General Updates
This commit is contained in:
parent
c066e62ee0
commit
b862c78ec9
|
@ -25,7 +25,7 @@ resource "cloudflare_record" "home-wildcard" {
|
||||||
resource "cloudflare_record" "internet" {
|
resource "cloudflare_record" "internet" {
|
||||||
domain = "${var.domain}"
|
domain = "${var.domain}"
|
||||||
name = "@"
|
name = "@"
|
||||||
value = "${var.ips["static"]}"
|
value = "${var.droplet_ip}"
|
||||||
type = "A"
|
type = "A"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -37,6 +37,22 @@ resource "cloudflare_record" "internet-wildcard" {
|
||||||
ttl = 3600
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "dns" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "dns"
|
||||||
|
value = "${var.ips["static"]}"
|
||||||
|
type = "A"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "doh" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "doh"
|
||||||
|
value = "${var.ips["static"]}"
|
||||||
|
type = "A"
|
||||||
|
}
|
||||||
|
|
||||||
|
// This ensures that _acme-challenge is not a CNAME
|
||||||
|
// alongside the above wildcard CNAME entry.
|
||||||
resource "cloudflare_record" "acme-no-cname-1" {
|
resource "cloudflare_record" "acme-no-cname-1" {
|
||||||
domain = "${var.domain}"
|
domain = "${var.domain}"
|
||||||
name = "_acme-challenge.${var.domain}"
|
name = "_acme-challenge.${var.domain}"
|
||||||
|
|
|
@ -5,3 +5,5 @@ variable "domain" {
|
||||||
variable "ips" {
|
variable "ips" {
|
||||||
type = "map"
|
type = "map"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "droplet_ip" {}
|
||||||
|
|
|
@ -2,11 +2,13 @@ resource "digitalocean_droplet" "sydney" {
|
||||||
image = ""
|
image = ""
|
||||||
name = "sydney.captnemo.in"
|
name = "sydney.captnemo.in"
|
||||||
region = "blr1"
|
region = "blr1"
|
||||||
size = "1gb"
|
size = "s-1vcpu-2gb"
|
||||||
ipv6 = true
|
ipv6 = true
|
||||||
private_networking = true
|
private_networking = true
|
||||||
resize_disk = true
|
resize_disk = true
|
||||||
|
|
||||||
|
volume_ids = ["eae03502-9279-11e8-ab31-0242ac11470b"]
|
||||||
|
|
||||||
tags = [
|
tags = [
|
||||||
"bangalore",
|
"bangalore",
|
||||||
"proxy",
|
"proxy",
|
||||||
|
@ -14,3 +16,7 @@ resource "digitalocean_droplet" "sydney" {
|
||||||
"vpn",
|
"vpn",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
output "droplet_ipv4" {
|
||||||
|
value = "${digitalocean_droplet.sydney.ipv4_address}"
|
||||||
|
}
|
||||||
|
|
2
main.tf
2
main.tf
|
@ -2,6 +2,8 @@ module "cloudflare" {
|
||||||
source = "cloudflare"
|
source = "cloudflare"
|
||||||
domain = "bb8.fun"
|
domain = "bb8.fun"
|
||||||
ips = "${var.ips}"
|
ips = "${var.ips}"
|
||||||
|
|
||||||
|
droplet_ip = "${module.digitalocean.droplet_ipv4}"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "docker" {
|
module "docker" {
|
||||||
|
|
|
@ -1,47 +1,56 @@
|
||||||
resource "docker_container" "cadvisor" {
|
module "cadvisor" {
|
||||||
|
source = "../modules/container"
|
||||||
name = "cadvisor"
|
name = "cadvisor"
|
||||||
image = "${docker_image.cadvisor.latest}"
|
image = "google/cadvisor:latest"
|
||||||
memory = 512
|
|
||||||
|
resource {
|
||||||
|
memory = 512
|
||||||
|
memory_swap = 512
|
||||||
|
}
|
||||||
|
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
must_run = true
|
must_run = true
|
||||||
|
|
||||||
volumes {
|
volumes = [
|
||||||
host_path = "/sys"
|
{
|
||||||
container_path = "/sys"
|
host_path = "/sys"
|
||||||
read_only = true
|
container_path = "/sys"
|
||||||
|
read_only = true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "/"
|
||||||
|
container_path = "/rootfs"
|
||||||
|
read_only = true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "/var/lib/docker"
|
||||||
|
container_path = "/var/lib/docker"
|
||||||
|
read_only = true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "/dev/disk"
|
||||||
|
container_path = "/dev/disk"
|
||||||
|
read_only = true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "/var/run"
|
||||||
|
container_path = "/var/run"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
networks_advanced = [
|
||||||
|
{
|
||||||
|
name = "traefik"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name = "monitoring"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
web {
|
||||||
|
expose = true
|
||||||
|
port = 8080
|
||||||
|
auth = true
|
||||||
}
|
}
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/"
|
|
||||||
container_path = "/rootfs"
|
|
||||||
read_only = true
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/var/lib/docker"
|
|
||||||
container_path = "/var/lib/docker"
|
|
||||||
read_only = true
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/dev/disk"
|
|
||||||
