Upgrade trunk

.trunk/trunk.yaml

@@ -7,7 +7,7 @@ cli:
 plugins:
   sources:
     - id: trunk
-      ref: v1.6.0
+      ref: v1.6.1
       uri: https://github.com/trunk-io/plugins
 # Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes)
 runtimes:
@@ -24,13 +24,13 @@ lint:
     - checkov
   enabled:
     - hadolint@2.12.0
-    - tflint@0.51.1
+    - tflint@0.52.0
     - gitleaks@8.18.4
     - markdownlint@0.41.0
-    - taplo@0.8.1
+    - taplo@0.9.2
     - actionlint@1.7.1
     - git-diff-check
-    - prettier@3.3.2
+    - prettier@3.3.3
     - yamllint@1.35.1
   definitions:
     - name: markdownlint
@@ -49,12 +49,12 @@ tools:
     - gh@2.49.2
     - jq@jq-1.7.1
     - yq@4.44.1
-    - awscli@1.33.17
+    - awscli@1.33.27
     - action-validator@0.6.0
     - act@0.2.63
     - shellcheck@0.10.0
     - hadolint@2.12.0
     - tofu@1.7.2
     - trunk-toolbox@0.3.2
-    - tflint@0.51.1
+    - tflint@0.52.0
     - terraform@1.9.0

mitmproxy.tf_

@@ -0,0 +1,44 @@
+data "docker_registry_image" "mitmproxy" {
+  name = "ghcr.io/benzine-framework/mitmproxy:10.1.1"
+}
+resource "docker_service" "mitmproxy" {
+  name = "mitmproxy"
+  task_spec {
+    container_spec {
+      image = "${data.docker_registry_image.mitmproxy.name}@${data.docker_registry_image.mitmproxy.sha256_digest}"
+      command = [
+        "mitmweb",
+        "--web-host", "0.0.0.0",
+        "--web-port", "8081",
+        #"--listen-host", "0.0.0.0",
+        #"--listen-port", "8080",
+        "--ssl-insecure",
+      ]
+      #healthcheck {
+      #  test         = ["CMD-SHELL", " curl -I -x http://localhost:8080 -k http://172.17.0.1 || exit 1"]
+      #  start_period = "10s"
+      #  interval     = "10s"
+      #  timeout      = "5s"
+      #  retries      = 5
+      #}
+    }
+    restart_policy {
+      condition = "any"
+      delay     = "0s"
+      window    = "0s"
+    }
+  }
+  endpoint_spec {
+    ports {
+      target_port    = 8081
+      published_port = 8081
+      publish_mode   = "ingress"
+    }
+    ports {
+        target_port    = 8080
+        published_port = 8080
+        publish_mode   = "ingress"
+    }
+  }
+}
+

modules/vigil/configuration.tf

@@ -21,6 +21,7 @@ locals {
     custom_html          = var.custom_html
     services             = local.services_toml
     startup_notification = var.notify_on_startup
+    telegram_enable      = var.notify_telegram.token == "" ? "# " : "" // Disable telegram if token is not set
     telegram_bot_token   = var.notify_telegram.token
     telegram_chat_id     = var.notify_telegram.channel
   })

modules/vigil/vigil.toml.tpl

@@ -59,9 +59,9 @@ reminder_interval = 600
 reminder_backoff_function = "linear"
 reminder_backoff_limit = 3
 
-[notify.telegram]
-bot_token = "${telegram_bot_token}"
-chat_id = "${telegram_chat_id}"
+${telegram_enable}[notify.telegram]
+${telegram_enable}bot_token = "${telegram_bot_token}"
+${telegram_enable}chat_id = "${telegram_chat_id}"
 
 [probe]
 

vigil.tf

@@ -11,12 +11,15 @@ module "vigil_nginx_config" {
 }
 variable "telegram_token" {
   type = string
+  default = ""
 }
 variable "telegram_channel" {
   type = string
+  default = ""
 }
 variable "telegram_topic" {
   type = string
+  default = ""
 }
 module "vigil" {
   source = "./modules/vigil"
@@ -67,6 +70,30 @@ module "vigil" {
         ]
       },
     ]
+    "PDUs" = [
+      {
+        id = "pdu-main"
+        label = "PDU Main Space"
+        endpoints = [
+          "icmp://main.pdu.ti",
+          "tcp://main.pdu.ti:23",
+        ]
+      },{
+        id = "pdu-aux"
+        label = "PDU Aux Space"
+        endpoints = [
+          "icmp://aux.pdu.ti",
+          "tcp://aux.pdu.ti:23",
+        ]
+      },{
+        id = "pdu-printers"
+        label = "PDU Printers"
+        endpoints = [
+          "icmp://printer.pdu.ti",
+          "tcp://printer.pdu.ti:23",
+        ]
+      }
+    ]
     "Wifi" = [
       {
         id    = "unifi-controller"