resource "docker_image" "grafana" { name = "grafana/grafana-oss:10.1.5" } resource "docker_volume" "grafana" { name = "grafana" } resource "docker_container" "grafana" { image = docker_image.grafana.image_id name = "grafana" privileged = false must_run = true network_mode = "bridge" networks_advanced { name = data.docker_network.traefik.name } networks_advanced { name = data.docker_network.private.name } dynamic "labels" { for_each = [ { label = "traefik.enable", value = "true" }, { label = "traefik.docker.network", value = data.docker_network.traefik.name }, { label = "traefik.http.routers.grafana.rule", value = "Host(`grafana.vpn.trygvis.io`)" }, { label = "traefik.http.routers.grafana.entrypoints", value = "websecure" }, { label = "traefik.http.routers.grafana.tls.certresolver", value = "linode" }, ] content { label = labels.value["label"] value = labels.value["value"] } } env = [ "GF_DATABASE_TYPE=postgres", "GF_DATABASE_HOST=[fdf3:aad9:a885:b3a::1]", "GF_DATABASE_DATABASE=${postgresql_database.grafana.name}", "GF_DATABASE_USER=${postgresql_role.grafana.name}", "GF_DATABASE_PASSWORD=${postgresql_role.grafana.password}", ] volumes { volume_name = docker_volume.grafana.name container_path = "/var/lib/grafana" } }