module "blocky" { source = "./blocky" base_hostname = var.base_hostname # Not in this module # depends_on = [module.databases] } module "traefik" { source = "./traefik" base_hostname = var.base_hostname } module "nomad_login" { source = "IamTheFij/levant/nomad" version = "0.1.0" template_path = "service.nomad" variables = { name = "nomad-login" image = "iamthefij/nomad-vault-login" service_port = 5000 ingress = true ingress_rule = "Host(`nomad.thefij.rocks`) && PathPrefix(`/login`)" env = jsonencode({ VAULT_ADDR = "http://$${attr.unique.network.ip-address}:8200", }) } } module "metrics" { source = "./metrics" # Not in this module # depends_on = [module.databases] } module "loki" { source = "IamTheFij/levant/nomad" version = "0.1.0" template_path = "service.nomad" variables = { name = "loki" image = "grafana/loki:2.2.1" service_port = 3100 ingress = true sticky_disk = true healthcheck = "/ready" templates = jsonencode([ { data = file("${path.module}/loki-config.yml") dest = "/etc/loki/local-config.yaml" } ]) } } resource "consul_config_entry" "loki_intent" { name = "loki" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "grafana" Precedence = 9 Type = "consul" }, { Action = "allow" Name = "promtail" Precedence = 9 Type = "consul" }, { Action = "allow" Name = "syslogng-promtail" Precedence = 9 Type = "consul" }, ] }) } resource "nomad_job" "syslog-ng" { jobspec = file("${path.module}/syslogng.nomad") } resource "nomad_job" "ddclient" { jobspec = file("${path.module}/ddclient.nomad") } resource "nomad_job" "lldap" { jobspec = file("${path.module}/lldap.nomad") } resource "consul_config_entry" "syslogng_promtail_intent" { name = "syslogng-promtail" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "syslogng" Precedence = 9 Type = "consul" }, ] }) } resource "consul_config_entry" "global_access" { name = "*" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "traefik" Precedence = 6 Type = "consul" }, { Action = "deny" Name = "*" Precedence = 5 Type = "consul" }, ] }) } resource "consul_config_entry" "ldap_intents" { name = "ldap" kind = "service-intentions" config_json = jsonencode({ Sources = [ { Action = "allow" Name = "authelia" Precedence = 9 Type = "consul" }, ] }) }