Lint, format, lock
This commit is contained in:
parent
9e97cd5d49
commit
f1316367de
1
.gitignore
vendored
1
.gitignore
vendored
@ -37,4 +37,3 @@ terraform.rc
|
|||||||
|
|
||||||
# ---> Ansible
|
# ---> Ansible
|
||||||
*.retry
|
*.retry
|
||||||
|
|
||||||
|
22
.pre-commit-config.yaml
Normal file
22
.pre-commit-config.yaml
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
---
|
||||||
|
repos:
|
||||||
|
- repo: https://github.com/antonbabenko/pre-commit-terraform
|
||||||
|
rev: v1.64.1
|
||||||
|
hooks:
|
||||||
|
- id: terraform_fmt
|
||||||
|
- id: terraform_validate
|
||||||
|
- id: terraform_providers_lock
|
||||||
|
# - id: terraform_tflint
|
||||||
|
# - id: terraform_tfsec
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v4.1.0
|
||||||
|
hooks:
|
||||||
|
- id: check-added-large-files
|
||||||
|
- id: check-merge-conflict
|
||||||
|
- id: end-of-file-fixer
|
||||||
|
- id: trailing-whitespace
|
||||||
|
# - repo: https://github.com/Yelp/detect-secrets
|
||||||
|
# rev: v1.0.3
|
||||||
|
# hooks:
|
||||||
|
# - id: detect-secrets
|
||||||
|
# args: ['--baseline', '.secrets-baseline']
|
@ -1,15 +1,15 @@
|
|||||||
resource "helm_release" "traefik" {
|
resource "helm_release" "traefik" {
|
||||||
name = "traefik"
|
name = "traefik"
|
||||||
repository = "https://helm.traefik.io/traefik"
|
repository = "https://helm.traefik.io/traefik"
|
||||||
chart = "traefik"
|
chart = "traefik"
|
||||||
|
|
||||||
set {
|
set {
|
||||||
name = "ingressClass.enabled"
|
name = "ingressClass.enabled"
|
||||||
value = true
|
value = true
|
||||||
}
|
}
|
||||||
|
|
||||||
set {
|
set {
|
||||||
name = "ingressClass.isDefaultClass"
|
name = "ingressClass.isDefaultClass"
|
||||||
value = true
|
value = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,22 +1,21 @@
|
|||||||
variable "kube_config_path" {
|
variable "kube_config_path" {
|
||||||
type = string
|
type = string
|
||||||
default = "~/.kube/config"
|
default = "~/.kube/config"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "kube_config_context" {
|
variable "kube_config_context" {
|
||||||
type = string
|
type = string
|
||||||
default = "colima"
|
default = "colima"
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "kubernetes" {
|
provider "kubernetes" {
|
||||||
config_path = var.kube_config_path
|
config_path = var.kube_config_path
|
||||||
config_context = var.kube_config_context
|
config_context = var.kube_config_context
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "helm" {
|
provider "helm" {
|
||||||
kubernetes {
|
kubernetes {
|
||||||
config_path = var.kube_config_path
|
config_path = var.kube_config_path
|
||||||
config_context = var.kube_config_context
|
config_context = var.kube_config_context
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
21
k8s-test/services/authentik/.terraform.lock.hcl
generated
Normal file
21
k8s-test/services/authentik/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/helm" {
|
||||||
|
version = "2.5.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:cJl2bkAv9vrM8uV/BLdYnOoiTB6BeOPDJ9NBcqbmPd0=",
|
||||||
|
"zh:16b4dfcaf5bdef9fc10926cef8c9992a1bf3de1c99fb679923421e3b5a9d4307",
|
||||||
|
"zh:1e1456943bea1c9f5b1671d55796c65fbe8ac0980c3a79e4fdcaf5fa320e4c8f",
|
||||||
|
"zh:302b57485a8fe540dd55e2306680e51db54a83a630830f9a106c1ac38c1f6a91",
|
||||||
|
"zh:5ea2eafa735f7cd696e8f118271aedab68a46eb1f6f7f00126338fa302a0cc0b",
|
||||||
|
"zh:66bf1709bb20b24bd26b476081207e69500d1a6bc50829b9033a785050d3a8bd",
|
||||||
|
"zh:7166a85433037029caf04246ccff3d455e3a58868a58c29611e3b275e272299a",
|
||||||
|
"zh:809ddc3759c27ca76e5be8cfab45cecea04d0ae49172bbe326e7740bfbcd5aeb",
|
||||||
|
"zh:9335805d3eed0789c1718fd55d91ffe24681536302d1cd2d07ccf649828406bd",
|
||||||
|
"zh:d7c069fe721bc49a3a19f7c54c7498f492322891a7ce7b9adc6b57edae694933",
|
||||||
|
"zh:d9f5514ecf0cf811716b478c677526e18ac2d2cb5f6bec884096e970b2865798",
|
||||||
|
"zh:e899083259416874d75b58813446d0aa045efd9047d324b10810490dd72faa24",
|
||||||
|
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
|
||||||
|
]
|
||||||
|
}
|
@ -1,22 +1,22 @@
|
|||||||
locals {
|
locals {
|
||||||
authentik_chart_values = {
|
authentik_chart_values = {
|
||||||
"ingress.enabled" = true,
|
"ingress.enabled" = true,
|
||||||
"ingress.hosts[0].host" = "authentik.dev.homelab"
|
"ingress.hosts[0].host" = "authentik.dev.homelab"
|
||||||
"ingress.hosts[0].paths[0].path" = "/"
|
"ingress.hosts[0].paths[0].path" = "/"
|
||||||
"ingress.hosts[0].paths[0].pathType" = "Prefix"
|
"ingress.hosts[0].paths[0].pathType" = "Prefix"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "helm_release" "authentik" {
|
resource "helm_release" "authentik" {
|
||||||
name = "authentik"
|
name = "authentik"
|
||||||
repository = "https://charts.goauthentik.io/"
|
repository = "https://charts.goauthentik.io/"
|
||||||
chart = "authentik"
|
chart = "authentik"
|
||||||
version = "5.2.2"
|
version = "5.2.2"
|
||||||
|
|
||||||
dynamic "set" {
|
dynamic "set" {
|
||||||
for_each = local.authentik_chart_values
|
for_each = local.authentik_chart_values
|
||||||
content {
|
content {
|
||||||
name = set.key
|
name = set.key
|
||||||
value = set.value
|
value = set.value
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
21
k8s-test/services/blocky/.terraform.lock.hcl
generated
Normal file
21
k8s-test/services/blocky/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/helm" {
|
||||||
|
version = "2.5.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:cJl2bkAv9vrM8uV/BLdYnOoiTB6BeOPDJ9NBcqbmPd0=",
|
||||||
|
"zh:16b4dfcaf5bdef9fc10926cef8c9992a1bf3de1c99fb679923421e3b5a9d4307",
|
||||||
|
"zh:1e1456943bea1c9f5b1671d55796c65fbe8ac0980c3a79e4fdcaf5fa320e4c8f",
|
||||||
|
"zh:302b57485a8fe540dd55e2306680e51db54a83a630830f9a106c1ac38c1f6a91",
|
||||||
|
"zh:5ea2eafa735f7cd696e8f118271aedab68a46eb1f6f7f00126338fa302a0cc0b",
|
||||||
|
"zh:66bf1709bb20b24bd26b476081207e69500d1a6bc50829b9033a785050d3a8bd",
|
||||||
|
"zh:7166a85433037029caf04246ccff3d455e3a58868a58c29611e3b275e272299a",
|
||||||
|
"zh:809ddc3759c27ca76e5be8cfab45cecea04d0ae49172bbe326e7740bfbcd5aeb",
|
||||||
|
"zh:9335805d3eed0789c1718fd55d91ffe24681536302d1cd2d07ccf649828406bd",
|
||||||
|
"zh:d7c069fe721bc49a3a19f7c54c7498f492322891a7ce7b9adc6b57edae694933",
|
||||||
|
"zh:d9f5514ecf0cf811716b478c677526e18ac2d2cb5f6bec884096e970b2865798",
|
||||||
|
"zh:e899083259416874d75b58813446d0aa045efd9047d324b10810490dd72faa24",
|
||||||
|
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
|
||||||
|
]
|
||||||
|
}
|
@ -18,4 +18,3 @@ customDNS:
|
|||||||
|
|
||||||
port: 53
|
port: 53
|
||||||
httpPort: 4000
|
httpPort: 4000
|
||||||
|
|
||||||
|
@ -1,25 +1,25 @@
|
|||||||
locals {
|
locals {
|
||||||
blocky_config = file("${path.module}/blocky_config.yml")
|
blocky_config = file("${path.module}/config.yml")
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "helm_release" "blocky" {
|
resource "helm_release" "blocky" {
|
||||||
name = "blocky"
|
name = "blocky"
|
||||||
repository = "https://k8s-at-home.com/charts/"
|
repository = "https://k8s-at-home.com/charts/"
|
||||||
chart = "blocky"
|
chart = "blocky"
|
||||||
|
|
||||||
|
|
||||||
set {
|
set {
|
||||||
name = "env.TZ"
|
name = "env.TZ"
|
||||||
value = "America/Los_Angeles"
|
value = "America/Los_Angeles"
|
||||||
}
|
}
|
||||||
|
|
||||||
set {
|
set {
|
||||||
name = "metrics.enabled"
|
name = "metrics.enabled"
|
||||||
value = true
|
value = true
|
||||||
}
|
}
|
||||||
|
|
||||||
set {
|
set {
|
||||||
name = "config"
|
name = "config"
|
||||||
value = "${local.blocky_config}"
|
value = local.blocky_config
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -18,4 +18,3 @@ customDNS:
|
|||||||
|
|
||||||
port: 53
|
port: 53
|
||||||
httpPort: 4000
|
httpPort: 4000
|
||||||
|
|
||||||
|
@ -1,17 +1,17 @@
|
|||||||
resource "kubernetes_manifest" "traefik_dashboard" {
|
resource "kubernetes_manifest" "traefik_dashboard" {
|
||||||
manifest = {
|
manifest = {
|
||||||
apiVersion = "traefik.containo.us/v1alpha1"
|
apiVersion = "traefik.containo.us/v1alpha1"
|
||||||
kind = "IngressRoute"
|
kind = "IngressRoute"
|
||||||
metadata = {
|
metadata = {
|
||||||
name = "public-traefik-dashboard"
|
name = "public-traefik-dashboard"
|
||||||
namespace = "default"
|
namespace = "default"
|
||||||
}
|
}
|
||||||
spec = {
|
spec = {
|
||||||
entryPoints = [ "web" ]
|
entryPoints = ["web"]
|
||||||
routes = [
|
routes = [
|
||||||
{
|
{
|
||||||
match = "PathPrefix(`/dashboard`) || PathPrefix(`/api`)"
|
match = "PathPrefix(`/dashboard`) || PathPrefix(`/api`)"
|
||||||
kind = "Rule"
|
kind = "Rule"
|
||||||
services = [
|
services = [
|
||||||
{
|
{
|
||||||
name = "api@internal"
|
name = "api@internal"
|
||||||
@ -27,30 +27,30 @@ resource "kubernetes_manifest" "traefik_dashboard" {
|
|||||||
module "whoami" {
|
module "whoami" {
|
||||||
source = "./simple_service"
|
source = "./simple_service"
|
||||||
|
|
||||||
name = "whoami"
|
name = "whoami"
|
||||||
image = "containous/whoami:latest"
|
image = "containous/whoami:latest"
|
||||||
expose_ports = [80]
|
expose_ports = [80]
|
||||||
}
|
}
|
||||||
|
|
||||||
module "whoami-ingress" {
|
module "whoami-ingress" {
|
||||||
source = "./traefik_ingress"
|
source = "./traefik_ingress"
|
||||||
|
|
||||||
app_name = "whoami"
|
app_name = "whoami"
|
||||||
match_route = "PathPrefix(`/whoami`)"
|
match_route = "PathPrefix(`/whoami`)"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "whoami2" {
|
module "whoami2" {
|
||||||
source = "./simple_service"
|
source = "./simple_service"
|
||||||
|
|
||||||
name = "whoami2"
|
name = "whoami2"
|
||||||
image = "containous/whoami:latest"
|
image = "containous/whoami:latest"
|
||||||
expose_ports = [80]
|
expose_ports = [80]
|
||||||
}
|
}
|
||||||
|
|
||||||
module "whoami2-ingress" {
|
module "whoami2-ingress" {
|
||||||
source = "./traefik_ingress"
|
source = "./traefik_ingress"
|
||||||
|
|
||||||
app_name = "whoami2"
|
app_name = "whoami2"
|
||||||
match_route = "PathPrefix(`/whoami2`)"
|
match_route = "PathPrefix(`/whoami2`)"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,22 +1,21 @@
|
|||||||
variable "kube_config_path" {
|
variable "kube_config_path" {
|
||||||
type = string
|
type = string
|
||||||
default = "~/.kube/config"
|
default = "~/.kube/config"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "kube_config_context" {
|
variable "kube_config_context" {
|
||||||
type = string
|
type = string
|
||||||
default = "colima"
|
default = "colima"
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "kubernetes" {
|
provider "kubernetes" {
|
||||||
config_path = var.kube_config_path
|
config_path = var.kube_config_path
|
||||||
config_context = var.kube_config_context
|
config_context = var.kube_config_context
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "helm" {
|
provider "helm" {
|
||||||
kubernetes {
|
kubernetes {
|
||||||
config_path = var.kube_config_path
|
config_path = var.kube_config_path
|
||||||
config_context = var.kube_config_context
|
config_context = var.kube_config_context
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
21
k8s-test/services/simple_service/.terraform.lock.hcl
generated
Normal file
21
k8s-test/services/simple_service/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/kubernetes" {
