Adds radicale
- hosted at radicale.bb8.fun - Auth using bcrypt
This commit is contained in:
parent
e8c9e380ee
commit
963401a0c0
|
@ -45,6 +45,7 @@ resource "docker_image" "wikijs" {
|
||||||
|
|
||||||
# Attempting to use mongorocks to work around reboot issue
|
# Attempting to use mongorocks to work around reboot issue
|
||||||
# Hoping that this will not face reboot-recovery issues
|
# Hoping that this will not face reboot-recovery issues
|
||||||
|
# Wrote about this: https://captnemo.in/blog/2017/12/18/home-server-learnings/
|
||||||
resource "docker_image" "mongorocks" {
|
resource "docker_image" "mongorocks" {
|
||||||
name = "${data.docker_registry_image.mongorocks.name}"
|
name = "${data.docker_registry_image.mongorocks.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.mongorocks.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.mongorocks.sha256_digest}"]
|
||||||
|
@ -66,6 +67,7 @@ resource "docker_image" "ubooquity" {
|
||||||
}
|
}
|
||||||
|
|
||||||
# Helps debug traefik reverse proxy headers
|
# Helps debug traefik reverse proxy headers
|
||||||
|
# Highly recommended!
|
||||||
resource "docker_image" "headerdebug" {
|
resource "docker_image" "headerdebug" {
|
||||||
name = "${data.docker_registry_image.headerdebug.name}"
|
name = "${data.docker_registry_image.headerdebug.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
|
||||||
|
|
5
main.tf
5
main.tf
|
@ -23,3 +23,8 @@ module "docker" {
|
||||||
ips = "${var.ips}"
|
ips = "${var.ips}"
|
||||||
domain = "bb8.fun"
|
domain = "bb8.fun"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
module "radicale" {
|
||||||
|
source = "radicale"
|
||||||
|
domain = "radicale.bb8.fun"
|
||||||
|
}
|
||||||
|
|
|
@ -3,15 +3,11 @@
|
||||||
# Create a Database
|
# Create a Database
|
||||||
resource "mysql_database" "lychee" {
|
resource "mysql_database" "lychee" {
|
||||||
name = "lychee"
|
name = "lychee"
|
||||||
|
|
||||||
lifecycle {
|
|
||||||
prevent_destroy = true
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "mysql_user" "lychee" {
|
resource "mysql_user" "lychee" {
|
||||||
user = "lychee"
|
user = "lychee"
|
||||||
host = "${var.lychee_ip}"
|
host = "%"
|
||||||
plaintext_password = "${var.mysql_lychee_password}"
|
plaintext_password = "${var.mysql_lychee_password}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
# See radicale.org/configuration/
|
||||||
|
[server]
|
||||||
|
hosts = 0.0.0.0:5232
|
||||||
|
|
||||||
|
# Max parallel connections
|
||||||
|
max_connections = 10
|
||||||
|
|
||||||
|
# Message displayed in the client when a password is needed
|
||||||
|
realm = Authentication required
|
||||||
|
|
||||||
|
[auth]
|
||||||
|
|
||||||
|
# Authentication method
|
||||||
|
# Value: none | htpasswd | remote_user | http_x_remote_user
|
||||||
|
type = htpasswd
|
||||||
|
htpasswd_filename = /config/users
|
||||||
|
|
||||||
|
[storage]
|
||||||
|
filesystem_folder = /data/collections
|
||||||
|
|
||||||
|
[logging]
|
||||||
|
|
||||||
|
# For more information about the syntax of the configuration file, see:
|
||||||
|
# http://docs.python.org/library/logging.config.html
|
||||||
|
# config = /config/logging
|
||||||
|
|
||||||
|
|
||||||
|
[headers]
|
||||||
|
|
||||||
|
# Additional HTTP headers
|
||||||
|
X-Powered-By: Allomancy
|
||||||
|
Server: Blackbox
|
|
@ -0,0 +1,22 @@
|
||||||
|
[loggers]
|
||||||
|
keys = root
|
||||||
|
|
||||||
|
[handlers]
|
||||||
|
keys = file
|
||||||
|
|
||||||
|
[formatters]
|
||||||
|
keys = full
|
||||||
|
|
||||||
|
[logger_root]
|
||||||
|
# Change this to DEBUG or INFO for higher verbosity.
|
||||||
|
level = WARNING
|
||||||
|
handlers = file
|
||||||
|
|
||||||
|
[handler_file]
|
||||||
|
class = FileHandler
|
||||||
|
# Specify the output file here.
|
||||||
|
args = ('/var/log/radicale/log',)
|
||||||
|
formatter = full
|
||||||
|
|
||||||
|
[formatter_full]
|
||||||
|
format = %(asctime)s - [%(thread)x] %(levelname)s: %(message)s
|
|
@ -0,0 +1,54 @@
|
||||||
|
data "docker_registry_image" "radicale" {
|
||||||
|
name = "tomsquest/docker-radicale:latest"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "docker_image" "radicale" {
|
||||||
|
name = "${data.docker_registry_image.radicale.name}"
|
||||||
|
pull_triggers = ["${data.docker_registry_image.radicale.sha256_digest}"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource docker_container "radicale" {
|
||||||
|
name = "radicale"
|
||||||
|
image = "${docker_image.radicale.latest}"
|
||||||
|
|
||||||
|
labels {
|
||||||
|
"traefik.port" = 5232
|
||||||
|
"traefik.enable" = "true"
|
||||||
|
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
|
||||||
|
"traefik.frontend.headers.STSSeconds" = "2592000"
|
||||||
|
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
|
||||||
|
"traefik.frontend.headers.contentTypeNosniff" = "true"
|
||||||
|
"traefik.frontend.headers.browserXSSFilter" = "true"
|
||||||
|
"traefik.frontend.passHostHeader" = "true"
|
||||||
|
"traefik.frontend.rule" = "Host:${var.domain}"
|
||||||
|
}
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/data/radicale"
|
||||||
|
container_path = "/data"
|
||||||
|
}
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/config/radicale"
|
||||||
|
container_path = "/config"
|
||||||
|
}
|
||||||
|
|
||||||
|
upload {
|
||||||
|
content = "${file("${path.module}/config")}"
|
||||||
|
file = "/config/config"
|
||||||
|
}
|
||||||
|
|
||||||
|
upload {
|
||||||
|
content = "${file("${path.module}/logging.conf")}"
|
||||||
|
file = "/config/logging"
|
||||||
|
}
|
||||||
|
|
||||||
|
upload {
|
||||||
|
content = "${file("${path.module}/users")}"
|
||||||
|
file = "/config/users"
|
||||||
|
}
|
||||||
|
|
||||||
|
restart = "unless-stopped"
|
||||||
|
destroy_grace_seconds = 10
|
||||||
|
must_run = true
|
||||||
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
nemo:$2y$05$vC1WTAuKn2xuDYZ6I3ucxuPnCrtZrVKzdDHSYhqCegi97RM/pdzXW
|
|
@ -0,0 +1,3 @@
|
||||||
|
variable "domain" {
|
||||||
|
type = "string"
|
||||||
|
}
|
Loading…
Reference in New Issue