Browse Source

feat: Deploy shynet

pull/3/head
Karan Sharma 11 months ago
parent
commit
170d67be14
  1. 5
      floyd/terraform/caddy/conf/Caddyfile-internal.tpl
  2. 7
      floyd/terraform/caddy/conf/Caddyfile-public.tpl
  3. 8
      floyd/terraform/caddy/container.tf
  4. 4
      floyd/terraform/caddy/variables.tf
  5. 4
      floyd/terraform/env.sample
  6. 63
      floyd/terraform/main.tf
  7. 14
      floyd/terraform/monitoring/conf/prometheus.yml
  8. 3
      floyd/terraform/monitoring/output.tf
  9. 46
      floyd/terraform/shynet/container.tf
  10. 17
      floyd/terraform/shynet/image.tf
  11. 5
      floyd/terraform/shynet/network.tf
  12. 25
      floyd/terraform/shynet/postgres.tf
  13. 12
      floyd/terraform/shynet/variables.tf
  14. 8
      floyd/terraform/shynet/versions.tf
  15. 9
      floyd/terraform/variables.tf

5
floyd/terraform/caddy/conf/Caddyfile-internal.tpl

@ -3,6 +3,7 @@ pi.mrkaran.dev {
tls {
dns cloudflare "${cloudflare_api_token}"
}
metrics /metrics
}
wiki.mrkaran.dev {
@ -10,6 +11,7 @@ wiki.mrkaran.dev {
tls {
dns cloudflare "${cloudflare_api_token}"
}
metrics /metrics
}
grafana.mrkaran.dev {
@ -17,6 +19,7 @@ grafana.mrkaran.dev {
tls {
dns cloudflare "${cloudflare_api_token}"
}
metrics /metrics
}
sync.mrkaran.dev {
@ -24,6 +27,7 @@ sync.mrkaran.dev {
tls {
dns cloudflare "${cloudflare_api_token}"
}
metrics /metrics
}
@ -36,4 +40,5 @@ firefly.mrkaran.dev {
# https://docs.firefly-iii.org/installation/docker#docker-and-reverse-proxies
X-Forwarded-Proto https
}
metrics /metrics
}

7
floyd/terraform/caddy/conf/Caddyfile-public.tpl

@ -4,3 +4,10 @@ git.mrkaran.dev {
dns cloudflare "${cloudflare_api_token}"
}
}
shynet.mrkaran.dev {
reverse_proxy shynet:8080
tls {
dns cloudflare "${cloudflare_api_token}"
}
}

8
floyd/terraform/caddy/container.tf

@ -31,6 +31,10 @@ resource "docker_container" "caddy_public" {
name = docker_network.caddy_public.name
}
networks_advanced {
name = var.monitoring_network
}
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true
@ -69,6 +73,10 @@ resource "docker_container" "caddy_internal" {
name = docker_network.caddy_internal.name
}
# networks_advanced {
# name = var.monitoring_network
# }
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true

4
floyd/terraform/caddy/variables.tf

@ -4,4 +4,6 @@ variable "ips" {
variable "cloudflare_api_token" {
type = string
}
}
variable "monitoring_network" {}

4
floyd/terraform/env.sample

@ -7,3 +7,7 @@ TF_VAR_gitea_secret_key=
TF_VAR_gitea_internal_token=
TF_VAR_gitea_lfs_jwt_secret=
TF_VAR_gitea_oauth2_jwt_secret=
TF_VAR_gitea_oauth2_jwt_secret=
TF_VAR_gitea_oauth2_jwt_secret=
TF_VAR_shynet_postgresql_password=
TF_VAR_shynet_django_secret_key=

63
floyd/terraform/main.tf

@ -36,19 +36,21 @@ module "gitea" {
}
}
# module "bookstack" {
# source = "./bookstack"
# ips = var.ips
# bookstack_mariadb_password = var.bookstack_mariadb_password
# providers = {
# docker = docker.floyd
# }
# }
module "bookstack" {
source = "./bookstack"
ips = var.ips
bookstack_mariadb_password = var.bookstack_mariadb_password
caddy_network_internal = module.caddy.caddy_network_internal
providers = {
docker = docker.floyd
}
}
module "caddy" {
source = "./caddy"
ips = var.ips
cloudflare_api_token = var.cloudflare_api_token
monitoring_network = module.monitoring.monitoring_network
providers = {
docker = docker.floyd
}
@ -63,26 +65,19 @@ module "monitoring" {
}
}
module "firefly" {
source = "./firefly"
ips = var.ips
firefly_postgres_password = var.firefly_postgres_password
firefly_app_key = var.firefly_app_key
caddy_network_internal = module.caddy.caddy_network_internal
module "shynet" {
source = "./shynet"
ips = var.ips
shynet_postgresql_password = var.shynet_postgresql_password
shynet_django_secret_key = var.shynet_django_secret_key
caddy_network_public = module.caddy.caddy_network_public
providers = {
docker = docker.floyd
}
}
# module "ripe-atlas" {
# source = "./ripe-atlas"
# ips = var.ips
# providers = {
# docker = docker.parvaaz
# }
# }
module "syncthing" {
source = "./syncthing"
ips = var.ips
@ -91,3 +86,25 @@ module "syncthing" {
docker = docker.floyd
}
}
### UNUSED SERVICES ###
### GOODBYE ###
# module "ripe-atlas" {
# source = "./ripe-atlas"
# ips = var.ips
# providers = {
# docker = docker.parvaaz
# }
# }
# module "firefly" {
# source = "./firefly"
# ips = var.ips
# firefly_postgres_password = var.firefly_postgres_password
# firefly_app_key = var.firefly_app_key
# caddy_network_internal = module.caddy.caddy_network_internal
# providers = {
# docker = docker.floyd
# }
# }

