grey/iac
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed vigil
Some checks failed
Trunk Check / Trunk Check Runner (push) Failing after 1s
Details

Browse source
This commit is contained in:
Greyscale 2024-06-28 17:53:53 +02:00
parent 6ed5cd5cef
commit e725f54e85
9 changed files with 125 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
modules/vigil/configuration.tf
View file

@ -1,6 +1,6 @@
locals { locals {
services_toml = [ services_toml = [
for service_group, services in var.services : templatefile("${path.module}/vigil.service.toml.tpl", { for service_group, services in var.monitored_services : templatefile("${path.module}/vigil.service.toml.tpl", {
service_group_id = service_group service_group_id = service_group
service_group_label = service_group service_group_label = service_group
services = services services = services
@ -23,9 +23,6 @@ locals {
}) })
vigil_toml_checksum = md5(local.vigil_toml) vigil_toml_checksum = md5(local.vigil_toml)
} }
resource "scratch_string" "services" {
in = yamlencode(local.services_toml)
}
resource "local_file" "vigil_toml" { resource "local_file" "vigil_toml" {
filename = "${path.root}/.debug/vigil.toml" filename = "${path.root}/.debug/vigil.toml"
content = local.vigil_toml content = local.vigil_toml

12
modules/vigil/inputs.tf
View file

@ -8,7 +8,16 @@ variable "vigil_service_name" {
description = "The name of the Vigil service" description = "The name of the Vigil service"
default = "vigil" default = "vigil"
} }
variable "services" { variable "docker_networks" {
type = list(object({
id = string,
name = string,
}))
description = "Docker networks to connect the vigil service to"
default = null
}
variable "monitored_services" {
type = map(list(object({ type = map(list(object({
id = string id = string
label = string label = string
@ -65,4 +74,3 @@ variable "custom_html" {
description = "Custom HTML to include in the Vigil page" description = "Custom HTML to include in the Vigil page"
default = "" default = ""
} }

3
modules/vigil/outputs.tf Normal file
View file

@ -0,0 +1,3 @@
output "docker_service_name" {
value = docker_service.vigil.name
}

9
modules/vigil/vigil.service.toml.tpl
View file

@ -2,13 +2,16 @@
id = "${service_group_id}" id = "${service_group_id}"
label = "${service_group_label}" label = "${service_group_label}"
%{ for service in services ~}
[[probe.service.node]] [[probe.service.node]]
id = "${id}" id = "${service.id}"
label = "${label}" label = "${service.label}"
mode = "poll" mode = "poll"
reveal_replica_name = true reveal_replica_name = true
replicas = [ replicas = [
%{ for endpoint in endpoints ~} %{ for endpoint in service.endpoints ~}
"${endpoint}", "${endpoint}",
%{ endfor ~} %{ endfor ~}
] ]
%{ endfor }

32
modules/vigil/vigil.tf
View file

@ -12,11 +12,13 @@ resource "docker_service" "vigil" {
container_spec { container_spec {
image = "${data.docker_registry_image.vigil.name}@${data.docker_registry_image.vigil.sha256_digest}" image = "${data.docker_registry_image.vigil.name}@${data.docker_registry_image.vigil.sha256_digest}"
healthcheck { healthcheck {
test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"] #test = ["CMD-SHELL", "wget -q --no-verbose --tries=1 --spider http://localhost:8080/ || exit 1"]
interval = "10s" #interval = "10s"
timeout = "10s" #timeout = "10s"
retries = 3 #retries = 3
start_period = "1m" #start_period = "1m"
# Disable healtcheck
test = ["NONE"]
} }
configs { configs {
config_id = docker_config.vigil.id config_id = docker_config.vigil.id
@ -24,20 +26,32 @@ resource "docker_service" "vigil" {
file_name = "/etc/vigil.cfg" file_name = "/etc/vigil.cfg"
} }
} }
dynamic "networks_advanced" {
for_each = var.docker_networks
content {
name = networks_advanced.value.id
}
}
restart_policy { restart_policy {
condition = "any" condition = "any"
delay = "20s" delay = "20s"
window = "0s" window = "0s"
} }
} }
converge_config { #converge_config {
delay = "5s" # delay = "5s"
timeout = "2m" # timeout = "2m"
} #}
update_config { update_config {
order = "stop-first" order = "stop-first"
parallelism = 1 parallelism = 1
} }
endpoint_spec {
ports {
target_port = 8080
publish_mode = "ingress"
}
}
} }
resource "random_id" "vigil_iter" { resource "random_id" "vigil_iter" {
byte_length = 4 byte_length = 4

2
modules/vigil/vigil.toml.tpl
View file

@ -5,7 +5,7 @@
[server] [server]
log_level = "debug" log_level = "debug"
inet = "0.0.0.0:3000" inet = "0.0.0.0:8080"
workers = 4 workers = 4
manager_token = "${manager_token}" manager_token = "${manager_token}"

3
loadbalancer.tf → nginx.tf
View file

@ -13,7 +13,8 @@ resource "docker_network" "loadbalancer" {
module "nginx" { module "nginx" {
source = "git::https://code.techinc.nl/grey/terraform-nginx.git" source = "git::https://code.techinc.nl/grey/terraform-nginx.git"
configs = concat( configs = concat(
module.minio.nginx_files module.minio.nginx_files,
module.vigil_nginx_config.files,
) )
networks = [ networks = [
docker_network.loadbalancer, docker_network.loadbalancer,

2
printers.tf
View file

@ -18,7 +18,7 @@ resource "docker_service" "ender5plus" {
name = "ender5plus" name = "ender5plus"
task_spec { task_spec {
container_spec { container_spec {
image = docker_image.octoprint.name image = "${docker_image.octoprint.name}:latest"
mounts { mounts {
target = "/octoprint" target = "/octoprint"
source = docker_volume.ender5plus.name source = docker_volume.ender5plus.name

80
vigil.tf
View file

@ -1,7 +1,55 @@
module "vigil_nginx_config" {
source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
hostname = "vigil.california.ti"
//certificate = acme_certificate.ooo_grey["s3"]
service_name = "vigil"
upstream_host = "${module.vigil.docker_service_name}:8080"
config_prefix = "nginx"
allow_non_ssl = true
allow_ssl = false
}
module "vigil" { module "vigil" {
source = "./modules/vigil" source = "./modules/vigil"
services = { monitored_services = {
"printers" = [ "Servers" = [
{
id = "longhorn"
label = "Longhorn (longhorn.ti)"
endpoints = [
"icmp://longhorn.ti",
"tcp://longhorn.ti:22",
#"https://longhorn.ti:8006", # cannot be used as the SSL cert is self-signed/invalid
]
},
{
id = "bargur"
label = "Bargur (bargur.ti)"
endpoints = [
"icmp://bargur.ti",
"tcp://bargur.ti:22",
#"https://bargur.ti:8006", # cannot be used as the SSL cert is self-signed/invalid
]
},
{
id = "hanwoo"
label = "Hanwoo (hanwoo.ti)"
endpoints = [
"icmp://hanwoo.ti",
"tcp://hanwoo.ti:22",
#"https://hanwoo.ti:8006" # cannot be used as the SSL cert is self-signed/invalid
]
},
{
id = "california"
label = "California (california.ti)"
endpoints = [
"icmp://california.ti",
"tcp://california.ti:22",
]
}
]
"Printers" = [
{ {
id = "prin.ti" id = "prin.ti"
label = "Prin.ti (Print Controller)" label = "Prin.ti (Print Controller)"
@ -17,9 +65,35 @@ module "vigil" {
"icmp://v400.prin.ti", "icmp://v400.prin.ti",
"tcp://v400.prin.ti:22", "tcp://v400.prin.ti:22",
"http://v400.prin.ti:80", "http://v400.prin.ti:80",
"http://v400.prin.ti:8080", ]
}
],
"Members Services" = [
{
id = "sso"
label = "SSO (auth.techinc.nl)"
endpoints = [
"icmp://auth.techinc.nl",
"https://auth.techinc.nl"
]
}, {
id = "forgejo"
label = "TechInc Git Server"
endpoints = [
"https://code.techinc.nl/api/v1/version"
]
}, {
id = "s3"
label = "S3 (s3.california.ti)"
endpoints = [
"icmp://s3.california.ti",
"http://s3.california.ti/minio/health/live",
"http://s3.california.ti/ui"
] ]
} }
] ]
} }
docker_networks = [
docker_network.loadbalancer
]
} }