module "databases" { source = "./databases" } module "blocky" { source = "./blocky" base_hostname = var.base_hostname depends_on = [module.databases] } module "traefik" { source = "./traefik" base_hostname = var.base_hostname } module "metrics" { source = "./metrics" } module "loki" { source = "./levant" template_path = "service.nomad" variables = { name = "loki" image = "grafana/loki:2.2.1" service_port = 3100 ingress = true sticky_disk = true healthcheck = "/ready" templates = jsonencode([ { data = file("./loki-config.yml") dest = "/etc/loki/local-config.yaml" } ]) } } resource "consul_config_entry" "loki_intent" { name = "loki" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "grafana" Precedence = 9 Type = "consul" }, { Action = "allow" Name = "promtail" Precedence = 9 Type = "consul" }, { Action = "allow" Name = "syslogng-promtail" Precedence = 9 Type = "consul" }, ] }) } resource "nomad_job" "syslog-ng" { jobspec = file("${path.module}/syslogng.nomad") } resource "nomad_job" "ddclient" { jobspec = file("${path.module}/ddclient.nomad") } resource "nomad_job" "lldap" { jobspec = file("${path.module}/lldap.nomad") } resource "consul_config_entry" "syslogng_promtail_intent" { name = "syslogng-promtail" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "syslogng" Precedence = 9 Type = "consul" }, ] }) } resource "consul_config_entry" "global_access" { name = "*" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "traefik" Precedence = 6 Type = "consul" }, { Action = "deny" Name = "*" Precedence = 5 Type = "consul" }, ] }) }