container_path = "/dev/disk"
|
|
||||||
read_only = true
|
|
||||||
}
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/var/run"
|
|
||||||
container_path = "/var/run"
|
|
||||||
}
|
|
||||||
|
|
||||||
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
|
|
||||||
|
|
||||||
labels = "${merge(
|
|
||||||
var.traefik-labels, map(
|
|
||||||
"traefik.port", 8080,
|
|
||||||
"traefik.frontend.rule","Host:cadvisor.${var.domain}",
|
|
||||||
"traefik.frontend.auth.basic", "${var.basic_auth}"
|
|
||||||
))}"
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,44 +1,44 @@
|
||||||
global:
|
global:
|
||||||
scrape_interval: 15s
|
scrape_interval: 15s
|
||||||
external_labels:
|
external_labels:
|
||||||
monitor: 'docker-monitor'
|
monitor: "docker-monitor"
|
||||||
|
|
||||||
scrape_configs:
|
scrape_configs:
|
||||||
- job_name: 'prometheus'
|
- job_name: "prometheus"
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['localhost:9090']
|
- targets: ["localhost:9090"]
|
||||||
|
|
||||||
- job_name: 'node'
|
- job_name: "node"
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['nodeexporter:9100']
|
- targets: ["nodeexporter:9100"]
|
||||||
|
|
||||||
- job_name: 'cadvisor'
|
- job_name: "cadvisor"
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['cadvisor:8080']
|
- targets: ["cadvisor:8080"]
|
||||||
|
|
||||||
- job_name: 'speedtest'
|
- job_name: "speedtest"
|
||||||
scrape_interval: 15m
|
scrape_interval: 15m
|
||||||
scrape_timeout: 2m
|
scrape_timeout: 2m
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['speedtest.docker:9696']
|
- targets: ["speedtest:9696"]
|
||||||
|
|
||||||
- job_name: 'docker'
|
- job_name: "docker"
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['192.168.1.111:1337']
|
- targets: ["192.168.1.111:1337"]
|
||||||
|
|
||||||
- job_name: 'traefik'
|
- job_name: "traefik"
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['192.168.1.111:1111']
|
- targets: ["192.168.1.111:1111"]
|
||||||
|
|
||||||
- job_name: 'act'
|
- job_name: "act"
|
||||||
scrape_interval: 15m
|
scrape_interval: 15m
|
||||||
scrape_timeout: 1m
|
scrape_timeout: 1m
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ['act-exporter.docker:3000']
|
- targets: ["act-exporter.docker:3000"]
|
||||||
|
|
||||||
rule_files:
|
rule_files:
|
||||||
- 'alert.rules'
|
- "alert.rules"
|
||||||
|
|
|
@ -1,19 +1,3 @@
|
||||||
data "docker_registry_image" "grafana" {
|
|
||||||
name = "grafana/grafana:latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
data "docker_registry_image" "prometheus" {
|
data "docker_registry_image" "prometheus" {
|
||||||
name = "prom/prometheus:latest"
|
name = "prom/prometheus:latest"
|
||||||
}
|
}
|
||||||
|
|
||||||
data "docker_registry_image" "nodeexporter" {
|
|
||||||
name = "prom/node-exporter:latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
data "docker_registry_image" "cadvisor" {
|
|
||||||
name = "google/cadvisor:latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
data "docker_registry_image" "speedtest" {
|
|
||||||
name = "captn3m0/speedtest-exporter:alpine"
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,22 +1,31 @@
|
||||||
resource "docker_container" "grafana" {
|
# resource "docker_container" "grafana" {
|
||||||
name = "grafana"
|
module "grafana" {
|
||||||
image = "${docker_image.grafana.latest}"
|
name = "grafana"
|
||||||
|
source = "../modules/container"
|
||||||
|
image = "grafana/grafana:latest"
|
||||||
|
|
||||||
// grafana:grafana
|
// grafana:grafana
|
||||||
user = "984:982"
|
user = "984:982"
|
||||||
|
|
||||||
labels = "${merge(
|
web {
|
||||||
var.traefik-labels, map(
|
port = 3000
|
||||||
"traefik.port", 3000,
|
host = "grafana.${var.domain}"
|
||||||
"traefik.frontend.rule","Host:grafana.${var.domain}"
|
expose = true
|
||||||
))}"
|
|
||||||
|
|
||||||
volumes {
|
|
||||||
host_path = "/mnt/xwing/data/grafana"
|
|
||||||
container_path = "/var/lib/grafana"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
|
volumes = [{
|
||||||
|
host_path = "/mnt/xwing/data/grafana"
|
||||||
|
container_path = "/var/lib/grafana"
|
||||||
|
}]
|
||||||
|
|
||||||
|
networks_advanced = [
|
||||||
|
{
|
||||||
|
name = "traefik"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name = "monitoring"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
env = [
|
env = [
|
||||||
"GF_SERVER_ROOT_URL=https://grafana.${var.domain}",
|
"GF_SERVER_ROOT_URL=https://grafana.${var.domain}",
|
||||||
|
|
|
@ -1,28 +1,8 @@
|
||||||
resource "docker_image" "grafana" {
|
|
||||||
name = "${data.docker_registry_image.grafana.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.grafana.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "prometheus" {
|
resource "docker_image" "prometheus" {
|
||||||
name = "${data.docker_registry_image.prometheus.name}"
|
name = "${data.docker_registry_image.prometheus.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.prometheus.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.prometheus.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_image" "nodeexporter" {
|
|
||||||
name = "${data.docker_registry_image.nodeexporter.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.nodeexporter.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "cadvisor" {
|
|
||||||
name = "${data.docker_registry_image.cadvisor.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "speedtest" {
|
|
||||||
name = "${data.docker_registry_image.speedtest.name}"
|
|
||||||
pull_triggers = ["${data.docker_registry_image.speedtest.sha256_digest}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_image" "act-exporter" {
|
resource "docker_image" "act-exporter" {
|
||||||
name = "${data.docker_registry_image.act-exporter.name}"
|
name = "${data.docker_registry_image.act-exporter.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.act-exporter.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.act-exporter.sha256_digest}"]
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
|
|
|
@ -1,28 +1,28 @@
|
||||||
resource "docker_container" "nodeexporter" {
|
module "nodeexporter" {
|
||||||
name = "nodeexporter"
|
name = "nodeexporter"
|
||||||
image = "${docker_image.nodeexporter.latest}"
|
source = "../modules/container"
|
||||||
|
image = "prom/node-exporter:latest"
|
||||||
|
|
||||||
volumes {
|
volumes = [
|
||||||
host_path = "/proc"
|
{
|
||||||
container_path = "/host/proc"
|
host_path = "/proc"
|
||||||
}
|
container_path = "/host/proc"
|
||||||
|
},
|
||||||
volumes {
|
{
|
||||||
host_path = "/sys"
|
host_path = "/sys"
|
||||||
container_path = "/host/sys"
|
container_path = "/host/sys"
|
||||||
}
|
},
|
||||||
|
{
|
||||||
volumes {
|
host_path = "/"
|
||||||
host_path = "/"
|
container_path = "/rootfs"
|
||||||
container_path = "/rootfs"
|
read_only = true
|
||||||
read_only = true
|
},
|
||||||
}
|
{
|
||||||
|
host_path = "/mnt/xwing"
|
||||||
volumes {
|
container_path = "/host/mnt"
|
||||||
host_path = "/mnt/xwing"
|
read_only = true
|
||||||
container_path = "/host/mnt"
|
},
|
||||||
read_only = true
|
]
|
||||||
}
|
|
||||||
|
|
||||||
command = [
|
command = [
|
||||||
"--path.procfs=/host/proc",
|
"--path.procfs=/host/proc",
|
||||||
|
@ -30,7 +30,9 @@ resource "docker_container" "nodeexporter" {
|
||||||
"--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"",
|
"--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"",
|
||||||
]
|
]
|
||||||
|
|
||||||
networks = ["${docker_network.monitoring.id}"]
|
networks = [
|
||||||
|
"${docker_network.monitoring.id}",
|
||||||
|
]
|
||||||
|
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
|
|
|
@ -1,17 +1,25 @@
|
||||||
# Transmission Exporter for speedtest results
|
# Transmission Exporter for speedtest results
|
||||||
# https://hub.docker.com/r/stefanwalther/speedtest-exporter/
|
# https://hub.docker.com/r/stefanwalther/speedtest-exporter/
|
||||||
# Built against Alpine: https://github.com/stefanwalther/speedtest-exporter/pull/7
|
# Built against Alpine: https://github.com/stefanwalther/speedtest-exporter/pull/7
|
||||||
resource "docker_container" "speedtest" {
|
|
||||||
name = "speedtest"
|
|
||||||
image = "${docker_image.speedtest.latest}"
|
|
||||||
|
|
||||||
networks_advanced {
|
module "speedtest" {
|
||||||
name = "monitoring"
|
name = "speedtest"
|
||||||
aliases = ["speedtest", "speedtest.docker"]
|
image = "captn3m0/speedtest-exporter:alpine"
|
||||||
}
|
source = "../modules/container"
|
||||||
|
|
||||||
networks_advanced {
|
networks_advanced = [
|
||||||
name = "bridge"
|
{
|
||||||
|
name = "monitoring"
|
||||||
|
aliases = ["speedtest", "speedtest.docker"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name = "bridge"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
resource {
|
||||||
|
memory = 256
|
||||||
|
memory_swap = 256
|
||||||
}
|
}
|
||||||
|
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
|
|
|
@ -2,10 +2,11 @@ variable "ips" {
|
||||||
type = "map"
|
type = "map"
|
||||||
|
|
||||||
default = {
|
default = {
|
||||||
eth0 = "192.168.1.111"
|
eth0 = "192.168.1.111"
|
||||||
tun0 = "10.8.0.14"
|
tun0 = "10.8.0.14"
|
||||||
dovpn = "10.8.0.1"
|
dovpn = "10.8.0.1"
|
||||||
static = "139.59.48.222"
|
static = "139.59.48.222"
|
||||||
|
droplet = "139.59.22.234"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue