General Updates

This commit is contained in:
Nemo 2019-05-12 18:13:48 +05:30
parent c066e62ee0
commit b862c78ec9
13 changed files with 163 additions and 145 deletions

View File

@ -25,7 +25,7 @@ resource "cloudflare_record" "home-wildcard" {
resource "cloudflare_record" "internet" { resource "cloudflare_record" "internet" {
domain = "${var.domain}" domain = "${var.domain}"
name = "@" name = "@"
value = "${var.ips["static"]}" value = "${var.droplet_ip}"
type = "A" type = "A"
} }
@ -37,6 +37,22 @@ resource "cloudflare_record" "internet-wildcard" {
ttl = 3600 ttl = 3600
} }
resource "cloudflare_record" "dns" {
domain = "${var.domain}"
name = "dns"
value = "${var.ips["static"]}"
type = "A"
}
resource "cloudflare_record" "doh" {
domain = "${var.domain}"
name = "doh"
value = "${var.ips["static"]}"
type = "A"
}
// This ensures that _acme-challenge is not a CNAME
// alongside the above wildcard CNAME entry.
resource "cloudflare_record" "acme-no-cname-1" { resource "cloudflare_record" "acme-no-cname-1" {
domain = "${var.domain}" domain = "${var.domain}"
name = "_acme-challenge.${var.domain}" name = "_acme-challenge.${var.domain}"

View File

@ -5,3 +5,5 @@ variable "domain" {
variable "ips" { variable "ips" {
type = "map" type = "map"
} }
variable "droplet_ip" {}

View File

@ -2,11 +2,13 @@ resource "digitalocean_droplet" "sydney" {
image = "" image = ""
name = "sydney.captnemo.in" name = "sydney.captnemo.in"
region = "blr1" region = "blr1"
size = "1gb" size = "s-1vcpu-2gb"
ipv6 = true ipv6 = true
private_networking = true private_networking = true
resize_disk = true resize_disk = true
volume_ids = ["eae03502-9279-11e8-ab31-0242ac11470b"]
tags = [ tags = [
"bangalore", "bangalore",
"proxy", "proxy",
@ -14,3 +16,7 @@ resource "digitalocean_droplet" "sydney" {
"vpn", "vpn",
] ]
} }
output "droplet_ipv4" {
value = "${digitalocean_droplet.sydney.ipv4_address}"
}

View File

@ -2,6 +2,8 @@ module "cloudflare" {
source = "cloudflare" source = "cloudflare"
domain = "bb8.fun" domain = "bb8.fun"
ips = "${var.ips}" ips = "${var.ips}"
droplet_ip = "${module.digitalocean.droplet_ipv4}"
} }
module "docker" { module "docker" {

View File

@ -1,47 +1,56 @@
resource "docker_container" "cadvisor" { module "cadvisor" {
source = "../modules/container"
name = "cadvisor" name = "cadvisor"
image = "${docker_image.cadvisor.latest}" image = "google/cadvisor:latest"
memory = 512
resource {
memory = 512
memory_swap = 512
}
restart = "unless-stopped" restart = "unless-stopped"
destroy_grace_seconds = 10 destroy_grace_seconds = 10
must_run = true must_run = true
volumes { volumes = [
host_path = "/sys" {
container_path = "/sys" host_path = "/sys"
read_only = true container_path = "/sys"
read_only = true
},
{
host_path = "/"
container_path = "/rootfs"
read_only = true
},
{
host_path = "/var/lib/docker"
container_path = "/var/lib/docker"
read_only = true
},
{
host_path = "/dev/disk"
container_path = "/dev/disk"
read_only = true
},
{
host_path = "/var/run"
container_path = "/var/run"
},
]
networks_advanced = [
{
name = "traefik"
},
{
name = "monitoring"
},
]
web {
expose = true
port = 8080
auth = true
} }
volumes {
host_path = "/"
container_path = "/rootfs"
read_only = true
}
volumes {
host_path = "/var/lib/docker"
container_path = "/var/lib/docker"
read_only = true
}
volumes {
host_path = "/dev/disk"
container_path = "/dev/disk"
read_only = true
}
volumes {
host_path = "/var/run"
container_path = "/var/run"
}
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"]
labels = "${merge(
var.traefik-labels, map(
"traefik.port", 8080,
"traefik.frontend.rule","Host:cadvisor.${var.domain}",
"traefik.frontend.auth.basic", "${var.basic_auth}"
))}"
} }

