diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d8d6b56..add5e52 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,24 +9,21 @@ on: jobs: ci: runs-on: ubuntu-latest - defaults: - run: - working-directory: hosts/scariff steps: - - name: Checkout + - name: Checkout Repository uses: actions/checkout@v2 - name: Setup Terraform uses: hashicorp/setup-terraform@v2 - - name: Format + - name: Format Code run: terraform fmt -check -recursive - - name: Get + - name: Get Modules run: terraform get - - name: Init + - name: Init Terraform run: terraform init - - name: Validate + - name: Validate Configuration run: terraform validate diff --git a/.gitignore b/.gitignore index b59e2d4..883a043 100644 --- a/.gitignore +++ b/.gitignore @@ -1,12 +1,7 @@ .env -# secrets/ -target/ .terraform/ *.tfstate* *.tfvars *.hcl -tool -services -docker backup forge/ \ No newline at end of file diff --git a/hosts.tf b/hosts.tf new file mode 100644 index 0000000..a2770f2 --- /dev/null +++ b/hosts.tf @@ -0,0 +1,23 @@ +module "scariff" { + source = "./hosts/scariff" + + providers = { + docker = docker.scariff + } +} + +module "exegol" { + source = "./hosts/exegol" + + providers = { + docker = docker.exegol + } +} + +module "eadu" { + source = "./hosts/eadu" + + providers = { + docker = docker.eadu + } +} diff --git a/hosts/common/README.md b/hosts/common/README.md new file mode 100644 index 0000000..e69de29 diff --git a/hosts/exegol/databases/main.tf b/hosts/common/main.tf similarity index 100% rename from hosts/exegol/databases/main.tf rename to hosts/common/main.tf diff --git a/hosts/scariff/portainer-agent.tf b/hosts/common/portainer-agent.tf similarity index 86% rename from hosts/scariff/portainer-agent.tf rename to hosts/common/portainer-agent.tf index 55dbbce..be75f99 100644 --- a/hosts/scariff/portainer-agent.tf +++ b/hosts/common/portainer-agent.tf @@ -24,11 +24,10 @@ resource "docker_container" "portainer_agent" { } networks_advanced { - name = docker_network.main.name + name = var.network.name } depends_on = [ - docker_image.portainer_agent, - docker_network.main + docker_image.portainer_agent ] } diff --git a/hosts/common/variables.tf b/hosts/common/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/hosts/eadu/main.tf b/hosts/eadu/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/hosts/eadu/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/hosts/exegol/README.md b/hosts/exegol/README.md index a5c1509..e69de29 100644 --- a/hosts/exegol/README.md +++ b/hosts/exegol/README.md @@ -1,21 +0,0 @@ -# `exegol` - -On the `exegol` server, there are some services: - -+ [MariaDB](https://mariadb.org/): Database. -+ [Grafana](https://grafana.com/): Monitoring. - -To install all of them: - -```bash -terraform init -terraform apply -``` - -If you create a file to store the variables: - -```bash -touch exegol.tfvars -# edit the file -terraform apply -var-file="exegol.tfvars" -``` diff --git a/hosts/exegol/databases/mariadb.tf b/hosts/exegol/databases/mariadb.tf deleted file mode 100644 index c3811b3..0000000 --- a/hosts/exegol/databases/mariadb.tf +++ /dev/null @@ -1,34 +0,0 @@ -resource "docker_image" "mariadb" { - name = "mariadb:latest" -} - -resource "docker_container" "mariadb" { - name = "mariadb" - image = docker_image.mariadb.name - restart = "always" - - env = [ - "PGID=50", - "PUID=1000", - "MYSQL_ROOT_PASSWORD=${var.password_mariadb}" - ] - - ports { - internal = 3306 - external = 3306 - } - - volumes { - container_path = "/var/lib/mysql" - host_path = var.storage_mariadb - read_only = false - } - - networks_advanced { - name = var.network - } - - depends_on = [ - docker_container.mariadb - ] -} diff --git a/hosts/exegol/databases/surrealdb.tf b/hosts/exegol/databases/surrealdb.tf deleted file mode 100644 index d36fa2e..0000000 --- a/hosts/exegol/databases/surrealdb.tf +++ /dev/null @@ -1,36 +0,0 @@ -resource "docker_image" "surrealdb" { - name = "surrealdb/surrealdb:1.0.0-beta.9-20230402" -} - -resource "docker_container" "surrealdb" { - name = "surrealdb" - image = docker_image.surrealdb.name - restart = "always" - entrypoint = [ - "/surreal", - "start", - "--user", - var.user_surrealdb, - "--pass", - var.password_surrealdb, - "file:${var.storage_surrealdb}/database.db" - ] - - ports { - internal = 8000 - external = 3307 - } - - volumes { - host_path = "/usr/local/surrealdb" - container_path = var.storage_surrealdb - } - - networks_advanced { - name = var.network - } - - depends_on = [ - docker_image.surrealdb - ] -} diff --git a/hosts/exegol/databases/variables.tf b/hosts/exegol/databases/variables.tf deleted file mode 100644 index 7ec15f4..0000000 --- a/hosts/exegol/databases/variables.tf +++ /dev/null @@ -1,34 +0,0 @@ -variable "password_mariadb" { - type = string - sensitive = true - description = "Password for MariaDB" -} - -variable "user_surrealdb" { - type = string - default = "root" - description = "User to connect to SurrealDB" -} - -variable "password_surrealdb" { - type = string - sensitive = true - description = "Password for SurrealDB" -} - -variable "storage_surrealdb" { - type = string - default = "/data" - description = "Path of data, in container" -} - -variable "storage_mariadb" { - type = string - default = "/usr/local/mariadb" - description = "Path of data, on host" -} - -variable "network" { - type = string - description = "Name of the network" -} diff --git a/hosts/exegol/grafana.tf b/hosts/exegol/grafana.tf deleted file mode 100644 index 3d8be1d..0000000 --- a/hosts/exegol/grafana.tf +++ /dev/null @@ -1,35 +0,0 @@ -resource "docker_image" "grafana" { - name = "grafana/grafana-oss:latest" -} - -resource "docker_volume" "grafana" { - name = "grafana" -} - -resource "docker_container" "grafana" { - name = "grafana" - image = docker_image.grafana.name - restart = "unless-stopped" - user = "0" - - ports { - internal = 3000 - external = 3123 - } - - volumes { - container_path = "/var/lib/grafana" - volume_name = docker_volume.grafana.name - read_only = false - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_container.grafana, - docker_volume.grafana, - docker_network.main - ] -} diff --git a/hosts/exegol/main.tf b/hosts/exegol/main.tf index 2c90c91..a238e2d 100644 --- a/hosts/exegol/main.tf +++ b/hosts/exegol/main.tf @@ -6,8 +6,3 @@ terraform { } } } - -provider "docker" { - # can be the port in remote connection - host = "unix:///var/run/docker.sock" -} diff --git a/hosts/exegol/modules.tf b/hosts/exegol/modules.tf deleted file mode 100644 index 846d3cc..0000000 --- a/hosts/exegol/modules.tf +++ /dev/null @@ -1,14 +0,0 @@ -module "database" { - source = "./databases" - - providers = { - docker = docker - } - - password_mariadb = var.password_mariadb - password_surrealdb = var.password_surrealdb - storage_mariadb = var.storage_mariadb - storage_surrealdb = var.storage_surrealdb - user_surrealdb = var.user_surrealdb - network = docker_network.main.name -} diff --git a/hosts/exegol/network.tf b/hosts/exegol/network.tf deleted file mode 100644 index d066b70..0000000 --- a/hosts/exegol/network.tf +++ /dev/null @@ -1,4 +0,0 @@ -resource "docker_network" "main" { - name = var.hostname - driver = "bridge" -} diff --git a/hosts/exegol/outputs.tf b/hosts/exegol/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/hosts/exegol/variables.tf b/hosts/exegol/variables.tf index 277c98c..e69de29 100644 --- a/hosts/exegol/variables.tf +++ b/hosts/exegol/variables.tf @@ -1,37 +0,0 @@ -// Create a `exegol.tfvars` to store the values of the variables. - -variable "password_mariadb" { - type = string - sensitive = true - description = "Password for MariaDB" -} - -variable "hostname" { - type = string - default = "exegol" - description = "Name of the server" -} - -variable "user_surrealdb" { - type = string - default = "root" - description = "User to connect to SurrealDB" -} - -variable "password_surrealdb" { - type = string - sensitive = true - description = "Password for SurrealDB" -} - -variable "storage_surrealdb" { - type = string - default = "/data" - description = "Path of data, in container" -} - -variable "storage_mariadb" { - type = string - default = "/usr/local/mariadb" - description = "Path of data, on host" -} diff --git a/hosts/scariff/README.md b/hosts/scariff/README.md index 6fbcc12..e69de29 100644 --- a/hosts/scariff/README.md +++ b/hosts/scariff/README.md @@ -1,27 +0,0 @@ -# `scariff` - -On the `scariff` server, there are some services: - -+ [AdGuard-Home](https://adguard.com/en/adguard-home/overview.html): DNS server with ad blocker. -+ [Portainer Agent](https://www.portainer.io/): Docker management. -+ [Uptime Kuma](https://github.com/louislam/uptime-kuma): Uptime monitoring. -+ [Dozzle](https://dozzle.dev/): Docker logs viewer. -+ [Traefik](https://traefik.io/): Reverse proxy. -+ [Code-Server](https://github.com/coder/code-server): VS Code in the browser. -+ [Homepage](https://github.com/benphelps/homepage): Admin Dashboard. -+ [Homer](https://github.com/bastienwirtz/homer): External Dashboard. - -To install all of them: - -```bash -terraform init -terraform apply -``` - -If you create a file to store the variables: - -```bash -touch scariff.tfvars -# edit the file -terraform apply -var-file="scariff.tfvars" -``` diff --git a/hosts/scariff/adguard.tf b/hosts/scariff/adguard.tf deleted file mode 100644 index fcee6bf..0000000 --- a/hosts/scariff/adguard.tf +++ /dev/null @@ -1,64 +0,0 @@ -resource "docker_image" "adguard" { - name = "adguard/adguardhome" -} - -resource "docker_container" "adguard" { - name = "adguard-home" - image = docker_image.adguard.name - restart = "unless-stopped" - - ports { - internal = 53 - external = 53 - } - ports { - internal = 53 - external = 53 - protocol = "udp" - } - - volumes { - container_path = "/opt/adguardhome/conf" - host_path = "${var.path_config}/adguard/config" - read_only = false - } - volumes { - container_path = "/opt/adguardhome/work" - host_path = "${var.path_config}/adguard/work" - read_only = false - } - - labels { - label = "traefik.http.routers.adguard.rule" - value = "Host(`dns.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.adguard.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.http.services.adguard.loadbalancer.server.port" - value = "80" - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.adguard.tls" - value = var.tls_enable - } - labels { - label = "traefik.http.routers.adguard.tls.certresolver" - value = var.resolver_ssl - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.adguard, - docker_network.main - ] -} diff --git a/hosts/scariff/cloudflared.tf b/hosts/scariff/cloudflared.tf deleted file mode 100644 index c697366..0000000 --- a/hosts/scariff/cloudflared.tf +++ /dev/null @@ -1,28 +0,0 @@ -resource "docker_image" "cloudflared" { - name = "cloudflare/cloudflared:latest" -} - -resource "docker_container" "cloudflared" { - name = "cloudflared" - image = docker_image.cloudflared.name - restart = "unless-stopped" - - env = [ - "TUNNEL_TOKEN=${var.cloudflare_tunnel_token}", - ] - - command = [ - "tunnel", - "--no-autoupdate", - "run" - ] - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.cloudflared, - docker_network.main, - ] -} diff --git a/hosts/scariff/dozzle.tf b/hosts/scariff/dozzle.tf deleted file mode 100644 index ca505b3..0000000 --- a/hosts/scariff/dozzle.tf +++ /dev/null @@ -1,49 +0,0 @@ -resource "docker_image" "dozzle" { - name = "amir20/dozzle:latest" -} - -resource "docker_container" "dozzle" { - name = "dozzle" - image = docker_image.dozzle.name - restart = "always" - - volumes { - container_path = "/var/run/docker.sock" - host_path = "/var/run/docker.sock" - read_only = true - } - - labels { - label = "traefik.http.routers.dozzle.rule" - value = "Host(`dozzle.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.dozzle.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.http.services.dozzle.loadbalancer.server.port" - value = "8080" - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.dozzle.tls.certresolver" - value = var.resolver_ssl - } - labels { - label = "traefik.http.routers.dozzle.tls" - value = var.tls_enable - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.dozzle, - docker_network.main - ] -} diff --git a/hosts/scariff/homepage.tf b/hosts/scariff/homepage.tf deleted file mode 100644 index 5bcc286..0000000 --- a/hosts/scariff/homepage.tf +++ /dev/null @@ -1,72 +0,0 @@ -resource "docker_image" "homepage" { - name = "ghcr.io/benphelps/homepage:latest" -} - -resource "docker_container" "homepage" { - name = "homepage" - image = docker_image.homepage.name - restart = "always" - - env = [ - "HOMEPAGE_VAR_CLOUDFLARE_TUNNEL_ID=${var.cloudflare_tunnel_id}", - "HOMEPAGE_VAR_CLOUDFLARE_USER_ID=${var.cloudflare_user_id}", - "HOMEPAGE_VAR_CLOUDFLARE_API_TOKEN=${var.cloudflare_api_token}", - "HOMEPAGE_VAR_ADGUARD_API_PASSWORD=${var.adguard_api_password}", - "HOMEPAGE_VAR_GF_USERNAME=${var.grafana_username}", - "HOMEPAGE_VAR_GF_PASSWORD=${var.grafana_password}", - ] - - volumes { - container_path = "/app/config" - host_path = "${var.path_config}/homepage/" - read_only = false - } - volumes { - container_path = "/var/run/docker.sock" - host_path = "/var/run/docker.sock" - read_only = true - } - - labels { - label = "traefik.http.services.homepage.loadbalancer.server.port" - value = "3000" - } - labels { - label = "traefik.http.routers.homepage.rule" - value = "Host(`admin.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.homepage.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.homepage.tls.certresolver" - value = var.resolver_ssl - } - labels { - label = "traefik.http.routers.homepage.tls" - value = var.tls_enable - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.homepage, - docker_network.main - ] -} - -# labels { -# label = "traefik.http.routers.homepage.tls.certresolver" -# value = "le" -# } -# labels { -# label = "traefik.http.routers.homepage.tls" -# value = "true" -# } diff --git a/hosts/scariff/homer.tf b/hosts/scariff/homer.tf deleted file mode 100644 index 1fa24c2..0000000 --- a/hosts/scariff/homer.tf +++ /dev/null @@ -1,49 +0,0 @@ -resource "docker_image" "homer" { - name = "b4bz/homer:latest" -} - -resource "docker_container" "homer" { - name = "homer" - image = docker_image.homer.name - restart = "unless-stopped" - - volumes { - container_path = "/www/assets" - host_path = "${var.path_config}/homer" - read_only = false - } - - labels { - label = "traefik.http.routers.homer.rule" - value = "Host(`public.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.homer.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.services.homer.loadbalancer.server.port" - value = "8080" - } - labels { - label = "traefik.http.routers.homer.tls.certresolver" - value = var.resolver_ssl - } - labels { - label = "traefik.http.routers.homer.tls" - value = var.tls_enable - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.homer, - docker_network.main - ] -} diff --git a/hosts/scariff/main.tf b/hosts/scariff/main.tf index 2ccdacc..a238e2d 100644 --- a/hosts/scariff/main.tf +++ b/hosts/scariff/main.tf @@ -6,9 +6,3 @@ terraform { } } } - -provider "docker" { - # can be the port in remote connection - host = "unix:///var/run/docker.sock" - # host = "tcp://${var.host}:2375" -} diff --git a/hosts/scariff/me-tube.tf b/hosts/scariff/me-tube.tf deleted file mode 100644 index 2b04256..0000000 --- a/hosts/scariff/me-tube.tf +++ /dev/null @@ -1,52 +0,0 @@ -resource "docker_image" "me-tube" { - name = "ghcr.io/alexta69/metube:latest" -} - -resource "docker_container" "me-tube" { - name = "me-tube" - image = docker_image.me-tube.name - restart = "unless-stopped" - - env = [ - "DARK_MODE=true" - ] - - volumes { - container_path = "/downloads" - host_path = "${var.path_downloads}/ytdl" - } - - labels { - label = "traefik.http.routers.metube.rule" - value = "Host(`ytdl.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.metube.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.http.services.metube.loadbalancer.server.port" - value = "8081" - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.metube.tls.certresolver" - value = var.resolver_ssl - } - labels { - label = "traefik.http.routers.metube.tls" - value = var.tls_enable - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.me-tube, - docker_network.main - ] -} diff --git a/hosts/scariff/modules.tf b/hosts/scariff/modules.tf deleted file mode 100644 index c128972..0000000 --- a/hosts/scariff/modules.tf +++ /dev/null @@ -1,35 +0,0 @@ -module "monitoring" { - source = "./monitoring" - - providers = { - docker = docker - } - - network = docker_network.main.name - hostname = var.hostname - path_config = var.path_config - entrypoint = var.entrypoint - tls_enable = var.tls_enable - domain_name = var.domain_name - resolver_ssl = var.resolver_ssl - traefik_enable = var.traefik_enable - adguard_api_password = var.adguard_api_password -} - -# module "media" { -# source = "./media" - -# providers = { -# docker = docker -# } - -# network = docker_network.main.name -# hostname = var.hostname -# path_config = var.path_config -# entrypoint = var.entrypoint -# tls_enable = var.tls_enable -# domain_name = var.domain_name -# resolver_ssl = var.resolver_ssl -# traefik_enable = var.traefik_enable -# path_downloads = var.path_downloads -# } diff --git a/hosts/scariff/monitoring/adguard-exporter.tf b/hosts/scariff/monitoring/adguard-exporter.tf deleted file mode 100644 index 95e5bc6..0000000 --- a/hosts/scariff/monitoring/adguard-exporter.tf +++ /dev/null @@ -1,27 +0,0 @@ -resource "docker_image" "adguard-exporter" { - name = "ebrianne/adguard-exporter:latest" -} - -resource "docker_container" "adguard-exporter" { - name = "adguard-exporter" - image = docker_image.adguard-exporter.name - restart = "unless-stopped" - - env = [ - "adguard_protocol=http", - "adguard_hostname=adguard-home", - "adguard_username=api", - "adguard_password=${var.adguard_api_password}", - "interval=10s", - "log_limit=10000", - "server_port=9617" - ] - - networks_advanced { - name = var.network - } - - depends_on = [ - docker_image.adguard-exporter - ] -} diff --git a/hosts/scariff/monitoring/grafana.tf b/hosts/scariff/monitoring/grafana.tf deleted file mode 100644 index 3c6b422..0000000 --- a/hosts/scariff/monitoring/grafana.tf +++ /dev/null @@ -1,49 +0,0 @@ -resource "docker_image" "grafana" { - name = "grafana/grafana-oss:latest" -} - -resource "docker_container" "grafana" { - name = "grafana" - image = docker_image.grafana.name - restart = "unless-stopped" - user = "0" - - volumes { - container_path = "/var/lib/grafana" - host_path = "${var.path_config}/grafana/data" - read_only = false - } - - labels { - label = "traefik.http.services.grafana.loadbalancer.server.port" - value = "3000" - } - labels { - label = "traefik.http.routers.grafana.rule" - value = "Host(`monitoring.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.grafana.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.grafana.tls.certresolver" - value = var.resolver_ssl - } - labels { - label = "traefik.http.routers.grafana.tls" - value = var.tls_enable - } - - networks_advanced { - name = var.network - } - - depends_on = [ - docker_image.grafana - ] -} diff --git a/hosts/scariff/monitoring/main.tf b/hosts/scariff/monitoring/main.tf deleted file mode 100644 index 0d6be7a..0000000 --- a/hosts/scariff/monitoring/main.tf +++ /dev/null @@ -1,14 +0,0 @@ -terraform { - required_providers { - docker = { - source = "kreuzwerker/docker" - version = "3.0.2" - } - } -} - -# provider "docker" { -# # can be the port in remote connection -# host = "unix:///var/run/docker.sock" -# # host = "tcp://${var.host}:2375" -# } diff --git a/hosts/scariff/monitoring/prometheus.tf b/hosts/scariff/monitoring/prometheus.tf deleted file mode 100644 index f873d4b..0000000 --- a/hosts/scariff/monitoring/prometheus.tf +++ /dev/null @@ -1,58 +0,0 @@ -resource "docker_image" "prometheus" { - name = "prom/prometheus:latest" -} - -resource "docker_container" "prometheus" { - name = "prometheus" - image = docker_image.prometheus.name - restart = "unless-stopped" - - command = [ - "--config.file=/etc/prometheus/prometheus.yml", - # "--storage.local.path=/prometheus", - ] - - volumes { - container_path = "/etc/prometheus" - host_path = "${var.path_config}/prometheus/config" - read_only = false - } - volumes { - container_path = "/prometheus" - host_path = "${var.path_config}/prometheus/data" - read_only = false - } - - labels { - label = "traefik.http.services.prometheus.loadbalancer.server.port" - value = "9090" - } - labels { - label = "traefik.http.routers.prometheus.rule" - value = "Host(`prometheus.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.prometheus.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.prometheus.tls.certresolver" - value = var.resolver_ssl - } - labels { - label = "traefik.http.routers.prometheus.tls" - value = var.tls_enable - } - - networks_advanced { - name = var.network - } - - depends_on = [ - docker_image.prometheus - ] -} diff --git a/hosts/scariff/network.tf b/hosts/scariff/network.tf deleted file mode 100644 index 15f0f1d..0000000 --- a/hosts/scariff/network.tf +++ /dev/null @@ -1,9 +0,0 @@ -resource "docker_network" "main" { - name = var.hostname - driver = "bridge" -} - -resource "docker_network" "public" { - name = "${var.hostname}-public" - driver = "bridge" -} diff --git a/hosts/scariff/outputs.tf b/hosts/scariff/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/hosts/scariff/traefik.tf b/hosts/scariff/traefik.tf deleted file mode 100644 index 4642c2b..0000000 --- a/hosts/scariff/traefik.tf +++ /dev/null @@ -1,64 +0,0 @@ -resource "docker_image" "traefik" { - name = "traefik:latest" -} - -resource "docker_container" "traefik" { - name = "traefik" - image = docker_image.traefik.name - restart = "unless-stopped" - - ports { - internal = 80 - external = 80 - } - ports { - internal = 443 - external = 443 - } - - volumes { - container_path = "/var/run/docker.sock" - host_path = "/var/run/docker.sock" - read_only = true - } - volumes { - container_path = "/etc/traefik" - host_path = "${var.path_config}/traefik/" - read_only = false - } - - labels { - label = "traefik.http.routers.rpm.rule" - value = "Host(`proxy.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.rpm.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.rpm.loadbalancer.server.port" - value = "8080" - } - labels { - label = "traefik.http.routers.rpm.tls.certresolver" - value = var.resolver_ssl - } - - labels { - label = "traefik.http.routers.rpm.tls" - value = var.tls_enable - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.traefik, - docker_network.main - ] -} diff --git a/hosts/scariff/uptime-kuma.tf b/hosts/scariff/uptime-kuma.tf deleted file mode 100644 index c73b913..0000000 --- a/hosts/scariff/uptime-kuma.tf +++ /dev/null @@ -1,55 +0,0 @@ -resource "docker_image" "uptime_kuma" { - name = "louislam/uptime-kuma:latest" -} - -resource "docker_container" "uptime_kuma" { - name = "uptime-kuma" - image = docker_image.uptime_kuma.name - restart = "always" - - volumes { - container_path = "/app/data" - host_path = "${var.path_config}/uptime-kuma/" - read_only = false - } - volumes { - container_path = "/var/run/docker.sock" - host_path = "/var/run/docker.sock" - read_only = true - } - - labels { - label = "traefik.http.services.uptimekuma.loadbalancer.server.port" - value = "3001" - } - labels { - label = "traefik.http.routers.uptimekuma.rule" - value = "Host(`status.