Create instance of Nginx Proxy Manager

products/nginx-proxy-manager/auth.tf

@@ -0,0 +1,20 @@
+variable "admin_email" {
+  type        = string
+  description = "The email address to use for the admin user."
+}
+variable "admin_password" {
+  default     = null
+  type        = string
+  description = "The password to use for the admin user."
+}
+
+resource "random_password" "password" {
+  count   = var.admin_password == null ? 1 : 0
+  length  = 32
+  special = false
+}
+
+locals {
+  admin_email    = var.admin_email
+  admin_password = var.admin_password == null ? random_password.password[0].result : var.admin_password
+}

products/nginx-proxy-manager/inputs.tf

@@ -0,0 +1,20 @@
+variable "enable" {
+  default     = true
+  type        = bool
+  description = "Whether to enable the service or to merely provision the service."
+}
+variable "stack_name" {
+  type        = string
+  description = "The name of the stack to deploy the service to."
+  default     = "nginx-proxy"
+}
+variable "publish_mode" {
+  type        = string
+  description = "The publish mode for the service."
+  default     = "ingress"
+}
+variable "data_persist_path" {
+  type        = string
+  description = "The path to persist data to."
+  default     = "/data/nginx-proxy-manager"
+}

products/nginx-proxy-manager/network.tf

@@ -0,0 +1,5 @@
+
+module "network" {
+  source     = "../../docker/network"
+  stack_name = var.stack_name
+}

products/nginx-proxy-manager/nginx-proxy-manager.tf

@@ -0,0 +1,28 @@
+module "nginx_proxy_manager" {
+  source          = "../../docker/service"
+  enable          = var.enable
+  image           = "jc21/nginx-proxy-manager:latest"
+  service_name    = "nginx"
+  stack_name      = "proxy"
+  networks        = [module.network]
+  converge_enable = false # @todo: Write a healthcheck for the service and enable this.
+  ports = [
+    { host = 80, container = 80, publish_mode = var.publish_mode },
+    { host = 443, container = 443, publish_mode = var.publish_mode },
+    { host = 8080, container = 81, publish_mode = var.publish_mode },
+  ]
+  mounts = {
+    "${var.data_persist_path}/data"        = "/data",
+    "${var.data_persist_path}/letsencrypt" = "/etc/letsencrypt",
+  }
+  environment_variables = {
+    DB_POSTGRES_HOST       = module.postgres.service_name
+    DB_POSTGRES_PORT       = "5432"
+    DB_POSTGRES_USER       = module.postgres.username
+    DB_POSTGRES_NAME       = module.postgres.database
+    DB_POSTGRES_PASSWORD   = module.postgres.password
+    DISABLE_IPV6           = "true"
+    INITIAL_ADMIN_EMAIL    = var.admin_email
+    INITIAL_ADMIN_PASSWORD = var.admin_password
+  }
+}

products/nginx-proxy-manager/outputs.tf

@@ -0,0 +1,14 @@
+output "authentication" {
+  value = {
+    user = local.admin_email
+    pass = nonsensitive(local.admin_password)
+  }
+}
+output "postgres" {
+  value = {
+    username = module.postgres.username
+    password = module.postgres.password
+    database = module.postgres.database
+    endpoint = module.postgres.endpoint
+  }
+}

products/nginx-proxy-manager/postgres.tf

@@ -0,0 +1,13 @@
+module "postgres" {
+  source            = "../../products/postgres"
+  enable            = var.enable
+  stack_name        = "proxy"
+  service_name      = "postgres"
+  networks          = [module.network]
+  database          = "nginx-proxy-manager"
+  username          = "nginx-proxy-manager"
+  data_persist_path = "${var.data_persist_path}/postgres"
+  ports = [
+    { container = 5432, publish_mode = var.publish_mode },
+  ]
+}

products/nginx-proxy-manager/terraform.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    docker = {
+      source  = "kreuzwerker/docker"
+      version = "~> 3.0"
+    }
+  }
+}