nemo
/
nebula
1
0
Fork 0
Code Issues 3 Pull Requests 0 Releases 1 Wiki Activity
Browse Source

General Updates

kaarana-wordpress
Nemo 1 year ago
parent
c066e62ee0
commit
b862c78ec9
13 changed files with 161 additions and 143 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +17
    -1
      cloudflare/main.tf
  2. +2
    -0
      cloudflare/variables.tf
  3. +7
    -1
      digitalocean/droplets.tf
  4. +2
    -0
      main.tf
  5. +48
    -39
      monitoring/cadvisor.tf
  6. +16
    -16
      monitoring/config/prometheus.yml
  7. +0
    -16
      monitoring/data.tf
  8. +20
    -11
      monitoring/grafana.tf
  9. +0
    -20
      monitoring/images.tf
  10. +0
    -1
      monitoring/main.tf
  11. +27
    -25
      monitoring/nodeexporter.tf
  12. +17
    -9
      monitoring/speedtest.tf
  13. +5
    -4
      variables.tf

+ 17
- 1
cloudflare/main.tf View File

@ -25,7 +25,7 @@ resource "cloudflare_record" "home-wildcard" {
resource "cloudflare_record" "internet" {
domain = "${var.domain}"
name = "@"
value = "${var.ips["static"]}"
value = "${var.droplet_ip}"
type = "A"
}
@ -37,6 +37,22 @@ resource "cloudflare_record" "internet-wildcard" {
ttl = 3600
}
resource "cloudflare_record" "dns" {
domain = "${var.domain}"
name = "dns"
value = "${var.ips["static"]}"
type = "A"
}
resource "cloudflare_record" "doh" {
domain = "${var.domain}"
name = "doh"
value = "${var.ips["static"]}"
type = "A"
}
// This ensures that _acme-challenge is not a CNAME
// alongside the above wildcard CNAME entry.
resource "cloudflare_record" "acme-no-cname-1" {
domain = "${var.domain}"
name = "_acme-challenge.${var.domain}"


+ 2
- 0
cloudflare/variables.tf View File

@ -5,3 +5,5 @@ variable "domain" {
variable "ips" {
type = "map"
}
variable "droplet_ip" {}

+ 7
- 1
digitalocean/droplets.tf View File

@ -2,11 +2,13 @@ resource "digitalocean_droplet" "sydney" {
image = ""
name = "sydney.captnemo.in"
region = "blr1"
size = "1gb"
size = "s-1vcpu-2gb"
ipv6 = true
private_networking = true
resize_disk = true
volume_ids = ["eae03502-9279-11e8-ab31-0242ac11470b"]
tags = [
"bangalore",
"proxy",
@ -14,3 +16,7 @@ resource "digitalocean_droplet" "sydney" {
"vpn",
]
}
output "droplet_ipv4" {
value = "${digitalocean_droplet.sydney.ipv4_address}"
}

+ 2
- 0
main.tf View File

@ -2,6 +2,8 @@ module "cloudflare" {
source = "cloudflare"
domain = "bb8.fun"
ips = "${var.ips}"
droplet_ip = "${module.digitalocean.droplet_ipv4}"
}
module "docker" {


+ 48
- 39
monitoring/cadvisor.tf View File

@ -1,47 +1,56 @@
resource "docker_container" "cadvisor" {
module "cadvisor" {
source = "../modules/container"
name = "cadvisor"
image = "${docker_image.cadvisor.latest}"
memory = 512
image = "google/cadvisor:latest"
resource {
memory = 512
memory_swap = 512
}
restart = "unless-stopped"
destroy_grace_seconds = 10
must_run = true
volumes {
host_path = "/sys"
container_path = "/sys"
read_only = true
}
volumes {
host_path = "/"
container_path = "/rootfs"
read_only = true
}
volumes {
host_path = "/var/lib/docker"
container_path = "/var/lib/docker"
read_only = true
volumes = [
{
host_path = "/sys"
container_path = "/sys"
read_only = true
},
{
host_path = "/"
container_path = "/rootfs"
read_only = true
},
{
host_path = "/var/lib/docker"
container_path = "/var/lib/docker"
read_only = true
},
{
host_path = "/dev/disk"
container_path = "/dev/disk"
read_only = true
},
{
host_path = "/var/run"
container_path = "/var/run"
},
]
networks_advanced = [
{
name = "traefik"
},
{
name = "monitoring"
},
]
web {
expose = true
port = 8080
auth = true
}
volumes {
host_path = "/dev/disk"
container_path = "/dev/disk"
read_only = true
}
volumes {
host_path = "/var/run"
container_path = "/var/run"
}
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 8080,
"traefik.frontend.rule","Host:cadvisor.${var.domain}",
"traefik.frontend.auth.basic", "${var.basic_auth}"
))}"
}

+ 16
- 16
monitoring/config/prometheus.yml View File

@ -1,44 +1,44 @@
global:
scrape_interval: 15s
external_labels:
monitor: 'docker-monitor'
monitor: "docker-monitor"
scrape_configs:
- job_name: 'prometheus'
- job_name: "prometheus"
static_configs:
- targets: ['localhost:9090']
- targets: ["localhost:9090"]
- job_name: 'node'
- job_name: "node"
scrape_interval: 5s
static_configs:
- targets: ['nodeexporter:9100']
- targets: ["nodeexporter:9100"]
- job_name: 'cadvisor'
- job_name: "cadvisor"
scrape_interval: 5s
static_configs:
- targets: ['cadvisor:8080']
- targets: ["cadvisor:8080"]
- job_name: 'speedtest'
- job_name: "speedtest"
scrape_interval: 15m
scrape_timeout: 2m
static_configs:
- targets: ['speedtest.docker:9696']
- targets: ["speedtest:9696"]
- job_name: 'docker'
- job_name: "docker"
scrape_interval: 5s
static_configs:
- targets: ['192.168.1.111:1337']
- targets: ["192.168.1.111:1337"]
- job_name: 'traefik'
- job_name: "traefik"
scrape_interval: 5s
static_configs:
- targets: ['192.168.1.111:1111']
- targets: ["192.168.1.111:1111"]
- job_name: 'act'
- job_name: "act"
scrape_interval: 15m
scrape_timeout: 1m
static_configs:
- targets: ['act-exporter.docker:3000']
- targets: ["act-exporter.docker:3000"]
rule_files:
- 'alert.rules'
- "alert.rules"

+ 0
- 16
monitoring/data.tf View File

@ -1,19 +1,3 @@
data "docker_registry_image" "grafana" {
name = "grafana/grafana:latest"
}
data "docker_registry_image" "prometheus" {
name = "prom/prometheus:latest"
}
data "docker_registry_image" "nodeexporter" {
name = "prom/node-exporter:latest"
}
data "docker_registry_image" "cadvisor" {
name = "google/cadvisor:latest"
}
data "docker_registry_image" "speedtest" {
name = "captn3m0/speedtest-exporter:alpine"
}

+ 20
- 11
monitoring/grafana.tf View File

@ -1,22 +1,31 @@
resource "docker_container" "grafana" {
name = "grafana"
image = "${docker_image.grafana.latest}"
# resource "docker_container" "grafana" {
module "grafana" {
name = "grafana"
source = "../modules/container"
image = "grafana/grafana:latest"
// grafana:grafana
user = "984:982"
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 3000,
"traefik.frontend.rule","Host:grafana.${var.domain}"
))}"
web {
port = 3000
host = "grafana.${var.domain}"
expose = true
}
volumes {
volumes = [{
host_path = "/mnt/xwing/data/grafana"
container_path = "/var/lib/grafana"
}
}]
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
networks_advanced = [
{
name = "traefik"
},
{
name = "monitoring"
},
]
env = [
"GF_SERVER_ROOT_URL=https://grafana.${var.domain}",


+ 0
- 20
monitoring/images.tf View File

@ -1,28 +1,8 @@
resource "docker_image" "grafana" {
name = "${data.docker_registry_image.grafana.name}"
pull_triggers = ["${data.docker_registry_image.grafana.sha256_digest}"]
}
resource "docker_image" "prometheus" {
name = "${data.docker_registry_image.prometheus.name}"
pull_triggers = ["${data.docker_registry_image.prometheus.sha256_digest}"]
}
resource "docker_image" "nodeexporter" {
name = "${data.docker_registry_image.nodeexporter.name}"
pull_triggers = ["${data.docker_registry_image.nodeexporter.sha256_digest}"]
}
resource "docker_image" "cadvisor" {
name = "${data.docker_registry_image.cadvisor.name}"
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
}
resource "docker_image" "speedtest" {
name = "${data.docker_registry_image.speedtest.name}"
pull_triggers = ["${data.docker_registry_image.speedtest.sha256_digest}"]
}
resource "docker_image" "act-exporter" {
name = "${data.docker_registry_image.act-exporter.name}"
pull_triggers = ["${data.docker_registry_image.act-exporter.sha256_digest}"]


+ 0
- 1
monitoring/main.tf View File

@ -1 +0,0 @@

+ 27
- 25
monitoring/nodeexporter.tf View File

@ -1,28 +1,28 @@
resource "docker_container" "nodeexporter" {
name = "nodeexporter"
image = "${docker_image.nodeexporter.latest}"
module "nodeexporter" {
name = "nodeexporter"
source = "../modules/container"
image = "prom/node-exporter:latest"
volumes {
host_path = "/proc"
container_path = "/host/proc"
}
volumes {
host_path = "/sys"
container_path = "/host/sys"
}
volumes {
host_path = "/"
container_path = "/rootfs"
read_only = true
}
volumes {
host_path = "/mnt/xwing"
container_path = "/host/mnt"
read_only = true
}
volumes = [
{
host_path = "/proc"
container_path = "/host/proc"
},
{
host_path = "/sys"
container_path = "/host/sys"
},
{
host_path = "/"
container_path = "/rootfs"
read_only = true
},
{
host_path = "/mnt/xwing"
container_path = "/host/mnt"
read_only = true
},
]
command = [
"--path.procfs=/host/proc",
@ -30,7 +30,9 @@ resource "docker_container" "nodeexporter" {
"--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"",
]
networks = ["${docker_network.monitoring.id}"]
networks = [
"${docker_network.monitoring.id}",
]
restart = "unless-stopped"
destroy_grace_seconds = 10


+ 17
- 9
monitoring/speedtest.tf View File

@ -1,17 +1,25 @@
# Transmission Exporter for speedtest results
# https://hub.docker.com/r/stefanwalther/speedtest-exporter/
# Built against Alpine: https://github.com/stefanwalther/speedtest-exporter/pull/7
resource "docker_container" "speedtest" {
name = "speedtest"
image = "${docker_image.speedtest.latest}"
networks_advanced {
name = "monitoring"
aliases = ["speedtest", "speedtest.docker"]
}
module "speedtest" {
name = "speedtest"
image = "captn3m0/speedtest-exporter:alpine"
source = "../modules/container"
networks_advanced = [
{
name = "monitoring"
aliases = ["speedtest", "speedtest.docker"]
},
{
name = "bridge"
},
]
networks_advanced {
name = "bridge"
resource {
memory = 256
memory_swap = 256
}
restart = "unless-stopped"


+ 5
- 4
variables.tf View File

@ -2,10 +2,11 @@ variable "ips" {
type = "map"
default = {
eth0 = "192.168.1.111"
tun0 = "10.8.0.14"
dovpn = "10.8.0.1"
static = "139.59.48.222"
eth0 = "192.168.1.111"
tun0 = "10.8.0.14"
dovpn = "10.8.0.1"
static = "139.59.48.222"
droplet = "139.59.22.234"
}
}


Write Preview
Loading…
Cancel
Save