Compare commits
9 Commits
af2be53caa
...
3f3f0fd55c
Author | SHA1 | Date |
---|---|---|
Nemo | 3f3f0fd55c | |
Nemo | 1b1bbcabbc | |
Nemo | dfd0f94662 | |
Nemo | 09c1094fc5 | |
Nemo | 29368acfed | |
Nemo | e18d8b11b1 | |
Nemo | 1feaf2e4f6 | |
Nemo | 2c52cd0cb7 | |
Nemo | b83dd37365 |
|
@ -42,7 +42,6 @@ Currently running the following (all links are to the `store.docker.com` links f
|
||||||
| image | tag | module/link |
|
| image | tag | module/link |
|
||||||
| -------------------------------- | ---------- | ---------------------------------------------------- |
|
| -------------------------------- | ---------- | ---------------------------------------------------- |
|
||||||
| captn3m0/opml-gen | latest | https://opml.bb8.fun |
|
| captn3m0/opml-gen | latest | https://opml.bb8.fun |
|
||||||
| captn3m0/prometheus-act-exporter | latest | https://git.captnemo.in/nemo/prometheus-act-exporter |
|
|
||||||
| captn3m0/rss-bridge | latest | https://github.com/RSS-Bridge/rss-bridge |
|
| captn3m0/rss-bridge | latest | https://github.com/RSS-Bridge/rss-bridge |
|
||||||
| captn3m0/speedtest-exporter | alpine | https://github.com/stefanwalther/speedtest-exporter |
|
| captn3m0/speedtest-exporter | alpine | https://github.com/stefanwalther/speedtest-exporter |
|
||||||
| emby/embyserver | latest | https://emby.media |
|
| emby/embyserver | latest | https://emby.media |
|
||||||
|
|
|
@ -8,6 +8,7 @@
|
||||||
APP_NAME = Nemo's code
|
APP_NAME = Nemo's code
|
||||||
RUN_MODE = prod
|
RUN_MODE = prod
|
||||||
RUN_USER = git
|
RUN_USER = git
|
||||||
|
WORK_PATH=/data/gitea
|
||||||
|
|
||||||
[repository]
|
[repository]
|
||||||
ROOT = /data/git/repositories
|
ROOT = /data/git/repositories
|
||||||
|
@ -72,6 +73,9 @@ ECDSA = 256
|
||||||
RSA = 2048
|
RSA = 2048
|
||||||
DSA = 1024
|
DSA = 1024
|
||||||
|
|
||||||
|
[lfs]
|
||||||
|
PATH=/data/gitea/lfs
|
||||||
|
|
||||||
[server]
|
[server]
|
||||||
APP_DATA_PATH = /data/gitea
|
APP_DATA_PATH = /data/gitea
|
||||||
HTTP_PORT = 3000
|
HTTP_PORT = 3000
|
||||||
|
@ -79,7 +83,6 @@ ROOT_URL = https://git.captnemo.in/
|
||||||
DISABLE_SSH = true
|
DISABLE_SSH = true
|
||||||
DOMAIN = git.captnemo.in
|
DOMAIN = git.captnemo.in
|
||||||
LFS_START_SERVER = true
|
LFS_START_SERVER = true
|
||||||
LFS_CONTENT_PATH = /data/gitea/lfs
|
|
||||||
LFS_JWT_SECRET = "${lfs-jwt-secret}"
|
LFS_JWT_SECRET = "${lfs-jwt-secret}"
|
||||||
OFFLINE_MODE = true
|
OFFLINE_MODE = true
|
||||||
LANDING_PAGE = explore
|
LANDING_PAGE = explore
|
||||||
|
@ -123,9 +126,11 @@ ISSUE_INDEXER_PATH = indexers/issues.bleve
|
||||||
; repo indexer by default disabled, since it uses a lot of disk space
|
; repo indexer by default disabled, since it uses a lot of disk space
|
||||||
REPO_INDEXER_ENABLED = true
|
REPO_INDEXER_ENABLED = true
|
||||||
REPO_INDEXER_PATH = indexers/repos.bleve
|
REPO_INDEXER_PATH = indexers/repos.bleve
|
||||||
UPDATE_BUFFER_LEN = 20
|
|
||||||
MAX_FILE_SIZE = 1048576
|
MAX_FILE_SIZE = 1048576
|
||||||
|
|
||||||
|
[queue.issue_indexer]
|
||||||
|
LENGTH = 100
|
||||||
|
|
||||||
[admin]
|
[admin]
|
||||||
; Disable regular (non-admin) users to create organizations
|
; Disable regular (non-admin) users to create organizations
|
||||||
DISABLE_REGULAR_ORG_CREATION = false
|
DISABLE_REGULAR_ORG_CREATION = false
|
||||||
|
@ -223,8 +228,8 @@ BUFFER_LEN = 10000
|
||||||
LEVEL = Warn
|
LEVEL = Warn
|
||||||
REDIRECT_MACARON_LOG = true
|
REDIRECT_MACARON_LOG = true
|
||||||
ROUTER_LOG_LEVEL = Critical
|
ROUTER_LOG_LEVEL = Critical
|
||||||
ENABLE_ACCESS_LOG = true
|
logger.access.MODE=,
|
||||||
ENABLE_XORM_LOG = false
|
logger.xorm.MODE=,
|
||||||
|
|
||||||
[cron]
|
[cron]
|
||||||
; Enable running cron tasks periodically.
|
; Enable running cron tasks periodically.
