Work on proxying content via sydney
- cloudflare + LE - traefik now has ingress on 443 - basic auth added for nowpull/6/head
parent
b64aa08c69
commit
62ee3b47f2
|
@ -0,0 +1,9 @@
|
|||
root = true
|
||||
|
||||
[*]
|
||||
indent_style = space
|
||||
indent_size = 2
|
||||
end_of_line = lf
|
||||
charset = utf-8
|
||||
trim_trailing_whitespace = true
|
||||
insert_final_newline = true
|
|
@ -1,7 +1,8 @@
|
|||
env.sh
|
||||
*.tfvars
|
||||
.terraform.tfstate.lock.info
|
||||
.terraform
|
||||
*.tfstate
|
||||
*.tfstate.backup
|
||||
*.out
|
||||
*.backup
|
||||
secrets
|
||||
secrets
|
||||
|
|
|
@ -1,6 +1,58 @@
|
|||
defaultEntryPoints = ["http", "https"]
|
||||
[entryPoints]
|
||||
[entryPoints.http]
|
||||
address = ":80"
|
||||
[entryPoints.http.auth.basic]
|
||||
users = ["tatooine:$2y$05$ZK3.EVeaBi.IQAzZbmchiuaI6mhdDktnoLsQ8iI0K2727OjLDMLFO"]
|
||||
[entryPoints.https]
|
||||
address = ":443"
|
||||
# This is required for ACME support
|
||||
[entryPoints.https.tls]
|
||||
|
||||
[file]
|
||||
[backends]
|
||||
|
||||
[backends.ebooks]
|
||||
[backends.ebooks.servers.default]
|
||||
url = "http://192.168.1.111:2202"
|
||||
|
||||
[backends.elibsrv]
|
||||
[backends.elibsrv.servers.default]
|
||||
url = "http://elibsrv.captnemo.in:90"
|
||||
|
||||
[backends.scan]
|
||||
[backends.scan.servers.default]
|
||||
url = "http://scan.in.bb8.fun:90"
|
||||
|
||||
[frontends]
|
||||
|
||||
[frontends.ebooks]
|
||||
backend = "ebooks"
|
||||
[frontends.ebooks.routes.domain]
|
||||
rule = "Host:ebooks.in.bb8.fun,ebooks.bb8.fun"
|
||||
|
||||
[frontends.scan]
|
||||
backend = "scan"
|
||||
[frontends.scan.routes.domain]
|
||||
rule = "Host:scan.bb8.fun"
|
||||
|
||||
[web]
|
||||
address = ":1111"
|
||||
[docker]
|
||||
domain = "in.bb8.fun,bb8.fun"
|
||||
watch = true
|
||||
exposedbydefault = false
|
||||
address = ":1111"
|
||||
readOnly = true
|
||||
|
||||
[acme]
|
||||
|
||||
email = "acme@captnemo.in"
|
||||
storage = "/acme/acme.json"
|
||||
entryPoint = "https"
|
||||
dnsProvider = "cloudflare"
|
||||
onHostRule = true
|
||||
# Waiting till december to get wildcard SSL on LE
|
||||
# [[acme.domains]]
|
||||
# main = "bb8.fun"
|
||||
# sans = ["*.bb8.fun"]
|
||||
|
||||
# [docker]
|
||||
# domain = "in.bb8.fun,bb8.fun"
|
||||
# watch = true
|
||||
# exposedbydefault = false
|
||||
|
|
|
@ -55,4 +55,4 @@ data "docker_registry_image" "headphones" {
|
|||
|
||||
data "docker_registry_image" "muximux" {
|
||||
name = "linuxserver/muximux:latest"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -219,21 +219,37 @@ resource "docker_container" "traefik" {
|
|||
name = "traefik"
|
||||
image = "${docker_image.traefik.latest}"
|
||||
|
||||
# Admin Backend
|
||||
ports {
|
||||
internal = 1111
|
||||
external = 1111
|
||||
ip = "192.168.1.111"
|
||||
}
|
||||
|
||||
# Local Web Server
|
||||
ports {
|
||||
internal = 80
|
||||
external = 8888
|
||||
ip = "192.168.1.111"
|
||||
}
|
||||
|
||||
# Local Web Server (HTTPS)
|
||||
ports {
|
||||
internal = 443
|
||||
external = 443
|
||||
ip = "192.168.1.111"
|
||||
}
|
||||
|
||||
# Proxied via sydney.captnemo.in
|
||||
ports {
|
||||
internal = 443
|
||||
external = 443
|
||||
ip = "10.8.0.14"
|
||||
}
|
||||
|
||||
ports {
|
||||
internal = 80
|
||||
external = 8888
|
||||
external = 80
|
||||
ip = "10.8.0.14"
|
||||
}
|
||||
|
||||
|
@ -247,10 +263,20 @@ resource "docker_container" "traefik" {
|
|||
container_path = "/var/run/docker.sock"
|
||||
}
|
||||
|
||||
volumes {
|
||||
host_path = "/mnt/xwing/config/acme"
|
||||
container_path = "/acme"
|
||||
}
|
||||
|
||||
memory = 256
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
must_run = true
|
||||
|
||||
env = [
|
||||
"CLOUDFLARE_EMAIL=${var.cloudflare_email}",
|
||||
"CLOUDFLARE_API_KEY=${var.cloudflare_key}"
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
|
@ -415,7 +441,7 @@ resource "docker_container" "mongo" {
|
|||
resource "docker_container" "muximux" {
|
||||
name = "muximux"
|
||||
image = "${docker_image.muximux.latest}"
|
||||
|
||||
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
must_run = true
|
||||
|
@ -437,4 +463,4 @@ resource "docker_container" "muximux" {
|
|||
"PGID=1003",
|
||||
"TZ=Asia/Kolkata",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,4 +8,14 @@ variable "web_password" {
|
|||
|
||||
variable "mysql_root_password" {
|
||||
type = "string"
|
||||
}
|
||||
}
|
||||
|
||||
variable "cloudflare_key" {
|
||||
type = "string"
|
||||
description = "cloudflare API Key"
|
||||
}
|
||||
|
||||
variable "cloudflare_email" {
|
||||
type = "string"
|
||||
description = "cloudflare email address"
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue