71 lines
2.7 KiB
HCL
71 lines
2.7 KiB
HCL
# Pick a random port to use for our uplink port.
|
|
resource "random_integer" "quassel_port" {
|
|
max = 65535
|
|
min = 1024
|
|
}
|
|
|
|
# Build our latest quassel docker image.
|
|
resource "docker_image" "quassel" {
|
|
name = "${var.docker_prefix}-quassel"
|
|
build {
|
|
context = "${path.module}/quassel"
|
|
}
|
|
triggers = {
|
|
dir_sha1 = sha1(join("", [for f in fileset(path.module, "quassel/*") : filesha1(f)]))
|
|
}
|
|
}
|
|
|
|
# Create a network for our quassel service and postgres service to communicate upon
|
|
resource "docker_network" "quassel" {
|
|
name = "${var.docker_prefix}-quassel"
|
|
driver = "overlay" # We're using overlay networking because its fuckin' rad.
|
|
}
|
|
|
|
# Create our Quassel docker service.
|
|
resource "docker_service" "quassel" {
|
|
name = "${var.docker_prefix}-quassel"
|
|
|
|
# We need the database to be present for this container to work, so we can explicitly tell TF about it here
|
|
depends_on = [docker_service.quassel_db]
|
|
|
|
# We're going to define the task specification
|
|
task_spec {
|
|
# Which contains a container specification
|
|
container_spec {
|
|
# Which has a docker image set
|
|
#image = "${data.docker_registry_image.quassel.name}@${data.docker_registry_image.quassel.sha256_digest}"
|
|
image = docker_image.quassel.name
|
|
env = {
|
|
# And a bunch of environment variables as per the upstream documentation.
|
|
PUID = 1000
|
|
PGID = 1000
|
|
TZ = var.tz
|
|
RUN_OPTS = "--config-from-environment"
|
|
DB_BACKEND = "PostgreSQL"
|
|
DB_PGSQL_USERNAME = local.pg_username
|
|
DB_PGSQL_PASSWORD = local.pg_password
|
|
DB_PGSQL_HOSTNAME = local.pg_hostname
|
|
DB_PGSQL_PORT = local.pg_port_internal
|
|
AUTH_AUTHENTICATOR = "Database"
|
|
}
|
|
}
|
|
# Attach our task to the network we created earlier
|
|
networks_advanced {
|
|
name = docker_network.quassel.id
|
|
}
|
|
}
|
|
# Setting a converge config means that we will wait for the service to be up and running (and reporting it is healthy) before moving on.
|
|
converge_config {
|
|
delay = "5s" # Wait 5 seconds between checks
|
|
timeout = "2m" # Give up after 2 minutes
|
|
}
|
|
endpoint_spec {
|
|
# Configure our service to listen on a random port on the ingress network (which means any node in the swarm will redirect the traffic to (an instance of) this service)
|
|
ports {
|
|
target_port = 4242 # default quassel port on the container
|
|
published_port = local.quassel_port # Use the random port we generated earlier
|
|
protocol = "tcp"
|
|
publish_mode = "ingress" # Its that fwicked cool sweet awesome overlay network again, but this time ingress from the outside of the cluster
|
|
}
|
|
}
|
|
}
|