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# https://github.com/go-gitea/gitea/releases
|
# https://github.com/go-gitea/gitea/releases
|
||||||
data "docker_registry_image" "gitea" {
|
data "docker_registry_image" "gitea" {
|
||||||
name = "gitea/gitea:1.19"
|
name = "gitea/gitea:1.20"
|
||||||
}
|
}
|
||||||
|
|
||||||
data "docker_registry_image" "redis" {
|
data "docker_registry_image" "redis" {
|
||||||
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
module "home-assistant" {
|
||||||
|
name = "home-assistant"
|
||||||
|
source = "../modules/container"
|
||||||
|
|
||||||
|
image = "ghcr.io/home-assistant/home-assistant:stable"
|
||||||
|
|
||||||
|
resource = {
|
||||||
|
memory = 1024
|
||||||
|
memory_swap = 1024
|
||||||
|
}
|
||||||
|
|
||||||
|
env = [
|
||||||
|
"TZ=Asia/Kolkata",
|
||||||
|
]
|
||||||
|
|
||||||
|
network_mode = "host"
|
||||||
|
|
||||||
|
volumes = [
|
||||||
|
{
|
||||||
|
container_path = "/config"
|
||||||
|
host_path = "/mnt/zwing/config/home-assistant"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
}
|
4
main.tf
4
main.tf
|
@ -91,6 +91,10 @@ module "digitalocean" {
|
||||||
source = "./digitalocean"
|
source = "./digitalocean"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
module "home-assistant" {
|
||||||
|
source = "./home-assistant"
|
||||||
|
}
|
||||||
|
|
||||||
module "mastodon" {
|
module "mastodon" {
|
||||||
source = "./mastodon"
|
source = "./mastodon"
|
||||||
db-password = data.pass_password.mastodon-db-password.password
|
db-password = data.pass_password.mastodon-db-password.password
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
locals {
|
locals {
|
||||||
version = "4.1.4"
|
version = "4.1.10"
|
||||||
env = [
|
env = [
|
||||||
"LOCAL_DOMAIN=tatooine.club",
|
"LOCAL_DOMAIN=tatooine.club",
|
||||||
"REDIS_HOST=mastodon-redis",
|
"REDIS_HOST=mastodon-redis",
|
||||||
|
|
|
@ -11,11 +11,26 @@ resource "docker_container" "emby" {
|
||||||
name = "emby"
|
name = "emby"
|
||||||
image = docker_image.emby.image_id
|
image = docker_image.emby.image_id
|
||||||
|
|
||||||
|
# SSD holds both the cache and data
|
||||||
volumes {
|
volumes {
|
||||||
host_path = "/mnt/xwing/config/emby"
|
host_path = "/mnt/zwing/config/emby"
|
||||||
container_path = "/config"
|
container_path = "/config"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# We keep the cache separate
|
||||||
|
# So the config directory isn't bloated
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/zwing/cache/emby"
|
||||||
|
container_path = "/config/cache"
|
||||||
|
}
|
||||||
|
|
||||||
|
# We want backups on the HDD
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/backups/config/emby"
|
||||||
|
container_path = "/backups"
|
||||||
|
}
|
||||||
|
|
||||||
|
# And mount the media as well
|
||||||
volumes {
|
volumes {
|
||||||
host_path = "/mnt/xwing/media"
|
host_path = "/mnt/xwing/media"
|
||||||
container_path = "/media"
|
container_path = "/media"
|
||||||
|
@ -36,6 +51,8 @@ resource "docker_container" "emby" {
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
must_run = true
|
must_run = true
|
||||||
|
|
||||||
|
# This breaks every time we upgrade the kernel
|
||||||
|
# or the nvidia driver, and needs a reboot.
|
||||||
gpus = "all"
|
gpus = "all"
|
||||||
|
|
||||||
# Running as lounge:tatooine
|
# Running as lounge:tatooine
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
module "miniflux-container" {
|
module "miniflux-container" {
|
||||||
name = "miniflux"
|
name = "miniflux"
|
||||||
source = "./modules/container"
|
source = "./modules/container"
|
||||||
image = "miniflux/miniflux:2.0.45"
|
image = "miniflux/miniflux:2.0.49"
|
||||||
|
|
||||||
web = {
|
web = {
|
||||||
expose = true
|
expose = true
|
||||||
|
|
|
@ -17,6 +17,8 @@ resource "docker_container" "container" {
|
||||||
entrypoint = var.entrypoint
|
entrypoint = var.entrypoint
|
||||||
user = var.user
|
user = var.user
|
||||||
|
|
||||||
|
privileged = var.privileged
|
||||||
|
|
||||||
network_mode = var.network_mode
|
network_mode = var.network_mode
|
||||||
|
|
||||||
gpus = var.gpu ? "all" : ""
|
gpus = var.gpu ? "all" : ""
|
||||||
|
|
|
@ -102,6 +102,11 @@ variable "volumes" {
|
||||||
default = {}
|
default = {}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "privileged" {
|
||||||
|
description = " If true, the container runs in privileged mode."
