diff options
Diffstat (limited to 'terraform')
-rw-r--r-- | terraform/telegraf/conflatorio/main.tf | 24 | ||||
-rw-r--r-- | terraform/telegraf/telegraf-os/.terraform.lock.hcl | 60 | ||||
-rw-r--r-- | terraform/telegraf/telegraf-os/ansible-config.yml (renamed from terraform/telegraf/conflatorio/ansible-config.yml) | 0 | ||||
-rw-r--r-- | terraform/telegraf/telegraf-os/main.tf | 35 | ||||
-rw-r--r-- | terraform/telegraf/telegraf-os/telegraf.tf (renamed from terraform/telegraf/conflatorio/telegraf.tf) | 34 | ||||
-rw-r--r-- | terraform/telegraf/telegraf-os/templates/telegraf.conf (renamed from terraform/telegraf/conflatorio/templates/telegraf.conf) | 0 | ||||
-rw-r--r-- | terraform/telegraf/telegraf-os/vars.tf | 30 |
7 files changed, 150 insertions, 33 deletions
diff --git a/terraform/telegraf/conflatorio/main.tf b/terraform/telegraf/conflatorio/main.tf index 5d94503..1513610 100644 --- a/terraform/telegraf/conflatorio/main.tf +++ b/terraform/telegraf/conflatorio/main.tf @@ -17,21 +17,17 @@ terraform { } } -locals { - ansible_host = "conflatorio" - hostname = "conflatorio.vpn.trygvis.io" - - influx_url = "https://influxdb.vpn.trygvis.io" - influx_token = data.sops_file.vault.data["influx_token"] - influx_organization = "trygvis" - - influx_bucket = "telegraf-lhn2ix" +data "sops_file" "vault" { + source_file = "vault.yml" } -provider "docker" { - host = "ssh://${local.hostname}" -} +module "telegraf-os" { + source = "../telegraf-os" -data "sops_file" "vault" { - source_file = "vault.yml" + docker_gid = 997 + hostname = "conflatorio.vpn.trygvis.io" + ansible_host = "conflatorio" + + influx_token = data.sops_file.vault.data["influx_token"] + influx_bucket = "telegraf-lhn2ix" } diff --git a/terraform/telegraf/telegraf-os/.terraform.lock.hcl b/terraform/telegraf/telegraf-os/.terraform.lock.hcl new file mode 100644 index 0000000..5afe9c5 --- /dev/null +++ b/terraform/telegraf/telegraf-os/.terraform.lock.hcl @@ -0,0 +1,60 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/template" { + version = "2.2.0" + hashes = [ + "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=", + "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386", + "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53", + "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603", + "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16", + "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776", + "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451", + "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae", + "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde", + "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d", + "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2", + ] +} + +provider "registry.terraform.io/kreuzwerker/docker" { + version = "2.24.0" + constraints = "2.24.0" + hashes = [ + "h1:1z0/qA77T3PS/1m4vRO8UgWjHjk5/v+f3JfGbMyzX18=", + "zh:181fefd55c8eb75efe9815c43fdd76422b57951ef53b5d5f19273a00fdf0e2e2", + "zh:2ec84e029d169f188be2addf7f45c2555f226f67d4b6fb66c1749ed5b2c4a76a", + "zh:6f5cf945148485f57b919d31a30f1a5a93d45f4e8edfdb0b80b22258d51795d8", + "zh:8d00c2c459a48453f52a00a8d1ffdb7bcf72fe4b3b09ffcfd52218c4646fa7fa", + "zh:9bd6e06601e0a972b9ce01150e32e76b76b4caf1d9798daf4cf16d06e2a8d4a3", + "zh:af72591132dc8cd338f293e458403851e6b8a6ac4c4d25a3268940f9763df7aa", + "zh:c4a47c5c7ad2ff1fc5212e69c5ef837a127346264e46ce7b5d13362545e4aa70", + "zh:c6d68f33efcd3372331ed0d58ec49e8b01ddc132934b14d2d45977076950e4b3", + "zh:db228855ae7235095d367f3597719747e5be0dd9ce2206ea02062560b518c08a", + "zh:e8d6ce89642925f2e813d0b829bd5562582de37eaa39351e231ab474383e703a", + "zh:ec83d8c86a918d25eb824cc99f98924ef8949eb69aa40cb5ff2db24369e52d9c", + "zh:ee0032d3d86adeeca7fdd4922bb8db87dbb5cd0093c054ff8efe2260de0b624c", + "zh:f033b70f342f32eeb98c213e6fc7098d7afd22b3146a5cb6173c128b0e86d732", + "zh:f1bc3a2c4f152f8adc9a1f9c852496232ef31073b149945756c13bc9688cf08b", + ] +} + +provider "registry.terraform.io/lokkersp/sops" { + version = "0.6.10" + constraints = "0.6.10" + hashes = [ + "h1:atU8NIBxpNTWY+qBubvEOfjOn4K1aCDoq1iUFocgIHQ=", + "zh:0f053a26392a581b1f1ce6316cb7ed8ec4cc75e7f5f1cf7cfd45050b6b3c87ea", + "zh:207bb96c4471fce9aeb1b3c217d772692c3d865d294cf4d2501dad41de36a15e", + "zh:28506e8f1f3b9eaa95d99043440328044ee6340143535e5751538328a529d001", + "zh:3cae3bcea9e35fdc5b3f2af1b4580cd625c996448ad0c676c772260e46b25289", + "zh:3e44daaf82986c2b0028aeb17b867f3c68ed5dd8ac8625ba0406cf2a5fd3d92e", + "zh:457fb8ca2e677af24f9a4bdd8b613b1d7b604ad7133541657e5757c19268da71", + "zh:473d727c228f021a3df8cc8dcc6231ad7f90ed63f9e47c36b597d591e76228da", + "zh:48c4c1df39fd76ec8bd5fe9ac70cdc0927ac8be95582dbe46458b3442ce0fcd9", + "zh:728b19cb5c07e5e9d8b78fd94cc57d4c13582ecd24b7eb7c4cc2bf73b12fe4d1", + "zh:c51ed9af591779bb0910b82addeebb10f53428b994f8db653dd1dedcec60916c", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/terraform/telegraf/conflatorio/ansible-config.yml b/terraform/telegraf/telegraf-os/ansible-config.yml index 3acab34..3acab34 100644 --- a/terraform/telegraf/conflatorio/ansible-config.yml +++ b/terraform/telegraf/telegraf-os/ansible-config.yml diff --git a/terraform/telegraf/telegraf-os/main.tf b/terraform/telegraf/telegraf-os/main.tf new file mode 100644 index 0000000..90d33ef --- /dev/null +++ b/terraform/telegraf/telegraf-os/main.tf @@ -0,0 +1,35 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "2.24.0" + } + sops = { + source = "lokkersp/sops" + version = "0.6.10" + } + template = { + source = "hashicorp/template" + version = "2.2.0" + } + } +} + +# locals { +# ansible_host = "conflatorio" +# hostname = "conflatorio.vpn.trygvis.io" +# +# influx_url = "https://influxdb.vpn.trygvis.io" +# influx_token = data.sops_file.vault.data["influx_token"] +# influx_organization = "trygvis" +# +# influx_bucket = "telegraf-lhn2ix" +# } + +provider "docker" { + host = "ssh://${var.hostname}" +} + +data "sops_file" "vault" { + source_file = "vault.yml" +} diff --git a/terraform/telegraf/conflatorio/telegraf.tf b/terraform/telegraf/telegraf-os/telegraf.tf index 669476a..5a135b1 100644 --- a/terraform/telegraf/conflatorio/telegraf.tf +++ b/terraform/telegraf/telegraf-os/telegraf.tf @@ -1,7 +1,3 @@ -#data "docker_network" "public" { -# name = "public" -#} - data "docker_registry_image" "telegraf" { name = "telegraf:1.28.3-alpine" } @@ -16,7 +12,7 @@ setcap cap_net_raw+ep /usr/bin/telegraf setcap cap_net_bind_service+ep /usr/bin/telegraf setcap cap_net_admin+ep /usr/bin/telegraf -su-exec telegraf:${local.docker_gid} \ +su-exec telegraf:${var.docker_gid} \ /usr/bin/telegraf --config /telegraf.conf EOT } @@ -28,10 +24,10 @@ resource "docker_image" "telegraf" { resource "docker_container" "telegraf" { image = docker_image.telegraf.image_id - name = "telegraf" + name = "telegraf-os" provisioner "local-exec" { - command = "ansible-playbook -l ${local.ansible_host} ansible-config.yml" + command = "ansible-playbook -l ${var.ansible_host} ${path.module}/ansible-config.yml" } network_mode = "host" @@ -62,17 +58,17 @@ resource "docker_container" "telegraf" { "-c", local.entrypoint, ] -# command = [ -# "--config", -# "/telegraf.conf" -# ] + # command = [ + # "--config", + # "/telegraf.conf" + # ] # Needed to get group_add to apply, if not entrypoint.sh drops the extra # group. -# user = "telegraf:telegraf" -# group_add = [ -# "997" # for docker input -# ] + # user = "telegraf:telegraf" + # group_add = [ + # "997" # for docker input + # ] capabilities { add = [ @@ -90,10 +86,10 @@ resource "docker_container" "telegraf" { # ] env = [ - "INFLUX_URL=${local.influx_url}", - "INFLUX_TOKEN=${local.influx_token}", - "INFLUX_ORGANIZATION=${local.influx_organization}", - "INFLUX_BUCKET=${local.influx_bucket}", + "INFLUX_URL=${var.influx_url}", + "INFLUX_TOKEN=${var.influx_token}", + "INFLUX_ORGANIZATION=${var.influx_organization}", + "INFLUX_BUCKET=${var.influx_bucket}", "HOST_MOUNT_PREFIX=/hostfs", "HOST_ETC=/hostfs/etc", diff --git a/terraform/telegraf/conflatorio/templates/telegraf.conf b/terraform/telegraf/telegraf-os/templates/telegraf.conf index 369bd7b..369bd7b 100644 --- a/terraform/telegraf/conflatorio/templates/telegraf.conf +++ b/terraform/telegraf/telegraf-os/templates/telegraf.conf diff --git a/terraform/telegraf/telegraf-os/vars.tf b/terraform/telegraf/telegraf-os/vars.tf new file mode 100644 index 0000000..e390165 --- /dev/null +++ b/terraform/telegraf/telegraf-os/vars.tf @@ -0,0 +1,30 @@ +variable "docker_gid" { + type = string +} + +variable "hostname" { + type = string +} + +variable "ansible_host" { + type = string +} + +variable "influx_url" { + type = string + default = "https://influxdb.vpn.trygvis.io" +} + +variable "influx_organization" { + type = string + default = "trygvis" +} + +variable "influx_token" { + type = string + sensitive = true +} + +variable "influx_bucket" { + type = string +} |