diff options
Diffstat (limited to 'terraform')
| -rw-r--r-- | terraform/conflatorio-docker/main.tf | 6 | ||||
| -rw-r--r-- | terraform/conflatorio-docker/network.tf | 2 | ||||
| -rw-r--r-- | terraform/conflatorio-docker/traefik.tf | 6 | ||||
| -rw-r--r-- | terraform/dns/vpn-cname.tf | 9 | ||||
| -rw-r--r-- | terraform/unifi-controller/main.tf | 4 | ||||
| -rw-r--r-- | terraform/unifi-controller/mongo.tf | 5 | ||||
| -rw-r--r-- | terraform/unifi-controller/unifi.tf | 3 |
7 files changed, 27 insertions, 8 deletions
diff --git a/terraform/conflatorio-docker/main.tf b/terraform/conflatorio-docker/main.tf index 8a01be6..5d52b4e 100644 --- a/terraform/conflatorio-docker/main.tf +++ b/terraform/conflatorio-docker/main.tf @@ -22,6 +22,12 @@ data "sops_file_entry" "linode_token" { data_key = "linode_token" } +locals { + public_ip = "fdb1:4242:3538:2001::ffff" + network_addr = "fdb1:4242:3538:2001:1001::" + network_range = 112 +} + output "foo" { value = "foo!" } diff --git a/terraform/conflatorio-docker/network.tf b/terraform/conflatorio-docker/network.tf index 32e1bfb..b548fef 100644 --- a/terraform/conflatorio-docker/network.tf +++ b/terraform/conflatorio-docker/network.tf @@ -4,6 +4,6 @@ resource "docker_network" "public" { ipv6 = true ipam_config { - subnet = "fdf3:aad9:a885:77dd:bbbb::/120" + subnet = "${local.network_addr}/${local.network_range}" } } diff --git a/terraform/conflatorio-docker/traefik.tf b/terraform/conflatorio-docker/traefik.tf index d15ac5c..98f7e7e 100644 --- a/terraform/conflatorio-docker/traefik.tf +++ b/terraform/conflatorio-docker/traefik.tf @@ -23,20 +23,20 @@ resource "docker_container" "traefik" { ports { internal = 80 external = 80 - ip = "fdf3:aad9:a885:77dd::2" + ip = "${local.public_ip}" } ports { internal = 443 external = 443 - ip = "fdf3:aad9:a885:77dd::2" + ip = "${local.public_ip}" } # for buildfarm-server ports { internal = 8980 external = 8980 - ip = "fdf3:aad9:a885:77dd::2" + ip = "${local.public_ip}" } command = [ diff --git a/terraform/dns/vpn-cname.tf b/terraform/dns/vpn-cname.tf index 8887988..ebb6a4b 100644 --- a/terraform/dns/vpn-cname.tf +++ b/terraform/dns/vpn-cname.tf @@ -5,11 +5,18 @@ # target = "fdf3:aad9:a885:77dd::2" #} +resource "linode_domain_record" "net-conflatorio" { + domain_id = linode_domain.root.id + name = "conflatorio.net" + record_type = "AAAA" + target = "fdb1:4242:3538:2001::ffff" +} + resource "linode_domain_record" "vpn-unifi" { domain_id = linode_domain.root.id name = "unifi.vpn" record_type = "CNAME" - target = "${linode_domain_record.vpn-conflatorio.name}.trygvis.io" + target = "${linode_domain_record.net-conflatorio.name}.trygvis.io" } resource "linode_domain_record" "vpn-grafana" { diff --git a/terraform/unifi-controller/main.tf b/terraform/unifi-controller/main.tf index f5f7b0a..55c133c 100644 --- a/terraform/unifi-controller/main.tf +++ b/terraform/unifi-controller/main.tf @@ -28,8 +28,10 @@ provider "docker" { locals { domain_name = "unifi.vpn.trygvis.io" + public_ip = "fdb1:4242:3538:2001::ffff" + docker_image_controller = "lscr.io/linuxserver/unifi-controller:8.0.24-mongoless" - docker_image_mongo = "mongo:7.0" + docker_image_mongo = "mongo:7.0" mongo_database = "unifi" mongo_username = "unifi" diff --git a/terraform/unifi-controller/mongo.tf b/terraform/unifi-controller/mongo.tf index 98b4e36..2b83691 100644 --- a/terraform/unifi-controller/mongo.tf +++ b/terraform/unifi-controller/mongo.tf @@ -24,15 +24,18 @@ resource "docker_container" "unifi-mongo" { name = docker_network.unifi.name } + network_mode = "bridge" + volumes { volume_name = docker_volume.unifi-mongo.name + read_only = false container_path = "/data/db" } } output "mongo_init_js" { sensitive = true - value = <<-EOF + value = <<-EOF db.getSiblingDB("${local.mongo_database}"). createUser({ user: "${local.mongo_database}", diff --git a/terraform/unifi-controller/unifi.tf b/terraform/unifi-controller/unifi.tf index 8e6c7d7..4b0f1c6 100644 --- a/terraform/unifi-controller/unifi.tf +++ b/terraform/unifi-controller/unifi.tf @@ -52,12 +52,13 @@ resource "docker_container" "unifi-controller" { internal = ports.value["port"] external = ports.value["port"] protocol = ports.value["proto"] - ip = "fdf3:aad9:a885:77dd::2" + ip = local.public_ip } } volumes { volume_name = docker_volume.unifi-controller.name + read_only = false container_path = "/config" } |