Work on proxying content via sydney
- cloudflare + LE - traefik now has ingress on 443 - basic auth added for now
This commit is contained in:
parent
b64aa08c69
commit
62ee3b47f2
|
@ -0,0 +1,9 @@
|
||||||
|
root = true
|
||||||
|
|
||||||
|
[*]
|
||||||
|
indent_style = space
|
||||||
|
indent_size = 2
|
||||||
|
end_of_line = lf
|
||||||
|
charset = utf-8
|
||||||
|
trim_trailing_whitespace = true
|
||||||
|
insert_final_newline = true
|
|
@ -1,7 +1,8 @@
|
||||||
env.sh
|
*.tfvars
|
||||||
|
.terraform.tfstate.lock.info
|
||||||
.terraform
|
.terraform
|
||||||
*.tfstate
|
*.tfstate
|
||||||
*.tfstate.backup
|
*.tfstate.backup
|
||||||
*.out
|
*.out
|
||||||
*.backup
|
*.backup
|
||||||
secrets
|
secrets
|
||||||
|
|
|
@ -1,6 +1,58 @@
|
||||||
|
defaultEntryPoints = ["http", "https"]
|
||||||
|
[entryPoints]
|
||||||
|
[entryPoints.http]
|
||||||
|
address = ":80"
|
||||||
|
[entryPoints.http.auth.basic]
|
||||||
|
users = ["tatooine:$2y$05$ZK3.EVeaBi.IQAzZbmchiuaI6mhdDktnoLsQ8iI0K2727OjLDMLFO"]
|
||||||
|
[entryPoints.https]
|
||||||
|
address = ":443"
|
||||||
|
# This is required for ACME support
|
||||||
|
[entryPoints.https.tls]
|
||||||
|
|
||||||
|
[file]
|
||||||
|
[backends]
|
||||||
|
|
||||||
|
[backends.ebooks]
|
||||||
|
[backends.ebooks.servers.default]
|
||||||
|
url = "http://192.168.1.111:2202"
|
||||||
|
|
||||||
|
[backends.elibsrv]
|
||||||
|
[backends.elibsrv.servers.default]
|
||||||
|
url = "http://elibsrv.captnemo.in:90"
|
||||||
|
|
||||||
|
[backends.scan]
|
||||||
|
[backends.scan.servers.default]
|
||||||
|
url = "http://scan.in.bb8.fun:90"
|
||||||
|
|
||||||
|
[frontends]
|
||||||
|
|
||||||
|
[frontends.ebooks]
|
||||||
|
backend = "ebooks"
|
||||||
|
[frontends.ebooks.routes.domain]
|
||||||
|
rule = "Host:ebooks.in.bb8.fun,ebooks.bb8.fun"
|
||||||
|
|
||||||
|
[frontends.scan]
|
||||||
|
backend = "scan"
|
||||||
|
[frontends.scan.routes.domain]
|
||||||
|
rule = "Host:scan.bb8.fun"
|
||||||
|
|
||||||
[web]
|
[web]
|
||||||
address = ":1111"
|
address = ":1111"
|
||||||
[docker]
|
readOnly = true
|
||||||
domain = "in.bb8.fun,bb8.fun"
|
|
||||||
watch = true
|
[acme]
|
||||||
exposedbydefault = false
|
|
||||||
|
email = "acme@captnemo.in"
|
||||||
|
storage = "/acme/acme.json"
|
||||||
|
entryPoint = "https"
|
||||||
|
dnsProvider = "cloudflare"
|
||||||
|
onHostRule = true
|
||||||
|
# Waiting till december to get wildcard SSL on LE
|
||||||
|
# [[acme.domains]]
|
||||||
|
# main = "bb8.fun"
|
||||||
|
# sans = ["*.bb8.fun"]
|
||||||
|
|
||||||
|
# [docker]
|
||||||
|
# domain = "in.bb8.fun,bb8.fun"
|
||||||
|
# watch = true
|
||||||
|
# exposedbydefault = false
|
||||||
|
|
|
@ -55,4 +55,4 @@ data "docker_registry_image" "headphones" {
|
||||||
|
|
||||||
data "docker_registry_image" "muximux" {
|
data "docker_registry_image" "muximux" {
|
||||||
name = "linuxserver/muximux:latest"
|
name = "linuxserver/muximux:latest"
|
||||||
}
|
}
|
||||||
|
|
|
@ -219,21 +219,37 @@ resource "docker_container" "traefik" {
|
||||||
name = "traefik"
|
name = "traefik"
|
||||||
image = "${docker_image.traefik.latest}"
|
image = "${docker_image.traefik.latest}"
|
||||||
|
|
||||||
|
