tf/modules/swarm/cwtv-web/main.tf

data "docker_registry_image" "cwtv_web" {
  name = "nginx:latest"
}

data "docker_network" "traefik" {
  name = "traefik"
}

locals {
  labels = {
    "shepherd.auto-update"                                                 = "true",
    "traefik.enable"                                                       = "true"
    "traefik.http.services.cwtv-web.loadbalancer.server.port"              = "80",
    "traefik.http.routers.cwtv-web.rule"                                   = "Host(`www.chaoswest.tv`)||Host(`chaoswest.tv`)||Host(`chaos-west.tv`)||Host(`www.chaos-west.tv`)",
    "traefik.http.routers.cwtv-web.tls"                                    = "true",
    "traefik.http.routers.cwtv-web.tls.certresolver"                       = "default",
    "traefik.http.routers.cwtv-web.middlewares"                            = "cwtv-web-redirect",
    "traefik.http.middlewares.cwtv-web-redirect.redirectregex.regex"       = "^https://.*(\\.)?chaos-west\\.tv/(.*)", # double escaping is necessary here
    "traefik.http.middlewares.cwtv-web-redirect.redirectregex.replacement" = "https://chaoswest.tv/$${2}",            # double escaping is necessary here
  }
}

resource "docker_service" "cwtv_web" {
  name = "cwtv-web"

  dynamic "labels" {
    for_each = local.labels
    content {
      label = labels.key
      value = labels.value
    }
  }

  task_spec {
    networks_advanced {
      name = data.docker_network.traefik.id
    }

    container_spec {
      image = "${data.docker_registry_image.cwtv_web.name}@${data.docker_registry_image.cwtv_web.sha256_digest}"

      mounts {
        target = "/usr/share/nginx/html/"
        source = "/mnt/data/cwtv-web/www/chaoswest.tv"
        type   = "bind"
      }
    }
  }
}

data "hetznerdns_zone" "primary" {
  name = "chaoswest.tv"
}

resource "hetznerdns_record" "primary" {
  zone_id = data.hetznerdns_zone.primary.id
  name    = "www"
  value   = "ax41-1.fsn.mon2.de."
  type    = "CNAME"
}


data "dns_a_record_set" "primary" {
  host = "ax41-1.fsn.mon2.de"
}

data "dns_aaaa_record_set" "primary" {
  host = "ax41-1.fsn.mon2.de"
}

resource "hetznerdns_record" "apex_a" {
  for_each = toset(data.dns_a_record_set.primary.addrs)
  zone_id  = data.hetznerdns_zone.primary.id
  name     = "@"
  value    = each.value
  type     = "A"
}

resource "hetznerdns_record" "apex_aaaa" {
  for_each = toset(data.dns_aaaa_record_set.primary.addrs)
  zone_id  = data.hetznerdns_zone.primary.id
  name     = "@"
  value    = each.value
  type     = "AAAA"
}
nginx for chaoswest.tv 2024-11-12 22:48:44 +01:00			`data "docker_registry_image" "cwtv_web" {`
			`name = "nginx:latest"`
			`}`

			`data "docker_network" "traefik" {`
			`name = "traefik"`
			`}`

			`locals {`
			`labels = {`
add redirects for chaos-west.tv misspelling 2024-11-19 06:58:03 +01:00			`"shepherd.auto-update" = "true",`
			`"traefik.enable" = "true"`
			`"traefik.http.services.cwtv-web.loadbalancer.server.port" = "80",`
			"traefik.http.routers.cwtv-web.rule" = "Host(`www.chaoswest.tv`)\|\|Host(`chaoswest.tv`)\|\|Host(`chaos-west.tv`)\|\|Host(`www.chaos-west.tv`)",
			`"traefik.http.routers.cwtv-web.tls" = "true",`
			`"traefik.http.routers.cwtv-web.tls.certresolver" = "default",`
			`"traefik.http.routers.cwtv-web.middlewares" = "cwtv-web-redirect",`
			`"traefik.http.middlewares.cwtv-web-redirect.redirectregex.regex" = "^https://.(\\.)?chaos-west\\.tv/(.)", # double escaping is necessary here`
			`"traefik.http.middlewares.cwtv-web-redirect.redirectregex.replacement" = "https://chaoswest.tv/$${2}", # double escaping is necessary here`
nginx for chaoswest.tv 2024-11-12 22:48:44 +01:00			`}`
			`}`

			`resource "docker_service" "cwtv_web" {`
			`name = "cwtv-web"`

			`dynamic "labels" {`
			`for_each = local.labels`
			`content {`
			`label = labels.key`
			`value = labels.value`
			`}`
			`}`

			`task_spec {`
			`networks_advanced {`
			`name = data.docker_network.traefik.id`
			`}`

			`container_spec {`
			`image = "${data.docker_registry_image.cwtv_web.name}@${data.docker_registry_image.cwtv_web.sha256_digest}"`

			`mounts {`
			`target = "/usr/share/nginx/html/"`
			`source = "/mnt/data/cwtv-web/www/chaoswest.tv"`
			`type = "bind"`
			`}`
			`}`
			`}`
			`}`

			`data "hetznerdns_zone" "primary" {`
			`name = "chaoswest.tv"`
			`}`

			`resource "hetznerdns_record" "primary" {`
			`zone_id = data.hetznerdns_zone.primary.id`
			`name = "www"`
			`value = "ax41-1.fsn.mon2.de."`
			`type = "CNAME"`
			`}`


			`data "dns_a_record_set" "primary" {`
			`host = "ax41-1.fsn.mon2.de"`
			`}`

			`data "dns_aaaa_record_set" "primary" {`
			`host = "ax41-1.fsn.mon2.de"`
			`}`

			`resource "hetznerdns_record" "apex_a" {`
			`for_each = toset(data.dns_a_record_set.primary.addrs)`
			`zone_id = data.hetznerdns_zone.primary.id`
			`name = "@"`
			`value = each.value`
			`type = "A"`
			`}`

			`resource "hetznerdns_record" "apex_aaaa" {`
			`for_each = toset(data.dns_aaaa_record_set.primary.addrs)`
			`zone_id = data.hetznerdns_zone.primary.id`
			`name = "@"`
			`value = each.value`
			`type = "AAAA"`
			`}`