|
||||||
|
default = false
|
||||||
|
}
|
||||||
|
|
||||||
variable "capabilities" {
|
variable "capabilities" {
|
||||||
description = "capabilities"
|
description = "capabilities"
|
||||||
|
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
data "docker_registry_image" "act-exporter" {
|
|
||||||
name = "captn3m0/prometheus-act-exporter:latest"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "docker_container" "act-exporter" {
|
|
||||||
name = "act-exporter"
|
|
||||||
image = docker_image.act-exporter.image_id
|
|
||||||
|
|
||||||
entrypoint = ["/usr/local/bin/node", "server.js"]
|
|
||||||
|
|
||||||
networks_advanced {
|
|
||||||
name = "monitoring"
|
|
||||||
aliases = ["act-exporter", "act-exporter.docker"]
|
|
||||||
}
|
|
||||||
|
|
||||||
// So it can talk to ACT
|
|
||||||
networks = ["bridge"]
|
|
||||||
|
|
||||||
restart = "unless-stopped"
|
|
||||||
destroy_grace_seconds = 10
|
|
||||||
must_run = true
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
module "cadvisor" {
|
module "cadvisor" {
|
||||||
source = "../modules/container"
|
source = "../modules/container"
|
||||||
name = "cadvisor"
|
name = "cadvisor"
|
||||||
image = "google/cadvisor:latest"
|
image = "gcr.io/cadvisor/cadvisor"
|
||||||
|
|
||||||
resource = {
|
resource = {
|
||||||
memory = 512
|
memory = 512
|
||||||
|
@ -11,6 +11,7 @@ module "cadvisor" {
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
must_run = true
|
must_run = true
|
||||||
|
privileged = true
|
||||||
|
|
||||||
volumes = [
|
volumes = [
|
||||||
{
|
{
|
||||||
|
@ -36,6 +37,7 @@ module "cadvisor" {
|
||||||
{
|
{
|
||||||
host_path = "/var/run"
|
host_path = "/var/run"
|
||||||
container_path = "/var/run"
|
container_path = "/var/run"
|
||||||
|
read_only = true
|
||||||
},
|
},
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
|
@ -34,11 +34,5 @@ scrape_configs:
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ["192.168.1.111:1111"]
|
- targets: ["192.168.1.111:1111"]
|
||||||
|
|
||||||
- job_name: "act"
|
|
||||||
scrape_interval: 1h
|
|
||||||
scrape_timeout: 1m
|
|
||||||
static_configs:
|
|
||||||
- targets: ["act-exporter:3000"]
|
|
||||||
|
|
||||||
rule_files:
|
rule_files:
|
||||||
- "alert.rules"
|
- "alert.rules"
|
||||||
|
|
|
@ -2,10 +2,15 @@
|
||||||
module "grafana" {
|
module "grafana" {
|
||||||
name = "grafana"
|
name = "grafana"
|
||||||
source = "../modules/container"
|
source = "../modules/container"
|
||||||
image = "grafana/grafana:latest"
|
image = "grafana/grafana-oss:latest"
|
||||||
|
|
||||||
// grafana:grafana
|
// grafana
|
||||||
user = "984:982"
|
user = "472"
|
||||||
|
|
||||||
|
resource = {
|
||||||
|
memory = 512
|
||||||
|
memory_swap = 512
|
||||||
|
}
|
||||||
|
|
||||||
web = {
|
web = {
|
||||||
port = 3000
|
port = 3000
|
||||||
|
|
|
@ -2,10 +2,3 @@ resource "docker_image" "prometheus" {
|
||||||
name = data.docker_registry_image.prometheus.name
|
name = data.docker_registry_image.prometheus.name
|
||||||
pull_triggers = [data.docker_registry_image.prometheus.sha256_digest]
|
pull_triggers = [data.docker_registry_image.prometheus.sha256_digest]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_image" "act-exporter" {
|
|
||||||
name = data.docker_registry_image.act-exporter.name
|
|
||||||
pull_triggers = [data.docker_registry_image.act-exporter.sha256_digest]
|
|
||||||
keep_locally = true
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -17,15 +17,12 @@ module "container" {
|
||||||
host = var.domain
|
host = var.domain
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# SSD
|
||||||
volumes = [
|
volumes = [
|
||||||
{
|
{
|
||||||
host_path = "/mnt/xwing/data/radicale"
|
host_path = "/mnt/zwing/config/radicale"
|
||||||
container_path = "/data"
|
container_path = "/data"
|
||||||
},
|
}
|
||||||
{
|
|
||||||
host_path = "/mnt/xwing/config/radicale"
|
|
||||||
container_path = "/config"
|
|
||||||
},
|
|
||||||
]
|
]
|
||||||
|
|
||||||
uploads = [
|
uploads = [
|
||||||
|
|
Loading…
Reference in New Issue