# Admin Backend
|
||||||
ports {
|
ports {
|
||||||
internal = 1111
|
internal = 1111
|
||||||
external = 1111
|
external = 1111
|
||||||
ip = "192.168.1.111"
|
ip = "192.168.1.111"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Local Web Server
|
||||||
ports {
|
ports {
|
||||||
internal = 80
|
internal = 80
|
||||||
external = 8888
|
external = 8888
|
||||||
ip = "192.168.1.111"
|
ip = "192.168.1.111"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Local Web Server (HTTPS)
|
||||||
|
ports {
|
||||||
|
internal = 443
|
||||||
|
external = 443
|
||||||
|
ip = "192.168.1.111"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Proxied via sydney.captnemo.in
|
||||||
|
ports {
|
||||||
|
internal = 443
|
||||||
|
external = 443
|
||||||
|
ip = "10.8.0.14"
|
||||||
|
}
|
||||||
|
|
||||||
ports {
|
ports {
|
||||||
internal = 80
|
internal = 80
|
||||||
external = 8888
|
external = 80
|
||||||
ip = "10.8.0.14"
|
ip = "10.8.0.14"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -247,10 +263,20 @@ resource "docker_container" "traefik" {
|
||||||
container_path = "/var/run/docker.sock"
|
container_path = "/var/run/docker.sock"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/config/acme"
|
||||||
|
container_path = "/acme"
|
||||||
|
}
|
||||||
|
|
||||||
memory = 256
|
memory = 256
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
must_run = true
|
must_run = true
|
||||||
|
|
||||||
|
env = [
|
||||||
|
"CLOUDFLARE_EMAIL=${var.cloudflare_email}",
|
||||||
|
"CLOUDFLARE_API_KEY=${var.cloudflare_key}"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -415,7 +441,7 @@ resource "docker_container" "mongo" {
|
||||||
resource "docker_container" "muximux" {
|
resource "docker_container" "muximux" {
|
||||||
name = "muximux"
|
name = "muximux"
|
||||||
image = "${docker_image.muximux.latest}"
|
image = "${docker_image.muximux.latest}"
|
||||||
|
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
must_run = true
|
must_run = true
|
||||||
|
@ -437,4 +463,4 @@ resource "docker_container" "muximux" {
|
||||||
"PGID=1003",
|
"PGID=1003",
|
||||||
"TZ=Asia/Kolkata",
|
"TZ=Asia/Kolkata",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,4 +8,14 @@ variable "web_password" {
|
||||||
|
|
||||||
variable "mysql_root_password" {
|
variable "mysql_root_password" {
|
||||||
type = "string"
|
type = "string"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "cloudflare_key" {
|
||||||
|
type = "string"
|
||||||
|
description = "cloudflare API Key"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "cloudflare_email" {
|
||||||
|
type = "string"
|
||||||
|
description = "cloudflare email address"
|
||||||
|
}
|
||||||
|
|
2
main.tf
2
main.tf
|
@ -24,4 +24,6 @@ module "docker" {
|
||||||
web_username = "${var.web_username}"
|
web_username = "${var.web_username}"
|
||||||
web_password = "${var.web_password}"
|
web_password = "${var.web_password}"
|
||||||
mysql_root_password = "${var.mysql_root_password}"
|
mysql_root_password = "${var.mysql_root_password}"
|
||||||
|
cloudflare_key = "${var.cloudflare_key}"
|
||||||
|
cloudflare_email = "bb8@captnemo.in"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue