infra
/
tf
2
0
Fork 0
Code Pull Requests Activity
tf/modules/swarm/grafana/main.tf

75 lines
2.3 KiB
HCL
Raw Blame History

data "docker_registry_image" "grafana" {
name = "grafana/grafana:latest"
}
data "docker_network" "traefik" {
name = "traefik"
}
locals {
labels = {
"shepherd.auto-update" = "true",
"traefik.enable" = "true"
"traefik.http.services.grafana.loadbalancer.server.port" = "3000",
"traefik.http.routers.grafana.rule" = "Host(`grafana.montage2.de`)||Host(`grafana.chaoswest.tv`)",
"traefik.http.routers.grafana.tls" = "true",
"traefik.http.routers.grafana.tls.certresolver" = "default",
"traefik.http.routers.grafana.middlewares" = "grafana-redirect",
"traefik.http.middlewares.grafana-redirect.redirectregex.regex" = "^https://grafana.chaoswest.tv/(.*)",
"traefik.http.middlewares.grafana-redirect.redirectregex.replacement" = "https://grafana.montage2.de/$$${1}", # double escaping is necessary here
}
}
resource "docker_service" "grafana" {
name = "grafana"
dynamic "labels" {
for_each = local.labels
content {
label = labels.key
value = labels.value
}
}
task_spec {
networks_advanced {
name = data.docker_network.traefik.id
}
container_spec {
image = "${data.docker_registry_image.grafana.name}@${data.docker_registry_image.grafana.sha256_digest}"
env = {
for k, v in var.secrets : "${upper(k)}__FILE" => "/run/secrets/${k}"
}
dynamic "secrets" {
for_each = nonsensitive(var.secrets)
content {
secret_id = docker_secret.secrets[secrets.key].id
secret_name = docker_secret.secrets[secrets.key].name
file_name = "/run/secrets/${secrets.key}"
file_uid = "472"
file_gid = "472"
file_mode = "0400"
}
}
mounts {
target = "/var/lib/grafana/"
source = "/mnt/data/grafana/"
type = "bind"
}
configs {
config_id = docker_config.grafana.id
config_name = docker_config.grafana.name
file_name = "/etc/grafana/grafana.ini"
file_uid = "472"
file_gid = "472"
file_mode = "0400"
}
}
}
}
View Git Blame Copy Permalink