Merge branch 'kubernetes'
This commit is contained in:
commit
e4b3620de5
|
@ -7,3 +7,4 @@
|
||||||
*.backup
|
*.backup
|
||||||
secrets
|
secrets
|
||||||
k8s/
|
k8s/
|
||||||
|
k8s2/
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
0.11.8
|
0.11.12-beta1
|
||||||
|
|
|
@ -64,6 +64,32 @@ resource "cloudflare_record" "vpn_wildcard" {
|
||||||
ttl = 3600
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* vpn.bb8.fun
|
||||||
|
* *.vpn.bb8.fun
|
||||||
|
*/
|
||||||
|
resource "cloudflare_record" "dovpn" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "dovpn"
|
||||||
|
value = "${var.ips["dovpn"]}"
|
||||||
|
type = "A"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "dovpn_wildcard" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "*.dovpn.${var.domain}"
|
||||||
|
value = "${cloudflare_record.dovpn.hostname}"
|
||||||
|
type = "CNAME"
|
||||||
|
ttl = 3600
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "etcd" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "etcd"
|
||||||
|
value = "${var.ips["dovpn"]}"
|
||||||
|
type = "A"
|
||||||
|
}
|
||||||
|
|
||||||
########################
|
########################
|
||||||
## Mailgun Mailing Lists
|
## Mailgun Mailing Lists
|
||||||
########################
|
########################
|
||||||
|
@ -98,10 +124,10 @@ resource "cloudflare_record" "mailgun-mxb" {
|
||||||
priority = 20
|
priority = 20
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "k8s-talk" {
|
resource "cloudflare_record" "k8s" {
|
||||||
domain = "${var.domain}"
|
domain = "${var.domain}"
|
||||||
name = "k8s"
|
name = "k8s"
|
||||||
value = "lightsaber.captnemo.in"
|
value = "10.8.0.1"
|
||||||
type = "CNAME"
|
type = "A"
|
||||||
ttl = 3600
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,47 @@
|
||||||
|
// Points to the local working directory instead of
|
||||||
|
// the published version
|
||||||
|
module "kayak" {
|
||||||
|
source = "../terraform-digitalocean-kayak"
|
||||||
|
cert_path = "${path.root}/secrets/kayak"
|
||||||
|
domain = "kayak.${var.root-domain}"
|
||||||
|
ssh_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0Getey8585AqdgIl9mqQ3SH9w6z7NZUW4HXdOqZwC7sYEaDrLOBV014gtFS8h8ymm4dcw6xEGUkaavcHC8W9ChTLKBMK4N1/sUS/umLy+Wi/K//g13y0VHSdvcc+gMQ27b9n/DwDY4ZKkaf6t+4HWyFWNh6gp0cT1WCyLNlsER55KUdy+C1lCOpv1SMepOaYc7uyBlC9FfgewJho/OfxnoTztQV6QeSGfr2Xr94Ip1FUPoLoBLLilh4ZbCe6F6bqn0kNgVBTkrVwWJv5Z0jCJpUjER69cqjASRao9KCHkyPtybzKKhCLZIlB3QMggEv0xnlHMpeeuDWcGrBVPKI8V"
|
||||||
|
|
||||||
|
asset_dir = "${path.root}/k8s"
|
||||||
|
|
||||||
|
providers {
|
||||||
|
docker = "docker.kayak"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "docker" {
|
||||||
|
host = "tcp://${cloudflare_record.kayak-docker.hostname}:2376"
|
||||||
|
version = "~> 2.0.0"
|
||||||
|
alias = "kayak"
|
||||||
|
ca_material = "${module.kayak.docker_ca_cert}"
|
||||||
|
cert_material = "${module.kayak.docker_client_cert}"
|
||||||
|
key_material = "${module.kayak.docker_client_key}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "kayak-docker" {
|
||||||
|
name = "docker.kayak"
|
||||||
|
value = "${module.kayak.droplet_ipv4}"
|
||||||
|
domain = "${var.root-domain}"
|
||||||
|
type = "A"
|
||||||
|
ttl = 120
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "kayak" {
|
||||||
|
name = "kayak"
|
||||||
|
value = "${module.kayak.droplet_ipv4}"
|
||||||
|
domain = "${var.root-domain}"
|
||||||
|
type = "A"
|
||||||
|
ttl = 120
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "kayak-etcd" {
|
||||||
|
name = "etcd.kayak"
|
||||||
|
value = "${module.kayak.droplet_ipv4_private}"
|
||||||
|
domain = "${var.root-domain}"
|
||||||
|
type = "A"
|
||||||
|
ttl = 120
|
||||||
|
}
|
|
@ -0,0 +1,22 @@
|
||||||
|
// Bring up a simple test container
|
||||||
|
// In the controller node
|
||||||
|
|
||||||
|
resource "kubernetes_pod" "nginx" {
|
||||||
|
metadata {
|
||||||
|
name = "terraform-example"
|
||||||
|
namespace = "default"
|
||||||
|
}
|
||||||
|
|
||||||
|
spec {
|
||||||
|
toleration {
|
||||||
|
key = "node-role.kubernetes.io/master"
|
||||||
|
operator = "Exists"
|
||||||
|
effect = "NoSchedule"
|
||||||
|
}
|
||||||
|
|
||||||
|
container {
|
||||||
|
image = "nginx:latest"
|
||||||
|
name = "nginx"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
11
main.tf
11
main.tf
|
@ -67,12 +67,11 @@ module "resilio" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "media" {
|
module "media" {
|
||||||
source = "media"
|
source = "media"
|
||||||
domain = "bb8.fun"
|
domain = "bb8.fun"
|
||||||
traefik-labels = "${var.traefik-common-labels}"
|
traefik-labels = "${var.traefik-common-labels}"
|
||||||
airsonic-smtp-password = "${var.airsonic-smtp-password}"
|
ips = "${var.ips}"
|
||||||
ips = "${var.ips}"
|
traefik-network-id = "${module.docker.traefik-network-id}"
|
||||||
traefik-network-id = "${module.docker.traefik-network-id}"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
module "monitoring" {
|
module "monitoring" {
|
||||||
|
|
|
@ -4,7 +4,7 @@ module "airsonic" {
|
||||||
name = "airsonic"
|
name = "airsonic"
|
||||||
|
|
||||||
resource {
|
resource {
|
||||||
memory = "256"
|
memory = "1024"
|
||||||
}
|
}
|
||||||
|
|
||||||
web {
|
web {
|
||||||
|
@ -13,8 +13,6 @@ module "airsonic" {
|
||||||
expose = true
|
expose = true
|
||||||
}
|
}
|
||||||
|
|
||||||
user = "lounge:audio"
|
|
||||||
|
|
||||||
env = [
|
env = [
|
||||||
"PUID=1004",
|
"PUID=1004",
|
||||||
"PGID=1003",
|
"PGID=1003",
|
||||||
|
@ -22,6 +20,11 @@ module "airsonic" {
|
||||||
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
|
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
devices = [{
|
||||||
|
host_path = "/dev/snd"
|
||||||
|
container_path = "/dev/snd"
|
||||||
|
}]
|
||||||
|
|
||||||
# files = [
|
# files = [
|
||||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
|
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
|
||||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/sound.properties",
|
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/sound.properties",
|
||||||
|
@ -50,15 +53,22 @@ module "airsonic" {
|
||||||
host_path = "/mnt/xwing/config/airsonic/podcasts"
|
host_path = "/mnt/xwing/config/airsonic/podcasts"
|
||||||
container_path = "/podcasts"
|
container_path = "/podcasts"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
host_path = "/mnt/xwing/config/airsonic/jre"
|
||||||
|
container_path = "/usr/lib/jvm/java-1.8-openjdk/jre/lib/"
|
||||||
|
},
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
data "template_file" "airsonic-properties-file" {
|
# data "template_file" "airsonic-properties-file" {
|
||||||
template = "${file("${path.module}/conf/airsonic.properties.tpl")}"
|
# template = "${file("${path.module}/conf/airsonic.properties.tpl")}"
|
||||||
|
|
||||||
vars {
|
|
||||||
smtp-password = "${var.airsonic-smtp-password}"
|
|
||||||
|
|
||||||
# db-password = "${var.airsonic-db-password}"
|
# vars {
|
||||||
}
|
# smtp-password = "${var.airsonic-smtp-password}"
|
||||||
}
|
|
||||||
|
|
||||||
|
# # db-password = "${var.airsonic-db-password}"
|
||||||
|
# }
|
||||||
|
# }
|
||||||
|
|
||||||
|
|
|
@ -11,8 +11,6 @@ module "jackett" {
|
||||||
host = "jackett.${var.domain}"
|
host = "jackett.${var.domain}"
|
||||||
}
|
}
|
||||||
|
|
||||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
|
||||||
|
|
||||||
volumes = [{
|
volumes = [{
|
||||||
host_path = "/mnt/xwing/config/jackett"
|
host_path = "/mnt/xwing/config/jackett"
|
||||||
container_path = "/config"
|
container_path = "/config"
|
||||||
|
|
|
@ -16,8 +16,6 @@ module "radarr" {
|
||||||
memory_swap = 1024
|
memory_swap = 1024
|
||||||
}
|
}
|
||||||
|
|
||||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
|
||||||
|
|
||||||
volumes = [
|
volumes = [
|
||||||
{
|
{
|
||||||
host_path = "/mnt/xwing/config/radarr"
|
host_path = "/mnt/xwing/config/radarr"
|
||||||
|
|
|
@ -2,7 +2,7 @@ variable "domain" {
|
||||||
type = "string"
|
type = "string"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "airsonic-smtp-password" {}
|
# variable "airsonic-smtp-password" {}
|
||||||
|
|
||||||
variable "traefik-labels" {
|
variable "traefik-labels" {
|
||||||
type = "map"
|
type = "map"
|
||||||
|
|
|
@ -3,7 +3,7 @@ data "docker_registry_image" "image" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_image" "image" {
|
resource "docker_image" "image" {
|
||||||
name = "${data.docker_registry_image.image.name}"
|
name = "${var.image}"
|
||||||
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -31,6 +31,7 @@ resource "docker_container" "container" {
|
||||||
memory_swap = "${local.resource["memory_swap"]}"
|
memory_swap = "${local.resource["memory_swap"]}"
|
||||||
|
|
||||||
volumes = ["${var.volumes}"]
|
volumes = ["${var.volumes}"]
|
||||||
|
devices = ["${var.devices}"]
|
||||||
|
|
||||||
# Look at this monstrosity
|
# Look at this monstrosity
|
||||||
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
|
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
|
||||||
|
|
|
@ -88,3 +88,9 @@ variable "volumes" {
|
||||||
type = "list"
|
type = "list"
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "devices" {
|
||||||
|
description = "volumes"
|
||||||
|
type = "list"
|
||||||
|
default = []
|
||||||
|
}
|
||||||
|
|
10
providers.tf
10
providers.tf
|
@ -4,11 +4,11 @@ provider "docker" {
|
||||||
version = "~> 2.0.0"
|
version = "~> 2.0.0"
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "docker" {
|
provider "kubernetes" {
|
||||||
host = "tcp://dovpn.vpn.bb8.fun:2376"
|
version = "1.3.0-custom"
|
||||||
cert_path = "./secrets/sydney"
|
host = "https://k8s.bb8.fun:6443"
|
||||||
alias = "sydney"
|
|
||||||
version = "~> 2.0.0"
|
config_path = "${path.root}/k8s/auth/kubeconfig"
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "cloudflare" {
|
provider "cloudflare" {
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
terraform {
|
||||||
|
backend "s3" {
|
||||||
|
bucket = "rmx-nemo"
|
||||||
|
key = "terraform/nebula.tfstate"
|
||||||
|
region = "ap-south-1"
|
||||||
|
profile = "nebula"
|
||||||
|
}
|
||||||
|
}
|
|
@ -27,6 +27,7 @@ variable "ips" {
|
||||||
default = {
|
default = {
|
||||||
eth0 = "192.168.1.111"
|
eth0 = "192.168.1.111"
|
||||||
tun0 = "10.8.0.14"
|
tun0 = "10.8.0.14"
|
||||||
|
dovpn = "10.8.0.1"
|
||||||
static = "139.59.48.222"
|
static = "139.59.48.222"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue