + pull_triggers = ["${data.docker_registry_image.redis.sha256_digest}"] + keep_locally = true +} diff --git a/modules/outline/variables.tf b/modules/outline/variables.tf new file mode 100644 index 0000000..b203ee4 --- /dev/null +++ b/modules/outline/variables.tf @@ -0,0 +1,50 @@ +variable "smtp_username" { + default = "outline@mail.captnemo.in" +} + +variable "smtp_password" {} + +variable "smtp_email" { + default = "outline@mail.captnemo.in" +} + +variable "reply_email" { + default = "outline@captnemo.in" +} + +variable "db_host" { + default = "postgres" +} + +variable "db_name" { + default = "outline" +} + +variable "db_name_test" { + default = "outline-test" +} + +variable "db_port" { + default = "5432" +} + +variable "db_username" { + default = "outline" +} + +variable "cache_port" { + default = "6379" +} + +variable "cache_host" { + default = "outline-redis" +} + +variable "secret_key" {} + +variable "slack_key" {} +variable "slack_secret" {} +variable "slack_app_id" {} +variable "slack_verification_token" {} + +variable "hostname" {} diff --git a/outline.tf b/outline.tf new file mode 100644 index 0000000..d8e6c88 --- /dev/null +++ b/outline.tf @@ -0,0 +1,10 @@ +module "outline" { + source = "modules/outline" + smtp_password = "${var.outline_smtp_password}" + secret_key = "${var.outline_secret_key}" + slack_key = "${var.outline_slack_key}" + slack_secret = "${var.outline_slack_secret}" + slack_app_id = "${var.outline_slack_app_id}" + slack_verification_token = "${var.outline_slack_verification_token}" + hostname = "outline.${var.root-domain}" +} diff --git a/variables.tf b/variables.tf index f42f0fe..b0d7774 100644 --- a/variables.tf +++ b/variables.tf @@ -85,3 +85,10 @@ variable "root-domain" { variable "znc_pass" {} variable "znc_user" {} + +variable "outline_smtp_password" {} +variable "outline_secret_key" {} +variable "outline_slack_key" {} +variable "outline_slack_secret" {} +variable "outline_slack_app_id" {} +variable "outline_slack_verification_token" {}