${var.domain_name}`)" - } - labels { - label = "traefik.http.routers.uptimekuma.entrypoints" - value = var.entrypoint - } - labels { - label = "traefik.enable" - value = var.traefik_enable - } - labels { - label = "traefik.http.routers.uptimekuma.tls.certresolver" - value = var.resolver_ssl - } - - labels { - label = "traefik.http.routers.uptimekuma.tls" - value = var.tls_enable - } - - networks_advanced { - name = docker_network.main.name - } - - depends_on = [ - docker_image.uptime_kuma, - docker_network.main - ] -} diff --git a/hosts/scariff/variables.tf b/hosts/scariff/variables.tf index 792bf32..e69de29 100644 --- a/hosts/scariff/variables.tf +++ b/hosts/scariff/variables.tf @@ -1,87 +0,0 @@ -// Create a `scariff.tfvars` to store the values of the variables. - -variable "domain_name" { - type = string - default = "xavier2p.fr" - description = "Domain name for the server" -} - -variable "hostname" { - type = string - default = "scariff" - description = "Name of the server" -} - -variable "path_downloads" { - type = string - default = "/downloads" - description = "Path to the downloads folder" -} - -variable "path_config" { - type = string - default = "/docker" - description = "Path of the config folder" -} - -variable "cloudflare_tunnel_token" { - type = string - sensitive = true - description = "Cloudflare Tunnel token" -} - -variable "resolver_ssl" { - type = string - description = "SSL resolver for Traefik. can be 'staging' or 'production'" -} - -variable "entrypoint" { - type = string - description = "Entrypoint for Traefik. can be 'web' or 'websecure'" -} - -variable "traefik_enable" { - type = bool - default = true - description = "Enable Traefik" -} - -variable "tls_enable" { - type = bool - description = "Enable TLS" -} - -variable "cloudflare_api_token" { - type = string - sensitive = true - description = "Cloudflare API token" -} - -variable "cloudflare_user_id" { - type = string - sensitive = true - description = "Cloudflare user ID" -} - -variable "cloudflare_tunnel_id" { - type = string - sensitive = true - description = "Cloudflare tunnel ID" -} - -variable "adguard_api_password" { - type = string - sensitive = true - description = "Adguard API password" -} - -variable "grafana_username" { - type = string - description = "Grafana username" -} - -variable "grafana_password" { - type = string - sensitive = true - description = "Grafana password" -} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/modules.tf b/modules.tf new file mode 100644 index 0000000..de0fbc7 --- /dev/null +++ b/modules.tf @@ -0,0 +1,66 @@ +module "monitoring" { + source = "./stacks/monitoring" + + providers = { + docker = docker.eadu + } + + # vars + # tls_enable = var.tls_enable + # resolver_ssl = var.resolver_ssl + # entrypoint = var.entrypoint + # traefik_enable = var.traefik_enable + hostname = var.eadu.host_name + path_config = var.path_config + network = docker_network.eadu +} + +module "media" { + source = "./stacks/media" + + providers = { + docker = docker.eadu + } + + network = docker_network.eadu.name + domain_name = var.domain_name + entrypoint = var.entrypoint + path_downloads = var.path_downloads + path_config = var.path_config + resolver_ssl = var.resolver_ssl + traefik_enable = var.traefik_enable + tls_enable = var.tls_enable +} + +module "admin" { + source = "./stacks/admin" + + providers = { + docker = docker.eadu + } +} + +module "cloud" { + source = "./stacks/cloud" + + providers = { + docker = docker.eadu + } + + network = docker_network.eadu.name + domain_name = var.domain_name + entrypoint = var.entrypoint + path_downloads = var.path_downloads + path_config = var.path_config + resolver_ssl = var.resolver_ssl + traefik_enable = var.traefik_enable + tls_enable = var.tls_enable +} + +module "services" { + source = "./stacks/services" + + providers = { + docker = docker.scariff + } +} diff --git a/networks.tf b/networks.tf new file mode 100644 index 0000000..dad711a --- /dev/null +++ b/networks.tf @@ -0,0 +1,17 @@ +resource "docker_network" "exegol" { + provider = docker.exegol + + name = "${var.exegol.host_name}-${var.exegol.env}" +} + +resource "docker_network" "eadu" { + provider = docker.eadu + + name = "${var.eadu.host_name}-${var.eadu.env}" +} + +resource "docker_network" "scariff" { + provider = docker.scariff + + name = "${var.scariff.host_name}-${var.scariff.env}" +} diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/providers.tf b/providers.tf new file mode 100644 index 0000000..3747e81 --- /dev/null +++ b/providers.tf @@ -0,0 +1,14 @@ +provider "docker" { + host = "unix:///var/run/docker.sock" + alias = "exegol" +} + +provider "docker" { + host = "tcp://${var.eadu.ip}:2375" + alias = "eadu" +} + +provider "docker" { + host = "tcp://${var.scariff.ip}:2375" + alias = "scariff" +} diff --git a/stacks/admin/README.md b/stacks/admin/README.md new file mode 100644 index 0000000..e69de29 diff --git a/stacks/admin/homepage.tf b/stacks/admin/homepage.tf new file mode 100644 index 0000000..46d5ac3 --- /dev/null +++ b/stacks/admin/homepage.tf @@ -0,0 +1,62 @@ +# resource "docker_image" "homepage" { +# name = "ghcr.io/benphelps/homepage:latest" +# } + +# resource "docker_container" "homepage" { +# name = "homepage" +# image = docker_image.homepage.name +# restart = "always" + +# env = [ +# "HOMEPAGE_VAR_CLOUDFLARE_TUNNEL_ID=${var.cloudflare_tunnel_id}", +# "HOMEPAGE_VAR_CLOUDFLARE_USER_ID=${var.cloudflare_user_id}", +# "HOMEPAGE_VAR_CLOUDFLARE_API_TOKEN=${var.cloudflare_api_token}", +# "HOMEPAGE_VAR_ADGUARD_API_PASSWORD=${var.adguard_api_password}", +# "HOMEPAGE_VAR_GF_USERNAME=${var.grafana_username}", +# "HOMEPAGE_VAR_GF_PASSWORD=${var.grafana_password}", +# ] + +# volumes { +# container_path = "/app/config" +# host_path = "${var.path_config}/homepage/" +# read_only = false +# } +# volumes { +# container_path = "/var/run/docker.sock" +# host_path = "/var/run/docker.sock" +# read_only = true +# } + +# labels { +# label = "traefik.http.services.homepage.loadbalancer.server.port" +# value = "3000" +# } +# labels { +# label = "traefik.http.routers.homepage.rule" +# value = "Host(`admin.${var.domain_name}`)" +# } +# labels { +# label = "traefik.http.routers.homepage.entrypoints" +# value = var.entrypoint +# } +# labels { +# label = "traefik.enable" +# value = var.traefik_enable +# } +# labels { +# label = "traefik.http.routers.homepage.tls.certresolver" +# value = var.resolver_ssl +# } +# labels { +# label = "traefik.http.routers.homepage.tls" +# value = var.tls_enable +# } + +# networks_advanced { +# name = var.network +# } + +# depends_on = [ +# docker_image.homepage +# ] +# } diff --git a/stacks/admin/main.tf b/stacks/admin/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/stacks/admin/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/stacks/admin/outputs.tf b/stacks/admin/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/admin/portainer.tf b/stacks/admin/portainer.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/admin/variables.tf b/stacks/admin/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/README.md b/stacks/cloud/README.md new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/code-server.tf b/stacks/cloud/code-server.tf new file mode 100644 index 0000000..f8a3c1e --- /dev/null +++ b/stacks/cloud/code-server.tf @@ -0,0 +1,62 @@ +resource "docker_image" "code_server" { + name = "linuxserver/code-server:latest" +} + +resource "docker_container" "code_server" { + name = "code-server" + image = docker_image.code_server.name + restart = "unless-stopped" + env = [ + "PGID=1000", + "PUID=1000" + ] + + ports { + internal = 8443 + external = 8443 + } + + volumes { + container_path = "/config" + host_path = "${var.path_config}/code-server/" + read_only = false + } + volumes { + container_path = "/docker-config" + host_path = var.path_config + read_only = false + } + + labels { + label = "traefik.http.routers.code-server.rule" + value = "Host(`code.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.code-server.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.services.code-server.loadbalancer.server.port" + value = "8443" + } + labels { + label = "traefik.http.routers.code-server.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.code-server.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.code_server + ] +} diff --git a/stacks/cloud/gitea.tf b/stacks/cloud/gitea.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/main.tf b/stacks/cloud/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/stacks/cloud/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/stacks/cloud/nextcloud.tf b/stacks/cloud/nextcloud.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/onlyoffice.tf b/stacks/cloud/onlyoffice.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/outputs.tf b/stacks/cloud/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/photoprism.tf b/stacks/cloud/photoprism.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/cloud/samba.tf b/stacks/cloud/samba.tf new file mode 100644 index 0000000..e69de29 diff --git a/hosts/scariff/monitoring/variables.tf b/stacks/cloud/variables.tf similarity index 75% rename from hosts/scariff/monitoring/variables.tf rename to stacks/cloud/variables.tf index 2ceb1c9..f7661a6 100644 --- a/hosts/scariff/monitoring/variables.tf +++ b/stacks/cloud/variables.tf @@ -3,14 +3,14 @@ variable "domain_name" { description = "Domain name for the server" } -variable "network" { - type = string - description = "Name of the network" -} +# variable "hostname" { +# type = string +# description = "Name of the server" +# } -variable "hostname" { +variable "path_downloads" { type = string - description = "Name of the server" + description = "Path to the downloads folder" } variable "path_config" { @@ -38,8 +38,7 @@ variable "tls_enable" { description = "Enable TLS" } -variable "adguard_api_password" { +variable "network" { type = string - sensitive = true - description = "Adguard API password" + description = "Name of the Docker network" } diff --git a/stacks/media/README.md b/stacks/media/README.md new file mode 100644 index 0000000..e69de29 diff --git a/stacks/media/jackett.tf b/stacks/media/jackett.tf new file mode 100644 index 0000000..44f729d --- /dev/null +++ b/stacks/media/jackett.tf @@ -0,0 +1,57 @@ +resource "docker_image" "jackett" { + name = "linuxserver/jackett:latest" +} + +resource "docker_container" "jackett" { + name = "jackett" + image = docker_image.jackett.name + restart = "unless-stopped" + + env = [ + "TZ=Europe/Paris", + "PUID=1000", + "PGID=1000", + ] + + volumes { + host_path = "${var.path_config}/jackett" + container_path = "/config" + } + # volumes { + # host_path = "${var.path_downloads}/jackett" + # container_path = "/downloads" + # } + + labels { + label = "traefik.http.services.jackett.loadbalancer.server.port" + value = "9117" + } + labels { + label = "traefik.http.routers.jackett.rule" + value = "Host(`jackett.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.jackett.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.jackett.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.jackett.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.jackett, + ] +} diff --git a/stacks/media/jellyfin.tf b/stacks/media/jellyfin.tf new file mode 100644 index 0000000..a138aee --- /dev/null +++ b/stacks/media/jellyfin.tf @@ -0,0 +1,69 @@ +resource "docker_image" "jellyfin" { + name = "jellyfin/jellyfin:latest" +} + +resource "docker_container" "jellyfin" { + name = "jellyfin" + image = docker_image.jellyfin.name + restart = "unless-stopped" + network_mode = "host" + + volumes { + host_path = "${var.path_config}/jellyfin" + container_path = "/config" + } + + volumes { + host_path = "${var.path_downloads}/movies" + container_path = "/movies" + } + volumes { + host_path = "${var.path_downloads}/series" + container_path = "/series" + } + volumes { + host_path = "${var.path_downloads}/music" + container_path = "/music" + } + volumes { + host_path = "${var.path_downloads}/photos" + container_path = "/photos" + } + volumes { + host_path = "${var.path_downloads}/ytdl" + container_path = "/ytdl" + } + + labels { + label = "traefik.http.services.jellyfin.loadbalancer.server.port" + value = "8096" + } + labels { + label = "traefik.http.routers.jellyfin.rule" + value = "Host(`jellyfin.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.jellyfin.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.jellyfin.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.jellyfin.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.jellyfin + ] +} diff --git a/stacks/media/jellyseerr.tf b/stacks/media/jellyseerr.tf new file mode 100644 index 0000000..ea6d1db --- /dev/null +++ b/stacks/media/jellyseerr.tf @@ -0,0 +1,52 @@ +resource "docker_image" "jellyseerr" { + name = "fallenbagel/jellyseerr:latest" +} + +resource "docker_container" "jellyseerr" { + name = "jellyseerr" + image = docker_image.jellyseerr.name + restart = "unless-stopped" + + env = [ + "LOG_LEVEL=debug", + "TZ=Europe/Paris", + ] + + volumes { + host_path = "${var.path_config}/jellyseerr" + container_path = "/config" + } + + labels { + label = "traefik.http.services.jellyseerr.loadbalancer.server.port" + value = "5055" + } + labels { + label = "traefik.http.routers.jellyseerr.rule" + value = "Host(`vod.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.jellyseerr.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.jellyseerr.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.jellyseerr.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.jellyseerr + ] +} diff --git a/stacks/media/main.tf b/stacks/media/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/stacks/media/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/stacks/media/radarr.tf b/stacks/media/radarr.tf new file mode 100644 index 0000000..d6f70eb --- /dev/null +++ b/stacks/media/radarr.tf @@ -0,0 +1,62 @@ +resource "docker_image" "radarr" { + name = "linuxserver/radarr:latest" +} + +resource "docker_container" "radarr" { + name = "radarr" + image = docker_image.radarr.name + restart = "unless-stopped" + + env = [ + "TZ=Europe/Paris", + "PUID=1000", + "PGID=1000", + ] + + volumes { + host_path = "${var.path_config}/radarr" + container_path = "/config" + } + volumes { + host_path = "${var.path_downloads}/movies" + container_path = "/movies" + } + # volumes { + # host_path = "${var.path_downloads}/downloads" + # container_path = "/downloads" + # } + + labels { + label = "traefik.http.services.radarr.loadbalancer.server.port" + value = "7878" + } + labels { + label = "traefik.http.routers.radarr.rule" + value = "Host(`radarr.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.radarr.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.radarr.tls.certresolver" + value = var.resolver_ssl + } + + labels { + label = "traefik.http.routers.radarr.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.radarr, + ] +} diff --git a/stacks/media/sonarr.tf b/stacks/media/sonarr.tf new file mode 100644 index 0000000..813d23e --- /dev/null +++ b/stacks/media/sonarr.tf @@ -0,0 +1,61 @@ +resource "docker_image" "sonarr" { + name = "linuxserver/sonarr:latest" +} + +resource "docker_container" "sonarr" { + name = "sonarr" + image = docker_image.sonarr.name + restart = "unless-stopped" + + env = [ + "TZ=Europe/Paris", + "PUID=1000", + "PGID=1000", + ] + + volumes { + host_path = "${var.path_config}/sonarr" + container_path = "/config" + } + volumes { + host_path = "${var.path_downloads}/series" + container_path = "/tv" + } + # volumes { + # host_path = "${var.path_downloads}/downloads" + # container_path = "/downloads" + # } + + labels { + label = "traefik.http.services.sonarr.loadbalancer.server.port" + value = "8989" + } + labels { + label = "traefik.http.routers.sonarr.rule" + value = "Host(`sonarr.${var.domain_name}`)" + } + labels { + label = "traefik.http.routers.sonarr.entrypoints" + value = var.entrypoint + } + labels { + label = "traefik.enable" + value = var.traefik_enable + } + labels { + label = "traefik.http.routers.sonarr.tls.certresolver" + value = var.resolver_ssl + } + labels { + label = "traefik.http.routers.sonarr.tls" + value = var.tls_enable + } + + networks_advanced { + name = var.network + } + + depends_on = [ + docker_image.sonarr, + ] +} diff --git a/stacks/media/variables.tf b/stacks/media/variables.tf new file mode 100644 index 0000000..f7661a6 --- /dev/null +++ b/stacks/media/variables.tf @@ -0,0 +1,44 @@ +variable "domain_name" { + type = string + description = "Domain name for the server" +} + +# variable "hostname" { +# type = string +# description = "Name of the server" +# } + +variable "path_downloads" { + type = string + description = "Path to the downloads folder" +} + +variable "path_config" { + type = string + description = "Path of the config folder" +} + +variable "resolver_ssl" { + type = string + description = "SSL resolver for Traefik. can be 'staging' or 'production'" +} + +variable "entrypoint" { + type = string + description = "Entrypoint for Traefik. can be 'web' or 'websecure'" +} + +variable "traefik_enable" { + type = bool + description = "Enable Traefik" +} + +variable "tls_enable" { + type = bool + description = "Enable TLS" +} + +variable "network" { + type = string + description = "Name of the Docker network" +} diff --git a/stacks/monitoring/README.md b/stacks/monitoring/README.md new file mode 100644 index 0000000..e69de29 diff --git a/hosts/scariff/monitoring/cadvisor.tf b/stacks/monitoring/cadvisor.tf similarity index 96% rename from hosts/scariff/monitoring/cadvisor.tf rename to stacks/monitoring/cadvisor.tf index 00087ec..c9bcbb2 100644 --- a/hosts/scariff/monitoring/cadvisor.tf +++ b/stacks/monitoring/cadvisor.tf @@ -39,7 +39,7 @@ resource "docker_container" "cadvisor" { } networks_advanced { - name = var.network + name = var.network.name } depends_on = [ diff --git a/stacks/monitoring/grafana.tf b/stacks/monitoring/grafana.tf new file mode 100644 index 0000000..924af96 --- /dev/null +++ b/stacks/monitoring/grafana.tf @@ -0,0 +1,54 @@ +resource "docker_image" "grafana" { + name = "grafana/grafana-oss:latest" +} + +resource "docker_container" "grafana" { + name = "grafana" + image = docker_image.grafana.name + restart = "unless-stopped" + user = "0" + + volumes { + container_path = "/var/lib/grafana" + host_path = "${var.path_config}/grafana/data" + read_only = false + } + + ports { + internal = 3000 + external = 3000 + } + + # labels { + # label = "traefik.http.services.grafana.loadbalancer.server.port" + # value = "3000" + # } + # labels { + # label = "traefik.http.routers.grafana.rule" + # value = "Host(`monitoring.${var.domain_name}`)" + # } + # labels { + # label = "traefik.http.routers.grafana.entrypoints" + # value = var.entrypoint + # } + # labels { + # label = "traefik.enable" + # value = var.traefik_enable + # } + # labels { + # label = "traefik.http.routers.grafana.tls.certresolver" + # value = var.resolver_ssl + # } + # labels { + # label = "traefik.http.routers.grafana.tls" + # value = var.tls_enable + # } + + networks_advanced { + name = var.network.name + } + + depends_on = [ + docker_image.grafana + ] +} diff --git a/stacks/monitoring/main.tf b/stacks/monitoring/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/stacks/monitoring/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/hosts/scariff/monitoring/node-exporter.tf b/stacks/monitoring/node-exporter.tf similarity index 91% rename from hosts/scariff/monitoring/node-exporter.tf rename to stacks/monitoring/node-exporter.tf index d755275..1488d05 100644 --- a/hosts/scariff/monitoring/node-exporter.tf +++ b/stacks/monitoring/node-exporter.tf @@ -8,7 +8,7 @@ resource "docker_container" "node_exporter" { restart = "unless-stopped" networks_advanced { - name = var.network + name = var.network.name } depends_on = [ diff --git a/stacks/monitoring/prometheus.tf b/stacks/monitoring/prometheus.tf new file mode 100644 index 0000000..ba5ea00 --- /dev/null +++ b/stacks/monitoring/prometheus.tf @@ -0,0 +1,63 @@ +resource "docker_image" "prometheus" { + name = "prom/prometheus:latest" +} + +resource "docker_container" "prometheus" { + name = "prometheus" + image = docker_image.prometheus.name + restart = "unless-stopped" + + command = [ + "--config.file=/etc/prometheus/prometheus.yml", + # "--storage.local.path=/prometheus", + ] + + volumes { + container_path = "/etc/prometheus" + host_path = "${var.path_config}/prometheus/config" + read_only = false + } + volumes { + container_path = "/prometheus" + host_path = "${var.path_config}/prometheus/data" + read_only = false + } + + ports { + internal = 9090 + external = 9090 + } + + # labels { + # label = "traefik.http.services.prometheus.loadbalancer.server.port" + # value = "9090" + # } + # labels { + # label = "traefik.http.routers.prometheus.rule" + # value = "Host(`prometheus.${var.domain_name}`)" + # } + # labels { + # label = "traefik.http.routers.prometheus.entrypoints" + # value = var.entrypoint + # } + # labels { + # label = "traefik.enable" + # value = var.traefik_enable + # } + # labels { + # label = "traefik.http.routers.prometheus.tls.certresolver" + # value = var.resolver_ssl + # } + # labels { + # label = "traefik.http.routers.prometheus.tls" + # value = var.tls_enable + # } + + networks_advanced { + name = var.network.name + } + + depends_on = [ + docker_image.prometheus + ] +} diff --git a/stacks/monitoring/variables.tf b/stacks/monitoring/variables.tf new file mode 100644 index 0000000..bd78010 --- /dev/null +++ b/stacks/monitoring/variables.tf @@ -0,0 +1,36 @@ +variable "network" { + type = object({ + name = string + }) + description = "Name of the network" +} + +variable "hostname" { + type = string + description = "Name of the server" +} + +variable "path_config" { + type = string + description = "Path of the config folder" +} + +# variable "resolver_ssl" { +# type = string +# description = "SSL resolver for Traefik. can be 'staging' or 'production'" +# } + +# variable "entrypoint" { +# type = string +# description = "Entrypoint for Traefik. can be 'web' or 'websecure'" +# } + +# variable "traefik_enable" { +# type = bool +# description = "Enable Traefik" +# } + +# variable "tls_enable" { +# type = bool +# description = "Enable TLS" +# } diff --git a/stacks/services/README.md b/stacks/services/README.md new file mode 100644 index 0000000..e69de29 diff --git a/stacks/services/main.tf b/stacks/services/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/stacks/services/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/stacks/services/outputs.tf b/stacks/services/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/stacks/services/variables.tf b/stacks/services/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..3f7ce49 --- /dev/null +++ b/variables.tf @@ -0,0 +1,61 @@ +variable "eadu" { + type = object({ + ip = string + env = string + host_name = string + }) + description = "Eadu Docker Host" +} + +variable "exegol" { + type = object({ + ip = string + env = string + host_name = string + }) + description = "Exegol Docker Host" +} + +variable "scariff" { + type = object({ + ip = string + env = string + host_name = string + }) + description = "Scariff Docker Host" +} + +variable "domain_name" { + type = string + description = "Domain name for the server" +} + +variable "path_config" { + type = string + description = "Path of the config folder" +} + +variable "resolver_ssl" { + type = string + description = "SSL resolver for Traefik. can be 'staging' or 'production'" +} + +variable "entrypoint" { + type = string + description = "Entrypoint for Traefik. can be 'web' or 'websecure'" +} + +variable "traefik_enable" { + type = bool + description = "Enable Traefik" +} + +variable "tls_enable" { + type = bool + description = "Enable TLS" +} + +variable "path_downloads" { + type = string + description = "Path of the downloads folder" +}