Compare commits

..

No commits in common. "78c0bf2a6b23b993f14cdc82160d5b27e512ad60" and "aed00f60170d4e047f0d4da7bb8cc39f568b956b" have entirely different histories.

8 changed files with 50 additions and 36 deletions

View file

@ -21,7 +21,6 @@ lint:
- trufflehog # Trufflehog duplicates gitleaks functionality. - trufflehog # Trufflehog duplicates gitleaks functionality.
- terrascan - terrascan
- trivy - trivy
- checkov
enabled: enabled:
- hadolint@2.12.0 - hadolint@2.12.0
- tflint@0.51.1 - tflint@0.51.1
@ -29,6 +28,7 @@ lint:
- markdownlint@0.41.0 - markdownlint@0.41.0
- taplo@0.8.1 - taplo@0.8.1
- actionlint@1.7.1 - actionlint@1.7.1
- checkov@3.2.156
- git-diff-check - git-diff-check
- prettier@3.3.2 - prettier@3.3.2
- yamllint@1.35.1 - yamllint@1.35.1

View file

@ -1,3 +1,5 @@
# Grey's Docker Swarm does IAC Grey's Docker Swarm does IAC
============================
Or: How I learned to stop worrying and love the swarm. Or: How I learned to stop worrying and love the swarm.

View file

@ -52,7 +52,6 @@ resource "docker_service" "minio" {
} }
module "minio_nginx_config" { module "minio_nginx_config" {
# tflint-ignore: terraform_module_pinned_source
source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available" source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
hostname = var.domain hostname = var.domain
//certificate = acme_certificate.ooo_grey["s3"] //certificate = acme_certificate.ooo_grey["s3"]

View file

@ -12,9 +12,5 @@ terraform {
source = "BrendanThompson/scratch" source = "BrendanThompson/scratch"
version = "~> 0.4" version = "~> 0.4"
} }
local = {
source = "hashicorp/local"
version = "~>2.1"
}
} }
} }

View file

@ -11,7 +11,6 @@ resource "docker_network" "loadbalancer" {
} }
module "nginx" { module "nginx" {
# tflint-ignore: terraform_module_pinned_source
source = "git::https://code.techinc.nl/grey/terraform-nginx.git" source = "git::https://code.techinc.nl/grey/terraform-nginx.git"
configs = concat( configs = concat(
module.minio.nginx_files, module.minio.nginx_files,

View file

@ -13,25 +13,37 @@ resource "docker_volume" "ender5plus" {
name = "ender5plus_config" name = "ender5plus_config"
} }
resource "docker_container" "ender5plus" { resource "docker_service" "ender5plus" {
image = "${docker_image.octoprint.name}:latest"
provider = docker.printi provider = docker.printi
name = "ender5plus" name = "ender5plus"
env = [ task_spec {
"ENABLE_MJPG_STREAMER=false" container_spec {
] image = "${docker_image.octoprint.name}:latest"
restart = "always" mounts {
target = "/octoprint"
source = docker_volume.ender5plus.name
type = "volume"
}
mounts {
target = "/dev/ttyACM0"
source = "/dev/serial/by-id/usb-FTDI_FT232R_USB_UART_A602AFFK-if00-port0"
type = "bind"
}
env = {
#ENABLE_MJPG_STREAMER = "true"
}
}
restart_policy {
condition = "any"
delay = "20s"
window = "0s"
}
}
endpoint_spec {
ports { ports {
internal = 80 target_port = 80
external = 3000 published_port = 3000
} publish_mode = "ingress"
devices { }
host_path = "/dev/serial/by-id/usb-FTDI_FT232R_USB_UART_A602AFFK-if00-port0"
container_path = "/dev/ttyACM0"
}
volumes {
container_path = "/octoprint"
#host_path = docker_volume.ender5plus.name
volume_name = docker_volume.ender5plus.name
} }
} }

View file

@ -1,6 +1,6 @@
FROM octoprint/octoprint AS octoprint FROM octoprint/octoprint AS octoprint
RUN apt-get update -q && \ RUN apt update -q && \
apt-get install -yq --no-install-recommends \ apt install -yq \
cpulimit \ cpulimit \
sudo \ sudo \
curl wget \ curl wget \
@ -13,16 +13,23 @@ RUN apt-get update -q && \
FROM octoprint AS mjpg-streamer-builder FROM octoprint AS mjpg-streamer-builder
WORKDIR /build WORKDIR /build
RUN apt-get update -q && \ RUN apt update -q && \
apt-get install -yq --no-install-recommends \ apt install -yq unzip subversion
unzip \
subversion
RUN curl -s -L https://github.com/pranjalv123/mjpg-streamer-yu12/archive/refs/heads/master.zip --output mjpeg-streamer-yu12.zip && \ RUN curl -s -L https://github.com/pranjalv123/mjpg-streamer-yu12/archive/refs/heads/master.zip --output mjpeg-streamer-yu12.zip && \
unzip -q mjpeg-streamer-yu12.zip \ unzip -q mjpeg-streamer-yu12.zip
WORKDIR /build/mjpg-streamer-yu12-master/mjpg-streamer RUN cd mjpg-streamer-yu12-master/mjpg-streamer && \
RUN make && \ make && \
ls -lah ls -lah
FROM octoprint AS octoprint-mjpg-streamer FROM octoprint AS octoprint-mjpg-streamer
COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/mjpg_streamer /usr/local/bin/mjpg_streamer COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/mjpg_streamer /usr/local/bin/mjpg_streamer
COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/*.so /usr/local/lib/mjpg-streamer/ COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/*.so /usr/local/lib/mjpg-streamer/
FROM octoprint AS octoklipper
RUN git clone https://github.com/Klipper3d/klipper.git klipper && \
cd klipper && \
git checkout master && \
rm .git -rf
RUN venv/bin/pip install -r klipper/scripts/klippy-requirements.txt \
&& venv/bin/python -m compileall klipper/klippy \
&& venv/bin/python klipper/klippy/chelper/__init__.py

View file

@ -1,5 +1,4 @@
module "vigil_nginx_config" { module "vigil_nginx_config" {
# tflint-ignore: terraform_module_pinned_source
source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available" source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
hostname = "vigil.california.ti" hostname = "vigil.california.ti"
//certificate = acme_certificate.ooo_grey["s3"] //certificate = acme_certificate.ooo_grey["s3"]