Adds radicale

- hosted at radicale.bb8.fun - Auth using bcrypt
2017-12-31 16:38:57 +05:30 · 2017-12-31 16:38:57 +05:30 · 963401a0c0
parent e8c9e380ee
commit 963401a0c0
8 changed files with 120 additions and 5 deletions
--- a/docker/images.tf
+++ b/docker/images.tf
@ -45,6 +45,7 @@ resource "docker_image" "wikijs" {

 # Attempting to use mongorocks to work around reboot issue
 # Hoping that this will not face reboot-recovery issues
+# Wrote about this: https://captnemo.in/blog/2017/12/18/home-server-learnings/
 resource "docker_image" "mongorocks" {
  name          = "${data.docker_registry_image.mongorocks.name}"
  pull_triggers = ["${data.docker_registry_image.mongorocks.sha256_digest}"]
@ -66,6 +67,7 @@ resource "docker_image" "ubooquity" {
 }

 # Helps debug traefik reverse proxy headers
+# Highly recommended!
 resource "docker_image" "headerdebug" {
  name          = "${data.docker_registry_image.headerdebug.name}"
  pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
--- a/main.tf
+++ b/main.tf
@ -23,3 +23,8 @@ module "docker" {
  ips                 = "${var.ips}"
  domain              = "bb8.fun"
 }
+
+module "radicale" {
+  source = "radicale"
+  domain = "radicale.bb8.fun"
+}
--- a/mysql/main.tf
+++ b/mysql/main.tf
@ -3,15 +3,11 @@
 # Create a Database
 resource "mysql_database" "lychee" {
  name = "lychee"
-
-  lifecycle {
-    prevent_destroy = true
-  }
 }

 resource "mysql_user" "lychee" {
  user               = "lychee"
-  host               = "${var.lychee_ip}"
+  host               = "%"
  plaintext_password = "${var.mysql_lychee_password}"
 }

--- a/radicale/config
+++ b/radicale/config
@ -0,0 +1,32 @@
+# See radicale.org/configuration/
+[server]
+hosts = 0.0.0.0:5232
+
+# Max parallel connections
+max_connections = 10
+
+# Message displayed in the client when a password is needed
+realm = Authentication required
+
+[auth]
+
+# Authentication method
+# Value: none | htpasswd | remote_user | http_x_remote_user
+type = htpasswd
+htpasswd_filename = /config/users
+
+[storage]
+filesystem_folder = /data/collections
+
+[logging]
+
+# For more information about the syntax of the configuration file, see:
+# http://docs.python.org/library/logging.config.html
+# config = /config/logging
+
+
+[headers]
+
+# Additional HTTP headers
+X-Powered-By: Allomancy
+Server: Blackbox
--- a/radicale/logging.conf
+++ b/radicale/logging.conf
@ -0,0 +1,22 @@
+[loggers]
+keys = root
+
+[handlers]
+keys = file
+
+[formatters]
+keys = full
+
+[logger_root]
+# Change this to DEBUG or INFO for higher verbosity.
+level = WARNING
+handlers = file
+
+[handler_file]
+class = FileHandler
+# Specify the output file here.
+args = ('/var/log/radicale/log',)
+formatter = full
+
+[formatter_full]
+format = %(asctime)s - [%(thread)x] %(levelname)s: %(message)s
--- a/radicale/main.tf
+++ b/radicale/main.tf
@ -0,0 +1,54 @@
+data "docker_registry_image" "radicale" {
+  name = "tomsquest/docker-radicale:latest"
+}
+
+resource "docker_image" "radicale" {
+  name          = "${data.docker_registry_image.radicale.name}"
+  pull_triggers = ["${data.docker_registry_image.radicale.sha256_digest}"]
+}
+
+resource docker_container "radicale" {
+  name  = "radicale"
+  image = "${docker_image.radicale.latest}"
+
+  labels {
+    "traefik.port"                                  = 5232
+    "traefik.enable"                                = "true"
+    "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
+    "traefik.frontend.headers.STSSeconds"           = "2592000"
+    "traefik.frontend.headers.STSIncludeSubdomains" = "false"
+    "traefik.frontend.headers.contentTypeNosniff"   = "true"
+    "traefik.frontend.headers.browserXSSFilter"     = "true"
+    "traefik.frontend.passHostHeader"               = "true"
+    "traefik.frontend.rule"                         = "Host:${var.domain}"
+  }
+
+  volumes {
+    host_path      = "/mnt/xwing/data/radicale"
+    container_path = "/data"
+  }
+
+  volumes {
+    host_path      = "/mnt/xwing/config/radicale"
+    container_path = "/config"
+  }
+
+  upload {
+    content = "${file("${path.module}/config")}"
+    file    = "/config/config"
+  }
+
+  upload {
+    content = "${file("${path.module}/logging.conf")}"
+    file    = "/config/logging"
+  }
+
+  upload {
+    content = "${file("${path.module}/users")}"
+    file    = "/config/users"
+  }
+
+  restart               = "unless-stopped"
+  destroy_grace_seconds = 10
+  must_run              = true
+}
--- a/radicale/users
+++ b/radicale/users
@ -0,0 +1 @@
+nemo:$2y$05$vC1WTAuKn2xuDYZ6I3ucxuPnCrtZrVKzdDHSYhqCegi97RM/pdzXW
--- a/radicale/variables.tf
+++ b/radicale/variables.tf
@ -0,0 +1,3 @@
+variable "domain" {
+  type = "string"
+}
				`@ -0,0 +1 @@`
				`nemo:$2y$05$vC1WTAuKn2xuDYZ6I3ucxuPnCrtZrVKzdDHSYhqCegi97RM/pdzXW`