14
floyd/terraform/monitoring/conf/prometheus.yml

@ -1,5 +1,5 @@
global:
scrape_interval: 15s
scrape_interval: 30s
external_labels:
hydra_component: "floyd"
@ -9,12 +9,10 @@ scrape_configs:
- targets: ["localhost:9090"]
- job_name: "node"
scrape_interval: 5s
static_configs:
- targets: ["nodeexporter:9100"]
- job_name: "cadvisor"
scrape_interval: 5s
static_configs:
- targets: ["cadvisor:8080"]
@ -22,3 +20,13 @@ scrape_configs:
scrape_interval: 60s
static_configs:
- targets: ["100.94.241.54:9283"] # RPi telegraf Agent
- job_name: caddy-public
scrape_interval: 60s
static_configs:
- targets: ['caddy_public:2019']
- job_name: caddy-internal
scrape_interval: 60s
static_configs:
- targets: ['caddy_internal:2019']

3
floyd/terraform/monitoring/output.tf

@ -0,0 +1,3 @@
output "monitoring_network" {
value = docker_network.monitoring.name
}

46
floyd/terraform/shynet/container.tf

@ -0,0 +1,46 @@
# Referred to https://github.com/milesmcc/shynet/blob/master/GUIDE.md#installation
# for config.
resource "docker_container" "shynet" {
name = "shynet"
image = docker_image.shynet.latest
volumes {
host_path = "/data/shynet"
container_path = "/config"
}
ports {
internal = 8080
external = 4080
ip = var.ips["tailscale_floyd"]
protocol = "tcp"
}
networks_advanced {
name = docker_network.shynet.name
}
networks_advanced {
name = var.caddy_network_public
}
env = [
"DB_NAME=shynet",
"DB_PORT=5432",
"DB_HOST=shynet_db",
"DB_USER=shynet",
"DB_PASSWORD=${var.shynet_postgresql_password}",
"DJANGO_SECRET_KEY=${var.shynet_django_secret_key}",
"TIME_ZONE=Asia/Kolkata",
"ACCOUNT_SIGNUPS_ENABLED=False",
"SCRIPT_USE_HTTPS=True",
"SHOW_SHYNET_VERSION=True",
"PERFORM_CHECKS_AND_SETUP=True",
"PORT=8080",
"ONLY_SUPERUSERS_CREATE=True"
]
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true
}

17
floyd/terraform/shynet/image.tf

@ -0,0 +1,17 @@
data "docker_registry_image" "shynet" {
name = "milesmcc/shynet:latest"
}
resource "docker_image" "shynet" {
name = data.docker_registry_image.shynet.name
pull_triggers = [data.docker_registry_image.shynet.sha256_digest]
}
data "docker_registry_image" "postgres" {
name = "postgres:12"
}
resource "docker_image" "postgres" {
name = data.docker_registry_image.postgres.name
pull_triggers = [data.docker_registry_image.postgres.sha256_digest]
}

5
floyd/terraform/shynet/network.tf

@ -0,0 +1,5 @@
resource "docker_network" "shynet" {
name = "shynet"
driver = "bridge"
internal = "false"
}

25
floyd/terraform/shynet/postgres.tf

@ -0,0 +1,25 @@
# Referred to https://github.com/milesmcc/shynet/blob/master/docker-compose.yml
# for config.
resource "docker_container" "shynet_db" {
name = "shynet_db"
image = docker_image.postgres.latest
volumes {
host_path = "/data/shynet/db"
container_path = "/var/lib/postgres"
}
env = [
"POSTGRES_DB=shynet",
"POSTGRES_USER=shynet",
"POSTGRES_PASSWORD=${var.shynet_postgresql_password}",
]
networks_advanced {
name = docker_network.shynet.name
}
restart = "unless-stopped"
destroy_grace_seconds = 30
must_run = true
}

12
floyd/terraform/shynet/variables.tf

@ -0,0 +1,12 @@
variable "ips" {
type = map
}
variable "shynet_postgresql_password" {
type = string
}
variable "shynet_django_secret_key" {
type = string
}
variable "caddy_network_public" {}

8
floyd/terraform/shynet/versions.tf

@ -0,0 +1,8 @@
terraform {
required_providers {
docker = {
source = "terraform-providers/docker"
}
}
required_version = ">= 0.13"
}

9
floyd/terraform/variables.tf

@ -51,3 +51,12 @@ variable "gitea_oauth2_jwt_secret" {
}
variable "shynet_postgresql_password" {
type = string
description = "Password for shynet PostgreSQL server"
}
variable "shynet_django_secret_key" {
type = string
description = "Django secret key generated for Shynet"
}

Loading…
Cancel
Save