Compare commits

..

2 commits

8 changed files with 36 additions and 50 deletions

View file

@ -21,6 +21,7 @@ lint:
- trufflehog # Trufflehog duplicates gitleaks functionality.
- terrascan
- trivy
- checkov
enabled:
- hadolint@2.12.0
- tflint@0.51.1
@ -28,7 +29,6 @@ lint:
- markdownlint@0.41.0
- taplo@0.8.1
- actionlint@1.7.1
- checkov@3.2.156
- git-diff-check
- prettier@3.3.2
- yamllint@1.35.1

View file

@ -1,5 +1,3 @@
Grey's Docker Swarm does IAC
============================
# Grey's Docker Swarm does IAC
Or: How I learned to stop worrying and love the swarm.

View file

@ -52,6 +52,7 @@ resource "docker_service" "minio" {
}
module "minio_nginx_config" {
# tflint-ignore: terraform_module_pinned_source
source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
hostname = var.domain
//certificate = acme_certificate.ooo_grey["s3"]

View file

@ -12,5 +12,9 @@ terraform {
source = "BrendanThompson/scratch"
version = "~> 0.4"
}
local = {
source = "hashicorp/local"
version = "~>2.1"
}
}
}

View file

@ -11,6 +11,7 @@ resource "docker_network" "loadbalancer" {
}
module "nginx" {
# tflint-ignore: terraform_module_pinned_source
source = "git::https://code.techinc.nl/grey/terraform-nginx.git"
configs = concat(
module.minio.nginx_files,

View file

@ -13,37 +13,25 @@ resource "docker_volume" "ender5plus" {
name = "ender5plus_config"
}
resource "docker_service" "ender5plus" {
resource "docker_container" "ender5plus" {
image = "${docker_image.octoprint.name}:latest"
provider = docker.printi
name = "ender5plus"
task_spec {
container_spec {
image = "${docker_image.octoprint.name}:latest"
mounts {
target = "/octoprint"
source = docker_volume.ender5plus.name
type = "volume"
}
mounts {
target = "/dev/ttyACM0"
source = "/dev/serial/by-id/usb-FTDI_FT232R_USB_UART_A602AFFK-if00-port0"
type = "bind"
}
env = {
#ENABLE_MJPG_STREAMER = "true"
}
}
restart_policy {
condition = "any"
delay = "20s"
window = "0s"
}
name = "ender5plus"
env = [
"ENABLE_MJPG_STREAMER=false"
]
restart = "always"
ports {
internal = 80
external = 3000
}
endpoint_spec {
ports {
target_port = 80
published_port = 3000
publish_mode = "ingress"
}
devices {
host_path = "/dev/serial/by-id/usb-FTDI_FT232R_USB_UART_A602AFFK-if00-port0"
container_path = "/dev/ttyACM0"
}
volumes {
container_path = "/octoprint"
#host_path = docker_volume.ender5plus.name
volume_name = docker_volume.ender5plus.name
}
}

View file

@ -1,6 +1,6 @@
FROM octoprint/octoprint AS octoprint
RUN apt update -q && \
apt install -yq \
RUN apt-get update -q && \
apt-get install -yq --no-install-recommends \
cpulimit \
sudo \
curl wget \
@ -13,23 +13,16 @@ RUN apt update -q && \
FROM octoprint AS mjpg-streamer-builder
WORKDIR /build
RUN apt update -q && \
apt install -yq unzip subversion
RUN apt-get update -q && \
apt-get install -yq --no-install-recommends \
unzip \
subversion
RUN curl -s -L https://github.com/pranjalv123/mjpg-streamer-yu12/archive/refs/heads/master.zip --output mjpeg-streamer-yu12.zip && \
unzip -q mjpeg-streamer-yu12.zip
RUN cd mjpg-streamer-yu12-master/mjpg-streamer && \
make && \
unzip -q mjpeg-streamer-yu12.zip \
WORKDIR /build/mjpg-streamer-yu12-master/mjpg-streamer
RUN make && \
ls -lah
FROM octoprint AS octoprint-mjpg-streamer
COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/mjpg_streamer /usr/local/bin/mjpg_streamer
COPY --from=mjpg-streamer-builder /build/mjpg-streamer-yu12-master/mjpg-streamer/*.so /usr/local/lib/mjpg-streamer/
FROM octoprint AS octoklipper
RUN git clone https://github.com/Klipper3d/klipper.git klipper && \
cd klipper && \
git checkout master && \
rm .git -rf
RUN venv/bin/pip install -r klipper/scripts/klippy-requirements.txt \
&& venv/bin/python -m compileall klipper/klippy \
&& venv/bin/python klipper/klippy/chelper/__init__.py

View file

@ -1,4 +1,5 @@
module "vigil_nginx_config" {
# tflint-ignore: terraform_module_pinned_source
source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
hostname = "vigil.california.ti"
//certificate = acme_certificate.ooo_grey["s3"]