|
||||||
|
version = "2.9.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:mKX1pJCT8LbRpTVfoOif+ooWq2Sm2UJ7Fpsh8QQxlnk=",
|
||||||
|
"zh:114113e9cd0489d2db8374f3352cc9b29667a42462f922eb9c891c6daf1c38fa",
|
||||||
|
"zh:31dcf16083142f2978fc933cead038e671798053fb1fd3c18a2331afb7abe264",
|
||||||
|
"zh:44743af5da8cfb9937b0831fdfbadd949a106440420f5f7373734181121f1b98",
|
||||||
|
"zh:63eeacd73e71bcdeb796abde45dac56331ccb5ee39d97138a4a4ae755ef314a7",
|
||||||
|
"zh:645ae4f95508a6a878a21fc8031a09b7c1f95fb87b7d97dfce38d572d4bd5c5c",
|
||||||
|
"zh:782f0dd9fda68406f1783d3b4f25c4077dd4a6a87efe7dcaae68038c2dd57e33",
|
||||||
|
"zh:87dd58eacd557106c9d77fca4211e2c5fa3416c56c8dccad2b30f8d627ffe413",
|
||||||
|
"zh:b61582b7bfdb19d9155b535fe54b2ce5425934e8f5f65389e3cfe75577be4f07",
|
||||||
|
"zh:bf97f54f94d99461a1fc8199ece3300e59b896d6aeaea8395beb4d544557b1cc",
|
||||||
|
"zh:c536669089d75a9ea2582feae0204bd5989622168d99cd71822067be40223105",
|
||||||
|
"zh:e596310a343780d4ef7ad08e05bdbcb91dc41a11ed08b58ad7590903d9d9982f",
|
||||||
|
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
|
||||||
|
]
|
||||||
|
}
|
@ -7,18 +7,18 @@ variable "image" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
variable "replicas" {
|
variable "replicas" {
|
||||||
type = number
|
type = number
|
||||||
default = 1
|
default = 1
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "expose_ports" {
|
variable "expose_ports" {
|
||||||
type = list(number)
|
type = list(number)
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "host_ports" {
|
variable "host_ports" {
|
||||||
type = list(object({
|
type = list(object({
|
||||||
host_port = number
|
host_port = number
|
||||||
container_port = number
|
container_port = number
|
||||||
}))
|
}))
|
||||||
default = []
|
default = []
|
||||||
@ -50,7 +50,7 @@ resource "kubernetes_deployment" "simple-service" {
|
|||||||
|
|
||||||
spec {
|
spec {
|
||||||
container {
|
container {
|
||||||
name = var.name
|
name = var.name
|
||||||
image = var.image
|
image = var.image
|
||||||
|
|
||||||
dynamic "port" {
|
dynamic "port" {
|
||||||
@ -63,7 +63,7 @@ resource "kubernetes_deployment" "simple-service" {
|
|||||||
dynamic "port" {
|
dynamic "port" {
|
||||||
for_each = toset(var.host_ports)
|
for_each = toset(var.host_ports)
|
||||||
content {
|
content {
|
||||||
host_port = port.key.host_port
|
host_port = port.key.host_port
|
||||||
container_port = port.key.container_port
|
container_port = port.key.container_port
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
21
k8s-test/services/traefik_ingress/.terraform.lock.hcl
generated
Normal file
21
k8s-test/services/traefik_ingress/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/kubernetes" {
|
||||||
|
version = "2.9.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:mKX1pJCT8LbRpTVfoOif+ooWq2Sm2UJ7Fpsh8QQxlnk=",
|
||||||
|
"zh:114113e9cd0489d2db8374f3352cc9b29667a42462f922eb9c891c6daf1c38fa",
|
||||||
|
"zh:31dcf16083142f2978fc933cead038e671798053fb1fd3c18a2331afb7abe264",
|
||||||
|
"zh:44743af5da8cfb9937b0831fdfbadd949a106440420f5f7373734181121f1b98",
|
||||||
|
"zh:63eeacd73e71bcdeb796abde45dac56331ccb5ee39d97138a4a4ae755ef314a7",
|
||||||
|
"zh:645ae4f95508a6a878a21fc8031a09b7c1f95fb87b7d97dfce38d572d4bd5c5c",
|
||||||
|
"zh:782f0dd9fda68406f1783d3b4f25c4077dd4a6a87efe7dcaae68038c2dd57e33",
|
||||||
|
"zh:87dd58eacd557106c9d77fca4211e2c5fa3416c56c8dccad2b30f8d627ffe413",
|
||||||
|
"zh:b61582b7bfdb19d9155b535fe54b2ce5425934e8f5f65389e3cfe75577be4f07",
|
||||||
|
"zh:bf97f54f94d99461a1fc8199ece3300e59b896d6aeaea8395beb4d544557b1cc",
|
||||||
|
"zh:c536669089d75a9ea2582feae0204bd5989622168d99cd71822067be40223105",
|
||||||
|
