Merge branch 'kubernetes'
This commit is contained in:
commit
e4b3620de5
|
@ -7,3 +7,4 @@
|
|||
*.backup
|
||||
secrets
|
||||
k8s/
|
||||
k8s2/
|
||||
|
|
|
@ -1 +1 @@
|
|||
0.11.8
|
||||
0.11.12-beta1
|
||||
|
|
|
@ -64,6 +64,32 @@ resource "cloudflare_record" "vpn_wildcard" {
|
|||
ttl = 3600
|
||||
}
|
||||
|
||||
/**
|
||||
* vpn.bb8.fun
|
||||
* *.vpn.bb8.fun
|
||||
*/
|
||||
resource "cloudflare_record" "dovpn" {
|
||||
domain = "${var.domain}"
|
||||
name = "dovpn"
|
||||
value = "${var.ips["dovpn"]}"
|
||||
type = "A"
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "dovpn_wildcard" {
|
||||
domain = "${var.domain}"
|
||||
name = "*.dovpn.${var.domain}"
|
||||
value = "${cloudflare_record.dovpn.hostname}"
|
||||
type = "CNAME"
|
||||
ttl = 3600
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "etcd" {
|
||||
domain = "${var.domain}"
|
||||
name = "etcd"
|
||||
value = "${var.ips["dovpn"]}"
|
||||
type = "A"
|
||||
}
|
||||
|
||||
########################
|
||||
## Mailgun Mailing Lists
|
||||
########################
|
||||
|
@ -98,10 +124,10 @@ resource "cloudflare_record" "mailgun-mxb" {
|
|||
priority = 20
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "k8s-talk" {
|
||||
resource "cloudflare_record" "k8s" {
|
||||
domain = "${var.domain}"
|
||||
name = "k8s"
|
||||
value = "lightsaber.captnemo.in"
|
||||
type = "CNAME"
|
||||
value = "10.8.0.1"
|
||||
type = "A"
|
||||
ttl = 3600
|
||||
}
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
// Points to the local working directory instead of
|
||||
// the published version
|
||||
module "kayak" {
|
||||
source = "../terraform-digitalocean-kayak"
|
||||
cert_path = "${path.root}/secrets/kayak"
|
||||
domain = "kayak.${var.root-domain}"
|
||||
ssh_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0Getey8585AqdgIl9mqQ3SH9w6z7NZUW4HXdOqZwC7sYEaDrLOBV014gtFS8h8ymm4dcw6xEGUkaavcHC8W9ChTLKBMK4N1/sUS/umLy+Wi/K//g13y0VHSdvcc+gMQ27b9n/DwDY4ZKkaf6t+4HWyFWNh6gp0cT1WCyLNlsER55KUdy+C1lCOpv1SMepOaYc7uyBlC9FfgewJho/OfxnoTztQV6QeSGfr2Xr94Ip1FUPoLoBLLilh4ZbCe6F6bqn0kNgVBTkrVwWJv5Z0jCJpUjER69cqjASRao9KCHkyPtybzKKhCLZIlB3QMggEv0xnlHMpeeuDWcGrBVPKI8V"
|
||||
|
||||
asset_dir = "${path.root}/k8s"
|
||||
|
||||
providers {
|
||||
docker = "docker.kayak"
|
||||
}
|
||||
}
|
||||
|
||||
provider "docker" {
|
||||
host = "tcp://${cloudflare_record.kayak-docker.hostname}:2376"
|
||||
version = "~> 2.0.0"
|
||||
alias = "kayak"
|
||||
ca_material = "${module.kayak.docker_ca_cert}"
|
||||
cert_material = "${module.kayak.docker_client_cert}"
|
||||
key_material = "${module.kayak.docker_client_key}"
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "kayak-docker" {
|
||||
name = "docker.kayak"
|
||||
value = "${module.kayak.droplet_ipv4}"
|
||||
domain = "${var.root-domain}"
|
||||
type = "A"
|
||||
ttl = 120
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "kayak" {
|
||||
name = "kayak"
|
||||
value = "${module.kayak.droplet_ipv4}"
|
||||
domain = "${var.root-domain}"
|
||||
type = "A"
|
||||
ttl = 120
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "kayak-etcd" {
|
||||
name = "etcd.kayak"
|
||||
value = "${module.kayak.droplet_ipv4_private}"
|
||||
domain = "${var.root-domain}"
|
||||
type = "A"
|
||||
ttl = 120
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
// Bring up a simple test container
|
||||
// In the controller node
|
||||
|
||||
resource "kubernetes_pod" "nginx" {
|
||||
metadata {
|
||||
name = "terraform-example"
|
||||
namespace = "default"
|
||||
}
|
||||
|
||||
spec {
|
||||
toleration {
|
||||
key = "node-role.kubernetes.io/master"
|
||||
operator = "Exists"
|
||||
effect = "NoSchedule"
|
||||
}
|
||||
|
||||
container {
|
||||
image = "nginx:latest"
|
||||
name = "nginx"
|
||||
}
|
||||
}
|
||||
}
|
11
main.tf
11
main.tf
|
@ -67,12 +67,11 @@ module "resilio" {
|
|||
}
|
||||
|
||||
module "media" {
|
||||
source = "media"
|
||||
domain = "bb8.fun"
|
||||
traefik-labels = "${var.traefik-common-labels}"
|
||||
airsonic-smtp-password = "${var.airsonic-smtp-password}"
|
||||
ips = "${var.ips}"
|
||||
traefik-network-id = "${module.docker.traefik-network-id}"
|
||||
source = "media"
|
||||
domain = "bb8.fun"
|
||||
traefik-labels = "${var.traefik-common-labels}"
|
||||
ips = "${var.ips}"
|
||||
traefik-network-id = "${module.docker.traefik-network-id}"
|
||||
}
|
||||
|
||||
module "monitoring" {
|
||||
|
|
|
@ -4,7 +4,7 @@ module "airsonic" {
|
|||
name = "airsonic"
|
||||
|
||||
resource {
|
||||
memory = "256"
|
||||
memory = "1024"
|
||||
}
|
||||
|
||||
web {
|
||||
|
@ -13,8 +13,6 @@ module "airsonic" {
|
|||
expose = true
|
||||
}
|
||||
|
||||
user = "lounge:audio"
|
||||
|
||||
env = [
|
||||
"PUID=1004",
|
||||
"PGID=1003",
|
||||
|
@ -22,6 +20,11 @@ module "airsonic" {
|
|||
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
|
||||
]
|
||||
|
||||
devices = [{
|
||||
host_path = "/dev/snd"
|
||||
container_path = "/dev/snd"
|
||||
}]
|
||||
|
||||
# files = [
|
||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
|
||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/sound.properties",
|
||||
|
@ -50,15 +53,22 @@ module "airsonic" {
|
|||
host_path = "/mnt/xwing/config/airsonic/podcasts"
|
||||
container_path = "/podcasts"
|
||||
},
|
||||
{
|
||||
host_path = "/mnt/xwing/config/airsonic/jre"
|
||||
container_path = "/usr/lib/jvm/java-1.8-openjdk/jre/lib/"
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
data "template_file" "airsonic-properties-file" {
|
||||
template = "${file("${path.module}/conf/airsonic.properties.tpl")}"
|
||||
# data "template_file" "airsonic-properties-file" {
|
||||
# template = "${file("${path.module}/conf/airsonic.properties.tpl")}"
|
||||
|
||||
vars {
|
||||
smtp-password = "${var.airsonic-smtp-password}"
|
||||
|
||||
# db-password = "${var.airsonic-db-password}"
|
||||
}
|
||||
}
|
||||
# vars {
|
||||
# smtp-password = "${var.airsonic-smtp-password}"
|
||||
|
||||
|
||||
# # db-password = "${var.airsonic-db-password}"
|
||||
# }
|
||||
# }
|
||||
|
||||
|
|
|
@ -11,8 +11,6 @@ module "jackett" {
|
|||
host = "jackett.${var.domain}"
|
||||
}
|
||||
|
||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
||||
|
||||
volumes = [{
|
||||
host_path = "/mnt/xwing/config/jackett"
|
||||
container_path = "/config"
|
||||
|
|
|
@ -16,8 +16,6 @@ module "radarr" {
|
|||
memory_swap = 1024
|
||||
}
|
||||
|
||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
||||
|
||||
volumes = [
|
||||
{
|
||||
host_path = "/mnt/xwing/config/radarr"
|
||||
|
|
|
@ -2,7 +2,7 @@ variable "domain" {
|
|||
type = "string"
|
||||
}
|
||||
|
||||
variable "airsonic-smtp-password" {}
|
||||
# variable "airsonic-smtp-password" {}
|
||||
|
||||
variable "traefik-labels" {
|
||||
type = "map"
|
||||
|
|
|
@ -3,7 +3,7 @@ data "docker_registry_image" "image" {
|
|||
}
|
||||
|
||||
resource "docker_image" "image" {
|
||||
name = "${data.docker_registry_image.image.name}"
|
||||
name = "${var.image}"
|
||||
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
|
||||
}
|
||||
|
||||
|
@ -31,6 +31,7 @@ resource "docker_container" "container" {
|
|||
memory_swap = "${local.resource["memory_swap"]}"
|
||||
|
||||
volumes = ["${var.volumes}"]
|
||||
devices = ["${var.devices}"]
|
||||
|
||||
# Look at this monstrosity
|
||||
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
|
||||
|
|
|
@ -88,3 +88,9 @@ variable "volumes" {
|
|||
type = "list"
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "devices" {
|
||||
description = "volumes"
|
||||
type = "list"
|
||||
default = []
|
||||
}
|
||||
|
|
10
providers.tf
10
providers.tf
|
@ -4,11 +4,11 @@ provider "docker" {
|
|||
version = "~> 2.0.0"
|
||||
}
|
||||
|
||||
provider "docker" {
|
||||
host = "tcp://dovpn.vpn.bb8.fun:2376"
|
||||
cert_path = "./secrets/sydney"
|
||||
alias = "sydney"
|
||||
version = "~> 2.0.0"
|
||||
provider "kubernetes" {
|
||||
version = "1.3.0-custom"
|
||||
host = "https://k8s.bb8.fun:6443"
|
||||
|
||||
config_path = "${path.root}/k8s/auth/kubeconfig"
|
||||
}
|
||||
|
||||
provider "cloudflare" {
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
terraform {
|
||||
backend "s3" {
|
||||
bucket = "rmx-nemo"
|
||||
key = "terraform/nebula.tfstate"
|
||||
region = "ap-south-1"
|
||||
profile = "nebula"
|
||||
}
|
||||
}
|
|
@ -27,6 +27,7 @@ variable "ips" {
|
|||
default = {
|
||||
eth0 = "192.168.1.111"
|
||||
tun0 = "10.8.0.14"
|
||||
dovpn = "10.8.0.1"
|
||||
static = "139.59.48.222"
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue