ready to test deployment

hosts.tf

@@ -4,6 +4,22 @@ module "scariff" {
  providers = {
  docker = docker.scariff
  }
+
+ network = docker_network.scariff.name
+ entrypoint = var.entrypoint
+ traefik_enable = var.traefik_enable
+ resolver_ssl = var.resolver_ssl
+ tls_enable = var.tls_enable
+ domain_name = var.domain_name
+ path_config = var.path_config
+ path_downloads = var.path_downloads
+ grafana_password = var.grafana_password
+ grafana_username = var.grafana_username
+ cloudflare_user_id = var.cloudflare_user_id
+ cloudflare_api_token = var.cloudflare_api_token
+ cloudflare_tunnel_token = var.cloudflare_tunnel_token
+ cloudflare_tunnel_id = var.cloudflare_tunnel_id
+ adguard_api_password = var.adguard_api_password
 }
 
 module "exegol" {
@@ -12,6 +28,13 @@ module "exegol" {
  providers = {
  docker = docker.exegol
  }
+
+ network = docker_network.exegol.name
+ password_mariadb = var.password_mariadb
+ password_surrealdb = var.password_surrealdb
+ storage_surrealdb = var.storage_surrealdb
+ storage_mariadb = var.storage_mariadb
+ user_surrealdb = var.user_surrealdb
 }
 
 module "eadu" {
@@ -21,3 +44,33 @@ module "eadu" {
  docker = docker.eadu
  }
 }
+
+module "common-exegol" {
+ source = "./hosts/common"
+
+ providers = {
+ docker = docker.exegol
+ }
+
+ network = docker_network.exegol.name
+}
+
+# module "common-eadu" {
+# source = "./hosts/common"
+
+# providers = {
+# docker = docker.eadu
+# }
+
+# network = docker_network.eadu.name
+# }
+
+module "common-scariff" {
+ source = "./hosts/common"
+
+ providers = {
+ docker = docker.scariff
+ }
+
+ network = docker_network.scariff.name
+}

hosts/common/portainer-agent.tf

@@ -24,7 +24,7 @@ resource "docker_container" "portainer_agent" {
  }
 
  networks_advanced {
- name = var.network.name
+ name = var.network
  }
 
  depends_on = [

hosts/common/variables.tf

@@ -0,0 +1,4 @@
+variable "network" {
+ type = string
+ description = "The name of the docker network to connect to"
+}

hosts/exegol/README.md

@@ -0,0 +1,21 @@
+# `exegol`
+
+On the `exegol` server, there are some services:
+
++ [MariaDB](https://mariadb.org/): Database.
++ [Grafana](https://grafana.com/): Monitoring.
+
+To install all of them:
+
+```bash
+terraform init
+terraform apply
+```
+
+If you create a file to store the variables:
+
+```bash
+touch exegol.tfvars
+# edit the file
+terraform apply -var-file="exegol.tfvars"
+```

hosts/exegol/mariadb.tf

@@ -0,0 +1,34 @@
+resource "docker_image" "mariadb" {
+ name = "mariadb:latest"
+}
+
+resource "docker_container" "mariadb" {
+ name = "mariadb"
+ image = docker_image.mariadb.name
+ restart = "always"
+
+ env = [
+ "PGID=50",
+ "PUID=1000",
+ "MYSQL_ROOT_PASSWORD=${var.password_mariadb}"
+ ]
+
+ ports {
+ internal = 3306
+ external = 3306
+ }
+
+ volumes {
+ container_path = "/var/lib/mysql"
+ host_path = var.storage_mariadb
+ read_only = false
+ }
+
+ networks_advanced {
+ name = var.network
+ }
+
+ depends_on = [
+ docker_container.mariadb
+ ]
+}

hosts/exegol/surrealdb.tf

@@ -0,0 +1,36 @@
+resource "docker_image" "surrealdb" {
+ name = "surrealdb/surrealdb:1.0.0-beta.9-20230402"
+}
+
+resource "docker_container" "surrealdb" {
+ name = "surrealdb"
+ image = docker_image.surrealdb.name
+ restart = "always"
+ entrypoint = [
+ "/surreal",
+ "start",
+ "--user",
+ var.user_surrealdb,
+ "--pass",
+ var.password_surrealdb,
+ "file:/data/database.db"
+ ]
+
+ ports {
+ internal = 8000
+ external = 3307
+ }
+
+ volumes {
+ host_path = var.storage_surrealdb
+ container_path = "/data"
+ }
+
+ networks_advanced {
+ name = var.network
+ }
+
+ depends_on = [
+ docker_image.surrealdb
+ ]
+}

hosts/exegol/variables.tf

@@ -0,0 +1,14 @@
+variable "password_mariadb" {}
+
+variable "user_surrealdb" {}
+
+variable "password_surrealdb" {}
+
+variable "storage_surrealdb" {}
+
+variable "storage_mariadb" {}
+
+variable "network" {
+ type = string
+ description = "Docker network name"
+}

