This repository has been archived on 2024-11-12. You can view files and clone it, but cannot push or open issues or pull requests.
iac/modules/vigil/vigil.tf

70 lines
1.8 KiB
Terraform
Raw Normal View History

2024-06-28 13:49:44 +00:00
resource "random_password" "token" {
for_each = toset(["manager", "worker"])
length = 32
special = false
}
data "docker_registry_image" "vigil" {
name = "valeriansaliou/vigil:${var.vigil_version}"
}
resource "docker_service" "vigil" {
name = lower(var.vigil_service_name)
task_spec {
container_spec {
image = "${data.docker_registry_image.vigil.name}@${data.docker_registry_image.vigil.sha256_digest}"
healthcheck {
2024-06-28 15:53:53 +00:00
#test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"]
#interval = "10s"
#timeout = "10s"
#retries = 3
#start_period = "1m"
# Disable healtcheck
test = ["NONE"]
2024-06-28 13:49:44 +00:00
}
configs {
config_id = docker_config.vigil.id
config_name = docker_config.vigil.name
file_name = "/etc/vigil.cfg"
}
}
2024-06-28 15:53:53 +00:00
dynamic "networks_advanced" {
for_each = var.docker_networks
content {
name = networks_advanced.value.id
}
}
2024-06-28 13:49:44 +00:00
restart_policy {
condition = "any"
delay = "20s"
window = "0s"
}
}
2024-06-28 15:53:53 +00:00
#converge_config {
# delay = "5s"
# timeout = "2m"
#}
2024-06-28 13:49:44 +00:00
update_config {
order = "stop-first"
parallelism = 1
}
2024-06-28 15:53:53 +00:00
endpoint_spec {
ports {
target_port = 8080
publish_mode = "ingress"
}
}
2024-06-28 13:49:44 +00:00
}
resource "random_id" "vigil_iter" {
byte_length = 4
keepers = {
checksum = local.vigil_toml_checksum
}
}
resource "docker_config" "vigil" {
name = lower(join("-", [var.vigil_service_name, random_id.vigil_iter.hex]))
data = sensitive(base64encode(local.vigil_toml)) // I have marked this as sensitive just so it wont spam the hell out of the terminal with a wall of text. Its not actually sensitive.
lifecycle {
ignore_changes = [name]
create_before_destroy = true
}
}