nassella
/
app
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Switching to subdomain list and flatcar "trees" spec.

Browse Source
main
Thomas Hintz 2 weeks ago
parent 052acf4173
commit 221fccc3d1
6 changed files with 50 additions and 27 deletions
Show Stats Download Patch File Download Diff File

4
flatcar/app/app.service
Unescape Escape View File

@ -4,8 +4,8 @@ After=docker.service
Requires=docker.service Requires=docker.service
[Service] [Service]
TimeoutStartSec=0 TimeoutStartSec=0
ExecStart=/usr/bin/docker compose -f /home/core/docker-compose.yaml up ExecStart=/usr/bin/docker compose -f /app/docker-compose.yaml up
ExecStop=/usr/bin/docker compose -f /home/core/docker-compose.yaml stop ExecStop=/usr/bin/docker compose -f /app/docker-compose.yaml stop
Restart=always Restart=always
RestartSec=5s RestartSec=5s

14
flatcar/app/docker-compose.yaml
Unescape Escape View File

@ -3,7 +3,7 @@ services:
lb: lb:
image: docker.io/caddy:2 image: docker.io/caddy:2
volumes: volumes:
- /var/lb/caddy:/etc/caddy - /app/lb:/etc/caddy
# - ./lb/:/etc/caddy # - ./lb/:/etc/caddy
- config:/config - config:/config
- data:/data - data:/data
@ -16,16 +16,16 @@ services:
# thintz-com: # thintz-com:
# image: docker.io/caddy:2 # image: docker.io/caddy:2
# volumes: # volumes:
# #- /var/thintz-com/caddy:/etc/caddy # #- /app/thintz-com/caddy:/etc/caddy
# - ./thintz-com/:/etc/caddy # - ./thintz-com/:/etc/caddy
# networks: # networks:
# - lb # - lb
# restart: unless-stopped # restart: unless-stopped
# nginx: nginx:
# image: nginx image: nginx
# restart: unless-stopped restart: unless-stopped
# networks: networks:
# - lb - lb
wg-easy: wg-easy:
image: ghcr.io/wg-easy/wg-easy:15 image: ghcr.io/wg-easy/wg-easy:15
environment: environment:

6
flatcar/app/lb/Caddyfile
Unescape Escape View File

@ -3,5 +3,9 @@ wg-easy.nassella.cc {
# tls internal # tls internal
# x # x
log # log
}
nassella.cc {
reverse_proxy http://nginx:80
} }

31
flatcar/cl.yaml
Unescape Escape View File

@ -39,13 +39,16 @@ storage:
- device: /dev/disk/by-label/appstorage - device: /dev/disk/by-label/appstorage
format: ext4 format: ext4
wipe_filesystem: false wipe_filesystem: false
trees:
- path: /app
local: app
files: files:
- path: /var/lb/caddy/Caddyfile # - path: /var/lb/caddy/Caddyfile
contents: # contents:
local: app/lb/Caddyfile # local: app/lb/Caddyfile
- path: /var/thintz-com/caddy/Caddyfile # - path: /var/thintz-com/caddy/Caddyfile
contents: # contents:
local: app/thintz-com/Caddyfile # local: app/thintz-com/Caddyfile
### docker-compose sysext ### docker-compose sysext
### https://flatcar.github.io/sysext-bakery/docker_compose/ ### https://flatcar.github.io/sysext-bakery/docker_compose/
- path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw - path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw
@ -58,14 +61,14 @@ storage:
- path: /etc/sysupdate.d/noop.conf - path: /etc/sysupdate.d/noop.conf
contents: contents:
source: https://extensions.flatcar.org/extensions/noop.conf source: https://extensions.flatcar.org/extensions/noop.conf
- path: /home/core/docker-compose.yaml # - path: /var/docker-compose.yaml
mode: 0644 # mode: 0644
user: # user:
name: core # name: core
group: # group:
name: core # name: core
contents: # contents:
local: app/docker-compose.yaml # local: app/docker-compose.yaml
links: links:
- target: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw - target: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw
path: /etc/extensions/docker-compose.raw path: /etc/extensions/docker-compose.raw

21
main.tf
Unescape Escape View File

@ -74,6 +74,11 @@ variable "domain" {
description = "Root domain to use" description = "Root domain to use"
} }
variable "subdomains" {
type = list
description = "Subdomains to setup"
}
provider "digitalocean" { provider "digitalocean" {
token = var.do_token token = var.do_token
} }
@ -97,15 +102,25 @@ resource "digitalocean_reserved_ip" "machine" {
region = digitalocean_droplet.machine.region region = digitalocean_droplet.machine.region
} }
resource "cloudflare_dns_record" "machine" { resource "cloudflare_dns_record" "root" {
zone_id = var.cloudflare_zone_id zone_id = var.cloudflare_zone_id
name = "wg-easy" name = "@"
content = digitalocean_reserved_ip.machine.ip_address content = digitalocean_reserved_ip.machine.ip_address
type = "A" type = "A"
proxied = false proxied = false
ttl = 300 ttl = 300
} }
resource "cloudflare_dns_record" "subdomains" {
for_each = toset(var.subdomains)
zone_id = var.cloudflare_zone_id
name = each.key
content = var.domain
type = "CNAME"
proxied = false
ttl = 300
}
resource "digitalocean_volume" "machine" { resource "digitalocean_volume" "machine" {
region = var.datacenter region = var.datacenter
name = "${var.cluster_name}" name = "${var.cluster_name}"
@ -146,6 +161,6 @@ resource "digitalocean_volume_attachment" "machine" {
output "domain-mappings" { output "domain-mappings" {
value = { value = {
"wg-easy.${var.domain}" = digitalocean_reserved_ip.machine.ip_address "${var.domain}" = digitalocean_reserved_ip.machine.ip_address
} }
} }

1
template.tfvars
Unescape Escape View File

@ -1,4 +1,5 @@
domain = "" domain = ""
subdomains = ["wg-easy"]
do_token = "" # token from "API" settings on DigitalOcean do_token = "" # token from "API" settings on DigitalOcean

Write Preview
Loading…
Cancel
Save