"zh:e596310a343780d4ef7ad08e05bdbcb91dc41a11ed08b58ad7590903d9d9982f",
|
||||||
|
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
|
||||||
|
]
|
||||||
|
}
|
@ -7,12 +7,12 @@ variable "match_route" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
variable "app_port" {
|
variable "app_port" {
|
||||||
type = number
|
type = number
|
||||||
default = 80
|
default = 80
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "app_port_name" {
|
variable "app_port_name" {
|
||||||
type = string
|
type = string
|
||||||
default = "http"
|
default = "http"
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -25,12 +25,12 @@ variable "entrypoints" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
variable "namespace" {
|
variable "namespace" {
|
||||||
type = string
|
type = string
|
||||||
default = "default"
|
default = "default"
|
||||||
}
|
}
|
||||||
|
|
||||||
locals {
|
locals {
|
||||||
service_name = "${var.app_name}-service"
|
service_name = "${var.app_name}-service"
|
||||||
ingress_name = "${var.app_name}-ingress"
|
ingress_name = "${var.app_name}-ingress"
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -42,7 +42,7 @@ resource "kubernetes_service" "traefik-ingress-service" {
|
|||||||
selector = {
|
selector = {
|
||||||
app = var.app_name
|
app = var.app_name
|
||||||
}
|
}
|
||||||
|
|
||||||
port {
|
port {
|
||||||
name = var.app_port_name
|
name = var.app_port_name
|
||||||
port = var.app_port
|
port = var.app_port
|
||||||
@ -53,9 +53,9 @@ resource "kubernetes_service" "traefik-ingress-service" {
|
|||||||
resource "kubernetes_manifest" "traefik-ingress-route" {
|
resource "kubernetes_manifest" "traefik-ingress-route" {
|
||||||
manifest = {
|
manifest = {
|
||||||
apiVersion = "traefik.containo.us/v1alpha1"
|
apiVersion = "traefik.containo.us/v1alpha1"
|
||||||
kind = "IngressRoute"
|
kind = "IngressRoute"
|
||||||
metadata = {
|
metadata = {
|
||||||
name = local.ingress_name
|
name = local.ingress_name
|
||||||
namespace = var.namespace
|
namespace = var.namespace
|
||||||
}
|
}
|
||||||
spec = {
|
spec = {
|
||||||
@ -63,7 +63,7 @@ resource "kubernetes_manifest" "traefik-ingress-route" {
|
|||||||
routes = [
|
routes = [
|
||||||
{
|
{
|
||||||
match = var.match_route
|
match = var.match_route
|
||||||
kind = "Rule"
|
kind = "Rule"
|
||||||
services = [
|
services = [
|
||||||
{
|
{
|
||||||
kind = "Service"
|
kind = "Service"
|
||||||
|
1
nomad/.gitignore
vendored
1
nomad/.gitignore
vendored
@ -2,3 +2,4 @@ roles/
|
|||||||
venv/
|
venv/
|
||||||
vault-keys.json
|
vault-keys.json
|
||||||
nomad_bootstrap.json
|
nomad_bootstrap.json
|
||||||
|
ca/
|
||||||
|
@ -77,4 +77,3 @@ apply:
|
|||||||
# curl -L -o cni-plugins.tgz "https://github.com/containernetworking/plugins/releases/download/v1.0.0/cni-plugins-linux-$( [ $(uname -m) = aarch64 ] && echo arm64 || echo amd64)"-v1.0.0.tgz
|
# curl -L -o cni-plugins.tgz "https://github.com/containernetworking/plugins/releases/download/v1.0.0/cni-plugins-linux-$( [ $(uname -m) = aarch64 ] && echo arm64 || echo amd64)"-v1.0.0.tgz
|
||||||
# sudo mkdir -p /opt/cni/bin
|
# sudo mkdir -p /opt/cni/bin
|
||||||
# sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
|
# sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
|
||||||
|
|
||||||
|
38
nomad/acls/.terraform.lock.hcl
generated
Normal file
38
nomad/acls/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/vault" {
|
||||||
|
version = "3.4.1"
|
||||||
|
hashes = [
|
||||||
|
"h1:oow6cAwKiFpJBBWKsDqNmwZIrFTWWvoeIbqs+vyUDE0=",
|
||||||
|
"zh:1eb8370a1846e34e2bcc4d11eece5733735784a8eab447bbed3cfd822101b577",
|
||||||
|
"zh:2df3989327cea68b2167514b7ebddc67b09340f00bbf3fa85df03c97adfb9d25",
|
||||||
|
"zh:3dd1e317264f574985e856296deef71a76464918bf0566eb0d7f6389ea0586bd",
