Add internal network connections under 172.16.0.0/16 as /29 in services
This commit is contained in:
@@ -198,6 +198,11 @@ variable "gpus" {
|
||||
description = "Set the GPU passthrough"
|
||||
type = string
|
||||
default = null
|
||||
|
||||
validation {
|
||||
condition = contains([null, "all"], var.gpus)
|
||||
error_message = "Invalid input, can only be: null or 'all'"
|
||||
}
|
||||
}
|
||||
|
||||
// Logging options
|
||||
|
||||
@@ -64,6 +64,13 @@ locals {
|
||||
}
|
||||
}
|
||||
|
||||
module "authentik_network" {
|
||||
source = "../../01-networking/network-service"
|
||||
name = "authentik-network"
|
||||
subnet = "172.16.0.0/29"
|
||||
driver = "driver"
|
||||
}
|
||||
|
||||
module "authentik-postgres" {
|
||||
source = "../../10-generic/docker-service"
|
||||
container_name = local.postgres_container_name
|
||||
@@ -71,7 +78,7 @@ module "authentik-postgres" {
|
||||
tag = local.postgres_tag
|
||||
volumes = local.postgres_volumes
|
||||
env_vars = local.postgres_env_vars
|
||||
networks = var.networks
|
||||
networks = [module.authentik_network.name]
|
||||
}
|
||||
|
||||
module "authentik-redis" {
|
||||
@@ -80,7 +87,7 @@ module "authentik-redis" {
|
||||
image = local.redis_image
|
||||
tag = local.redis_tag
|
||||
volumes = local.redis_volumes
|
||||
networks = var.networks
|
||||
networks = [module.authentik_network.name]
|
||||
}
|
||||
|
||||
module "authentik-server" {
|
||||
@@ -90,7 +97,7 @@ module "authentik-server" {
|
||||
tag = local.authentik_tag
|
||||
volumes = local.authentik_volumes
|
||||
env_vars = local.authentik_env_vars
|
||||
networks = var.networks
|
||||
networks = concat([module.authentik_network.name], var.networks)
|
||||
command = ["server"]
|
||||
}
|
||||
|
||||
@@ -101,7 +108,7 @@ module "authentik-worker" {
|
||||
tag = local.authentik_tag
|
||||
volumes = local.authentik_volumes
|
||||
env_vars = local.authentik_env_vars
|
||||
networks = var.networks
|
||||
networks = [module.authentik_network.name]
|
||||
command = ["worker"]
|
||||
}
|
||||
|
||||
|
||||
@@ -50,6 +50,14 @@ locals {
|
||||
|
||||
}
|
||||
|
||||
module "coder_network" {
|
||||
source = "../../01-networking/network-service"
|
||||
name = "coder-network"
|
||||
subnet = "172.16.0.16/29"
|
||||
driver = "driver"
|
||||
}
|
||||
|
||||
|
||||
module "coder-postgres" {
|
||||
source = "../../10-generic/docker-service"
|
||||
container_name = local.postgres_container_name
|
||||
@@ -57,7 +65,7 @@ module "coder-postgres" {
|
||||
tag = local.postgres_tag
|
||||
volumes = local.postgres_volumes
|
||||
env_vars = local.postgres_env_vars
|
||||
networks = concat(var.networks)
|
||||
networks = [module.coder_network.name]
|
||||
restart_policy = "always"
|
||||
}
|
||||
|
||||
@@ -68,7 +76,7 @@ module "coder" {
|
||||
tag = local.coder_tag
|
||||
volumes = local.coder_volumes
|
||||
env_vars = local.coder_env_vars
|
||||
networks = concat(var.networks)
|
||||
networks = concat([module.coder_network.name], var.networks)
|
||||
restart_policy = "always"
|
||||
security_opts = [
|
||||
"label:type:container_runtype_t"
|
||||
|
||||
@@ -60,6 +60,13 @@ locals {
|
||||
}
|
||||
}
|
||||
|
||||
module "tandoor_network" {
|
||||
source = "../../01-networking/network-service"
|
||||
name = "coder-network"
|
||||
subnet = "172.16.0.24/29"
|
||||
driver = "driver"
|
||||
}
|
||||
|
||||
module "tandoor-postgres" {
|
||||
source = "../../10-generic/docker-service"
|
||||
container_name = local.postgres_name
|
||||
@@ -67,7 +74,7 @@ module "tandoor-postgres" {
|
||||
tag = local.postgres_tag
|
||||
volumes = local.postgres_volumes
|
||||
env_vars = local.postgres_env_vars
|
||||
networks = var.networks
|
||||
networks = [module.tandoor_network.name]
|
||||
}
|
||||
|
||||
module "tandoor" {
|
||||
@@ -77,7 +84,7 @@ module "tandoor" {
|
||||
tag = local.tandoor_tag
|
||||
volumes = local.tandoor_volumes
|
||||
env_vars = local.tandoor_env_vars
|
||||
networks = concat(var.networks)
|
||||
networks = concat([module.tandoor_network.name], var.networks)
|
||||
restart_policy = "always"
|
||||
}
|
||||
|
||||
|
||||
@@ -8,11 +8,11 @@ terraform {
|
||||
|
||||
locals {
|
||||
container_name = "traccar"
|
||||
calibre_image = "docker.io/traccar/traccar"
|
||||
calibre_tag = var.image_tag
|
||||
calibre_internal_port = 8082
|
||||
traccar_image = "docker.io/traccar/traccar"
|
||||
traccar_tag = var.image_tag
|
||||
traccar_internal_port = 8082
|
||||
|
||||
calibre_env_vars = {
|
||||
traccar_env_vars = {
|
||||
PUID = var.user_id
|
||||
PGID = var.group_id
|
||||
TZ = var.timezone
|
||||
@@ -37,11 +37,11 @@ resource "local_file" "traccar_config_file" {
|
||||
filename = "${var.volume_path}/${local.container_name}/traccar.xml"
|
||||
}
|
||||
|
||||
module "calibre" {
|
||||
module "traccar" {
|
||||
source = "../../10-generic/docker-service"
|
||||
container_name = local.container_name
|
||||
image = local.calibre_image
|
||||
tag = local.calibre_tag
|
||||
image = local.traccar_image
|
||||
tag = local.traccar_tag
|
||||
volumes = [
|
||||
{
|
||||
host_path = "${var.volume_path}/${local.container_name}/logs"
|
||||
@@ -57,7 +57,7 @@ module "calibre" {
|
||||
read_only = true
|
||||
},
|
||||
]
|
||||
env_vars = local.calibre_env_vars
|
||||
env_vars = local.traccar_env_vars
|
||||
networks = concat(var.networks)
|
||||
restart_policy = "always"
|
||||
}
|
||||
@@ -66,8 +66,8 @@ output "service_definition" {
|
||||
description = "General service definition with optional ingress configuration"
|
||||
value = {
|
||||
name = local.container_name
|
||||
primary_port = local.calibre_internal_port
|
||||
endpoint = "http://${local.container_name}:${local.calibre_internal_port}"
|
||||
primary_port = local.traccar_internal_port
|
||||
endpoint = "http://${local.container_name}:${local.traccar_internal_port}"
|
||||
subdomains = ["maps"]
|
||||
is_guarded = true
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user