Lychee #6
|
@ -75,23 +75,30 @@ sans = [
|
||||||
"airsonic.in.bb8.fun",
|
"airsonic.in.bb8.fun",
|
||||||
"cadvisor.bb8.fun",
|
"cadvisor.bb8.fun",
|
||||||
"couchpotato.bb8.fun",
|
"couchpotato.bb8.fun",
|
||||||
|
"debug.in.bb8.fun",
|
||||||
"ebooks.bb8.fun",
|
"ebooks.bb8.fun",
|
||||||
"ebooks.in.bb8.fun",
|
"ebooks.in.bb8.fun",
|
||||||
"emby.bb8.fun",
|
"emby.bb8.fun",
|
||||||
"emby.in.bb8.fun",
|
"emby.in.bb8.fun",
|
||||||
"debug.in.bb8.fun",
|
|
||||||
"flexget.bb8.fun",
|
"flexget.bb8.fun",
|
||||||
"git.bb8.fun",
|
"git.bb8.fun",
|
||||||
"gitea.bb8.fun",
|
"gitea.bb8.fun",
|
||||||
|
"grafana.bb8.fun",
|
||||||
"headphones.bb8.fun",
|
"headphones.bb8.fun",
|
||||||
"home.bb8.fun",
|
"home.bb8.fun",
|
||||||
"home.in.bb8.fun",
|
"home.in.bb8.fun",
|
||||||
"library.bb8.fun",
|
"library.bb8.fun",
|
||||||
|
"luke.bb8.fun",
|
||||||
|
"monitoring.bb8.fun",
|
||||||
"muximux.bb8.fun",
|
"muximux.bb8.fun",
|
||||||
"muximux.in.bb8.fun",
|
"muximux.in.bb8.fun",
|
||||||
|
"pics.bb8.fun",
|
||||||
|
"pics.in.bb8.fun",
|
||||||
"read.bb8.fun",
|
"read.bb8.fun",
|
||||||
"read.in.bb8.fun",
|
"read.in.bb8.fun",
|
||||||
|
"rey.bb8.fun",
|
||||||
"scan.bb8.fun",
|
"scan.bb8.fun",
|
||||||
|
"tatooine.bb8.fun",
|
||||||
"traefik.bb8.fun",
|
"traefik.bb8.fun",
|
||||||
"transmission.bb8.fun",
|
"transmission.bb8.fun",
|
||||||
"wiki.bb8.fun"
|
"wiki.bb8.fun"
|
||||||
|
|
|
@ -62,3 +62,7 @@ data "docker_registry_image" "headerdebug" {
|
||||||
data "docker_registry_image" "cadvisor" {
|
data "docker_registry_image" "cadvisor" {
|
||||||
name = "google/cadvisor:latest"
|
name = "google/cadvisor:latest"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
data "docker_registry_image" "lychee" {
|
||||||
|
name = "linuxserver/lychee:latest"
|
||||||
|
}
|
||||||
|
|
|
@ -30,12 +30,21 @@ resource "docker_container" "mariadb" {
|
||||||
host_path = "${docker_volume.mariadb_volume.mountpoint}"
|
host_path = "${docker_volume.mariadb_volume.mountpoint}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This is so that other host-only services can share this
|
||||||
ports {
|
ports {
|
||||||
internal = 3306
|
internal = 3306
|
||||||
external = 3306
|
external = 3306
|
||||||
ip = "${var.ips["eth0"]}"
|
ip = "${var.ips["eth0"]}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This is a not-so-great idea
|
||||||
|
// TODO: Figure out a better way to make terraform SSH and then connect to localhost
|
||||||
|
ports {
|
||||||
|
internal = 3306
|
||||||
|
external = 3306
|
||||||
|
ip = "${var.ips["tun0"]}"
|
||||||
|
}
|
||||||
|
|
||||||
memory = 512
|
memory = 512
|
||||||
restart = "unless-stopped"
|
restart = "unless-stopped"
|
||||||
destroy_grace_seconds = 10
|
destroy_grace_seconds = 10
|
||||||
|
|
|
@ -75,3 +75,8 @@ resource "docker_image" "cadvisor" {
|
||||||
name = "${data.docker_registry_image.cadvisor.name}"
|
name = "${data.docker_registry_image.cadvisor.name}"
|
||||||
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "docker_image" "lychee" {
|
||||||
|
name = "${data.docker_registry_image.lychee.name}"
|
||||||
|
pull_triggers = ["${data.docker_registry_image.lychee.sha256_digest}"]
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
resource "docker_container" "lychee" {
|
||||||
|
name = "lychee"
|
||||||
|
image = "${docker_image.lychee.latest}"
|
||||||
|
|
||||||
|
restart = "unless-stopped"
|
||||||
|
destroy_grace_seconds = 10
|
||||||
|
must_run = true
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/config/lychee"
|
||||||
|
container_path = "/config"
|
||||||
|
}
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
host_path = "/mnt/xwing/data/lychee"
|
||||||
|
container_path = "/pictures"
|
||||||
|
}
|
||||||
|
|
||||||
|
labels {
|
||||||
|
"traefik.port" = 80
|
||||||
|
"traefik.frontend.passHostHeader" = "false"
|
||||||
|
"traefik.enable" = "true"
|
||||||
|
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
|
||||||
|
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
|
||||||
|
"traefik.frontend.headers.contentTypeNosniff" = "true"
|
||||||
|
"traefik.frontend.headers.browserXSSFilter" = "true"
|
||||||
|
"traefik.frontend.headers.STSSeconds" = "2592000"
|
||||||
|
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
|
||||||
|
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
|
||||||
|
