homelab/modules/30-services-software/tandoor-service/main.tf

terraform {
  required_providers {
    dotenv = {
      source = "germanbrew/dotenv"
    }
  }
}

locals {
  container_name        = "tandoor"
  postgres_name         = "tandoor-postgres"
  tandoor_image         = "docker.io/vabene1111/recipes"
  postgres_image        = "docker.io/library/postgres"
  tandoor_tag           = var.image_tag
  postgres_tag          = var.postgres_image_tag
  env_file              = "${path.module}/.env"
  tandoor_internal_port = 80

  tandoor_volumes = [
    {
      host_path      = "${var.volume_path}/${local.container_name}/config"
      container_path = "/config"
      read_only      = false
      }, {
      host_path      = "${var.volume_path}/${local.container_name}/cache"
      container_path = "/cache"
      read_only      = false
    },
  ]

  postgres_volumes = [
    {
      host_path      = "${var.volume_path}/${local.container_name}/postgres/data"
      container_path = "/var/lib/postgresql/data"
      read_only      = false
    },
  ]

  tandoor_env_vars = {
    ALLAUTH_TRUSTED_PROXY_COUNT        = provider::dotenv::get_by_key("ALLAUTH_TRUSTED_PROXY_COUNT", local.env_file)
    SOCIAL_PROVIDERS                   = provider::dotenv::get_by_key("SOCIAL_PROVIDERS", local.env_file)
    SOCIALACCOUNT_PROVIDERS            = provider::dotenv::get_by_key("SOCIALACCOUNT_PROVIDERS", local.env_file)
    SOCIALACCOUNT_ONLY                 = provider::dotenv::get_by_key("SOCIALACCOUNT_ONLY", local.env_file)
    SOCIALACCOUNT_LOGIN_ON_GET         = provider::dotenv::get_by_key("SOCIALACCOUNT_LOGIN_ON_GET", local.env_file)
    SOCIALACCOUNT_AUTO_SIGNUP          = provider::dotenv::get_by_key("SOCIALACCOUNT_AUTO_SIGNUP", local.env_file)
    SOCIALACCOUNT_EMAIL_AUTHENTICATION = provider::dotenv::get_by_key("SOCIALACCOUNT_EMAIL_AUTHENTICATION", local.env_file)
    ENABLE_SIGNUP                      = provider::dotenv::get_by_key("ENABLE_SIGNUP", local.env_file)
    MEDIA_URL                          = provider::dotenv::get_by_key("MEDIA_URL", local.env_file)
    SECRET_KEY                         = provider::dotenv::get_by_key("SECRET_KEY", local.env_file)
    DEBUG                              = provider::dotenv::get_by_key("DEBUG", local.env_file)
    ALLOWED_HOSTS                      = provider::dotenv::get_by_key("ALLOWED_HOSTS", local.env_file)
    DB_ENGINE                          = provider::dotenv::get_by_key("DB_ENGINE", local.env_file)
    POSTGRES_HOST                      = provider::dotenv::get_by_key("POSTGRES_HOST", local.env_file)
    POSTGRES_DB                        = provider::dotenv::get_by_key("POSTGRES_DB", local.env_file)
    POSTGRES_PORT                      = provider::dotenv::get_by_key("POSTGRES_PORT", local.env_file)
    POSTGRES_USER                      = provider::dotenv::get_by_key("POSTGRES_USER", local.env_file)
    POSTGRES_PASSWORD                  = provider::dotenv::get_by_key("POSTGRES_PASSWORD", local.env_file)
  }

  postgres_env_vars = {
    POSTGRES_PASSWORD = provider::dotenv::get_by_key("POSTGRES_PASSWORD", local.env_file)
    POSTGRES_USER     = provider::dotenv::get_by_key("POSTGRES_USER", local.env_file)
    POSTGRES_DB       = provider::dotenv::get_by_key("POSTGRES_DB", local.env_file)
  }
}

module "tandoor_network" {
  source = "../../01-networking/network-service"
  name   = "tandoor-network"
  subnet = "172.17.0.24/29"
  driver = "bridge"
  options = {
    "isolate" : false
  }
}

module "tandoor-postgres" {
  source         = "../../10-generic/docker-service"
  container_name = local.postgres_name
  image          = local.postgres_image
  tag            = local.postgres_tag
  volumes        = local.postgres_volumes
  env_vars       = local.postgres_env_vars
  networks       = [module.tandoor_network.name]
}

module "tandoor" {
  source         = "../../10-generic/docker-service"
  container_name = local.container_name
  image          = local.tandoor_image
  tag            = local.tandoor_tag
  volumes        = local.tandoor_volumes
  env_vars       = local.tandoor_env_vars
  networks       = concat([module.tandoor_network.name], var.networks)
  restart_policy = "always"
}

output "service_definition" {
  description = "General service definition with optional ingress configuration"
  value = {
    name         = local.container_name
    primary_port = local.tandoor_internal_port
    endpoint     = "http://${local.container_name}:${local.tandoor_internal_port}"
    subdomains   = ["tandoor"]
  }
}