data "docker_registry_image" "cwtv_web" { name = "nginx:latest" } data "docker_network" "traefik" { name = "traefik" } locals { labels = { "shepherd.auto-update" = "true", "traefik.enable" = "true" "traefik.http.services.cwtv-web.loadbalancer.server.port" = "80", "traefik.http.routers.cwtv-web.rule" = "Host(`www.chaoswest.tv`)||Host(`chaoswest.tv`)||Host(`chaos-west.tv`)||Host(`www.chaos-west.tv`)", "traefik.http.routers.cwtv-web.tls" = "true", "traefik.http.routers.cwtv-web.tls.certresolver" = "default", "traefik.http.routers.cwtv-web.middlewares" = "cwtv-web-redirect", "traefik.http.middlewares.cwtv-web-redirect.redirectregex.regex" = "^https://.*(\\.)?chaos-west\\.tv/(.*)", # double escaping is necessary here "traefik.http.middlewares.cwtv-web-redirect.redirectregex.replacement" = "https://chaoswest.tv/$${2}", # double escaping is necessary here } } resource "docker_service" "cwtv_web" { name = "cwtv-web" dynamic "labels" { for_each = local.labels content { label = labels.key value = labels.value } } task_spec { networks_advanced { name = data.docker_network.traefik.id } container_spec { image = "${data.docker_registry_image.cwtv_web.name}@${data.docker_registry_image.cwtv_web.sha256_digest}" mounts { target = "/usr/share/nginx/html/" source = "/mnt/data/cwtv-web/www/chaoswest.tv" type = "bind" } } } } data "hetznerdns_zone" "primary" { name = "chaoswest.tv" } resource "hetznerdns_record" "primary" { zone_id = data.hetznerdns_zone.primary.id name = "www" value = "ax41-1.fsn.mon2.de." type = "CNAME" } data "dns_a_record_set" "primary" { host = "ax41-1.fsn.mon2.de" } data "dns_aaaa_record_set" "primary" { host = "ax41-1.fsn.mon2.de" } resource "hetznerdns_record" "apex_a" { for_each = toset(data.dns_a_record_set.primary.addrs) zone_id = data.hetznerdns_zone.primary.id name = "@" value = each.value type = "A" } resource "hetznerdns_record" "apex_aaaa" { for_each = toset(data.dns_aaaa_record_set.primary.addrs) zone_id = data.hetznerdns_zone.primary.id name = "@" value = each.value type = "AAAA" }