From 24f41a1b214ec85c1a59e2f67d4014acbb2dcf36 Mon Sep 17 00:00:00 2001 From: Xavier2p Date: Mon, 11 Sep 2023 12:22:15 +0200 Subject: [PATCH] ready to test deployment --- hosts.tf | 53 ++++++++++++++++ hosts/common/portainer-agent.tf | 2 +- hosts/common/variables.tf | 4 ++ hosts/exegol/README.md | 21 +++++++ hosts/exegol/mariadb.tf | 34 +++++++++++ hosts/exegol/surrealdb.tf | 36 +++++++++++ hosts/exegol/variables.tf | 14 +++++ hosts/scariff/README.md | 27 +++++++++ hosts/scariff/adguard.tf | 63 +++++++++++++++++++ hosts/scariff/cloudflared.tf | 27 +++++++++ hosts/scariff/homepage.tf | 62 +++++++++++++++++++ hosts/scariff/homer.tf | 48 +++++++++++++++ hosts/scariff/me-tube.tf | 51 ++++++++++++++++ hosts/scariff/traefik.tf | 63 +++++++++++++++++++ hosts/scariff/uptime-kuma.tf | 54 +++++++++++++++++ hosts/scariff/variables.tf | 21 +++++++ modules.tf | 97 +++++++++++++++--------------- stacks/monitoring/cadvisor.tf | 2 +- stacks/monitoring/grafana.tf | 50 +++++++-------- stacks/monitoring/node-exporter.tf | 2 +- stacks/monitoring/prometheus.tf | 50 +++++++-------- stacks/monitoring/variables.tf | 42 +++---------- variables.tf | 68 +++++++++++++++++++++ 23 files changed, 757 insertions(+), 134 deletions(-) create mode 100644 hosts/exegol/mariadb.tf create mode 100644 hosts/exegol/surrealdb.tf create mode 100644 hosts/scariff/adguard.tf create mode 100644 hosts/scariff/cloudflared.tf create mode 100644 hosts/scariff/homepage.tf create mode 100644 hosts/scariff/homer.tf create mode 100644 hosts/scariff/me-tube.tf create mode 100644 hosts/scariff/traefik.tf create mode 100644 hosts/scariff/uptime-kuma.tf diff --git a/hosts.tf b/hosts.tf index a2770f2..3ef20ca 100644 --- a/hosts.tf +++ b/hosts.tf @@ -4,6 +4,22 @@ module "scariff" { providers = { docker = docker.scariff } + + network = docker_network.scariff.name + entrypoint = var.entrypoint + traefik_enable = var.traefik_enable + resolver_ssl = var.resolver_ssl + tls_enable = var.tls_enable + domain_name = var.domain_name + path_config = var.path_config + path_downloads = var.path_downloads + grafana_password = var.grafana_password + grafana_username = var.grafana_username + cloudflare_user_id = var.cloudflare_user_id + cloudflare_api_token = var.cloudflare_api_token + cloudflare_tunnel_token = var.cloudflare_tunnel_token + cloudflare_tunnel_id = var.cloudflare_tunnel_id + adguard_api_password = var.adguard_api_password } module "exegol" { @@ -12,6 +28,13 @@ module "exegol" { providers = { docker = docker.exegol } + + network = docker_network.exegol.name + password_mariadb = var.password_mariadb + password_surrealdb = var.password_surrealdb + storage_surrealdb = var.storage_surrealdb + storage_mariadb = var.storage_mariadb + user_surrealdb = var.user_surrealdb } module "eadu" { @@ -21,3 +44,33 @@ module "eadu" { docker = docker.eadu } } + +module "common-exegol" { + source = "./hosts/common" + + providers = { + docker = docker.exegol + } + + network = docker_network.exegol.name +} + +# module "common-eadu" { +# source = "./hosts/common" + +# providers = { +# docker = docker.eadu +# } + +# network = docker_network.eadu.name +# } + +module "common-scariff" { + source = "./hosts/common" + + providers = { + docker = docker.scariff + } + + network = docker_network.scariff.name +} diff --git a/hosts/common/portainer-agent.tf b/hosts/common/portainer-agent.tf index be75f99..64ae325 100644 --- a/hosts/common/portainer-agent.tf +++ b/hosts/common/portainer-agent.tf @@ -24,7 +24,7 @@ resource "docker_container" "portainer_agent" { } networks_advanced { - name = var.network.name + name = var.network } depends_on = [ diff --git a/hosts/common/variables.tf b/hosts/common/variables.tf index e69de29..f4e8fc8 100644 --- a/hosts/common/variables.tf +++ b/hosts/common/variables.tf @@ -0,0 +1,4 @@ +variable "network" { + type = string + description = "The name of the docker network to connect to" +} diff --git a/hosts/exegol/README.md b/hosts/exegol/README.md index e69de29..a5c1509 100644 --- a/hosts/exegol/README.md +++ b/hosts/exegol/README.md @@ -0,0 +1,21 @@ +# `exegol` + +On the `exegol` server, there are some services: + ++ [MariaDB](https://mariadb.org/): Database. ++ [Grafana](https://grafana.com/): Monitoring. + +To install all of them: + +```bash +terraform init +terraform apply +``` + +If you create a file to store the variables: + +```bash +touch exegol.tfvars +# edit the file +terraform apply -var-file="exegol.tfvars" +``` diff --git a/hosts/exegol/mariadb.tf b/hosts/exegol/mariadb.tf new file mode 100644 index 0000000..c3811b3 --- /dev/null +++ b/hosts/exegol/mariadb.tf @@ -0,0 +1,34 @@ +resource "docker_image" "mariadb" { + name = "mariadb:latest" +} + +resource "docker_container" "mariadb" { + name = "mariadb" + image = docker_image.mariadb.name + restart = "always" + + env = [ + "PGID=50", + "PUID=1000", + "MYSQL_ROOT_PASSWORD=${var.password_mariadb}" + ] + + ports { + internal = 3306 + external = 3306 + } + + volumes { + container_path = "/var/lib/mysql" + host_path = var.storage_mariadb + read_only = false + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_container.mariadb + ] +} diff --git a/hosts/exegol/surrealdb.tf b/hosts/exegol/surrealdb.tf new file mode 100644 index 0000000..8938d02 --- /dev/null +++ b/hosts/exegol/surrealdb.tf @@ -0,0 +1,36 @@ +resource "docker_image" "surrealdb" { + name = "surrealdb/surrealdb:1.0.0-beta.9-20230402" +} + +resource "docker_container" "surrealdb" { + name = "surrealdb" + image = docker_image.surrealdb.name + restart = "always" + entrypoint = [ + "/surreal", + "start", + "--user", + var.user_surrealdb, + "--pass", + var.password_surrealdb, + "file:/data/database.db" + ] + + ports { + internal = 8000 + external = 3307 + } + + volumes { + host_path = var.storage_surrealdb + container_path = "/data" + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.surrealdb + ] +} diff --git a/hosts/exegol/variables.tf b/hosts/exegol/variables.tf index e69de29..8cd0937 100644 --- a/hosts/exegol/variables.tf +++ b/hosts/exegol/variables.tf @@ -0,0 +1,14 @@ +variable "password_mariadb" {} + +variable "user_surrealdb" {} + +variable "password_surrealdb" {} + +variable "storage_surrealdb" {} + +variable "storage_mariadb" {} + +variable "network" { + type = string + description = "Docker network name" +} diff --git a/hosts/scariff/README.md b/hosts/scariff/README.md index e69de29..6fbcc12 100644 --- a/hosts/scariff/README.md +++ b/hosts/scariff/README.md @@ -0,0 +1,27 @@ +# `scariff` + +On the `scariff` server, there are some services: + ++ [AdGuard-Home](https://adguard.com/en/adguard-home/overview.html): DNS server with ad blocker. ++ [Portainer Agent](https://www.portainer.io/): Docker management. ++ [Uptime Kuma](https://github.com/louislam/uptime-kuma): Uptime monitoring. ++ [Dozzle](https://dozzle.dev/): Docker logs viewer. ++ [Traefik](https://traefik.io/): Reverse proxy. ++ [Code-Server](https://github.com/coder/code-server): VS Code in the browser. ++ [Homepage](https://github.com/benphelps/homepage): Admin Dashboard. ++ [Homer](https://github.com/bastienwirtz/homer): External Dashboard. + +To install all of them: + +```bash +terraform init +terraform apply +``` + +If you create a file to store the variables: + +```bash +touch scariff.tfvars +# edit the file +terraform apply -var-file="scariff.tfvars" +``` diff --git a/hosts/scariff/adguard.tf b/hosts/scariff/adguard.tf new file mode 100644 index 0000000..e56266a --- /dev/null +++ b/hosts/scariff/adguard.tf @@ -0,0 +1,63 @@ +resource "docker_image" "adguard" { + name = "adguard/adguardhome" +} + +resource "docker_container" "adguard" { + name = "adguard-home" + image = docker_image.adguard.name + restart = "unless-stopped" + + ports { + internal = 53 + external = 53 + } + ports { + internal = 53 + external = 53 + protocol = "udp" + } + + volumes { + container_path = "/opt/adguardhome/conf" + host_path = "${var.path_config}/adguard/config" + read_only = false + } + volumes { + container_path = "/opt/adguardhome/work" + host_path = "${var.path_config}/adguard/work" + read_only = false + } + + labels { + label = "traefik.http.routers.adguard.rule" + value = "Host(`dns.