1 files changed, 52 insertions, 0 deletions

diff --git a/terraform/hash-grafana/grafana.tf b/terraform/hash-grafana/grafana.tf
new file mode 100644
index 0000000..b425e72
--- /dev/null
+++ b/terraform/hash-grafana/grafana.tf
@@ -0,0 +1,52 @@
+resource "docker_image" "grafana" {
+  name = "grafana/grafana-oss:11.2.2"
+}
+
+resource "docker_volume" "grafana" {
+  name = "grafana"
+}
+
+resource "docker_container" "grafana" {
+  image      = docker_image.grafana.image_id
+  name       = "grafana"
+  privileged = false
+  must_run   = true
+
+  network_mode = "bridge"
+
+  networks_advanced {
+    name = data.docker_network.traefik.name
+  }
+
+  networks_advanced {
+    name = data.docker_network.dn42.name
+  }
+
+  dynamic "labels" {
+    for_each = [
+      { label = "traefik.enable", value = "true" },
+      { label = "traefik.docker.network", value = data.docker_network.traefik.name },
+      { label = "traefik.http.routers.grafana.rule", value = "Host(`grafana.trygvis.io`)" },
+      { label = "traefik.http.routers.grafana.entrypoints", value = "websecure" },
+      { label = "traefik.http.routers.grafana.tls.certresolver", value = "linode" },
+    ]
+    content {
+      label = labels.value["label"]
+      value = labels.value["value"]
+    }
+  }
+
+  env = [
+    "GF_DATABASE_TYPE=postgres",
+    "GF_DATABASE_HOST=knot.dn42.trygvis.io",
+    "GF_DATABASE_DATABASE=${postgresql_database.grafana.name}",
+    "GF_DATABASE_USER=${postgresql_role.grafana.name}",
+    "GF_DATABASE_PASSWORD=${postgresql_role.grafana.password}",
+  ]
+
+  volumes {
+    volume_name    = docker_volume.grafana.name
+    container_path = "/var/lib/grafana"
+    read_only      = false
+  }
+}