View File

@ -1,44 +1,44 @@
global: global:
scrape_interval: 15s scrape_interval: 15s
external_labels: external_labels:
monitor: 'docker-monitor' monitor: "docker-monitor"
scrape_configs: scrape_configs:
- job_name: 'prometheus' - job_name: "prometheus"
static_configs: static_configs:
- targets: ['localhost:9090'] - targets: ["localhost:9090"]
- job_name: 'node' - job_name: "node"
scrape_interval: 5s scrape_interval: 5s
static_configs: static_configs:
- targets: ['nodeexporter:9100'] - targets: ["nodeexporter:9100"]
- job_name: 'cadvisor' - job_name: "cadvisor"
scrape_interval: 5s scrape_interval: 5s
static_configs: static_configs:
- targets: ['cadvisor:8080'] - targets: ["cadvisor:8080"]
- job_name: 'speedtest' - job_name: "speedtest"
scrape_interval: 15m scrape_interval: 15m
scrape_timeout: 2m scrape_timeout: 2m
static_configs: static_configs:
- targets: ['speedtest.docker:9696'] - targets: ["speedtest:9696"]
- job_name: 'docker' - job_name: "docker"
scrape_interval: 5s scrape_interval: 5s
static_configs: static_configs:
- targets: ['192.168.1.111:1337'] - targets: ["192.168.1.111:1337"]
- job_name: 'traefik' - job_name: "traefik"
scrape_interval: 5s scrape_interval: 5s
static_configs: static_configs:
- targets: ['192.168.1.111:1111'] - targets: ["192.168.1.111:1111"]
- job_name: 'act' - job_name: "act"
scrape_interval: 15m scrape_interval: 15m
scrape_timeout: 1m scrape_timeout: 1m
static_configs: static_configs:
- targets: ['act-exporter.docker:3000'] - targets: ["act-exporter.docker:3000"]
rule_files: rule_files:
- 'alert.rules' - "alert.rules"

View File

@ -1,19 +1,3 @@
data "docker_registry_image" "grafana" {
name = "grafana/grafana:latest"
}
data "docker_registry_image" "prometheus" { data "docker_registry_image" "prometheus" {
name = "prom/prometheus:latest" name = "prom/prometheus:latest"
} }
data "docker_registry_image" "nodeexporter" {
name = "prom/node-exporter:latest"
}
data "docker_registry_image" "cadvisor" {
name = "google/cadvisor:latest"
}
data "docker_registry_image" "speedtest" {
name = "captn3m0/speedtest-exporter:alpine"
}

View File

@ -1,22 +1,31 @@
resource "docker_container" "grafana" { # resource "docker_container" "grafana" {
name = "grafana" module "grafana" {
image = "${docker_image.grafana.latest}" name = "grafana"
source = "../modules/container"
image = "grafana/grafana:latest"
// grafana:grafana // grafana:grafana
user = "984:982" user = "984:982"
labels = "${merge( web {
var.traefik-labels, map( port = 3000
"traefik.port", 3000, host = "grafana.${var.domain}"
"traefik.frontend.rule","Host:grafana.${var.domain}" expose = true
))}"
volumes {
host_path = "/mnt/xwing/data/grafana"
container_path = "/var/lib/grafana"
} }
networks = ["${var.traefik-network-id}", "${docker_network.monitoring.id}"] volumes = [{
host_path = "/mnt/xwing/data/grafana"
container_path = "/var/lib/grafana"
}]
networks_advanced = [
{
name = "traefik"
},
{
name = "monitoring"
},
]
env = [ env = [
"GF_SERVER_ROOT_URL=https://grafana.${var.domain}", "GF_SERVER_ROOT_URL=https://grafana.${var.domain}",

View File

@ -1,28 +1,8 @@
resource "docker_image" "grafana" {
name = "${data.docker_registry_image.grafana.name}"
pull_triggers = ["${data.docker_registry_image.grafana.sha256_digest}"]
}
resource "docker_image" "prometheus" { resource "docker_image" "prometheus" {
name = "${data.docker_registry_image.prometheus.name}" name = "${data.docker_registry_image.prometheus.name}"
pull_triggers = ["${data.docker_registry_image.prometheus.sha256_digest}"] pull_triggers = ["${data.docker_registry_image.prometheus.sha256_digest}"]
} }
resource "docker_image" "nodeexporter" {
name = "${data.docker_registry_image.nodeexporter.name}"
pull_triggers = ["${data.docker_registry_image.nodeexporter.sha256_digest}"]
}
resource "docker_image" "cadvisor" {
name = "${data.docker_registry_image.cadvisor.name}"
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
}
resource "docker_image" "speedtest" {
name = "${data.docker_registry_image.speedtest.name}"
pull_triggers = ["${data.docker_registry_image.speedtest.sha256_digest}"]
}
resource "docker_image" "act-exporter" { resource "docker_image" "act-exporter" {
name = "${data.docker_registry_image.act-exporter.name}" name = "${data.docker_registry_image.act-exporter.name}"
pull_triggers = ["${data.docker_registry_image.act-exporter.sha256_digest}"] pull_triggers = ["${data.docker_registry_image.act-exporter.sha256_digest}"]

View File

@ -1 +0,0 @@

View File

@ -1,28 +1,28 @@
resource "docker_container" "nodeexporter" { module "nodeexporter" {
name = "nodeexporter" name = "nodeexporter"
image = "${docker_image.nodeexporter.latest}" source = "../modules/container"
image = "prom/node-exporter:latest"
volumes { volumes = [
host_path = "/proc" {
container_path = "/host/proc" host_path = "/proc"
} container_path = "/host/proc"
},
volumes { {
host_path = "/sys" host_path = "/sys"
container_path = "/host/sys" container_path = "/host/sys"
} },
{
volumes { host_path = "/"
host_path = "/" container_path = "/rootfs"
container_path = "/rootfs" read_only = true
read_only = true },
} {
host_path = "/mnt/xwing"
volumes { container_path = "/host/mnt"
host_path = "/mnt/xwing" read_only = true
container_path = "/host/mnt" },
read_only = true ]
}
command = [ command = [
"--path.procfs=/host/proc", "--path.procfs=/host/proc",
@ -30,7 +30,9 @@ resource "docker_container" "nodeexporter" {
"--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"", "--collector.filesystem.ignored-mount-points=\"^/(sys|proc|dev|host|etc)($$|/)\"",
] ]
networks = ["${docker_network.monitoring.id}"] networks = [
"${docker_network.monitoring.id}",
]
restart = "unless-stopped" restart = "unless-stopped"
destroy_grace_seconds = 10 destroy_grace_seconds = 10

View File

@ -1,17 +1,25 @@
# Transmission Exporter for speedtest results # Transmission Exporter for speedtest results
# https://hub.docker.com/r/stefanwalther/speedtest-exporter/ # https://hub.docker.com/r/stefanwalther/speedtest-exporter/
# Built against Alpine: https://github.com/stefanwalther/speedtest-exporter/pull/7 # Built against Alpine: https://github.com/stefanwalther/speedtest-exporter/pull/7
resource "docker_container" "speedtest" {
name = "speedtest"
image = "${docker_image.speedtest.latest}"
networks_advanced { module "speedtest" {
name = "monitoring" name = "speedtest"
aliases = ["speedtest", "speedtest.docker"] image = "captn3m0/speedtest-exporter:alpine"
} source = "../modules/container"
networks_advanced { networks_advanced = [
name = "bridge" {
name = "monitoring"
aliases = ["speedtest", "speedtest.docker"]
},
{
name = "bridge"
},
]
resource {
memory = 256
memory_swap = 256
} }
restart = "unless-stopped" restart = "unless-stopped"

View File

@ -2,10 +2,11 @@ variable "ips" {
type = "map" type = "map"
default = { default = {
eth0 = "192.168.1.111" eth0 = "192.168.1.111"
tun0 = "10.8.0.14" tun0 = "10.8.0.14"
dovpn = "10.8.0.1" dovpn = "10.8.0.1"
static = "139.59.48.222" static = "139.59.48.222"
droplet = "139.59.22.234"
} }
} }