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.adguard.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.http.services.adguard.loadbalancer.server.port" + value = "80" + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.adguard.tls" + value = var.tls_enable + } + labels { + label = "traefik.http.routers.adguard.tls.certresolver" + value = var.resolver_ssl + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.adguard + ] +} diff --git a/hosts/scariff/cloudflared.tf b/hosts/scariff/cloudflared.tf new file mode 100644 index 0000000..834deb7 --- /dev/null +++ b/hosts/scariff/cloudflared.tf @@ -0,0 +1,27 @@ +resource "docker_image" "cloudflared" { + name = "cloudflare/cloudflared:latest" +} + +resource "docker_container" "cloudflared" { + name = "cloudflared" + image = docker_image.cloudflared.name + restart = "unless-stopped" + + env = [ + "TUNNEL_TOKEN=${var.cloudflare_tunnel_token}", + ] + + command = [ + "tunnel", + "--no-autoupdate", + "run" + ] + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.cloudflared, + ] +} diff --git a/hosts/scariff/homepage.tf b/hosts/scariff/homepage.tf new file mode 100644 index 0000000..3b85653 --- /dev/null +++ b/hosts/scariff/homepage.tf @@ -0,0 +1,62 @@ +resource "docker_image" "homepage" { + name = "ghcr.io/benphelps/homepage:latest" +} + +resource "docker_container" "homepage" { + name = "homepage" + image = docker_image.homepage.name + restart = "always" + + env = [ + "HOMEPAGE_VAR_CLOUDFLARE_TUNNEL_ID=${var.cloudflare_tunnel_id}", + "HOMEPAGE_VAR_CLOUDFLARE_USER_ID=${var.cloudflare_user_id}", + "HOMEPAGE_VAR_CLOUDFLARE_API_TOKEN=${var.cloudflare_api_token}", + "HOMEPAGE_VAR_ADGUARD_API_PASSWORD=${var.adguard_api_password}", + "HOMEPAGE_VAR_GF_USERNAME=${var.grafana_username}", + "HOMEPAGE_VAR_GF_PASSWORD=${var.grafana_password}", + ] + + volumes { + container_path = "/app/config" + host_path = "${var.path_config}/homepage/" + read_only = false + } + volumes { + container_path = "/var/run/docker.sock" + host_path = "/var/run/docker.sock" + read_only = true + } + + labels { + label = "traefik.http.services.homepage.loadbalancer.server.port" + value = "3000" + } + labels { + label = "traefik.http.routers.homepage.rule" + value = "Host(`admin.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.homepage.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.homepage.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.homepage.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.homepage + ] +} diff --git a/hosts/scariff/homer.tf b/hosts/scariff/homer.tf new file mode 100644 index 0000000..a73abca --- /dev/null +++ b/hosts/scariff/homer.tf @@ -0,0 +1,48 @@ +resource "docker_image" "homer" { + name = "b4bz/homer:latest" +} + +resource "docker_container" "homer" { + name = "homer" + image = docker_image.homer.name + restart = "unless-stopped" + + volumes { + container_path = "/www/assets" + host_path = "${var.path_config}/homer" + read_only = false + } + + labels { + label = "traefik.http.routers.homer.rule" + value = "Host(`public.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.homer.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.services.homer.loadbalancer.server.port" + value = "8080" + } + labels { + label = "traefik.http.routers.homer.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.homer.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.homer + ] +} diff --git a/hosts/scariff/me-tube.tf b/hosts/scariff/me-tube.tf new file mode 100644 index 0000000..7e02f5c --- /dev/null +++ b/hosts/scariff/me-tube.tf @@ -0,0 +1,51 @@ +resource "docker_image" "me-tube" { + name = "ghcr.io/alexta69/metube:latest" +} + +resource "docker_container" "me-tube" { + name = "me-tube" + image = docker_image.me-tube.name + restart = "unless-stopped" + + env = [ + "DARK_MODE=true" + ] + + volumes { + container_path = "/downloads" + host_path = "${var.path_downloads}/ytdl" + } + + labels { + label = "traefik.http.routers.metube.rule" + value = "Host(`ytdl.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.metube.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.http.services.metube.loadbalancer.server.port" + value = "8081" + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.metube.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.metube.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.me-tube + ] +} diff --git a/hosts/scariff/traefik.tf b/hosts/scariff/traefik.tf new file mode 100644 index 0000000..a7e4d83 --- /dev/null +++ b/hosts/scariff/traefik.tf @@ -0,0 +1,63 @@ +resource "docker_image" "traefik" { + name = "traefik:latest" +} + +resource "docker_container" "traefik" { + name = "traefik" + image = docker_image.traefik.name + restart = "unless-stopped" + + ports { + internal = 80 + external = 80 + } + ports { + internal = 443 + external = 443 + } + + volumes { + container_path = "/var/run/docker.sock" + host_path = "/var/run/docker.sock" + read_only = true + } + volumes { + container_path = "/etc/traefik" + host_path = "${var.path_config}/traefik/" + read_only = false + } + + labels { + label = "traefik.http.routers.rpm.rule" + value = "Host(`proxy.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.rpm.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.rpm.loadbalancer.server.port" + value = "8080" + } + labels { + label = "traefik.http.routers.rpm.tls.certresolver" + value = var.resolver_ssl + } + + labels { + label = "traefik.http.routers.rpm.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.traefik + ] +} diff --git a/hosts/scariff/uptime-kuma.tf b/hosts/scariff/uptime-kuma.tf new file mode 100644 index 0000000..b6a2ff6 --- /dev/null +++ b/hosts/scariff/uptime-kuma.tf @@ -0,0 +1,54 @@ +resource "docker_image" "uptime_kuma" { + name = "louislam/uptime-kuma:latest" +} + +resource "docker_container" "uptime_kuma" { + name = "uptime-kuma" + image = docker_image.uptime_kuma.name + restart = "always" + + volumes { + container_path = "/app/data" + host_path = "${var.path_config}/uptime-kuma/" + read_only = false + } + volumes { + container_path = "/var/run/docker.sock" + host_path = "/var/run/docker.sock" + read_only = true + } + + labels { + label = "traefik.http.services.uptimekuma.loadbalancer.server.port" + value = "3001" + } + labels { + label = "traefik.http.routers.uptimekuma.rule" + value = "Host(`status.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.uptimekuma.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.uptimekuma.tls.certresolver" + value = var.resolver_ssl + } + + labels { + label = "traefik.http.routers.uptimekuma.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.uptime_kuma + ] +} diff --git a/hosts/scariff/variables.tf b/hosts/scariff/variables.tf index e69de29..8096e26 100644 --- a/hosts/scariff/variables.tf +++ b/hosts/scariff/variables.tf @@ -0,0 +1,21 @@ +// Create a `scariff.tfvars` to store the values of the variables. + +variable "domain_name" {} +variable "path_downloads" {} +variable "path_config" {} +variable "cloudflare_tunnel_token" {} +variable "resolver_ssl" {} +variable "entrypoint" {} +variable "traefik_enable" {} +variable "tls_enable" {} +variable "cloudflare_api_token" {} +variable "cloudflare_user_id" {} +variable "cloudflare_tunnel_id" {} +variable "adguard_api_password" {} +variable "grafana_username" {} +variable "grafana_password" {} + +variable "network" { + type = string + description = "Docker network name" +} diff --git a/modules.tf b/modules.tf index de0fbc7..cc2ab84 100644 --- a/modules.tf +++ b/modules.tf @@ -2,65 +2,66 @@ module "monitoring" { source = "./stacks/monitoring" providers = { - docker = docker.eadu + docker = docker.scariff } # vars - # tls_enable = var.tls_enable - # resolver_ssl = var.resolver_ssl - # entrypoint = var.entrypoint - # traefik_enable = var.traefik_enable - hostname = var.eadu.host_name - path_config = var.path_config - network = docker_network.eadu -} - -module "media" { - source = "./stacks/media" - - providers = { - docker = docker.eadu - } - - network = docker_network.eadu.name - domain_name = var.domain_name - entrypoint = var.entrypoint - path_downloads = var.path_downloads + network = docker_network.scariff.name path_config = var.path_config - resolver_ssl = var.resolver_ssl + hostname = var.scariff.host_name + entrypoint = var.entrypoint traefik_enable = var.traefik_enable + resolver_ssl = var.resolver_ssl tls_enable = var.tls_enable + domain_name = var.domain_name } -module "admin" { - source = "./stacks/admin" +# module "media" { +# source = "./stacks/media" - providers = { - docker = docker.eadu - } -} +# providers = { +# docker = docker.eadu +# } -module "cloud" { - source = "./stacks/cloud" +# network = docker_network.eadu.name +# domain_name = var.domain_name +# entrypoint = var.entrypoint +# path_downloads = var.path_downloads +# path_config = var.path_config +# resolver_ssl = var.resolver_ssl +# traefik_enable = var.traefik_enable +# tls_enable = var.tls_enable +# } - providers = { - docker = docker.eadu - } +# module "admin" { +# source = "./stacks/admin" - network = docker_network.eadu.name - domain_name = var.domain_name - entrypoint = var.entrypoint - path_downloads = var.path_downloads - path_config = var.path_config - resolver_ssl = var.resolver_ssl - traefik_enable = var.traefik_enable - tls_enable = var.tls_enable -} +# providers = { +# docker = docker.eadu +# } +# } -module "services" { - source = "./stacks/services" +# module "cloud" { +# source = "./stacks/cloud" - providers = { - docker = docker.scariff - } -} +# providers = { +# docker = docker.eadu +# } + +# network = docker_network.eadu.name +# domain_name = var.domain_name +# entrypoint = var.entrypoint +# path_downloads = var.path_downloads +# path_config = var.path_config +# resolver_ssl = var.resolver_ssl +# traefik_enable = var.traefik_enable +# tls_enable = var.tls_enable +# } + +# module "services" { +# source = "./stacks/services" + +# providers = { +# docker = docker.scariff +# } +# } diff --git a/stacks/monitoring/cadvisor.tf b/stacks/monitoring/cadvisor.tf index c9bcbb2..00087ec 100644 --- a/stacks/monitoring/cadvisor.tf +++ b/stacks/monitoring/cadvisor.tf @@ -39,7 +39,7 @@ resource "docker_container" "cadvisor" { } networks_advanced { - name = var.network.name + name = var.network } depends_on = [ diff --git a/stacks/monitoring/grafana.tf b/stacks/monitoring/grafana.tf index 924af96..7fd0981 100644 --- a/stacks/monitoring/grafana.tf +++ b/stacks/monitoring/grafana.tf @@ -19,33 +19,33 @@ resource "docker_container" "grafana" { external = 3000 } - # labels { - # label = "traefik.http.services.grafana.loadbalancer.server.port" - # value = "3000" - # } - # labels { - # label = "traefik.http.routers.grafana.rule" - # value = "Host(`monitoring.${var.domain_name}`)" - # } - # labels { - # label = "traefik.http.routers.grafana.entrypoints" - # value = var.entrypoint - # } - # labels { - # label = "traefik.enable" - # value = var.traefik_enable - # } - # labels { - # label = "traefik.http.routers.grafana.tls.certresolver" - # value = var.resolver_ssl - # } - # labels { - # label = "traefik.http.routers.grafana.tls" - # value = var.tls_enable - # } + labels { + label = "traefik.http.services.grafana.loadbalancer.server.port" + value = "3000" + } + labels { + label = "traefik.http.routers.grafana.rule" + value = "Host(`monitoring.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.grafana.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.grafana.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.grafana.tls" + value = var.tls_enable + } networks_advanced { - name = var.network.name + name = var.network } depends_on = [ diff --git a/stacks/monitoring/node-exporter.tf b/stacks/monitoring/node-exporter.tf index 1488d05..d755275 100644 --- a/stacks/monitoring/node-exporter.tf +++ b/stacks/monitoring/node-exporter.tf @@ -8,7 +8,7 @@ resource "docker_container" "node_exporter" { restart = "unless-stopped" networks_advanced { - name = var.network.name + name = var.network } depends_on = [ diff --git a/stacks/monitoring/prometheus.tf b/stacks/monitoring/prometheus.tf index ba5ea00..9b60962 100644 --- a/stacks/monitoring/prometheus.tf +++ b/stacks/monitoring/prometheus.tf @@ -28,33 +28,33 @@ resource "docker_container" "prometheus" { external = 9090 } - # labels { - # label = "traefik.http.services.prometheus.loadbalancer.server.port" - # value = "9090" - # } - # labels { - # label = "traefik.http.routers.prometheus.rule" - # value = "Host(`prometheus.${var.domain_name}`)" - # } - # labels { - # label = "traefik.http.routers.prometheus.entrypoints" - # value = var.entrypoint - # } - # labels { - # label = "traefik.enable" - # value = var.traefik_enable - # } - # labels { - # label = "traefik.http.routers.prometheus.tls.certresolver" - # value = var.resolver_ssl - # } - # labels { - # label = "traefik.http.routers.prometheus.tls" - # value = var.tls_enable - # } + labels { + label = "traefik.http.services.prometheus.loadbalancer.server.port" + value = "9090" + } + labels { + label = "traefik.http.routers.prometheus.rule" + value = "Host(`prometheus.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.prometheus.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.prometheus.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.prometheus.tls" + value = var.tls_enable + } networks_advanced { - name = var.network.name + name = var.network } depends_on = [ diff --git a/stacks/monitoring/variables.tf b/stacks/monitoring/variables.tf index bd78010..fcc7d8f 100644 --- a/stacks/monitoring/variables.tf +++ b/stacks/monitoring/variables.tf @@ -1,36 +1,12 @@ -variable "network" { - type = object({ - name = string - }) - description = "Name of the network" -} - -variable "hostname" { - type = string - description = "Name of the server" -} +variable "hostname" {} +variable "path_config" {} +variable "resolver_ssl" {} +variable "entrypoint" {} +variable "traefik_enable" {} +variable "tls_enable" {} +variable "domain_name" {} -variable "path_config" { +variable "network" { type = string - description = "Path of the config folder" + description = "Docker network name" } - -# variable "resolver_ssl" { -# type = string -# description = "SSL resolver for Traefik. can be 'staging' or 'production'" -# } - -# variable "entrypoint" { -# type = string -# description = "Entrypoint for Traefik. can be 'web' or 'websecure'" -# } - -# variable "traefik_enable" { -# type = bool -# description = "Enable Traefik" -# } - -# variable "tls_enable" { -# type = bool -# description = "Enable TLS" -# } diff --git a/variables.tf b/variables.tf index 3f7ce49..9ff84d9 100644 --- a/variables.tf +++ b/variables.tf @@ -59,3 +59,71 @@ variable "path_downloads" { type = string description = "Path of the downloads folder" } + +variable "cloudflare_tunnel_token" { + type = string + sensitive = true + description = "Cloudflare Tunnel token" +} + +variable "cloudflare_api_token" { + type = string + sensitive = true + description = "Cloudflare API token" +} + +variable "cloudflare_user_id" { + type = string + sensitive = true + description = "Cloudflare user ID" +} + +variable "cloudflare_tunnel_id" { + type = string + sensitive = true + description = "Cloudflare tunnel ID" +} + +variable "adguard_api_password" { + type = string + sensitive = true + description = "Adguard API password" +} + +variable "grafana_username" { + type = string + description = "Grafana username" +} + +variable "grafana_password" { + type = string + sensitive = true + description = "Grafana password" +} + +variable "password_mariadb" { + type = string + sensitive = true + description = "Password for MariaDB" +} + +variable "user_surrealdb" { + type = string + description = "User to connect to SurrealDB" +} + +variable "password_surrealdb" { + type = string + sensitive = true + description = "Password for SurrealDB" +} + +variable "storage_surrealdb" { + type = string + description = "Path of data, in container" +} + +variable "storage_mariadb" { + type = string + description = "Path of data, on host" +}