From 6b04886ac9db18d11b33dff6a5c01499cb828281 Mon Sep 17 00:00:00 2001 From: Nemo Date: Tue, 26 Dec 2017 20:50:52 +0530 Subject: [PATCH] Start using variable IPs --- cloudflare/main.tf | 61 ++++++++++++++++++++++---------------- cloudflare/variables.tf | 4 +-- docker/conf/headphones.ini | 2 +- docker/db.tf | 2 +- docker/main.tf | 22 +++++++------- docker/traefik.tf | 12 ++++---- docker/variables.tf | 9 ++++-- main.tf | 6 ++-- variables.tf | 8 +++++ 9 files changed, 75 insertions(+), 51 deletions(-) diff --git a/cloudflare/main.tf b/cloudflare/main.tf index 660a000..fc80a9a 100644 --- a/cloudflare/main.tf +++ b/cloudflare/main.tf @@ -1,32 +1,25 @@ +/** + * in.bb8.fun + * *.in.bb8.fun + */ resource "cloudflare_record" "home-wildcard" { domain = "${var.domain}" name = "*.in" - value = "192.168.1.111" + value = "${var.ips["eth0"]}" type = "A" - ttl = 300 } resource "cloudflare_record" "home" { domain = "${var.domain}" name = "in" - value = "192.168.1.111" - type = "A" -} - -resource "cloudflare_record" "docker" { - domain = "${var.domain}" - name = "docker.in" - value = "10.8.0.14" - type = "A" -} - -resource "cloudflare_record" "debug" { - domain = "${var.domain}" - name = "debug.in" - value = "10.8.0.14" + value = "${var.ips["eth0"]}" type = "A" } +/** + * bb8.fun + * *.bb8.fun + */ resource "cloudflare_record" "internet" { domain = "${var.domain}" name = "@" @@ -41,6 +34,24 @@ resource "cloudflare_record" "internet-wildcard" { type = "CNAME" } +/** + * vpn.bb8.fun + * *.vpn.bb8.fun + */ +resource "cloudflare_record" "vpn" { + domain = "${var.domain}" + name = "vpn" + value = "${var.ips["tun0"]}" + type = "A" +} + +resource "cloudflare_record" "vpn_wildcard" { + domain = "${var.domain}" + name = "*.vpn.bb8.fun" + value = "${var.ips["tun0"]}" + type = "A" +} + ######################## ## Mailgun Mailing Lists ######################## @@ -60,17 +71,17 @@ resource "cloudflare_record" "mailgun-dkim" { } resource "cloudflare_record" "mailgun-mxa" { - domain = "${var.domain}" - name = "l" - value = "mxa.mailgun.org" - type = "MX" + domain = "${var.domain}" + name = "l" + value = "mxa.mailgun.org" + type = "MX" priority = 10 } resource "cloudflare_record" "mailgun-mxb" { - domain = "${var.domain}" - name = "l" - value = "mxb.mailgun.org" - type = "MX" + domain = "${var.domain}" + name = "l" + value = "mxb.mailgun.org" + type = "MX" priority = 20 } diff --git a/cloudflare/variables.tf b/cloudflare/variables.tf index 0b34642..acc4630 100644 --- a/cloudflare/variables.tf +++ b/cloudflare/variables.tf @@ -6,6 +6,6 @@ variable "proxy" { type = "string" } -variable "act_ip" { - type = "string" +variable "ips" { + type = "map" } diff --git a/docker/conf/headphones.ini b/docker/conf/headphones.ini index 9a1dc99..2d33aa1 100644 --- a/docker/conf/headphones.ini +++ b/docker/conf/headphones.ini @@ -151,7 +151,7 @@ piratebay_proxy_url = https://duckingproxy.eu/ mpc_enabled = 0 [XBMC] xbmc_username = "" -xbmc_host = http://192.168.1.111:8080 +xbmc_host = http://${var.ips["eth0"]}:8080 xbmc_enabled = 1 xbmc_update = 1 xbmc_password = "" diff --git a/docker/db.tf b/docker/db.tf index 0ee0496..b1b39ec 100644 --- a/docker/db.tf +++ b/docker/db.tf @@ -33,7 +33,7 @@ resource "docker_container" "mariadb" { ports { internal = 3306 external = 3306 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" } memory = 512 diff --git a/docker/main.tf b/docker/main.tf index 1df018a..1cf7b84 100644 --- a/docker/main.tf +++ b/docker/main.tf @@ -18,7 +18,7 @@ resource docker_container "transmission" { ports { internal = 51413 external = 51413 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" protocol = "udp" } @@ -74,13 +74,13 @@ resource docker_container "gitea" { ports { internal = 22 external = 2222 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" } ports { internal = 22 external = 2222 - ip = "10.8.0.14" + ip = "${var.ips["tun0"]}" } volumes { @@ -110,7 +110,7 @@ resource "docker_container" "emby" { } labels { - "traefik.frontend.rule" = "Host:emby.in.bb8.fun,emby.bb8.fun" + "traefik.frontend.rule" = "Host:emby.in.${var.domain},emby.${var.domain}" "traefik.frontend.passHostHeader" = "true" "traefik.frontend.auth.basic" = "${var.basic_auth}" "traefik.port" = 8096 @@ -217,7 +217,7 @@ resource "docker_container" "airsonic" { } labels { - "traefik.frontend.rule" = "Host:airsonic.in.bb8.fun,airsonic.bb8.fun" + "traefik.frontend.rule" = "Host:airsonic.in.${var.domain},airsonic.${var.domain}" "traefik.frontend.passHostHeader" = "true" "traefik.port" = 4040 "traefik.enable" = "true" @@ -240,7 +240,7 @@ resource "docker_container" "headerdebug" { memory = 16 labels { - "traefik.frontend.rule" = "Host:debug.in.bb8.fun" + "traefik.frontend.rule" = "Host:debug.in.${var.domain}" "traefik.frontend.passHostHeader" = "true" "traefik.port" = 8080 "traefik.enable" = "true" @@ -380,11 +380,11 @@ resource "docker_container" "ubooquity" { "traefik.enable" = "true" "traefik.admin.port" = 2203 - "traefik.admin.frontend.rule" = "Host:library.bb8.fun" + "traefik.admin.frontend.rule" = "Host:library.${var.domain}" "traefik.admin.frontend.auth.basic" = "${var.basic_auth}" "traefik.read.port" = 2202 - "traefik.read.frontend.rule" = "Host:read.bb8.fun" + "traefik.read.frontend.rule" = "Host:read.${var.domain}" "traefik.read.frontend.headers.SSLTemporaryRedirect" = "true" "traefik.read.frontend.headers.STSSeconds" = "2592000" @@ -438,7 +438,7 @@ resource "docker_container" "wiki" { } labels { - "traefik.frontend.rule" = "Host:wiki.bb8.fun" + "traefik.frontend.rule" = "Host:wiki.${var.domain}" "traefik.frontend.passHostHeader" = "true" "traefik.port" = 9999 "traefik.enable" = "true" @@ -471,7 +471,7 @@ resource "docker_container" "muximux" { } labels { - "traefik.frontend.rule" = "Host:home.in.bb8.fun,home.bb8.fun" + "traefik.frontend.rule" = "Host:home.in.${var.domain},home.${var.domain}" "traefik.frontend.passHostHeader" = "false" "traefik.frontend.auth.basic" = "${var.basic_auth}" "traefik.port" = 80 @@ -532,7 +532,7 @@ resource "docker_container" "cadvisor" { } labels { - "traefik.frontend.rule" = "Host:cadvisor.bb8.fun" + "traefik.frontend.rule" = "Host:cadvisor.${var.domain}" "traefik.frontend.auth.basic" = "${var.basic_auth}" "traefik.port" = 8080 "traefik.enable" = "true" diff --git a/docker/traefik.tf b/docker/traefik.tf index fc0ae70..290889c 100644 --- a/docker/traefik.tf +++ b/docker/traefik.tf @@ -6,41 +6,41 @@ resource "docker_container" "traefik" { ports { internal = 1111 external = 1111 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" } # Local Web Server ports { internal = 80 external = 8888 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" } # Local Web Server ports { internal = 80 external = 80 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" } # Local Web Server (HTTPS) ports { internal = 443 external = 443 - ip = "192.168.1.111" + ip = "${var.ips["eth0"]}" } # Proxied via sydney.captnemo.in ports { internal = 443 external = 443 - ip = "10.8.0.14" + ip = "${var.ips["tun0"]}" } ports { internal = 80 external = 80 - ip = "10.8.0.14" + ip = "${var.ips["tun0"]}" } upload { diff --git a/docker/variables.tf b/docker/variables.tf index 09741ec..8452238 100644 --- a/docker/variables.tf +++ b/docker/variables.tf @@ -46,7 +46,10 @@ variable "wiki_session_secret" { type = "string" } -variable "ips" { - eth0 = "192.168.1.111" - tun0 = "10.8.0.14" +variable "domain" { + type = "string" +} + +variable "ips" { + type = "map" } diff --git a/main.tf b/main.tf index 62a4b2a..5e03819 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,5 @@ provider "docker" { - host = "tcp://docker.in.bb8.fun:2376" + host = "tcp://docker.vpn.bb8.fun:2376" cert_path = "./secrets" } @@ -12,7 +12,7 @@ module "cloudflare" { source = "cloudflare" domain = "bb8.fun" proxy = "sydney.captnemo.in" - act_ip = "10.242.36.126" + ips = "${var.ips}" } module "mysql" { @@ -28,4 +28,6 @@ module "docker" { cloudflare_key = "${var.cloudflare_key}" cloudflare_email = "bb8@captnemo.in" wiki_session_secret = "${var.wiki_session_secret}" + ips = "${var.ips}" + domain = "bb8.fun" } diff --git a/variables.tf b/variables.tf index 573769b..7128d73 100644 --- a/variables.tf +++ b/variables.tf @@ -18,3 +18,11 @@ variable "mysql_root_password" { variable "wiki_session_secret" { type = "string" } + +variable "ips" { + type = "map" + default = { + eth0 = "192.168.1.111" + tun0 = "10.8.0.14" + } +}