|
||||||
|
"zh:9750861f2822482aa608ea5a52b385bc42b2e1f2511094e6a975412618c4495d",
|
||||||
|
"zh:9b940e7f78975d29a4d0a116cf43c0bc1cb03bec4ad8d34887d64e6e60bacb9e",
|
||||||
|
"zh:9cb6e7ad2a62529d35dacd20695d49c2f02230cb785d46178cc10f4ec80e5a51",
|
||||||
|
"zh:a12718689bbcb37bcbb9132c18bffd354fad8ab5c8cb89cec1a0ee85c65b8cb7",
|
||||||
|
"zh:a6e38afacca1af4fab04a9f2dc49b8295eb462db68bdc7451352d0f950f804f8",
|
||||||
|
"zh:d6e0e994d51b9e07d5713d4796381f9e129e9de962e79caae2b7055f6f68297e",
|
||||||
|
"zh:ea4bbef7a1bb2553db473fa304c93845674167b61e8c9677107a96c8c696da12",
|
||||||
|
"zh:f985a8b7f4ef7d1eba9cef7d99997ee9c4a54ffe76dab7fa8b1fdec2a9edca7e",
|
||||||
|
]
|
||||||
|
}
|
@ -4,25 +4,25 @@ resource "nomad_acl_token" "vault" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
resource "vault_nomad_secret_backend" "config" {
|
resource "vault_nomad_secret_backend" "config" {
|
||||||
backend = "nomad"
|
backend = "nomad"
|
||||||
description = "Nomad ACL"
|
description = "Nomad ACL"
|
||||||
token = nomad_acl_token.vault.secret_id
|
token = nomad_acl_token.vault.secret_id
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "vault_nomad_secret_role" "nomad-deploy" {
|
resource "vault_nomad_secret_role" "nomad-deploy" {
|
||||||
backend = vault_nomad_secret_backend.config.backend
|
backend = vault_nomad_secret_backend.config.backend
|
||||||
role = "nomad-deploy"
|
role = "nomad-deploy"
|
||||||
policies = ["nomad-deploy"]
|
policies = ["nomad-deploy"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "vault_nomad_secret_role" "admin" {
|
resource "vault_nomad_secret_role" "admin" {
|
||||||
backend = vault_nomad_secret_backend.config.backend
|
backend = vault_nomad_secret_backend.config.backend
|
||||||
role = "admin-management"
|
role = "admin-management"
|
||||||
type = "management"
|
type = "management"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "vault_policy" "nomad-deploy" {
|
resource "vault_policy" "nomad-deploy" {
|
||||||
name = "nomad-deploy"
|
name = "nomad-deploy"
|
||||||
policy = <<EOH
|
policy = <<EOH
|
||||||
path "nomad/creds/nomad-deploy" {
|
path "nomad/creds/nomad-deploy" {
|
||||||
capabilities = ["read"]
|
capabilities = ["read"]
|
||||||
|
@ -42,10 +42,10 @@ all:
|
|||||||
|
|
||||||
consul_instances:
|
consul_instances:
|
||||||
children:
|
children:
|
||||||
servers: {}
|
# servers: {}
|
||||||
nomad_instances:
|
nomad_instances:
|
||||||
children:
|
children:
|
||||||
servers: {}
|
servers: {}
|
||||||
vault_instances:
|
vault_instances:
|
||||||
children:
|
children:
|
||||||
servers: {}
|
# servers: {}
|
||||||
|
20
nomad/blocky/.terraform.lock.hcl
generated
Normal file
20
nomad/blocky/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
@ -1,7 +1,7 @@
|
|||||||
variable "base_hostname" {
|
variable "base_hostname" {
|
||||||
type = string
|
type = string
|
||||||
description = "Base hostname to serve content from"
|
description = "Base hostname to serve content from"
|
||||||
default = "dev.homelab"
|
default = "dev.homelab"
|
||||||
}
|
}
|
||||||
|
|
||||||
locals {
|
locals {
|
||||||
|
20
nomad/media/.terraform.lock.hcl
generated
Normal file
20
nomad/media/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
@ -43,7 +43,7 @@ job "multimedia" {
|
|||||||
"traefik.http.routers.library.entryPoints=websecure",
|
"traefik.http.routers.library.entryPoints=websecure",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
task "main" {
|
task "main" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
@ -52,7 +52,7 @@ job "multimedia" {
|
|||||||
destination = "/mnt/media"
|
destination = "/mnt/media"
|
||||||
read_only = true
|
read_only = true
|
||||||
}
|
}
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "caddy"
|
image = "caddy"
