# data "docker_network" "traefik" { # name = "traefik" # } data "docker_registry_image" "unifi-network-application" { name = local.docker_image_controller } resource "docker_image" "unifi-network-application" { name = data.docker_registry_image.unifi-network-application.name pull_triggers = [data.docker_registry_image.unifi-network-application.sha256_digest] } resource "docker_volume" "unifi-network-application" { name = "unifi-network-application" } resource "docker_container" "unifi-network-application" { image = docker_image.unifi-network-application.image_id name = "unifi-network-application" hostname = "unifi-network-application" # privileged = true must_run = true network_mode = "host" # networks_advanced { # name = data.docker_network.traefik.name # } # networks_advanced { # name = docker_network.unifi.name # } dynamic "ports" { for_each = [ # Taken from https://fleet.linuxserver.io/image?name=linuxserver/unifi-controller { port = 1900, proto = "udp" }, # Required for Make controller discoverable on L2 network option { port = 3478, proto = "udp" }, # Unifi STUN port { port = 5514, proto = "tcp" }, # Remote syslog port { port = 6789, proto = "tcp" }, # For mobile throughput test { port = 8080, proto = "tcp" }, # Required for device communication # Public HTTP is handled by traefik # Not anymore! { port = 8443, proto = "tcp" }, # Unifi web admin port # Not used # { port = 8843, proto = "tcp" }, # Unifi guest portal HTTPS redirect port # { port = 8880, proto = "tcp" }, # Unifi guest portal HTTP redirect port { port = 10001, proto = "udp" }, # Required for AP discovery ] content { internal = ports.value["port"] external = ports.value["port"] protocol = ports.value["proto"] ip = local.public_ip } } volumes { volume_name = docker_volume.unifi-network-application.name read_only = false container_path = "/config" } # dynamic "labels" { # for_each = [ # { label = "traefik.enable", value = "true" }, # { label = "traefik.http.routers.unifi-network-application.rule", value = "Host(`${local.domain_name}`)" }, # { label = "traefik.http.routers.unifi-network-application.entrypoints", value = "websecure" }, # { label = "traefik.http.routers.unifi-network-application.tls.certresolver", value = "linode" }, # { label = "traefik.http.services.unifi-network-application.loadbalancer.server.port", value = "8443" }, # { label = "traefik.http.services.unifi-network-application.loadbalancer.server.scheme", value = "https" }, # { label = "traefik.docker.network", value = "traefik" }, # # { label = "traefik.http.services.unifi-network-application.loadbalancer.passHostHeader", value = "false" }, # ] # content { # label = labels.value["label"] # value = labels.value["value"] # } # } env = [ "PUID=1000", "PGID=1000", "TZ=Europe/Oslo", "MEM_LIMIT=default", "MONGO_USER=${local.mongo_username}", "MONGO_PASS=${local.mongo_password}", #"MONGO_HOST=${docker_container.unifi-mongo.hostname}", "MONGO_HOST=localhost", "MONGO_PORT=27017", "MONGO_DBNAME=${local.mongo_database}", ] }