grey/iac
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed vigil
Some checks failed
Trunk Check / Trunk Check Runner (push) Failing after 1s
Details

Browse source
This commit is contained in:
Greyscale 2024-06-28 17:53:53 +02:00
parent 6ed5cd5cef
commit e725f54e85
9 changed files with 125 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
modules/vigil/configuration.tf
View file

@ -1,6 +1,6 @@
locals {
services_toml = [
for service_group, services in var.services : templatefile("${path.module}/vigil.service.toml.tpl", {
for service_group, services in var.monitored_services : templatefile("${path.module}/vigil.service.toml.tpl", {
service_group_id = service_group
service_group_label = service_group
services = services
@ -23,9 +23,6 @@ locals {
})
vigil_toml_checksum = md5(local.vigil_toml)
}
resource "scratch_string" "services" {
in = yamlencode(local.services_toml)
}
resource "local_file" "vigil_toml" {
filename = "${path.root}/.debug/vigil.toml"
content = local.vigil_toml

12
modules/vigil/inputs.tf
View file

@ -8,7 +8,16 @@ variable "vigil_service_name" {
description = "The name of the Vigil service"
default = "vigil"
}
variable "services" {
variable "docker_networks" {
type = list(object({
id = string,
name = string,
}))
description = "Docker networks to connect the vigil service to"
default = null
}
variable "monitored_services" {
type = map(list(object({
id = string
label = string
@ -65,4 +74,3 @@ variable "custom_html" {
description = "Custom HTML to include in the Vigil page"
default = ""
}

3
modules/vigil/outputs.tf Normal file
View file

@ -0,0 +1,3 @@
output "docker_service_name" {
value = docker_service.vigil.name
}

11
modules/vigil/vigil.service.toml.tpl
View file

@ -2,13 +2,16 @@
id = "${service_group_id}"
label = "${service_group_label}"
%{ for service in services ~}
[[probe.service.node]]
id = "${id}"
label = "${label}"
id = "${service.id}"
label = "${service.label}"
mode = "poll"
reveal_replica_name = true
replicas = [
%{ for endpoint in endpoints ~}
%{ for endpoint in service.endpoints ~}
"${endpoint}",
%{ endfor ~}
]
]
%{ endfor }

32
modules/vigil/vigil.tf
View file

@ -12,11 +12,13 @@ resource "docker_service" "vigil" {
container_spec {
image = "${data.docker_registry_image.vigil.name}@${data.docker_registry_image.vigil.sha256_digest}"
healthcheck {
test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"]
interval = "10s"
timeout = "10s"
retries = 3
start_period = "1m"
#test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"]
#interval = "10s"
#timeout = "10s"
#retries = 3
#start_period = "1m"
# Disable healtcheck
test = ["NONE"]
}
configs {
config_id = docker_config.vigil.id
@ -24,20 +26,32 @@ resource "docker_service" "vigil" {
file_name = "/etc/vigil.cfg"
}
}
dynamic "networks_advanced" {
for_each = var.docker_networks
content {
name = networks_advanced.value.id
}
}
restart_policy {
condition = "any"
delay = "20s"
window = "0s"
}
}
converge_config {
delay = "5s"
timeout = "2m"
}
#converge_config {
# delay = "5s"
# timeout = "2m"
#}
update_config {
order = "stop-first"
parallelism = 1
}
endpoint_spec {
ports {
target_port = 8080
publish_mode = "ingress"
}
}
}
resource "random_id" "vigil_iter" {
byte_length = 4

2
modules/vigil/vigil.toml.tpl
View file

@ -5,7 +5,7 @@
[server]
log_level = "debug"
inet = "0.0.0.0:3000"
inet = "0.0.0.0:8080"
workers = 4
manager_token = "${manager_token}"

3
loadbalancer.tf → nginx.tf
View file

@ -13,7 +13,8 @@ resource "docker_network" "loadbalancer" {
module "nginx" {
source = "git::https://code.techinc.nl/grey/terraform-nginx.git"
configs = concat(
module.minio.nginx_files
module.minio.nginx_files,
module.vigil_nginx_config.files,
)
networks = [
docker_network.loadbalancer,

2
printers.tf
View file

@ -18,7 +18,7 @@ resource "docker_service" "ender5plus" {
name = "ender5plus"
task_spec {
container_spec {
image = docker_image.octoprint.name
image = "${docker_image.octoprint.name}:latest"
mounts {
target = "/octoprint"
source = docker_volume.ender5plus.name

80
vigil.tf
View file

@ -1,7 +1,55 @@
module "vigil_nginx_config" {
source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
hostname = "vigil.california.ti"
//certificate = acme_certificate.ooo_grey["s3"]
service_name = "vigil"
upstream_host = "${module.vigil.docker_service_name}:8080"
config_prefix = "nginx"
allow_non_ssl = true
allow_ssl = false
}
module "vigil" {
source = "./modules/vigil"
services = {
"printers" = [
monitored_services = {
"Servers" = [
{
id = "longhorn"
label = "Longhorn (longhorn.ti)"
endpoints = [
"icmp://longhorn.ti",
"tcp://longhorn.ti:22",
#"https://longhorn.ti:8006", # cannot be used as the SSL cert is self-signed/invalid
]
},
{
id = "bargur"
label = "Bargur (bargur.ti)"
endpoints = [
"icmp://bargur.ti",
"tcp://bargur.ti:22",
#"https://bargur.ti:8006", # cannot be used as the SSL cert is self-signed/invalid
]
},
{
id = "hanwoo"
label = "Hanwoo (hanwoo.ti)"
endpoints = [
"icmp://hanwoo.ti",
"tcp://hanwoo.ti:22",
#"https://hanwoo.ti:8006" # cannot be used as the SSL cert is self-signed/invalid
]
},
{
id = "california"
label = "California (california.ti)"
endpoints = [
"icmp://california.ti",
"tcp://california.ti:22",
]
}
]
"Printers" = [
{
id = "prin.ti"
label = "Prin.ti (Print Controller)"
@ -17,9 +65,35 @@ module "vigil" {
"icmp://v400.prin.ti",
"tcp://v400.prin.ti:22",
"http://v400.prin.ti:80",
"http://v400.prin.ti:8080",
]
}
],
"Members Services" = [
{
id = "sso"
label = "SSO (auth.techinc.nl)"
endpoints = [
"icmp://auth.techinc.nl",
"https://auth.techinc.nl"
]
}, {
id = "forgejo"
label = "TechInc Git Server"
endpoints = [
"https://code.techinc.nl/api/v1/version"
]
}, {
id = "s3"
label = "S3 (s3.california.ti)"
endpoints = [
"icmp://s3.california.ti",
"http://s3.california.ti/minio/health/live",
"http://s3.california.ti/ui"
]
}
]
}
docker_networks = [
docker_network.loadbalancer
]
}