|
||||||
args = [
|
args = [
|
||||||
|
18
nomad/metrics/.terraform.lock.hcl
generated
18
nomad/metrics/.terraform.lock.hcl
generated
@ -1,6 +1,24 @@
|
|||||||
# This file is maintained automatically by "terraform init".
|
# This file is maintained automatically by "terraform init".
|
||||||
# Manual edits may be lost in future updates.
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/consul" {
|
||||||
|
version = "2.15.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
|
||||||
|
"zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
|
||||||
|
"zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
|
||||||
|
"zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
|
||||||
|
"zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
|
||||||
|
"zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
|
||||||
|
"zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
|
||||||
|
"zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
|
||||||
|
"zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
|
||||||
|
"zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
|
||||||
|
"zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
|
||||||
|
"zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
provider "registry.terraform.io/hashicorp/nomad" {
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
version = "1.4.16"
|
version = "1.4.16"
|
||||||
hashes = [
|
hashes = [
|
||||||
|
@ -90,7 +90,7 @@ job "metrics" {
|
|||||||
|
|
||||||
task "cadvisor" {
|
task "cadvisor" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
# image = "iamthefij/cadvisor:0.37.5"
|
# image = "iamthefij/cadvisor:0.37.5"
|
||||||
image = "gcr.io/cadvisor/cadvisor:v0.39.3"
|
image = "gcr.io/cadvisor/cadvisor:v0.39.3"
|
||||||
@ -200,7 +200,7 @@ job "metrics" {
|
|||||||
|
|
||||||
task "node_exporter" {
|
task "node_exporter" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "prom/node-exporter:v1.0.1"
|
image = "prom/node-exporter:v1.0.1"
|
||||||
args = ["--path.rootfs", "/host"]
|
args = ["--path.rootfs", "/host"]
|
||||||
@ -222,4 +222,3 @@ job "metrics" {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
variable "consul_address" {
|
variable "consul_address" {
|
||||||
type = string
|
type = string
|
||||||
description = "address of consul server for dynamic scraping"
|
description = "address of consul server for dynamic scraping"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -127,7 +127,7 @@ scrape_configs:
|
|||||||
- source_labels: [__meta_consul_address]
|
- source_labels: [__meta_consul_address]
|
||||||
replacement: $1:8500
|
replacement: $1:8500
|
||||||
target_label: __address__
|
target_label: __address__
|
||||||
|
|
||||||
- job_name: "exporters"
|
- job_name: "exporters"
|
||||||
metrics_path: "/metrics"
|
metrics_path: "/metrics"
|
||||||
consul_sd_configs:
|
consul_sd_configs:
|
||||||
|
38
nomad/mysql/.terraform.lock.hcl
generated
Normal file
38
nomad/mysql/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/consul" {
|
||||||
|
version = "2.15.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
|
||||||
|
"zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
|
||||||
|
"zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
|
||||||
|
"zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
|
||||||
|
"zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
|
||||||
|
"zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
|
||||||
|
"zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
|
||||||
|
"zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
|
||||||
|
"zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
|
||||||
|
"zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
|
||||||
|
"zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
|
||||||
|
"zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
20
nomad/nextcloud/.terraform.lock.hcl
generated
Normal file
20
nomad/nextcloud/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
@ -67,14 +67,14 @@ job "nextcloud" {
|
|||||||
"traefik.http.routers.nextcloud.entryPoints=websecure",
|
"traefik.http.routers.nextcloud.entryPoints=websecure",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
task "nextcloud-bootstrap" {
|
task "nextcloud-bootstrap" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
lifecycle {
|
lifecycle {
|
||||||
hook = "prestart"
|
hook = "prestart"
|
||||||
sidecar = false
|
sidecar = false
|
||||||
}
|
}
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "mysql:8"
|
image = "mysql:8"
|
||||||
@ -111,7 +111,7 @@ job "nextcloud" {
|
|||||||
destination = "/var/www/html"
|
destination = "/var/www/html"
|
||||||
read_only = false
|
read_only = false
|
||||||
}
|
}
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "nextcloud"
|
image = "nextcloud"
|
||||||
ports = ["web"]
|
ports = ["web"]
|
||||||
|
@ -11,28 +11,28 @@ data "consul_service" "nomad" {
|
|||||||
# Get Vault client from Consul
|
# Get Vault client from Consul
|
||||||
data "consul_service" "vault" {
|
data "consul_service" "vault" {
|
||||||
name = "vault"
|
name = "vault"
|
||||||
tag = "active"
|
tag = "active"
|
||||||
}
|
}
|
||||||
|
|
||||||
locals {
|
locals {
|
||||||
# Get Nomad address from Consul
|
# Get Nomad address from Consul
|
||||||
nomad_node = data.consul_service.nomad.service[0]
|
nomad_node = data.consul_service.nomad.service[0]
|
||||||
nomad_node_address = "http://${local.nomad_node.node_address}:${local.nomad_node.port}"
|
nomad_node_address = "http://${local.nomad_node.node_address}:${local.nomad_node.port}"
|
||||||
|
|
||||||
# Get Vault address from Consul
|
# Get Vault address from Consul
|
||||||
vault_node = data.consul_service.vault.service[0]
|
vault_node = data.consul_service.vault.service[0]
|
||||||
vault_node_address = "http://${local.vault_node.node_address}:${local.vault_node.port}"
|
vault_node_address = "http://${local.vault_node.node_address}:${local.vault_node.port}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Configure the Nomad provider
|
# Configure the Nomad provider
|
||||||
provider "nomad" {
|
provider "nomad" {
|
||||||
address = local.nomad_node_address
|
address = local.nomad_node_address
|
