From e725f54e85235c2fe7b944d03b134467e6f44a68 Mon Sep 17 00:00:00 2001 From: Matthew Baggett Date: Fri, 28 Jun 2024 17:53:53 +0200 Subject: [PATCH] Fixed vigil --- modules/vigil/configuration.tf | 5 +- modules/vigil/inputs.tf | 12 ++++- modules/vigil/outputs.tf | 3 ++ modules/vigil/vigil.service.toml.tpl | 11 ++-- modules/vigil/vigil.tf | 32 +++++++---- modules/vigil/vigil.toml.tpl | 2 +- loadbalancer.tf => nginx.tf | 3 +- printers.tf | 2 +- vigil.tf | 80 ++++++++++++++++++++++++++-- 9 files changed, 125 insertions(+), 25 deletions(-) create mode 100644 modules/vigil/outputs.tf rename loadbalancer.tf => nginx.tf (86%) diff --git a/modules/vigil/configuration.tf b/modules/vigil/configuration.tf index 0290153..92e915c 100644 --- a/modules/vigil/configuration.tf +++ b/modules/vigil/configuration.tf @@ -1,6 +1,6 @@ locals { services_toml = [ - for service_group, services in var.services : templatefile("${path.module}/vigil.service.toml.tpl", { + for service_group, services in var.monitored_services : templatefile("${path.module}/vigil.service.toml.tpl", { service_group_id = service_group service_group_label = service_group services = services @@ -23,9 +23,6 @@ locals { }) vigil_toml_checksum = md5(local.vigil_toml) } -resource "scratch_string" "services" { - in = yamlencode(local.services_toml) -} resource "local_file" "vigil_toml" { filename = "${path.root}/.debug/vigil.toml" content = local.vigil_toml diff --git a/modules/vigil/inputs.tf b/modules/vigil/inputs.tf index 3e2d27c..ac1e77e 100644 --- a/modules/vigil/inputs.tf +++ b/modules/vigil/inputs.tf @@ -8,7 +8,16 @@ variable "vigil_service_name" { description = "The name of the Vigil service" default = "vigil" } -variable "services" { +variable "docker_networks" { + type = list(object({ + id = string, + name = string, + })) + description = "Docker networks to connect the vigil service to" + default = null +} + +variable "monitored_services" { type = map(list(object({ id = string label = string @@ -65,4 +74,3 @@ variable "custom_html" { description = "Custom HTML to include in the Vigil page" default = "" } - diff --git a/modules/vigil/outputs.tf b/modules/vigil/outputs.tf new file mode 100644 index 0000000..15c99df --- /dev/null +++ b/modules/vigil/outputs.tf @@ -0,0 +1,3 @@ +output "docker_service_name" { + value = docker_service.vigil.name +} \ No newline at end of file diff --git a/modules/vigil/vigil.service.toml.tpl b/modules/vigil/vigil.service.toml.tpl index 1ad08fa..82d8406 100644 --- a/modules/vigil/vigil.service.toml.tpl +++ b/modules/vigil/vigil.service.toml.tpl @@ -2,13 +2,16 @@ id = "${service_group_id}" label = "${service_group_label}" +%{ for service in services ~} [[probe.service.node]] -id = "${id}" -label = "${label}" +id = "${service.id}" +label = "${service.label}" mode = "poll" reveal_replica_name = true replicas = [ -%{ for endpoint in endpoints ~} +%{ for endpoint in service.endpoints ~} "${endpoint}", %{ endfor ~} -] \ No newline at end of file +] + +%{ endfor } \ No newline at end of file diff --git a/modules/vigil/vigil.tf b/modules/vigil/vigil.tf index e530acf..f10882d 100644 --- a/modules/vigil/vigil.tf +++ b/modules/vigil/vigil.tf @@ -12,11 +12,13 @@ resource "docker_service" "vigil" { container_spec { image = "${data.docker_registry_image.vigil.name}@${data.docker_registry_image.vigil.sha256_digest}" healthcheck { - test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"] - interval = "10s" - timeout = "10s" - retries = 3 - start_period = "1m" + #test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"] + #interval = "10s" + #timeout = "10s" + #retries = 3 + #start_period = "1m" + # Disable healtcheck + test = ["NONE"] } configs { config_id = docker_config.vigil.id @@ -24,20 +26,32 @@ resource "docker_service" "vigil" { file_name = "/etc/vigil.cfg" } } + dynamic "networks_advanced" { + for_each = var.docker_networks + content { + name = networks_advanced.value.id + } + } restart_policy { condition = "any" delay = "20s" window = "0s" } } - converge_config { - delay = "5s" - timeout = "2m" - } + #converge_config { + # delay = "5s" + # timeout = "2m" + #} update_config { order = "stop-first" parallelism = 1 } + endpoint_spec { + ports { + target_port = 8080 + publish_mode = "ingress" + } + } } resource "random_id" "vigil_iter" { byte_length = 4 diff --git a/modules/vigil/vigil.toml.tpl b/modules/vigil/vigil.toml.tpl index 0629d4f..0f39f9d 100644 --- a/modules/vigil/vigil.toml.tpl +++ b/modules/vigil/vigil.toml.tpl @@ -5,7 +5,7 @@ [server] log_level = "debug" -inet = "0.0.0.0:3000" +inet = "0.0.0.0:8080" workers = 4 manager_token = "${manager_token}" diff --git a/loadbalancer.tf b/nginx.tf similarity index 86% rename from loadbalancer.tf rename to nginx.tf index 0c7da0b..e8187c7 100644 --- a/loadbalancer.tf +++ b/nginx.tf @@ -13,7 +13,8 @@ resource "docker_network" "loadbalancer" { module "nginx" { source = "git::https://code.techinc.nl/grey/terraform-nginx.git" configs = concat( - module.minio.nginx_files + module.minio.nginx_files, + module.vigil_nginx_config.files, ) networks = [ docker_network.loadbalancer, diff --git a/printers.tf b/printers.tf index 80c423d..bb3d5c2 100644 --- a/printers.tf +++ b/printers.tf @@ -18,7 +18,7 @@ resource "docker_service" "ender5plus" { name = "ender5plus" task_spec { container_spec { - image = docker_image.octoprint.name + image = "${docker_image.octoprint.name}:latest" mounts { target = "/octoprint" source = docker_volume.ender5plus.name diff --git a/vigil.tf b/vigil.tf index 96ea24c..fd73c24 100644 --- a/vigil.tf +++ b/vigil.tf @@ -1,7 +1,55 @@ +module "vigil_nginx_config" { + source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available" + hostname = "vigil.california.ti" + //certificate = acme_certificate.ooo_grey["s3"] + service_name = "vigil" + upstream_host = "${module.vigil.docker_service_name}:8080" + config_prefix = "nginx" + allow_non_ssl = true + allow_ssl = false +} + module "vigil" { source = "./modules/vigil" - services = { - "printers" = [ + monitored_services = { + "Servers" = [ + { + id = "longhorn" + label = "Longhorn (longhorn.ti)" + endpoints = [ + "icmp://longhorn.ti", + "tcp://longhorn.ti:22", + #"https://longhorn.ti:8006", # cannot be used as the SSL cert is self-signed/invalid + ] + }, + { + id = "bargur" + label = "Bargur (bargur.ti)" + endpoints = [ + "icmp://bargur.ti", + "tcp://bargur.ti:22", + #"https://bargur.ti:8006", # cannot be used as the SSL cert is self-signed/invalid + ] + }, + { + id = "hanwoo" + label = "Hanwoo (hanwoo.ti)" + endpoints = [ + "icmp://hanwoo.ti", + "tcp://hanwoo.ti:22", + #"https://hanwoo.ti:8006" # cannot be used as the SSL cert is self-signed/invalid + ] + }, + { + id = "california" + label = "California (california.ti)" + endpoints = [ + "icmp://california.ti", + "tcp://california.ti:22", + ] + } + ] + "Printers" = [ { id = "prin.ti" label = "Prin.ti (Print Controller)" @@ -17,9 +65,35 @@ module "vigil" { "icmp://v400.prin.ti", "tcp://v400.prin.ti:22", "http://v400.prin.ti:80", - "http://v400.prin.ti:8080", + ] + } + ], + "Members Services" = [ + { + id = "sso" + label = "SSO (auth.techinc.nl)" + endpoints = [ + "icmp://auth.techinc.nl", + "https://auth.techinc.nl" + ] + }, { + id = "forgejo" + label = "TechInc Git Server" + endpoints = [ + "https://code.techinc.nl/api/v1/version" + ] + }, { + id = "s3" + label = "S3 (s3.california.ti)" + endpoints = [ + "icmp://s3.california.ti", + "http://s3.california.ti/minio/health/live", + "http://s3.california.ti/ui" ] } ] } + docker_networks = [ + docker_network.loadbalancer + ] } \ No newline at end of file