diff --git a/terraform/main.tf b/terraform/main.tf index 1e4997d..31ee03a 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -1,8 +1,20 @@ module "caddy" { source = "./modules/caddy" cloudflare_api_token = var.cloudflare_caddy_api_token - endpoint = "192.168.15.92" + endpoint = "192.168.15.92" providers = { nomad = nomad } -} \ No newline at end of file +} + +module "postgree" { + source = "./modules/postgreeSQL" + postgree_user = var.postgree_user + postgree_password = var.postgree_password + pgadmin_user = var.pgadmin_user + pgadmin_password = var.pgadmin_password + providers = { + nomad = nomad + } +} + diff --git a/terraform/modules/caddy/conf/Caddyfile b/terraform/modules/caddy/conf/Caddyfile index 36787c1..abd5efb 100644 --- a/terraform/modules/caddy/conf/Caddyfile +++ b/terraform/modules/caddy/conf/Caddyfile @@ -12,6 +12,13 @@ adguard.lab.marioverde.com.br { dns cloudflare "${cloudflare_api_token}" } } +red.lab.marioverde.com.br { + reverse_proxy "${endpoint}:8080" + encode gzip zstd + tls { + dns cloudflare "${cloudflare_api_token}" + } +} # vault.lab.marioverde.com.br { reverse_proxy "https://${endpoint}:8200" { @@ -21,6 +28,22 @@ vault.lab.marioverde.com.br { } } + tls { + dns cloudflare "${cloudflare_api_token}" + } +} + +pgadmin.lab.marioverde.com.br { + reverse_proxy "${endpoint}:8090" { + header_up Redirect off + header_up Host {host} + header_up X-Scheme {scheme} + header_up X-Real-IP {remote} + header_up X-Forwarded-Proto {scheme} + } + log { + output stderr + } tls { dns cloudflare "${cloudflare_api_token}" } diff --git a/terraform/modules/caddy/data.tf b/terraform/modules/caddy/data.tf index 14f4bb8..6568ebc 100644 --- a/terraform/modules/caddy/data.tf +++ b/terraform/modules/caddy/data.tf @@ -2,6 +2,6 @@ data "template_file" "caddyfile" { template = file("${path.module}/conf/Caddyfile") vars = { cloudflare_api_token = var.cloudflare_api_token - endpoint = var.endpoint + endpoint = var.endpoint } } \ No newline at end of file diff --git a/terraform/modules/caddy/job.tf b/terraform/modules/caddy/job.tf index ae974c0..ace091b 100644 --- a/terraform/modules/caddy/job.tf +++ b/terraform/modules/caddy/job.tf @@ -1,6 +1,6 @@ resource "nomad_job" "app" { jobspec = templatefile("${path.module}/conf/caddy.hcl", { - caddyfile = data.template_file.caddyfile.rendered + caddyfile = data.template_file.caddyfile.rendered NOMAD_ALLOC_DIR = "/alloc" }) } \ No newline at end of file diff --git a/terraform/modules/caddy/providers..tf b/terraform/modules/caddy/providers..tf index ec49c81..c693f1d 100644 --- a/terraform/modules/caddy/providers..tf +++ b/terraform/modules/caddy/providers..tf @@ -1,7 +1,7 @@ terraform { required_providers { nomad = { - source = "hashicorp/nomad" + source = "hashicorp/nomad" version = "2.0.0-rc.1" } } diff --git a/terraform/modules/caddy/variables.tf b/terraform/modules/caddy/variables.tf index 338382f..2315021 100644 --- a/terraform/modules/caddy/variables.tf +++ b/terraform/modules/caddy/variables.tf @@ -4,6 +4,6 @@ variable "cloudflare_api_token" { } variable "endpoint" { - type = string + type = string description = "Nomad's server endpoint, the machine IP Address so we can reverse proxy our services." } \ No newline at end of file diff --git a/terraform/modules/postgreeSQL/conf/pgadmin.hcl b/terraform/modules/postgreeSQL/conf/pgadmin.hcl new file mode 100644 index 0000000..daa9f28 --- /dev/null +++ b/terraform/modules/postgreeSQL/conf/pgadmin.hcl @@ -0,0 +1,54 @@ +job "pg_admin" { + datacenters = ["dc"] + type = "service" + + group "pg_admin" { + count = 1 + + network { + + port "pgadmin_port" { + static = 8090 + to = 80 + } + } + + restart { + attempts = 2 + interval = "5m" + delay = "30s" + mode = "delay" + } + + task "pg_admin" { + driver = "docker" + + config { + image = "dpage/pgadmin4:latest" + #network_mode = "host" + volumes = [ + "${NOMAD_ALLOC_DIR}/pgadmin/servers.json:/servers.json", + "${NOMAD_ALLOC_DIR}/servers.passfile:/root/.pgpass", + ] + + ports = ["pgadmin_port"] + } + env { + PGADMIN_DEFAULT_EMAIL="${PGADMIN_USER}" + PGADMIN_DEFAULT_PASSWORD="${PGADMIN_PASSWORD}" + } + + service { + name = "pgadmin" + port = "pgadmin_port" + provider = "nomad" + } + + logs { + max_files = 5 + max_file_size = 15 + } + } + + } +} \ No newline at end of file diff --git a/terraform/modules/postgreeSQL/conf/postgree.hcl b/terraform/modules/postgreeSQL/conf/postgree.hcl new file mode 100644 index 0000000..2897166 --- /dev/null +++ b/terraform/modules/postgreeSQL/conf/postgree.hcl @@ -0,0 +1,65 @@ +job "postgres" { + datacenters = ["dc"] + type = "service" + + group "postgres" { + count = 1 + + network { + + port "postgres_port" { + static = 5432 + to = 5432 + } + } + + restart { + attempts = 2 + interval = "5m" + delay = "30s" + mode = "delay" + } + + task "postgres" { + driver = "docker" + + config { + image = "postgres:alpine" + network_mode = "host" + volumes = [ + "${NOMAD_ALLOC_DIR}/postgres/:/data/postgres", + ] + + ports = ["postgres_port"] + } + env { + POSTGRES_USER="${POSTGREE_USER}" + POSTGRES_PASSWORD="${POSTGREE_PASSWORD}" + PGDATA="/data/postgres" + } + + resources { + cpu = 1000 + memory = 1024 + } + + service { + name = "postgres" + port = "postgres_port" + provider = "nomad" + check { + name = "alive" + type = "tcp" + interval = "10s" + timeout = "4s" + } + } + + logs { + max_files = 5 + max_file_size = 15 + } + } + + } +} \ No newline at end of file diff --git a/terraform/modules/postgreeSQL/job.tf b/terraform/modules/postgreeSQL/job.tf new file mode 100644 index 0000000..aa68d9f --- /dev/null +++ b/terraform/modules/postgreeSQL/job.tf @@ -0,0 +1,15 @@ +resource "nomad_job" "app_postgree" { + jobspec = templatefile("${path.module}/conf/postgree.hcl", { + NOMAD_ALLOC_DIR = "/alloc" + POSTGREE_USER = var.postgree_user + POSTGREE_PASSWORD = var.postgree_password + }) +} + +resource "nomad_job" "app_pgadmin" { + jobspec = templatefile("${path.module}/conf/pgadmin.hcl", { + NOMAD_ALLOC_DIR = "/alloc" + PGADMIN_USER = var.pgadmin_user + PGADMIN_PASSWORD = var.pgadmin_password + }) +} \ No newline at end of file diff --git a/terraform/modules/postgreeSQL/providers..tf b/terraform/modules/postgreeSQL/providers..tf new file mode 100644 index 0000000..c693f1d --- /dev/null +++ b/terraform/modules/postgreeSQL/providers..tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + nomad = { + source = "hashicorp/nomad" + version = "2.0.0-rc.1" + } + } + required_version = ">= 0.14" +} \ No newline at end of file diff --git a/terraform/modules/postgreeSQL/variables.tf b/terraform/modules/postgreeSQL/variables.tf new file mode 100644 index 0000000..b2b1cda --- /dev/null +++ b/terraform/modules/postgreeSQL/variables.tf @@ -0,0 +1,19 @@ +variable "postgree_user" { + type = string + description = "Postgree username" +} + +variable "postgree_password" { + type = string + description = "Poastgree password" +} + +variable "pgadmin_user" { + type = string + description = "PgAdmin username" +} + +variable "pgadmin_password" { + type = string + description = "PgAdmin password" +} diff --git a/terraform/providers.tf b/terraform/providers.tf index bf5a9d3..a78a55c 100644 --- a/terraform/providers.tf +++ b/terraform/providers.tf @@ -1,14 +1,15 @@ -# Configure the Nomad provider. -provider "nomad" { - address = "http://192.168.15.92:4646" -} terraform { required_providers { nomad = { - source = "hashicorp/nomad" + source = "hashicorp/nomad" version = "2.0.0-rc.1" } } required_version = ">= 0.14" -} \ No newline at end of file +} + +# Configure the Nomad provider. +provider "nomad" { + address = "http://192.168.15.92:4646" +} diff --git a/terraform/variables.tf b/terraform/variables.tf index 02b73ff..fe1be47 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -1,4 +1,24 @@ variable "cloudflare_caddy_api_token" { type = string description = "API key to edit TLS in DNS zones in Cloudflare used by Caddy" -} \ No newline at end of file +} + +variable "postgree_user" { + type = string + description = "Postgree username" +} + +variable "postgree_password" { + type = string + description = "Poastgree password" +} + +variable "pgadmin_user" { + type = string + description = "PgAdmin username" +} + +variable "pgadmin_password" { + type = string + description = "PgAdmin password" +}