hosts/scariff/README.md

@@ -0,0 +1,27 @@
+# `scariff`
+
+On the `scariff` server, there are some services:
+
++ [AdGuard-Home](https://adguard.com/en/adguard-home/overview.html): DNS server with ad blocker.
++ [Portainer Agent](https://www.portainer.io/): Docker management.
++ [Uptime Kuma](https://github.com/louislam/uptime-kuma): Uptime monitoring.
++ [Dozzle](https://dozzle.dev/): Docker logs viewer.
++ [Traefik](https://traefik.io/): Reverse proxy.
++ [Code-Server](https://github.com/coder/code-server): VS Code in the browser.
++ [Homepage](https://github.com/benphelps/homepage): Admin Dashboard.
++ [Homer](https://github.com/bastienwirtz/homer): External Dashboard.
+
+To install all of them:
+
+```bash
+terraform init
+terraform apply
+```
+
+If you create a file to store the variables:
+
+```bash
+touch scariff.tfvars
+# edit the file
+terraform apply -var-file="scariff.tfvars"
+```

hosts/scariff/adguard.tf

@@ -0,0 +1,63 @@
+resource "docker_image" "adguard" {
+ name = "adguard/adguardhome"
+}
+
+resource "docker_container" "adguard" {
+ name = "adguard-home"
+ image = docker_image.adguard.name
+ restart = "unless-stopped"
+
+ ports {
+ internal = 53
+ external = 53
+ }
+ ports {
+ internal = 53
+ external = 53
+ protocol = "udp"
+ }
+
+ volumes {
+ container_path = "/opt/adguardhome/conf"
+ host_path = "${var.path_config}/adguard/config"
+ read_only = false
+ }
+ volumes {
+ container_path = "/opt/adguardhome/work"
+ host_path = "${var.path_config}/adguard/work"
+ read_only = false
+ }
+
+ labels {
+ label = "traefik.http.routers.adguard.rule"
+ value = "Host(`dns.${var.domain_name}`)"
+ }
+ labels {
+ label = "traefik.http.routers.adguard.entrypoints"
+ value = var.entrypoint
+ }
+ labels {
+ label = "traefik.http.services.adguard.loadbalancer.server.port"
+ value = "80"
+ }
+ labels {
+ label = "traefik.enable"
+ value = var.traefik_enable
+ }
+ labels {
+ label = "traefik.http.routers.adguard.tls"
+ value = var.tls_enable
+ }
+ labels {
+ label = "traefik.http.routers.adguard.tls.certresolver"
+ value = var.resolver_ssl
+ }
+
+ networks_advanced {
+ name = var.network
+ }
+
+ depends_on = [
+ docker_image.adguard
+ ]
+}

hosts/scariff/cloudflared.tf

@@ -0,0 +1,27 @@
+resource "docker_image" "cloudflared" {
+ name = "cloudflare/cloudflared:latest"
+}
+
+resource "docker_container" "cloudflared" {
+ name = "cloudflared"
+ image = docker_image.cloudflared.name
+ restart = "unless-stopped"
+
+ env = [
+ "TUNNEL_TOKEN=${var.cloudflare_tunnel_token}",
+ ]
+
+ command = [
+ "tunnel",
+ "--no-autoupdate",
+ "run"
+ ]
+
+ networks_advanced {
+ name = var.network
+ }
+
+ depends_on = [
+ docker_image.cloudflared,
+ ]
+}

hosts/scariff/homepage.tf

@@ -0,0 +1,62 @@
+resource "docker_image" "homepage" {
+ name = "ghcr.io/benphelps/homepage:latest"
+}
+
+resource "docker_container" "homepage" {
+ name = "homepage"
+ image = docker_image.homepage.name
+ restart = "always"
+
+ env = [
+ "HOMEPAGE_VAR_CLOUDFLARE_TUNNEL_ID=${var.cloudflare_tunnel_id}",
+ "HOMEPAGE_VAR_CLOUDFLARE_USER_ID=${var.cloudflare_user_id}",
+ "HOMEPAGE_VAR_CLOUDFLARE_API_TOKEN=${var.cloudflare_api_token}",
+ "HOMEPAGE_VAR_ADGUARD_API_PASSWORD=${var.adguard_api_password}",
+ "HOMEPAGE_VAR_GF_USERNAME=${var.grafana_username}",
+ "HOMEPAGE_VAR_GF_PASSWORD=${var.grafana_password}",
+ ]
+
+ volumes {
+ container_path = "/app/config"
+ host_path = "${var.path_config}/homepage/"
+ read_only = false
+ }
+ volumes {
+ container_path = "/var/run/docker.sock"
+ host_path = "/var/run/docker.sock"
+ read_only = true
+ }
+
+ labels {
+ label = "traefik.http.services.homepage.loadbalancer.server.port"
+ value = "3000"
+ }
+ labels {
+ label = "traefik.http.routers.homepage.rule"
+ value = "Host(`admin.${var.domain_name}`)"
+ }
+ labels {
+ label = "traefik.http.routers.homepage.entrypoints"
+ value = var.entrypoint
+ }
+ labels {
+ label = "traefik.enable"
+ value = var.traefik_enable
+ }
+ labels {
+ label = "traefik.http.routers.homepage.tls.certresolver"
+ value = var.resolver_ssl
+ }
+ labels {
+ label = "traefik.http.routers.homepage.tls"
+ value = var.tls_enable
+ }
+
+ networks_advanced {
+ name = var.network
+ }
+
+ depends_on = [
+ docker_image.homepage
+ ]
+}