grey/IAC
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: grey:6ed5cd5cef31148851c2093486ca67ed4ae44db6
Branches Tags
grey:main
grey:trunk-io/update-trunk
..
compare: grey:ed7a19238d8a64b8edb21c369fbe22386376e4d1
Branches Tags
grey:main
grey:trunk-io/update-trunk

No commits in common. "6ed5cd5cef31148851c2093486ca67ed4ae44db6" and "ed7a19238d8a64b8edb21c369fbe22386376e4d1" have entirely different histories.
6ed5cd5cef ... ed7a19238d

15 changed files with 37 additions and 468 deletions
Show stats Expand all files Collapse all files

16
docker.tf
View file

@ -1,4 +1,4 @@
/*provider "ssh" { provider "ssh" {
server = { server = {
host = "california.ti" host = "california.ti"
port = 22 port = 22
@ -10,14 +10,12 @@
} }
} }
} }
data "ssh_tunnel" "docker" { #data "ssh_tunnel" "docker" {
connection_name = "docker_socket_tunnel_california" # connection_name = "docker_socket_tunnel_california"
remote = { # remote = {
socket = "/var/run/docker.sock" # socket = "/var/run/docker.sock"
} # }
} #}
*/
provider "docker" { provider "docker" {
host = "ssh://california.ti" host = "ssh://california.ti"
} }

4
modules/minio/outputs.tf
View file

@ -1,7 +1,7 @@
output "auth" { output "auth" {
value = { value = {
user = var.admin_username user = docker_service.minio.task_spec[0].container_spec[0].env.MINIO_ROOT_USER
password = nonsensitive(random_password.minio_password.result) password = nonsensitive(docker_service.minio.task_spec[0].container_spec[0].env.MINIO_ROOT_PASSWORD)
} }
} }
output "domain" { output "domain" {

32
modules/vigil/configuration.tf
View file

@ -1,32 +0,0 @@
locals {
services_toml = [
for service_group, services in var.services : templatefile("${path.module}/vigil.service.toml.tpl", {
service_group_id = service_group
service_group_label = service_group
services = services
})
]
vigil_toml = templatefile("${path.module}/vigil.toml.tpl", {
manager_token = random_password.token["manager"].result
reporter_token = random_password.token["worker"].result
page_title = var.page_title
page_url = var.page_url
company_name = var.company_name
icon_color = var.icon_color
icon_url = var.icon_url
logo_color = var.logo_color
logo_url = var.logo_url
website_url = var.website_url
support_url = var.support_url
custom_html = var.custom_html
services = local.services_toml
})
vigil_toml_checksum = md5(local.vigil_toml)
}
resource "scratch_string" "services" {
in = yamlencode(local.services_toml)
}
resource "local_file" "vigil_toml" {
filename = "${path.root}/.debug/vigil.toml"
content = local.vigil_toml
}

68
modules/vigil/inputs.tf
View file

@ -1,68 +0,0 @@
variable "vigil_version" {
type = string
description = "The version of Vigil to deploy"
default = "v1.26.3"
}
variable "vigil_service_name" {
type = string
description = "The name of the Vigil service"
default = "vigil"
}
variable "services" {
type = map(list(object({
id = string
label = string
endpoints = list(string)
})))
}
variable "page_title" {
type = string
description = "The title of the Vigil page"
default = "Vigil"
}
variable "page_url" {
type = string
description = "The URL of the Vigil page"
default = "https://vigil.example.com"
}
variable "company_name" {
type = string
description = "The name of the company"
default = "ExampleCo"
}
variable "icon_color" {
type = string
description = "The color of the icon"
default = "#1972F5"
}
variable "icon_url" {
type = string
description = "The URL of the icon"
default = "https://example.com/icon.png"
}
variable "logo_color" {
type = string
description = "The color of the logo"
default = "#1972F5"
}
variable "logo_url" {
type = string
description = "The URL of the logo"
default = "https://example.com/logo.png"
}
variable "website_url" {
type = string
description = "The URL of the website"
default = "https://example.com"
}
variable "support_url" {
type = string
description = "The URL of the support page"
default = "https://example.com/support"
}
variable "custom_html" {
type = string
description = "Custom HTML to include in the Vigil page"
default = ""
}