||||||
secret_id = var.nomad_secret_id
|
secret_id = var.nomad_secret_id
|
||||||
region = "global"
|
region = "global"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Configure the Vault provider
|
# Configure the Vault provider
|
||||||
provider "vault" {
|
provider "vault" {
|
||||||
address = local.vault_node_address
|
address = local.vault_node_address
|
||||||
token = var.vault_token
|
token = var.vault_token
|
||||||
}
|
}
|
||||||
|
38
nomad/redis/.terraform.lock.hcl
generated
Normal file
38
nomad/redis/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/consul" {
|
||||||
|
version = "2.15.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
|
||||||
|
"zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
|
||||||
|
"zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
|
||||||
|
"zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
|
||||||
|
"zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
|
||||||
|
"zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
|
||||||
|
"zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
|
||||||
|
"zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
|
||||||
|
"zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
|
||||||
|
"zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
|
||||||
|
"zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
|
||||||
|
"zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
@ -10,14 +10,14 @@ module "blocky" {
|
|||||||
source = "./blocky"
|
source = "./blocky"
|
||||||
|
|
||||||
base_hostname = var.base_hostname
|
base_hostname = var.base_hostname
|
||||||
depends_on = [module.mysql-server, module.redis]
|
depends_on = [module.mysql-server, module.redis]
|
||||||
}
|
}
|
||||||
|
|
||||||
module "traefik" {
|
module "traefik" {
|
||||||
source = "./traefik"
|
source = "./traefik"
|
||||||
|
|
||||||
consul_address = var.consul_address
|
consul_address = var.consul_address
|
||||||
base_hostname = var.base_hostname
|
base_hostname = var.base_hostname
|
||||||
}
|
}
|
||||||
|
|
||||||
module "metrics" {
|
module "metrics" {
|
||||||
|
38
nomad/traefik/.terraform.lock.hcl
generated
Normal file
38
nomad/traefik/.terraform.lock.hcl
generated
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/consul" {
|
||||||
|
version = "2.15.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
|
||||||
|
"zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
|
||||||
|
"zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
|
||||||
|
"zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
|
||||||
|
"zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
|
||||||
|
"zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
|
||||||
|
"zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
|
||||||
|
"zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
|
||||||
|
"zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
|
||||||
|
"zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
|
||||||
|
"zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
|
||||||
|
"zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/nomad" {
|
||||||
|
version = "1.4.16"
|
||||||
|
hashes = [
|
||||||
|
"h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
|
||||||
|
"zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
|
||||||
|
"zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
|
||||||
|
"zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
|
||||||
|
"zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
|
||||||
|
"zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
|
||||||
|
"zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
|
||||||
|
"zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
|
||||||
|
"zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
|
||||||
|
"zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
|
||||||
|
"zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
|
||||||
|
"zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
|
||||||
|
]
|
||||||
|
}
|
@ -1,11 +1,11 @@
|
|||||||
variable "base_hostname" {
|
variable "base_hostname" {
|
||||||
type = string
|
type = string
|
||||||
description = "Base hostname to serve content from"
|
description = "Base hostname to serve content from"
|
||||||
default = "dev.homelab"
|
default = "dev.homelab"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "consul_address" {
|
variable "consul_address" {
|
||||||
type = string
|
type = string
|
||||||
description = "address of consul server for dynamic routes"
|
description = "address of consul server for dynamic routes"
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -21,10 +21,9 @@ resource "nomad_job" "traefik" {
|
|||||||
vars = {
|
vars = {
|
||||||
# "consul_address" = "${var.consul_address}",
|
# "consul_address" = "${var.consul_address}",
|
||||||
"consul_address" = "http://${data.consul_nodes.all-nodes.nodes[0].address}:8500",
|
"consul_address" = "http://${data.consul_nodes.all-nodes.nodes[0].address}:8500",
|
||||||
"base_hostname" = "${var.base_hostname}",
|
"base_hostname" = "${var.base_hostname}",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
jobspec = file("${path.module}/traefik.nomad")
|
jobspec = file("${path.module}/traefik.nomad")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4,20 +4,20 @@ variable "consul_address" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
variable "base_hostname" {
|
variable "base_hostname" {
|
||||||
type = string
|
type = string
|
||||||
description = "Base hostname to serve content from"
|
description = "Base hostname to serve content from"
|
||||||
default = "dev.homelab"
|
default = "dev.homelab"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "nomad_secret_id" {
|
variable "nomad_secret_id" {
|
||||||
type = string
|
type = string
|
||||||
description = "Secret ID for ACL bootstrapped Nomad"
|
description = "Secret ID for ACL bootstrapped Nomad"
|
||||||
sensitive = true
|
sensitive = true
|
||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "vault_token" {
|
variable "vault_token" {
|
||||||
type = string
|
type = string
|
||||||
sensitive = true
|
sensitive = true
|
||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user