jjvijgen/homelab
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add fs manager

Browse Source
This commit is contained in:
Jeroen Vijgen
2026-03-28 13:20:20 +00:00
parent 84609f7861
commit 08eaaf1dbd
5 changed files with 134 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/30-services-software/filesystem-service/.env.example
+2
View File
@@ -0,0 +1,2 @@
FILEBROWSER_OIDC_CLIENT_ID=
FILEBROWSER_OIDC_CLIENT_SECRET=
modules/30-services-software/filesystem-service/main.tf
+91
View File
@@ -0,0 +1,91 @@
terraform {
required_providers {
dotenv = {
source = "germanbrew/dotenv"
}
}
}
locals {
container_name = "fs-quantum"
fs_image = "ghcr.io/gtstef/filebrowser"
fs_tag = var.image_tag
env_file = "${path.module}/.env"
internal_port = 80
fs_env_vars = {
PUID = var.user_id
PGID = var.group_id
TZ = var.timezone
PORT = 80
FILEBROWSER_OIDC_CLIENT_ID = provider::dotenv::get_by_key("FILEBROWSER_OIDC_CLIENT_ID", local.env_file)
FILEBROWSER_OIDC_CLIENT_SECRET = provider::dotenv::get_by_key("FILEBROWSER_OIDC_CLIENT_SECRET", local.env_file)
}
fs_settings = <<-EOT
server:
sources:
- path: "/black"
config:
defaultEnabled: false
- path: "/blue"
config:
defaultEnabled: false
auth:
methods:
oidc:
enabled: true
issuerUrl: "https://authz.blackchaosnl.myaddr.dev/application/o/fs/"
scopes: "email openid profile groups"
userIdentifier: "preferred_username"
createUser: true
userGroups: "user"
adminGroup: "admin"
groupsClaim: "groups"
password:
enabled: false
signup: false
EOT
}
resource "local_file" "fs_config_file" {
content = local.fs_settings
filename = "${var.volume_path}/${local.container_name}/config.yaml"
}
module "fs-quantum" {
source = "../../10-generic/docker-service"
container_name = local.container_name
image = local.fs_image
tag = local.fs_tag
volumes = [
{
host_path = "/mnt/storage"
container_path = "/black"
read_only = false
},
{
host_path = "/mnt/ssd"
container_path = "/blue"
read_only = false
},
{
host_path = "${var.volume_path}/${local.container_name}/config.yaml"
container_path = "/home/filebrowser/data/config.yaml"
read_only = true
}
]
env_vars = local.fs_env_vars
networks = concat(var.networks)
restart_policy = "always"
}
output "service_definition" {
description = "General service definition with optional ingress configuration"
value = {
name = local.container_name
primary_port = local.internal_port
endpoint = "http://${local.container_name}:${local.internal_port}"
subdomains = ["fs"]
}
}
modules/30-services-software/filesystem-service/variables.tf
+34
View File
@@ -0,0 +1,34 @@
variable "image_tag" {
description = "The tag for the Filebrowser Quantum container image. Default: Latest"
type = string
default = "latest"
}
variable "volume_path" {
description = "Base directory for volumes"
type = string
}
variable "networks" {
description = "List of networks to which the container should be attached"
type = list(string)
default = []
}
variable "user_id" {
description = "User ID for container permissions"
type = string
default = "1000"
}
variable "group_id" {
description = "Group ID for container permissions"
type = string
default = "1000"
}
variable "timezone" {
description = "Timezone for the container"
type = string
default = "Europe/Helsinki"
}
services/main.tf
+6
View File
@@ -53,4 +53,10 @@ module "penpot" {
source = "${local.module_dir}/30-services-software/penpot-service"
volume_path = "${local.root_volume}/penpot"
networks = [module.infrastructure_int.name]
}
module "fs-quantum" {
source = "${local.module_dir}/30-services-software/filesystem-service"
volume_path = "${local.root_volume}/fs-quantum"
networks = [module.infrastructure_int.name]
}
services/outputs.tf
+1
View File
@@ -7,6 +7,7 @@ output "service_definitions" {
module.tandoor.service_definition,
module.coder.service_definition,
module.penpot.service_definition,
module.fs-quantum.service_definition,
]
}