16
modules/vigil/terraform.tf
View file

@ -1,16 +0,0 @@
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "~>3.0"
}
random = {
source = "hashicorp/random"
version = "~>3.3"
}
scratch = {
source = "BrendanThompson/scratch"
version = "~> 0.4"
}
}
}

14
modules/vigil/vigil.service.toml.tpl
View file

@ -1,14 +0,0 @@
[[probe.service]]
id = "${service_group_id}"
label = "${service_group_label}"
[[probe.service.node]]
id = "${id}"
label = "${label}"
mode = "poll"
reveal_replica_name = true
replicas = [
%{ for endpoint in endpoints ~}
"${endpoint}",
%{ endfor ~}
]

55
modules/vigil/vigil.tf
View file

@ -1,55 +0,0 @@
resource "random_password" "token" {
for_each = toset(["manager", "worker"])
length = 32
special = false
}
data "docker_registry_image" "vigil" {
name = "valeriansaliou/vigil:${var.vigil_version}"
}
resource "docker_service" "vigil" {
name = lower(var.vigil_service_name)
task_spec {
container_spec {
image = "${data.docker_registry_image.vigil.name}@${data.docker_registry_image.vigil.sha256_digest}"
healthcheck {
test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"]
interval = "10s"
timeout = "10s"
retries = 3
start_period = "1m"
}
configs {
config_id = docker_config.vigil.id
config_name = docker_config.vigil.name
file_name = "/etc/vigil.cfg"
}
}
restart_policy {
condition = "any"
delay = "20s"
window = "0s"
}
}
converge_config {
delay = "5s"
timeout = "2m"
}
update_config {
order = "stop-first"
parallelism = 1
}
}
resource "random_id" "vigil_iter" {
byte_length = 4
keepers = {
checksum = local.vigil_toml_checksum
}
}
resource "docker_config" "vigil" {
name = lower(join("-", [var.vigil_service_name, random_id.vigil_iter.hex]))
data = sensitive(base64encode(local.vigil_toml)) // I have marked this as sensitive just so it wont spam the hell out of the terminal with a wall of text. Its not actually sensitive.
lifecycle {
ignore_changes = [name]
create_before_destroy = true
}
}

71
modules/vigil/vigil.toml.tpl
View file

@ -1,71 +0,0 @@
# Vigil
# Microservices Status Page
# Configuration file
# Example: https://github.com/valeriansaliou/vigil/blob/master/config.cfg
[server]
log_level = "debug"
inet = "0.0.0.0:3000"
workers = 4
manager_token = "${manager_token}"
reporter_token = "${reporter_token}"
[assets]
path = "./res/assets/"
[branding]
page_title = "${page_title}"
page_url = "${page_url}"
company_name = "${company_name}"
icon_color = "${icon_color}"
icon_url = "${icon_url}"
logo_color = "${logo_color}"
logo_url = "${logo_url}"
website_url = "${website_url}"
support_url = "${support_url}"
custom_html = "${custom_html}"
[metrics]
poll_interval = 15
poll_retry = 2
poll_http_status_healthy_above = 200
poll_http_status_healthy_below = 400
poll_delay_dead = 10
poll_delay_sick = 5
poll_parallelism = 4
push_delay_dead = 20
push_system_cpu_sick_above = 0.90
push_system_ram_sick_above = 0.90
script_interval = 300
script_parallelism = 2
local_delay_dead = 40
[plugins]
[plugins.rabbitmq]
api_url = "http://127.0.0.1:15672"
auth_username = "rabbitmq-administrator"
auth_password = "RABBITMQ_ADMIN_PASSWORD"
virtualhost = "crisp"
queue_ready_healthy_below = 500
queue_nack_healthy_below = 100
queue_ready_dead_above = 20000
queue_nack_dead_above = 5000
queue_loaded_retry_delay = 500
[notify]
startup_notification = false
reminder_interval = 600
reminder_backoff_function = "linear"
reminder_backoff_limit = 3
#[notify.telegram]
#bot_token = "xxxxxxxxxx:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
#chat_id = "xxxxxxxxx"
[probe]
%{ for service in services ~}
${service}
%{ endfor ~}

2
output.tf
View file

@ -1,4 +1,4 @@
output "minio" { output "minio" {
value = module.minio value = module.minio
} }