"traefik.frontend.rule" = "Host:pics.${var.domain},pics.in.${var.domain}"
|
||||||
|
}
|
||||||
|
|
||||||
|
env = [
|
||||||
|
"PUID=986",
|
||||||
|
"PGID=984",
|
||||||
|
]
|
||||||
|
|
||||||
|
links = ["mariadb"]
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
output "lychee-ip" {
|
||||||
|
value = "${docker_container.lychee.ip_address}"
|
||||||
|
}
|
17
main.tf
17
main.tf
|
@ -1,13 +1,3 @@
|
||||||
provider "docker" {
|
|
||||||
host = "tcp://docker.vpn.bb8.fun:2376"
|
|
||||||
cert_path = "./secrets"
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "cloudflare" {
|
|
||||||
email = "bb8@captnemo.in"
|
|
||||||
token = "${var.cloudflare_key}"
|
|
||||||
}
|
|
||||||
|
|
||||||
module "cloudflare" {
|
module "cloudflare" {
|
||||||
source = "cloudflare"
|
source = "cloudflare"
|
||||||
domain = "bb8.fun"
|
domain = "bb8.fun"
|
||||||
|
@ -15,8 +5,11 @@ module "cloudflare" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "mysql" {
|
module "mysql" {
|
||||||
source = "mysql"
|
source = "mysql"
|
||||||
mysql_root_password = "${var.mysql_root_password}"
|
mysql_root_password = "${var.mysql_root_password}"
|
||||||
|
mysql_lychee_password = "${var.mysql_lychee_password}"
|
||||||
|
mysql_kodi_password = "${var.mysql_kodi_password}"
|
||||||
|
lychee_ip = "${module.docker.lychee-ip}"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "docker" {
|
module "docker" {
|
||||||
|
|
|
@ -1,25 +1,23 @@
|
||||||
# # This is pending on https://github.com/hashicorp/go-version/pull/34
|
# # This is pending on https://github.com/hashicorp/go-version/pull/34
|
||||||
# provider "mysql" {
|
|
||||||
# endpoint = "docker.in.captnemo.in:3306"
|
|
||||||
# username = "root"
|
|
||||||
# password = "${var.mysql_root_password}"
|
|
||||||
# }
|
|
||||||
# # Create a Database
|
|
||||||
# resource "mysql_database" "kodi" {
|
|
||||||
# name = "kodi"
|
|
||||||
# lifecycle {
|
|
||||||
# prevent_destroy = true
|
|
||||||
# }
|
|
||||||
# }
|
|
||||||
# resource "mysql_user" "kodi" {
|
|
||||||
# user = "kodi"
|
|
||||||
# host = "127.0.0.1"
|
|
||||||
# plaintext_password = "testing"
|
|
||||||
# }
|
|
||||||
# resource "mysql_grant" "kodi" {
|
|
||||||
# user = "${mysql_user.kodi.user}"
|
|
||||||
# host = "${mysql_user.kodi.host}"
|
|
||||||
# database = "kodi"
|
|
||||||
# privileges = ["SUPER"]
|
|
||||||
# }
|
|
||||||
|
|
||||||
|
# Create a Database
|
||||||
|
resource "mysql_database" "lychee" {
|
||||||
|
name = "lychee"
|
||||||
|
|
||||||
|
lifecycle {
|
||||||
|
prevent_destroy = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "mysql_user" "lychee" {
|
||||||
|
user = "lychee"
|
||||||
|
host = "${var.lychee_ip}"
|
||||||
|
plaintext_password = "${var.mysql_lychee_password}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "mysql_grant" "lychee" {
|
||||||
|
user = "${mysql_user.lychee.user}"
|
||||||
|
host = "${mysql_user.lychee.host}"
|
||||||
|
database = "${mysql_database.lychee.name}"
|
||||||
|
privileges = ["ALL"]
|
||||||
|
}
|
||||||
|
|
|
@ -1,3 +1,13 @@
|
||||||
variable "mysql_root_password" {
|
variable "mysql_root_password" {
|
||||||
type = "string"
|
type = "string"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "mysql_lychee_password" {
|
||||||
|
type = "string"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "mysql_kodi_password" {
|
||||||
|
type = "string"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "lychee_ip" {}
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
provider "docker" {
|
||||||
|
host = "tcp://docker.vpn.bb8.fun:2376"
|
||||||
|
cert_path = "./secrets"
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "cloudflare" {
|
||||||
|
email = "bb8@captnemo.in"
|
||||||
|
token = "${var.cloudflare_key}"
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "mysql" {
|
||||||
|
endpoint = "mysql.vpn.bb8.fun:3306"
|
||||||
|
username = "root"
|
||||||
|
password = "${var.mysql_root_password}"
|
||||||
|
}
|
|
@ -15,6 +15,10 @@ variable "mysql_root_password" {
|
||||||
type = "string"
|
type = "string"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "mysql_lychee_password" {}
|
||||||
|
|
||||||
|
variable "mysql_kodi_password" {}
|
||||||
|
|
||||||
variable "wiki_session_secret" {
|
variable "wiki_session_secret" {
|
||||||
type = "string"
|
type = "string"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue