diff --git a/docker/airsonic.tf b/docker/airsonic.tf new file mode 100644 index 0000000..c246119 --- /dev/null +++ b/docker/airsonic.tf @@ -0,0 +1,44 @@ +# resource "docker_container" "airsonic" { +# name = "airsonic" +# image = "${docker_image.airsonic.latest}" + +# restart = "unless-stopped" +# destroy_grace_seconds = 30 +# must_run = true +# memory = 800 + +# volumes { +# host_path = "/mnt/xwing/config/airsonic/data" +# container_path = "/config" +# } + +# volumes { +# host_path = "/mnt/xwing/media/Music" +# container_path = "/music" +# } + +# volumes { +# host_path = "/mnt/xwing/config/airsonic/playlists" +# container_path = "/playlists" +# } + +# volumes { +# host_path = "/mnt/xwing/config/airsonic/podcasts" +# container_path = "/podcasts" +# } + +# labels { +# "traefik.enable" = "true" +# "traefik.port" = "4040" +# "traefik.frontend.rule" = "Host:airsonic.in.${var.domain},airsonic.${var.domain}" +# "traefik.frontend.passHostHeader" = "true" +# } + +# # lounge:tatooine +# env = [ +# "PUID=1004", +# "PGID=1003", +# "TZ=Asia/Kolkata", +# "CONTEXT_PATH=https://airsonic.bb8.fun", +# ] +# } \ No newline at end of file diff --git a/docker/conf/humans.txt b/docker/conf/humans.txt index 5929a94..e82208f 100644 --- a/docker/conf/humans.txt +++ b/docker/conf/humans.txt @@ -4,7 +4,7 @@ Twitter: @captn3m0 /* SITE */ - Last update: Jan 2018 + Last update: Feb 2018 Language: English IDE: Sublime Text, Vim Runs-On: Docker diff --git a/docker/couchpotato.tf b/docker/couchpotato.tf new file mode 100644 index 0000000..0fcc605 --- /dev/null +++ b/docker/couchpotato.tf @@ -0,0 +1,40 @@ +resource "docker_container" "couchpotato" { + name = "couchpotato" + image = "${docker_image.couchpotato.latest}" + + volumes { + host_path = "/mnt/xwing/config/couchpotato" + container_path = "/config" + } + + volumes { + host_path = "/mnt/xwing/media/DL" + container_path = "/downloads" + } + + volumes { + host_path = "/mnt/xwing/media/Movies" + container_path = "/movies" + } + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.frontend.auth.basic", "${var.basic_auth}", + "traefik.port", 5050, + ))}" + + memory = 256 + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true + + # Running as lounge:tatooine + env = [ + "PUID=1004", + "PGID=1003", + "TZ=Asia/Kolkata", + ] + + links = ["{docker_container.transmission.name}"] +} \ No newline at end of file diff --git a/docker/data.tf b/docker/data.tf index 0362f29..37d2827 100644 --- a/docker/data.tf +++ b/docker/data.tf @@ -8,8 +8,6 @@ data "docker_registry_image" "mongorocks" { name = "jadsonlourenco/mongo-rocks:latest" } -# Leave all other apps at latesst - data "docker_registry_image" "emby" { name = "emby/embyserver:latest" } diff --git a/docker/debug.tf b/docker/debug.tf new file mode 100644 index 0000000..c14bc65 --- /dev/null +++ b/docker/debug.tf @@ -0,0 +1,18 @@ +resource "docker_container" "headerdebug" { + name = "headerdebug" + image = "${docker_image.headerdebug.latest}" + + restart = "unless-stopped" + destroy_grace_seconds = 30 + must_run = true + + memory = 16 + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}", + "traefik.port", 8080, + "traefik.enable", "true", + ))}" +} \ No newline at end of file diff --git a/docker/emby.tf b/docker/emby.tf new file mode 100644 index 0000000..c3f09e1 --- /dev/null +++ b/docker/emby.tf @@ -0,0 +1,36 @@ +resource "docker_container" "emby" { + name = "emby" + image = "${docker_image.emby.latest}" + + volumes { + host_path = "/mnt/xwing/config/emby" + container_path = "/config" + } + + volumes { + host_path = "/mnt/xwing/media" + container_path = "/media" + } + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.frontend.rule", "Host:emby.in.${var.domain},emby.${var.domain}", + "traefik.frontend.passHostHeader", "true", + "traefik.port", 8096, + ))}" + + memory = 2048 + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true + + # Running as lounge:tatooine + env = [ + "APP_USER=lounge", + "APP_UID=1004", + "APP_GID=1003", + "APP_CONFIG=/mnt/xwing/config", + "TZ=Asia/Kolkata", + ] +} \ No newline at end of file diff --git a/docker/headphones.tf b/docker/headphones.tf new file mode 100644 index 0000000..bda2c44 --- /dev/null +++ b/docker/headphones.tf @@ -0,0 +1,43 @@ +resource "docker_container" "headphones" { + name = "headphones" + image = "${docker_image.headphones.latest}" + + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true + memory = 128 + + volumes { + host_path = "/mnt/xwing/config/headphones" + container_path = "/config" + } + + volumes { + host_path = "/mnt/xwing/media/DL" + container_path = "/downloads" + } + + volumes { + host_path = "/mnt/xwing/media/Music" + container_path = "/music" + } + + upload { + content = "${file("${path.module}/conf/headphones.ini")}" + file = "/config/config.ini" + } + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.frontend.auth.basic", "${var.basic_auth}", + "traefik.port", 8181, + ))}" + + # lounge:tatooine + env = [ + "PUID=1004", + "PGID=1003", + "TZ=Asia/Kolkata", + ] +} \ No newline at end of file diff --git a/docker/lychee.tf b/docker/lychee.tf index 4f40ae8..3f5476b 100644 --- a/docker/lychee.tf +++ b/docker/lychee.tf @@ -21,19 +21,11 @@ resource "docker_container" "lychee" { file = "/config/lychee/user.ini" } - labels { - "traefik.port" = 80 - "traefik.frontend.passHostHeader" = "false" - "traefik.enable" = "true" - "traefik.frontend.headers.SSLTemporaryRedirect" = "true" - "traefik.frontend.headers.STSIncludeSubdomains" = "false" - "traefik.frontend.headers.contentTypeNosniff" = "true" - "traefik.frontend.headers.browserXSSFilter" = "true" - "traefik.frontend.headers.STSSeconds" = "2592000" - "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}" - "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}" - "traefik.frontend.rule" = "Host:pics.${var.domain},pics.in.${var.domain}" - } + labels = "${merge( + locals.traefik_common_labels, map( + "traefik.port", 80, + "traefik.frontend.rule","Host:pics.${var.domain},pics.in.${var.domain}" + ))}" env = [ "PUID=986", diff --git a/docker/main.tf b/docker/main.tf index 1436b3a..e69de29 100644 --- a/docker/main.tf +++ b/docker/main.tf @@ -1,379 +0,0 @@ -resource docker_container "transmission" { - name = "transmission" - image = "${docker_image.transmission.latest}" - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.auth.basic", "${var.basic_auth}", - "traefik.port", 9091, - ))}" - - ports { - internal = 51413 - external = 51413 - ip = "${var.ips["eth0"]}" - protocol = "udp" - } - - volumes { - host_path = "/mnt/xwing/config/transmission" - container_path = "/config" - } - - volumes { - host_path = "/mnt/xwing/media/DL" - container_path = "/downloads" - } - - volumes { - host_path = "/mnt/xwing/data/watch/transmission" - container_path = "/watch" - } - - upload { - content = "${file("${path.module}/conf/transmission.json")}" - file = "/config/settings.json" - } - - env = [ - "PGID=1003", - "PUID=1000", - "TZ=Asia/Kolkata", - ] - - memory = 1024 - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true -} - -resource "docker_container" "emby" { - name = "emby" - image = "${docker_image.emby.latest}" - - volumes { - host_path = "/mnt/xwing/config/emby" - container_path = "/config" - } - - volumes { - host_path = "/mnt/xwing/media" - container_path = "/media" - } - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.rule", "Host:emby.in.${var.domain},emby.${var.domain}", - "traefik.frontend.passHostHeader", "true", - "traefik.port", 8096, - ))}" - - memory = 2048 - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true - - # Running as lounge:tatooine - env = [ - "APP_USER=lounge", - "APP_UID=1004", - "APP_GID=1003", - "APP_CONFIG=/mnt/xwing/config", - "TZ=Asia/Kolkata", - ] -} - -resource "docker_container" "couchpotato" { - name = "couchpotato" - image = "${docker_image.couchpotato.latest}" - - volumes { - host_path = "/mnt/xwing/config/couchpotato" - container_path = "/config" - } - - volumes { - host_path = "/mnt/xwing/media/DL" - container_path = "/downloads" - } - - volumes { - host_path = "/mnt/xwing/media/Movies" - container_path = "/movies" - } - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.auth.basic", "${var.basic_auth}", - "traefik.port", 5050, - ))}" - - memory = 256 - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true - - # Running as lounge:tatooine - env = [ - "PUID=1004", - "PGID=1003", - "TZ=Asia/Kolkata", - ] - - links = ["{docker_container.transmission.name}"] -} - -# resource "docker_container" "airsonic" { -# name = "airsonic" -# image = "${docker_image.airsonic.latest}" - -# restart = "unless-stopped" -# destroy_grace_seconds = 30 -# must_run = true -# memory = 800 - -# volumes { -# host_path = "/mnt/xwing/config/airsonic/data" -# container_path = "/config" -# } - -# volumes { -# host_path = "/mnt/xwing/media/Music" -# container_path = "/music" -# } - -# volumes { -# host_path = "/mnt/xwing/config/airsonic/playlists" -# container_path = "/playlists" -# } - -# volumes { -# host_path = "/mnt/xwing/config/airsonic/podcasts" -# container_path = "/podcasts" -# } - -# labels { -# "traefik.enable" = "true" -# "traefik.port" = "4040" -# "traefik.frontend.rule" = "Host:airsonic.in.${var.domain},airsonic.${var.domain}" -# "traefik.frontend.passHostHeader" = "true" -# } - -# # lounge:tatooine -# env = [ -# "PUID=1004", -# "PGID=1003", -# "TZ=Asia/Kolkata", -# "CONTEXT_PATH=https://airsonic.bb8.fun", -# ] -# } - -resource "docker_container" "headerdebug" { - name = "headerdebug" - image = "${docker_image.headerdebug.latest}" - - restart = "unless-stopped" - destroy_grace_seconds = 30 - must_run = true - - memory = 16 - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.rule", "Host:debug.in.${var.domain},debug.${var.domain}", - "traefik.port", 8080, - "traefik.enable", "true", - ))}" -} - -resource "docker_container" "headphones" { - name = "headphones" - image = "${docker_image.headphones.latest}" - - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true - memory = 128 - - volumes { - host_path = "/mnt/xwing/config/headphones" - container_path = "/config" - } - - volumes { - host_path = "/mnt/xwing/media/DL" - container_path = "/downloads" - } - - volumes { - host_path = "/mnt/xwing/media/Music" - container_path = "/music" - } - - upload { - content = "${file("${path.module}/conf/headphones.ini")}" - file = "/config/config.ini" - } - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.auth.basic", "${var.basic_auth}", - "traefik.port", 8181, - ))}" - - # lounge:tatooine - env = [ - "PUID=1004", - "PGID=1003", - "TZ=Asia/Kolkata", - ] -} - -resource "docker_container" "ubooquity" { - name = "ubooquity" - image = "${docker_image.ubooquity.latest}" - - restart = "unless-stopped" - destroy_grace_seconds = 30 - must_run = true - - volumes { - host_path = "/mnt/xwing/config/ubooquity" - container_path = "/config" - } - - volumes { - host_path = "/mnt/xwing/media/EBooks" - container_path = "/books" - } - - volumes { - host_path = "/mnt/xwing/media/EBooks" - container_path = "/files" - } - - volumes { - host_path = "/mnt/xwing/media/EBooks/Comics" - container_path = "/comics" - } - - labels { - "traefik.enable" = "true" - - "traefik.admin.port" = 2203 - "traefik.admin.frontend.rule" = "Host:library.${var.domain}" - "traefik.admin.frontend.auth.basic" = "${var.basic_auth}" - - "traefik.read.port" = 2202 - "traefik.read.frontend.rule" = "Host:read.${var.domain}" - - "traefik.read.frontend.headers.SSLTemporaryRedirect" = "true" - "traefik.read.frontend.headers.STSSeconds" = "2592000" - "traefik.read.frontend.headers.STSIncludeSubdomains" = "false" - "traefik.read.frontend.headers.contentTypeNosniff" = "true" - "traefik.read.frontend.headers.browserXSSFilter" = "true" - "traefik.read.frontend.headers.customResponseHeaders" = "${var.xpoweredby}" - "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}" - } - - upload { - content = "${file("${path.module}/conf/ubooquity.json")}" - file = "/config/preferences.json" - } - - # lounge:tatooine - env = [ - "PUID=1004", - "PGID=1003", - "MAXMEM=800", - ] -} - -resource "docker_container" "wiki" { - name = "wiki" - image = "${docker_image.wikijs.latest}" - - restart = "unless-stopped" - destroy_grace_seconds = 30 - must_run = true - memory = 300 - - upload { - content = "${file("${path.module}/conf/wiki.yml")}" - file = "/var/wiki/config.yml" - } - - volumes { - host_path = "/mnt/xwing/logs/wiki" - container_path = "/logs" - } - - volumes { - host_path = "/mnt/xwing/data/wiki/repo" - container_path = "/repo" - } - - volumes { - host_path = "/mnt/xwing/data/wiki/data" - container_path = "/data" - } - - upload { - content = "${file("${path.module}/conf/humans.txt")}" - file = "/var/wiki/assets/humans.txt" - } - - // The last header is a workaround for double header traefik bug - // This might be actually breaking iframe till the 1.5 Final release. - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.frontend.rule", "Host:wiki.${var.domain}", - "traefik.frontend.passHostHeader", "true", - "traefik.port", 9999, - "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}", - ))}" - links = ["${docker_container.mongorocks.name}"] - env = [ - "WIKI_ADMIN_EMAIL=me@captnemo.in", - "SESSION_SECRET=${var.wiki_session_secret}", - ] -} - -resource "docker_container" "muximux" { - name = "muximux" - image = "${docker_image.muximux.latest}" - memory = 64 - - restart = "unless-stopped" - destroy_grace_seconds = 10 - must_run = true - - volumes { - host_path = "/mnt/xwing/config/muximux" - container_path = "/config" - } - - labels = "${merge( - local.traefik_common_labels, - map( - "traefik.port", 80, - "traefik.frontend.headers.frameDeny", "true", - "traefik.frontend.passHostHeader", "false", - "traefik.frontend.auth.basic", "${var.basic_auth}", - "traefik.frontend.rule", "Host:home.in.${var.domain},home.${var.domain}", - ))}" - - # lounge:tatooine - env = [ - "PUID=1004", - "PGID=1003", - "TZ=Asia/Kolkata", - ] -} diff --git a/docker/muximux.tf b/docker/muximux.tf new file mode 100644 index 0000000..8a7b5bb --- /dev/null +++ b/docker/muximux.tf @@ -0,0 +1,31 @@ +resource "docker_container" "muximux" { + name = "muximux" + image = "${docker_image.muximux.latest}" + memory = 64 + + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true + + volumes { + host_path = "/mnt/xwing/config/muximux" + container_path = "/config" + } + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.port", 80, + "traefik.frontend.headers.frameDeny", "true", + "traefik.frontend.passHostHeader", "false", + "traefik.frontend.auth.basic", "${var.basic_auth}", + "traefik.frontend.rule", "Host:home.in.${var.domain},home.${var.domain}", + ))}" + + # lounge:tatooine + env = [ + "PUID=1004", + "PGID=1003", + "TZ=Asia/Kolkata", + ] +} diff --git a/docker/transmission.tf b/docker/transmission.tf new file mode 100644 index 0000000..d7afb62 --- /dev/null +++ b/docker/transmission.tf @@ -0,0 +1,49 @@ +resource docker_container "transmission" { + name = "transmission" + image = "${docker_image.transmission.latest}" + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.frontend.auth.basic", "${var.basic_auth}", + "traefik.port", 9091, + ))}" + + ports { + internal = 51413 + external = 51413 + ip = "${var.ips["eth0"]}" + protocol = "udp" + } + + volumes { + host_path = "/mnt/xwing/config/transmission" + container_path = "/config" + } + + volumes { + host_path = "/mnt/xwing/media/DL" + container_path = "/downloads" + } + + volumes { + host_path = "/mnt/xwing/data/watch/transmission" + container_path = "/watch" + } + + upload { + content = "${file("${path.module}/conf/transmission.json")}" + file = "/config/settings.json" + } + + env = [ + "PGID=1003", + "PUID=1000", + "TZ=Asia/Kolkata", + ] + + memory = 1024 + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true +} diff --git a/docker/ubooquity.tf b/docker/ubooquity.tf new file mode 100644 index 0000000..bd30ad1 --- /dev/null +++ b/docker/ubooquity.tf @@ -0,0 +1,59 @@ +resource "docker_container" "ubooquity" { + name = "ubooquity" + image = "${docker_image.ubooquity.latest}" + + restart = "unless-stopped" + destroy_grace_seconds = 30 + must_run = true + + volumes { + host_path = "/mnt/xwing/config/ubooquity" + container_path = "/config" + } + + volumes { + host_path = "/mnt/xwing/media/EBooks" + container_path = "/books" + } + + volumes { + host_path = "/mnt/xwing/media/EBooks" + container_path = "/files" + } + + volumes { + host_path = "/mnt/xwing/media/EBooks/Comics" + container_path = "/comics" + } + + labels { + "traefik.enable" = "true" + + "traefik.admin.port" = 2203 + "traefik.admin.frontend.rule" = "Host:library.${var.domain}" + "traefik.admin.frontend.auth.basic" = "${var.basic_auth}" + + "traefik.read.port" = 2202 + "traefik.read.frontend.rule" = "Host:read.${var.domain}" + + "traefik.read.frontend.headers.SSLTemporaryRedirect" = "true" + "traefik.read.frontend.headers.STSSeconds" = "2592000" + "traefik.read.frontend.headers.STSIncludeSubdomains" = "false" + "traefik.read.frontend.headers.contentTypeNosniff" = "true" + "traefik.read.frontend.headers.browserXSSFilter" = "true" + "traefik.read.frontend.headers.customResponseHeaders" = "${var.xpoweredby}" + "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}" + } + + upload { + content = "${file("${path.module}/conf/ubooquity.json")}" + file = "/config/preferences.json" + } + + # lounge:tatooine + env = [ + "PUID=1004", + "PGID=1003", + "MAXMEM=800", + ] +} diff --git a/docker/wiki.tf b/docker/wiki.tf new file mode 100644 index 0000000..7f54901 --- /dev/null +++ b/docker/wiki.tf @@ -0,0 +1,53 @@ +resource "docker_container" "wiki" { + name = "wiki" + image = "${docker_image.wikijs.latest}" + + restart = "unless-stopped" + destroy_grace_seconds = 30 + must_run = true + memory = 300 + + upload { + content = "${file("${path.module}/conf/wiki.yml")}" + file = "/var/wiki/config.yml" + } + + volumes { + host_path = "/mnt/xwing/logs/wiki" + container_path = "/logs" + } + + volumes { + host_path = "/mnt/xwing/data/wiki/repo" + container_path = "/repo" + } + + volumes { + host_path = "/mnt/xwing/data/wiki/data" + container_path = "/data" + } + + upload { + content = "${file("${path.module}/conf/humans.txt")}" + file = "/var/wiki/assets/humans.txt" + } + + // The last header is a workaround for double header traefik bug + // This might be actually breaking iframe till the 1.5 Final release. + + labels = "${merge( + local.traefik_common_labels, + map( + "traefik.frontend.rule", "Host:wiki.${var.domain}", + "traefik.frontend.passHostHeader", "true", + "traefik.port", 9999, + "traefik.frontend.headers.customResponseHeaders", "${var.xpoweredby}||Referrer-Policy:${var.refpolicy}||X-Frame-Options:${var.xfo_allow}", + ))}" + + links = ["${docker_container.mongorocks.name}"] + + env = [ + "WIKI_ADMIN_EMAIL=me@captnemo.in", + "SESSION_SECRET=${var.wiki_session_secret}", + ] +} diff --git a/main.tf b/main.tf index 4ef5466..ad566d2 100644 --- a/main.tf +++ b/main.tf @@ -62,6 +62,7 @@ module "monitoring" { gf-security-admin-password = "${var.gf-security-admin-password}" domain = "bb8.fun" transmission = "${module.docker.names-transmission}" + traefik-labels = "${var.traefik-common-labels}" } module "digitalocean" { diff --git a/monitoring/cadvisor.tf b/monitoring/cadvisor.tf index 9383f1c..c062b2b 100644 --- a/monitoring/cadvisor.tf +++ b/monitoring/cadvisor.tf @@ -36,17 +36,10 @@ resource "docker_container" "cadvisor" { container_path = "/var/run" } - labels { - "traefik.frontend.auth.basic" = "${var.basic_auth}" - "traefik.port" = 8080 - "traefik.enable" = "true" - "traefik.frontend.headers.SSLTemporaryRedirect" = "true" - "traefik.frontend.headers.STSSeconds" = "2592000" - "traefik.frontend.headers.STSIncludeSubdomains" = "false" - "traefik.frontend.headers.contentTypeNosniff" = "true" - "traefik.frontend.headers.browserXSSFilter" = "true" - "traefik.frontend.passHostHeader" = "true" - "traefik.frontend.headers.customFrameOptionsValue" = "ALLOW-FROM https://home.bb8.fun/" - "traefik.frontend.headers.customResponseHeaders" = "X-Powered-By:Allomancy||X-Server:Blackbox" - } + labels = "${merge( + var.traefik-labels, map( + "traefik.port", 8080, + "traefik.frontend.rule","Host:cadvisor.${var.domain}", + "traefik.frontend.auth.basic", "${var.basic_auth}" + ))}" } diff --git a/monitoring/main.tf b/monitoring/main.tf index 22b8600..eea6909 100644 --- a/monitoring/main.tf +++ b/monitoring/main.tf @@ -2,19 +2,11 @@ resource docker_container "grafana" { name = "grafana" image = "${docker_image.grafana.latest}" - labels { - # "traefik.frontend.auth.basic" = "${var.basic_auth}" - "traefik.port" = 3000 - "traefik.enable" = "true" - "traefik.frontend.headers.SSLTemporaryRedirect" = "true" - "traefik.frontend.headers.STSSeconds" = "2592000" - "traefik.frontend.headers.STSIncludeSubdomains" = "false" - "traefik.frontend.headers.contentTypeNosniff" = "true" - "traefik.frontend.headers.browserXSSFilter" = "true" - - # "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}" - # "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}" - } + labels = "${merge( + var.traefik-labels, map( + "traefik.port", 3000, + "traefik.frontend.rule","Host:grafana.${var.domain}" + ))}" volumes { host_path = "/mnt/xwing/data/grafana" diff --git a/monitoring/variables.tf b/monitoring/variables.tf index 5190320..b203384 100644 --- a/monitoring/variables.tf +++ b/monitoring/variables.tf @@ -25,3 +25,7 @@ variable "alert-slack-incoming-webhook" { variable "basic_auth" { default = "tatooine:$2y$05$iPbatint3Gulbs6kUtyALO9Yq5sBJ..aiF82bcIziH4ytz9nFoPr6" } + +variable "traefik-labels" { + type = "map" +}