47
printers.tf
View file

@ -1,49 +1,14 @@
resource "docker_image" "octoprint" { resource "docker_image" "octoprint" {
provider = docker.printi provider = "docker.printi"
name = "octoprint" name = "octoprint"
build { build {
context = "${path.module}/printers" context = "${path.module}/printers"
target = "octoprint-mjpg-streamer" target = "octoprint-mjpg-streamer"
tag = ["ti-octoprint:latest"]
} }
} }
/*
resource "docker_volume" "ender5plus" { resource "docker_container" "corexy" {
provider = docker.printi provider = "docker.printi"
name = "ender5plus_config"
}
resource "docker_service" "ender5plus" {
provider = docker.printi
name = "ender5plus"
task_spec {
container_spec {
image = docker_image.octoprint.name image = docker_image.octoprint.name
mounts { name = "corexy"
target = "/octoprint" }*/
source = docker_volume.ender5plus.name
type = "volume"
}
mounts {
target = "/dev/ttyACM0"
source = "/dev/serial/by-id/usb-FTDI_FT232R_USB_UART_A602AFFK-if00-port0"
type = "bind"
}
env = {
#ENABLE_MJPG_STREAMER = "true"
}
}
restart_policy {
condition = "any"
delay = "20s"
window = "0s"
}
}
endpoint_spec {
ports {
target_port = 80
published_port = 3000
publish_mode = "ingress"
}
}
}

113
ubiquity.tf
View file

@ -1,113 +0,0 @@
data "docker_registry_image" "unifi_controller" {
name = "jacobalberty/unifi"
}
resource "docker_service" "unifi_controller" {
name = "unifi_controller"
provider = docker.unifi
task_spec {
container_spec {
image = "${data.docker_registry_image.unifi_controller.name}@${data.docker_registry_image.unifi_controller.sha256_digest}"
env = {
TZ = "Europe/Amsterdam"
}
mounts {
target = "/unifi"
source = "/home/techinc/unifi"
type = "bind"
}
}
restart_policy {
condition = "any"
delay = "0s"
window = "0s"
}
}
endpoint_spec {
ports {
target_port = 8443
published_port = 443
publish_mode = "ingress"
}
ports {
target_port = 8443
published_port = 8443
publish_mode = "ingress"
}
ports {
target_port = 3478
published_port = 3478
publish_mode = "ingress"
protocol = "udp"
}
ports {
target_port = 10001
published_port = 10001
publish_mode = "ingress"
protocol = "udp"
}
ports {
target_port = 8080
published_port = 8080
publish_mode = "ingress"
}
}
}
data "docker_registry_image" "http2https" {
name = "articulate/http-to-https"
}
resource "docker_service" "unifi_http2https" {
name = "http2https"
provider = docker.unifi
task_spec {
container_spec {
image = "${data.docker_registry_image.http2https.name}@${data.docker_registry_image.http2https.sha256_digest}"
}
restart_policy {
condition = "any"
delay = "0s"
window = "0s"
}
}
endpoint_spec {
ports {
target_port = 80
published_port = 80
publish_mode = "ingress"
}
}
}
data "docker_registry_image" "iperf" {
name = "loganmarchione/docker-iperf3:latest"
provider = docker.unifi
}
resource "docker_service" "unifi_iperf" {
name = "iperf"
provider = docker.unifi
task_spec {
container_spec {
image = "${data.docker_registry_image.iperf.name}@${data.docker_registry_image.iperf.sha256_digest}"
}
restart_policy {
condition = "any"
delay = "0s"
window = "0s"
}
}
endpoint_spec {
ports {
target_port = 5201
published_port = 5201
publish_mode = "ingress"
protocol = "tcp"
}
ports {
target_port = 5201
published_port = 5201
publish_mode = "ingress"
protocol = "udp"
}
}
}

25
vigil.tf
View file

@ -1,25 +0,0 @@
module "vigil" {
source = "./modules/vigil"
services = {
"printers" = [
{
id = "prin.ti"
label = "Prin.ti (Print Controller)"
endpoints = [
"icmp://prin.ti",
"tcp://prin.ti:22",
"http://prin.ti:3000",
]
}, {
id = "v400"
label = "FLSun V400"
endpoints = [
"icmp://v400.prin.ti",
"tcp://v400.prin.ti:22",
"http://v400.prin.ti:80",
"http://v400.prin.ti:8080",
]
}
]
}
}