diff --git a/main.tf b/main.tf index 14760dc..bb7f780 100644 --- a/main.tf +++ b/main.tf @@ -86,6 +86,16 @@ module "rss-bridge" { traefik-network-id = "${module.docker.traefik-network-id}" } +module "monicahq" { + source = "monicahq" + domain = "monica.bb8.fun" + db-password = "${var.monica-db-password}" + app-key = "${var.monica-app-key}" + hash-salt = "${var.monica-hash-salt}" + smtp-password = "${var.monica-smtp-password}" + traefik-labels = "${var.traefik-common-labels}" +} + module "requestbin" { source = "requestbin" domain = "requestbin.bb8.fun" diff --git a/monicahq/db.tf b/monicahq/db.tf new file mode 100644 index 0000000..72c499c --- /dev/null +++ b/monicahq/db.tf @@ -0,0 +1,16 @@ +resource "mysql_database" "monica" { + name = "monica" +} + +resource "mysql_user" "monica" { + user = "monica" + host = "%" + plaintext_password = "${var.db-password}" +} + +resource "mysql_grant" "monica" { + user = "${mysql_user.monica.user}" + host = "${mysql_user.monica.host}" + database = "${mysql_database.monica.name}" + privileges = ["ALL"] +} diff --git a/monicahq/main.tf b/monicahq/main.tf new file mode 100644 index 0000000..bbdc737 --- /dev/null +++ b/monicahq/main.tf @@ -0,0 +1,71 @@ +data "docker_registry_image" "monica" { + name = "monicahq/monicahq:latest" +} + +resource "docker_image" "monica" { + name = "${data.docker_registry_image.monica.name}" + pull_triggers = ["${data.docker_registry_image.monica.sha256_digest}"] +} + +resource "docker_container" "monica" { + name = "monica" + image = "${docker_image.monica.latest}" + + labels = "${merge( + var.traefik-labels, map( + "traefik.port", 80, + "traefik.frontend.rule","Host:${var.domain}" + ))}" + + links = ["mariadb"] + + env = [ + "APP_ENV=production", + "APP_DEBUG=false", + "APP_KEY=${var.app-key}", + "HASH_SALT=${var.hash-salt}", + "HASH_LENGTH=18", + "APP_URL=https://${var.domain}", + "DB_CONNECTION=mysql", + "DB_HOST=mariadb", + "DB_PORT=3306", + "DB_DATABASE=${mysql_database.monica.name}", + "DB_USERNAME=${mysql_user.monica.user}", + "DB_PASSWORD=${var.db-password}", + "DB_PREFIX=", + "MAIL_DRIVER=smtp", + "MAIL_HOST=smtp.mailgun.org", + "MAIL_PORT=587", + "MAIL_USERNAME=monica@captnemo.in", + "MAIL_PASSWORD=${var.smtp-password}", + "MAIL_ENCRYPTION=tls", + "MAIL_FROM_ADDRESS=monica@captnemo.in", + "MAIL_FROM_NAME=Nemo", + "APP_EMAIL_NEW_USERS_NOTIFICATION=monica@captnemo.in", + "APP_DEFAULT_TIMEZONE=Asia/Kolkata", + "APP_DEFAULT_LOCALE=en", + + # Ability to disable signups on your instance. + # Can be true or false. Default to false. + "APP_DISABLE_SIGNUP=true", + + "LOG_CHANNEL=single", + "SENTRY_SUPPORT=false", + "CHECK_VERSION=true", + "REQUIRES_SUBSCRIPTION=false", + + # cache redis is not yet documented + "CACHE_DRIVER=database", + + "SESSION_DRIVER=file", + "SESSION_LIFETIME=120", + "QUEUE_DRIVER=sync", + "DEFAULT_FILESYSTEM=public", + "2FA_ENABLED=true", + "ALLOW_STATISTICS_THROUGH_PUBLIC_API_ACCESS=false", + ] + + restart = "unless-stopped" + destroy_grace_seconds = 10 + must_run = true +} diff --git a/monicahq/variables.tf b/monicahq/variables.tf new file mode 100644 index 0000000..9a66f22 --- /dev/null +++ b/monicahq/variables.tf @@ -0,0 +1,12 @@ +variable "domain" { + type = "string" +} + +variable "db-password" {} +variable "app-key" {} +variable "hash-salt" {} +variable "smtp-password" {} + +variable "traefik-labels" { + type = "map" +} diff --git a/variables.tf b/variables.tf index 1493235..56fdae6 100644 --- a/variables.tf +++ b/variables.tf @@ -73,3 +73,8 @@ variable "timemachine-password-1" {} variable "opml-github-client-id" {} variable "opml-github-client-secret" {} variable "miniflux-db-password" {} + +variable "monica-db-password" {} +variable "monica-app-key" {} +variable "monica-hash-salt" {} +variable "monica-smtp-password" {}