diff --git a/README.md b/README.md index b1f9259..c063668 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,7 @@ module "vm" { ssh_public_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip + cloudinit_config = templatefile( "${path.module}/cloud-init/service.yaml", { @@ -107,7 +108,7 @@ module "vm" { domain = var.domain ssh_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip - environment-setup-script = indent(6, file("${path.module}/../common/scripts/env.sh")) + env-file-content = indent(6, file("${path.module}/.env")) } ) @@ -193,6 +194,8 @@ variable "vm_ip_address" { description = "Virtual machine ip" type = string } + + ``` #### `modules/apps//output.tf` @@ -237,10 +240,6 @@ package_upgrade: false ##### Environment variables for scripts ```hcl write_files: - - path: /opt//env.sh - permissions: "0644" - content: | - ${environment-setup-script} - path: /opt//.env permissions: "0644" content: | diff --git a/main.tf b/main.tf index 553bb0c..e4e0466 100644 --- a/main.tf +++ b/main.tf @@ -27,38 +27,40 @@ locals { } resource "local_file" "traefik_config" { - filename = "${path.module}/${var.gateway_repository}/services.yml" + filename = "${path.module}/services.yml" content = templatefile("${path.module}/templates/traefik.services.tpl", { services = local.traefik_services }) } -resource "null_resource" "commit_traefik" { - depends_on = [local_file.traefik_config] +resource "null_resource" "deploy_traefik_config" { + depends_on = [ + local_file.traefik_config, + module.gateway + ] triggers = { config_sha = sha256(local_file.traefik_config.content) } - provisioner "local-exec" { - working_dir = "${path.module}/${var.gateway_repository}" - command = "git add services.yml && git commit -m 'Update Traefik services' && git push" - } -} + provisioner "file" { + source = "${path.module}/services.yml" + destination = "/home/gateway/services.yaml" -resource "null_resource" "notify_gateway" { - depends_on = [null_resource.commit_traefik] - triggers = { - config_sha = sha256(local_file.traefik_config.content) - } - provisioner "local-exec" { - command = "curl -X POST -H 'X-Webhook-Token: ${var.gateway_token}' http://192.168.1.89:5555/reload" + connection { + type = "ssh" + host = module.gateway.vm_ip_address + user = "gateway" + agent = true + } } + } module "gateway" { source = "./modules/apps/gateway" providers = {} + vm_ip_address = "192.168.1.89" name = "gateway" hostname = "gateway" @@ -80,6 +82,7 @@ module "gateway" { module "gitea" { source = "./modules/apps/gitea" providers = {} + vm_ip_address = "192.168.1.90" name = "gitea" hostname = "gitea" @@ -98,10 +101,14 @@ module "gitea" { proxmox_host_ip = var.proxmox_host_ip } +# Needs gitea module "bookshelf" { source = "./modules/apps/bookshelf" providers = {} vm_ip_address = "192.168.1.91" + depends_on = [ + module.gitea + ] name = "bookshelf" hostname = "bookshelf" @@ -120,10 +127,14 @@ module "bookshelf" { proxmox_host_ip = var.proxmox_host_ip } +# Needs gitea module "fefan" { source = "./modules/apps/fefan" providers = {} vm_ip_address = "192.168.1.92" + depends_on = [ + module.gitea + ] name = "fefan" hostname = "fefan" diff --git a/modules/apps/bookshelf/.env.example b/modules/apps/bookshelf/.env.example index 83b1c29..e2ba339 100644 --- a/modules/apps/bookshelf/.env.example +++ b/modules/apps/bookshelf/.env.example @@ -1,20 +1,32 @@ +# Environment files +ENV_FILE_LOCATION=/opt/environment/.env + +# gitea act_runner ACT_RUNNER_VERSION=0.2.13 ACT_RUNNER_LOCATION=/usr/local/bin ACT_RUNNER_USER=act_runner -ENV_FILE_LOCATION=/opt/bookshelf/bookshelf.env -GITEA_INSTANCE_URL=https://gitea.aldon.fr GITEA_RUNNER_REGISTRATION_TOKEN= -GITEA_BOOKSHELF_APPLICATION_TOKEN= -GITEA_BOOKSHELF_REPOSITORY=mop/bookshelf -USERNAME=bookshelf -BOOKSHELF_BACKUPS_DIR=/backups/bookshelf -BOOKSHELF_BACKUP_PREFIX=bookshelf-dump +# gitea instance +GITEA_INSTANCE_URL=https://gitea.aldon.fr +GITEA_SERVICE_APPLICATION_TOKEN= +GITEA_SERVICE_REPOSITORY=mop/bookshelf +GITEA_WORKFLOW_NAME=deploy.yaml +# Applicaiton specifics MARIADB_USER=bookshelf MARIADB_PASSWORD= MARIADB_DATABASE=Biblio MARIADB_ROOT_PASSWORD= SERVICE_SECRET_KEY= SERVICE_ORIGIN=https://bookshelf.aldon.fr -SERVICE_ROOT_FQDN=https://bookshelf.aldon.fr/api \ No newline at end of file +SERVICE_ROOT_FQDN=https://bookshelf.aldon.fr/api +SERVICE_DATABASE_CONTAINER_NAME=bookshelf-database-1 + +# VM +USERNAME=bookshelf + +# Backup specifics +SERVICE_BACKUPS_DIR=/backups/bookshelf +SERVICE_BACKUPS_PREFIX=bookshelf-dump +SERVICE_BACKUPS_EXTENSION=sql \ No newline at end of file diff --git a/modules/apps/bookshelf/cloud-init/service.yaml b/modules/apps/bookshelf/cloud-init/service.yaml index 2e9addb..073673c 100644 --- a/modules/apps/bookshelf/cloud-init/service.yaml +++ b/modules/apps/bookshelf/cloud-init/service.yaml @@ -30,11 +30,7 @@ mounts: - [ "192.168.1.12:/main/backups", "/backups", "nfs", "defaults,_netdev,x-systemd.requires=network-online.target", "0", "0" ] write_files: - - path: /opt/bookshelf/env.sh - permissions: "0644" - content: | - ${environment-setup-script} - - path: /opt/bookshelf/bookshelf.env + - path: /opt/environment/.env permissions: "0644" content: | ${env-file-content} @@ -66,10 +62,10 @@ write_files: permissions: "0755" content: | ${act_runner-install-script} - - path: /opt/bookshelf/install-bookshelf.sh + - path: /opt/bookshelf/install-service.sh permissions: "0755" content: | - ${bookshelf-install-script} + ${service-install-script} runcmd: # Backup setup @@ -86,7 +82,7 @@ runcmd: - systemctl enable act_runner.service - systemctl start act_runner.service # Bookshelf install - - /opt/bookshelf/install-bookshelf.sh + - /opt/bookshelf/install-service.sh final_message: | diff --git a/modules/apps/bookshelf/lib/scripts/create-backup.sh b/modules/apps/bookshelf/lib/scripts/create-backup.sh index 994ce67..5d4cb45 100644 --- a/modules/apps/bookshelf/lib/scripts/create-backup.sh +++ b/modules/apps/bookshelf/lib/scripts/create-backup.sh @@ -1,8 +1,8 @@ #!/bin/bash -source /opt/bookshelf/env.sh +source /opt/environment/.env TIMESTAMP=$(date +'%Y-%m-%d_%H%M%S') -docker exec bookshelf-database-1 mariadb-dump --all-databases -u root -p"$MARIADB_ROOT_PASSWORD" > $BOOKSHELF_BACKUPS_DIR/bookshelf-dump-$TIMESTAMP.sql +docker exec bookshelf-database-1 mariadb-dump --all-databases -u root -p"$MARIADB_ROOT_PASSWORD" > $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-$TIMESTAMP.$SERVICE_BACKUPS_EXTENSION -ls -1dt $BOOKSHELF_BACKUPS_DIR/$BOOKSHELF_BACKUP_PREFIX-*.sql | tail -n +5 | xargs -r rm -f +ls -1dt $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-*.$SERVICE_BACKUPS_EXTENSION | tail -n +5 | xargs -r rm -f diff --git a/modules/apps/bookshelf/lib/scripts/env.sh b/modules/apps/bookshelf/lib/scripts/env.sh deleted file mode 100644 index 1bd9f0e..0000000 --- a/modules/apps/bookshelf/lib/scripts/env.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -a -[ -f /opt/bookshelf/bookshelf.env ] && source /opt/bookshelf/bookshelf.env -set +a \ No newline at end of file diff --git a/modules/apps/bookshelf/lib/scripts/install-bookshelf.sh b/modules/apps/bookshelf/lib/scripts/install-bookshelf.sh deleted file mode 100644 index 307d48b..0000000 --- a/modules/apps/bookshelf/lib/scripts/install-bookshelf.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -source /opt/bookshelf/env.sh - -# trigger manually a CI/CD pipeline -curl -X POST -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \ - -H "Content-Type: application/json" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/workflows/deploy.yaml/dispatches \ - -d '{"ref": "main", "inputs": {"ref": "main"}}' - -RUN_ID=$(curl -s -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/runs \ - | jq -r '.workflow_runs | sort_by(.created_at) | .[0].id') - -while true; do - STATUS=$(curl -s -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/runs/$RUN_ID \ - | jq -r '.status') - - if [ "$STATUS" = "completed" ]; then - CONCLUSION=$(curl -s -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/runs/$RUN_ID \ - | jq -r '.conclusion') - echo "Workflow finished with status: $CONCLUSION" - break - fi - - echo "Waiting 10 seconds..." - sleep 10 -done - -if [ "$CONCLUSION" = "success" ]; then - echo "Launching command..." - - while [ "$(docker inspect -f '{{.State.Running}}' bookshelf-database-1 2>/dev/null)" != "true" ]; do - echo "Waiting database container status" - sleep 5 - done - - until docker exec bookshelf-database-1 sh -c "mariadb -u root -p$MARIADB_ROOT_PASSWORD -e 'SELECT 1;' >/dev/null 2>&1"; do - echo "Waitin mariadb to accept connections" - sleep 5 - done - echo "Restoring backup" - systemctl start restore-backup.service -else - echo "Workflow failed or was cancelled, aborting." - exit 1 -fi \ No newline at end of file diff --git a/modules/apps/bookshelf/lib/scripts/restore-backup.sh b/modules/apps/bookshelf/lib/scripts/restore-backup.sh index 0819dc1..3a5e49b 100644 --- a/modules/apps/bookshelf/lib/scripts/restore-backup.sh +++ b/modules/apps/bookshelf/lib/scripts/restore-backup.sh @@ -1,8 +1,8 @@ #!/bin/bash -source /opt/bookshelf/env.sh +source /opt/environment/.env -LATEST_BACKUP=$(ls -1 $BOOKSHELF_BACKUPS_DIR/$BOOKSHELF_BACKUP_PREFIX-*.sql 2>/dev/null | sort | tail -n1) +LATEST_BACKUP=$(ls -1 $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-*.$SERVICE_BACKUPS_EXTENSION 2>/dev/null | sort | tail -n1) if [ -n "$LATEST_BACKUP" ] && [ -f "$LATEST_BACKUP" ]; then cat $LATEST_BACKUP | docker exec -i bookshelf-database-1 mariadb -u root -p"$MARIADB_ROOT_PASSWORD" -D $MARIADB_DATABASE diff --git a/modules/apps/bookshelf/lib/services/.gitkeep b/modules/apps/bookshelf/lib/services/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/modules/apps/bookshelf/lib/services/create-backup.timer b/modules/apps/bookshelf/lib/services/create-backup.timer deleted file mode 100644 index 0e9d735..0000000 --- a/modules/apps/bookshelf/lib/services/create-backup.timer +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Run backup weekly - -[Timer] -OnCalendar=Sun *-*-* 01:00:00 -Persistent=true - -[Install] -WantedBy=timers.target \ No newline at end of file diff --git a/modules/apps/bookshelf/main.tf b/modules/apps/bookshelf/main.tf index 0c66569..9691909 100644 --- a/modules/apps/bookshelf/main.tf +++ b/modules/apps/bookshelf/main.tf @@ -15,22 +15,24 @@ module "vm" { ssh_public_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip + cloudinit_config = templatefile( "${path.module}/cloud-init/service.yaml", { hostname = var.hostname domain = var.domain ssh_key = var.ssh_public_key - proxmox_host_ip = var.proxmox_host_ip - environment-setup-script = indent(6, file("${path.module}/lib/scripts/env.sh")) + proxmox_host_ip = var.proxmox_host_ip restore-backup-script = indent(6, file("${path.module}/lib/scripts/restore-backup.sh")) - restore-backup-service = indent(6, file("${path.module}/lib/services/restore-backup.service")) + restore-backup-service = indent(6, file("${path.module}/../common/services/docker/restore-backup.service")) create-backup-script = indent(6, file("${path.module}/lib/scripts/create-backup.sh")) - create-backup-service = indent(6, file("${path.module}/lib/services/create-backup.service")) - create-backup-timer = indent(6, file("${path.module}/lib/services/create-backup.timer")) - act_runner-service = indent(6, file("${path.module}/lib/services/act_runner.service")) - act_runner-install-script = indent(6, file("${path.module}/lib/scripts/install-runner.sh")) - bookshelf-install-script = indent(6, file("${path.module}/lib/scripts/install-bookshelf.sh")) + create-backup-service = indent(6, file("${path.module}}/../common/services/docker/create-backup.service")) + create-backup-timer = indent(6, file("${path.module}/../common/services/create-backup.timer")) + + act_runner-service = indent(6, file("${path.module}/../common/services/act_runner.service")) + act_runner-install-script = indent(6, file("${path.module}/../common/scripts/install-runner.sh")) + + service-install-script = indent(6, file("${path.module}/../common/scripts/install-service-ci.sh")) env-file-content = indent(6, file("${path.module}/.env")) } diff --git a/modules/apps/bookshelf/variables.tf b/modules/apps/bookshelf/variables.tf index cfc12a3..c2feb6d 100644 --- a/modules/apps/bookshelf/variables.tf +++ b/modules/apps/bookshelf/variables.tf @@ -1,22 +1,27 @@ variable "name" { + description = "Virtual Machine name" type = string } variable "vm_id" { + description = "Virtual Machine id" type = number } variable "node_name" { + description = "Proxmox node name" type = string default = "mop" } variable "cores" { + description = "Number of CPU cores for this virtual machine" type = number default = 2 } variable "memory" { + description = "Memory RAM for this virtual machine" type = number default = 2048 } @@ -28,35 +33,39 @@ variable "balloon" { } variable "template_id" { + description = "Virtual machine template ID" type = number } variable "ssh_public_key" { - type = string description = "Public SSH key for cloud-init user" + type = string } variable "hostname" { - description = "VM hostname" + description = "Virtual Machine hostname ()" type = string default = "test" } variable "domain" { - description = "VM domain" + description = "Virtual Machine domain (example.fr)" type = string default = "" } variable "disk_size" { + description = "Disk size for the virtual machine" type = number default = 10 } variable "proxmox_host_ip" { + description = "Proxmox host base ip" type = string } variable "vm_ip_address" { + description = "Virtual machine ip" type = string } \ No newline at end of file diff --git a/modules/apps/bookshelf/lib/scripts/install-runner.sh b/modules/apps/common/scripts/install-runner.sh similarity index 89% rename from modules/apps/bookshelf/lib/scripts/install-runner.sh rename to modules/apps/common/scripts/install-runner.sh index 265a45d..4274a11 100644 --- a/modules/apps/bookshelf/lib/scripts/install-runner.sh +++ b/modules/apps/common/scripts/install-runner.sh @@ -1,16 +1,17 @@ #!/bin/bash -source /opt/bookshelf/env.sh +source /opt/environment/.env -## .env should define +## This script installs `act_runner` onto the machine. + +## Environment variables # ACT_RUNNER_USER: act_runner username (act_runner) # ACT_RUNNER_LOCATION: act_runner binary location (/usr/local/bin) # ACT_RUNNER_VERSION: act_runner version (0.2.13) # ENV_FILE_LOCATION: .env file location on vm (/opt/bookshelf/bookshelf.env) # GITEA_INSTANCE_URL: url of the gitea instance (https://gitea.aldon.fr) # GITEA_RUNNER_REGISTRATION_TOKEN: registration token for gitea runner (repository scope) -# USERNAME: username of the vm (bookshelf) -# REPOSITORY: repository on which service code is hosted (mop/bookshelf) +# USERNAME: username of the vm (ex: bookshelf) if ! id -u $ACT_RUNNER_USER >/dev/null 2>&1; then adduser \ diff --git a/modules/apps/common/scripts/install-service-ci.sh b/modules/apps/common/scripts/install-service-ci.sh new file mode 100644 index 0000000..dc486c1 --- /dev/null +++ b/modules/apps/common/scripts/install-service-ci.sh @@ -0,0 +1,58 @@ +#!/bin/bash + +source /opt/environment/.env +## This script triggers a CI/CD pipeline. +# It then restores a backup using `restore-backup.service` systemd service + +## This script requires `restore-backup.service` in `/etc/systemd/system` + +## Dependencies (in service.yaml `packages` section) +# - jq +# - curl + +## Environment variables +# GITEA_SERVICE_APPLICATION_TOKEN: Gitea API token. +# GITEA_SERVICE_REPOSITORY: repository where the project resides. +# GITEA_INSTANCE_URL: Gitea url. +# SERVICE_DATABASE_CONTAINER_NAME: Container name for database. +# GITEA_WORKFLOW_NAME: deploy.yaml + +curl -X POST -H "Authorization: token $GITEA_SERVICE_APPLICATION_TOKEN" \ + -H "Content-Type: application/json" \ + $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_SERVICE_REPOSITORY/actions/workflows/$GITEA_WORKFLOW_NAME/dispatches \ + -d '{"ref": "main", "inputs": {"ref": "main"}}' + +RUN_ID=$(curl -s -H "Authorization: token $GITEA_SERVICE_APPLICATION_TOKEN" \ + $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_SERVICE_REPOSITORY/actions/runs \ + | jq -r '.workflow_runs | sort_by(.created_at) | .[0].id') + +while true; do + STATUS=$(curl -s -H "Authorization: token $GITEA_SERVICE_APPLICATION_TOKEN" \ + $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_SERVICE_REPOSITORY/actions/runs/$RUN_ID \ + | jq -r '.status') + + if [ "$STATUS" = "completed" ]; then + CONCLUSION=$(curl -s -H "Authorization: token $GITEA_SERVICE_APPLICATION_TOKEN" \ + $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_SERVICE_REPOSITORY/actions/runs/$RUN_ID \ + | jq -r '.conclusion') + echo "Workflow finished with status: $CONCLUSION" + break + fi + + echo "Waiting 10 seconds..." + sleep 10 +done + +if [ "$CONCLUSION" = "success" ]; then + echo "Launching command..." + + while [ "$(docker inspect -f '{{.State.Running}}' $SERVICE_DATABASE_CONTAINER_NAME-1 2>/dev/null)" != "true" ]; do + echo "Waiting database container status" + sleep 5 + done + + systemctl start restore-backup.service +else + echo "Workflow failed or was cancelled, aborting." + exit 1 +fi \ No newline at end of file diff --git a/modules/apps/bookshelf/lib/services/act_runner.service b/modules/apps/common/services/act_runner.service similarity index 100% rename from modules/apps/bookshelf/lib/services/act_runner.service rename to modules/apps/common/services/act_runner.service diff --git a/modules/apps/common/services/create-backup.timer b/modules/apps/common/services/create-backup.timer new file mode 100644 index 0000000..678ecff --- /dev/null +++ b/modules/apps/common/services/create-backup.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Run backup + +[Timer] +OnCalendar=*-*-* 01:00:00 +Persistent=true + +[Install] +WantedBy=timers.target \ No newline at end of file diff --git a/modules/apps/bookshelf/lib/services/create-backup.service b/modules/apps/common/services/docker/create-backup.service similarity index 100% rename from modules/apps/bookshelf/lib/services/create-backup.service rename to modules/apps/common/services/docker/create-backup.service diff --git a/modules/apps/bookshelf/lib/services/restore-backup.service b/modules/apps/common/services/docker/restore-backup.service similarity index 100% rename from modules/apps/bookshelf/lib/services/restore-backup.service rename to modules/apps/common/services/docker/restore-backup.service diff --git a/modules/apps/fefan/.env.example b/modules/apps/fefan/.env.example index 4adca9a..b9a2b47 100644 --- a/modules/apps/fefan/.env.example +++ b/modules/apps/fefan/.env.example @@ -1,24 +1,35 @@ +# Environment files +ENV_FILE_LOCATION=/opt/environment/.env + +# Gitea act_runner ACT_RUNNER_VERSION=0.2.13 ACT_RUNNER_LOCATION=/usr/local/bin ACT_RUNNER_USER=act_runner -ENV_FILE_LOCATION=/opt/fefan/fefan.env -GITEA_INSTANCE_URL=https://gitea.aldon.fr GITEA_RUNNER_REGISTRATION_TOKEN= -GITEA_FEFAN_APPLICATION_TOKEN= -GITEA_FEFAN_REPOSITORY=Mop/fefan +# Gitea instance +GITEA_INSTANCE_URL=https://gitea.aldon.fr +GITEA_SERVICE_APPLICATION_TOKEN= +GITEA_SERVICE_REPOSITORY=mop/fefan +GITEA_WORKFLOW_NAME=deploy.yaml + +# Application specifics NEXT_PUBLIC_CONTENT_URI=https://content.fefan.fr/api NEXT_PUBLIC_IMG_URI=https://content.fefan.fr NEXT_PUBLIC_ORIGIN=https://fefan.fr POSTGRES_USER=strapi -POSTGRES_PASSWORD=password +POSTGRES_PASSWORD= STRAPI_APP_KEYS= STRAPI_TOKEN_SALT= STRAPI_ADMIN_JWT_SECRET= STRAPI_TRANSFER_TOKEN_SALT= STRAPI_JWT_SECRET= +SERVICE_DATABASE_CONTAINER_NAME=fefan-db - +# VM USERNAME=fefan -FEFAN_BACKUPS_DIR=/backups/fefan -FEFAN_BACKUP_PREFIX=fefan-dump \ No newline at end of file + +# Backup specifics +SERVICE_BACKUPS_DIR=/backups/fefan +SERVICE_BACKUPS_PREFIX=fefan-dump +SERVICE_BACKUPS_EXTENSION=tar.gz \ No newline at end of file diff --git a/modules/apps/fefan/cloud-init/service.yaml b/modules/apps/fefan/cloud-init/service.yaml index 42130ea..bacb0eb 100644 --- a/modules/apps/fefan/cloud-init/service.yaml +++ b/modules/apps/fefan/cloud-init/service.yaml @@ -30,11 +30,7 @@ mounts: - [ "192.168.1.12:/main/backups", "/backups", "nfs", "defaults,_netdev,x-systemd.requires=network-online.target", "0", "0" ] write_files: - - path: /opt/fefan/env.sh - permissions: "0644" - content: | - ${environment-setup-script} - - path: /opt/fefan/fefan.env + - path: /opt/environment/.env permissions: "0644" content: | ${env-file-content} @@ -69,7 +65,7 @@ write_files: - path: /opt/fefan/install-fefan.sh permissions: "0755" content: | - ${fefan-install-script} + ${service-install-script} runcmd: # Backup setup diff --git a/modules/apps/fefan/lib/scripts/create-backup.sh b/modules/apps/fefan/lib/scripts/create-backup.sh index 3a8a19c..c55aa9a 100644 --- a/modules/apps/fefan/lib/scripts/create-backup.sh +++ b/modules/apps/fefan/lib/scripts/create-backup.sh @@ -1,14 +1,15 @@ #!/bin/bash -source /opt/fefan/env.sh +source /opt/environment/.env -# FEFAN_BACKUPS_DIR=/backups/fefan -# FEFAN_BACKUP_PREFIX=fefan-dump +# SERVICE_BACKUPS_DIR=/backups/fefan +# SERVICE_BACKUPS_PREFIX=fefan-dump +# SERVICE_BACKUPS_EXTENSION=tar.gz TIMESTAMP=$(date +'%Y-%m-%d_%H%M%S') docker exec fefan-strapi-1 yarn strapi export -f export --no-encrypt -docker cp fefan-strapi-1:/app/export.tar.gz $FEFAN_BACKUPS_DIR/$FEFAN_BACKUP_PREFIX-$TIMESTAMP.tar.gz -docker exec fefan-strapi-1 rm /app/export.tar.gz +docker cp fefan-strapi-1:/app/export.$SERVICE_BACKUPS_EXTENSION $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-$TIMESTAMP.$SERVICE_BACKUPS_EXTENSION +docker exec fefan-strapi-1 rm /app/export.$SERVICE_BACKUPS_EXTENSION -ls -1dt $FEFAN_BACKUPS_DIR/$FEFAN_BACKUP_PREFIX-*.tar.gz | tail -n +5 | xargs -r rm -f \ No newline at end of file +ls -1dt $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-*.$SERVICE_BACKUPS_EXTENSION | tail -n +5 | xargs -r rm -f \ No newline at end of file diff --git a/modules/apps/fefan/lib/scripts/env.sh b/modules/apps/fefan/lib/scripts/env.sh deleted file mode 100644 index dbd8273..0000000 --- a/modules/apps/fefan/lib/scripts/env.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -a -[ -f /opt/fefan/fefan.env ] && source /opt/fefan/fefan.env -set +a \ No newline at end of file diff --git a/modules/apps/fefan/lib/scripts/install-fefan.sh b/modules/apps/fefan/lib/scripts/install-fefan.sh deleted file mode 100644 index c789664..0000000 --- a/modules/apps/fefan/lib/scripts/install-fefan.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash - -source /opt/fefan/env.sh - -# trigger manually a CI/CD pipeline -curl -X POST -H "Authorization: token $GITEA_FEFAN_APPLICATION_TOKEN" \ - -H "Content-Type: application/json" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_FEFAN_REPOSITORY/actions/workflows/deploy.yaml/dispatches \ - -d '{"ref": "main", "inputs": {"ref": "main"}}' - -RUN_ID=$(curl -s -H "Authorization: token $GITEA_FEFAN_APPLICATION_TOKEN" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_FEFAN_REPOSITORY/actions/runs \ - | jq -r '.workflow_runs | sort_by(.created_at) | .[0].id') - -while true; do - STATUS=$(curl -s -H "Authorization: token $GITEA_FEFAN_APPLICATION_TOKEN" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_FEFAN_REPOSITORY/actions/runs/$RUN_ID \ - | jq -r '.status') - - if [ "$STATUS" = "completed" ]; then - CONCLUSION=$(curl -s -H "Authorization: token $GITEA_FEFAN_APPLICATION_TOKEN" \ - $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_FEFAN_REPOSITORY/actions/runs/$RUN_ID \ - | jq -r '.conclusion') - echo "Workflow finished with status: $CONCLUSION" - break - fi - - echo "Waiting 10 seconds..." - sleep 10 -done - -if [ "$CONCLUSION" = "success" ]; then - echo "Launching command..." - - while [ "$(docker inspect -f '{{.State.Running}}' fefan-db-1 2>/dev/null)" != "true" ]; do - echo "Waiting database container status" - sleep 5 - done - - systemctl start restore-backup.service -else - echo "Workflow failed or was cancelled, aborting." - exit 1 -fi \ No newline at end of file diff --git a/modules/apps/fefan/lib/scripts/install-runner.sh b/modules/apps/fefan/lib/scripts/install-runner.sh deleted file mode 100644 index f55641f..0000000 --- a/modules/apps/fefan/lib/scripts/install-runner.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/bash - -source /opt/fefan/env.sh - -## .env should define -# ACT_RUNNER_USER: act_runner username (act_runner) -# ACT_RUNNER_LOCATION: act_runner binary location (/usr/local/bin) -# ACT_RUNNER_VERSION: act_runner version (0.2.13) -# ENV_FILE_LOCATION: .env file location on vm (/opt/fefan/fefan.env) -# GITEA_INSTANCE_URL: url of the gitea instance (https://gitea.aldon.fr) -# GITEA_RUNNER_REGISTRATION_TOKEN: registration token for gitea runner (repository scope) -# USERNAME: username of the vm (fefan) -# REPOSITORY: repository on which service code is hosted (mop/fefan) - -if ! id -u $ACT_RUNNER_USER >/dev/null 2>&1; then - adduser \ - --system \ - --shell /bin/bash \ - --gecos 'Action runner user' \ - --ingroup docker\ - --disabled-password \ - --home /home/$ACT_RUNNER_USER \ - $ACT_RUNNER_USER -fi - -wget -O $ACT_RUNNER_LOCATION/act_runner https://dl.gitea.com/act_runner/$ACT_RUNNER_VERSION/act_runner-$ACT_RUNNER_VERSION-linux-amd64 -chmod +x $ACT_RUNNER_LOCATION/act_runner - -cat < /home/$ACT_RUNNER_USER/config.yaml -log: - level: info -runner: - file: .runner - capacity: 1 - timeout: 3h - shutdown_timeout: 0s - insecure: false - fetch_timeout: 5s - env_file: $ENV_FILE_LOCATION - fetch_interval: 2s - github_mirror: '' - labels: - - 'ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest' - - 'ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04' - - 'ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04' -cache: - enabled: true - dir: "" - host: "" - port: 0 - external_server: "" -container: - network: "" - privileged: false - options: - workdir_parent: - valid_volumes: [] - docker_host: "" - force_pull: true - force_rebuild: false - require_docker: false - docker_timeout: 0s -host: - workdir_parent: -EOF - -cd /home/act_runner -sudo -u $ACT_RUNNER_USER act_runner register --no-interactive --instance $GITEA_INSTANCE_URL --token $GITEA_RUNNER_REGISTRATION_TOKEN --name $USERNAME --labels $USERNAME -chown -R $ACT_RUNNER_USER:docker /home/$ACT_RUNNER_USER \ No newline at end of file diff --git a/modules/apps/fefan/lib/scripts/restore-backup.sh b/modules/apps/fefan/lib/scripts/restore-backup.sh index 0cb9b02..0e5fb21 100644 --- a/modules/apps/fefan/lib/scripts/restore-backup.sh +++ b/modules/apps/fefan/lib/scripts/restore-backup.sh @@ -1,14 +1,16 @@ #!/bin/bash -source /opt/fefan/env.sh +source /opt/environment/.env -# FEFAN_BACKUPS_DIR=/backups/fefan -# FEFAN_BACKUP_PREFIX=fefan-dump +## Environment variables +# SERVICE_BACKUPS_DIR=/backups/fefan +# SERVICE_BACKUPS_PREFIX=fefan-dump +# SERVICE_BACKUPS_EXTENSION=tar.gz -LATEST_BACKUP=$(ls -1 $FEFAN_BACKUPS_DIR/$FEFAN_BACKUP_PREFIX-*.tar.gz 2>/dev/null | sort | tail -n1) +LATEST_BACKUP=$(ls -1 $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-*.$SERVICE_BACKUPS_EXTENSION 2>/dev/null | sort | tail -n1) if [ -n "$LATEST_BACKUP" ] && [ -f "$LATEST_BACKUP" ]; then - docker cp $LATEST_BACKUP fefan-strapi-1:/app/${LATEST_BACKUP#"$FEFAN_BACKUPS_DIR"/} - docker exec fefan-strapi-1 yarn strapi import -f /app/${LATEST_BACKUP#"$FEFAN_BACKUPS_DIR"/} --force - docker exec fefan-strapi-1 rm /app/${LATEST_BACKUP#"$FEFAN_BACKUPS_DIR"/} + docker cp $LATEST_BACKUP fefan-strapi-1:/app/${LATEST_BACKUP#"$SERVICE_BACKUPS_DIR"/} + docker exec fefan-strapi-1 yarn strapi import -f /app/${LATEST_BACKUP#"$SERVICE_BACKUPS_DIR"/} --force + docker exec fefan-strapi-1 rm /app/${LATEST_BACKUP#"$SERVICE_BACKUPS_DIR"/} fi \ No newline at end of file diff --git a/modules/apps/fefan/lib/services/.gitkeep b/modules/apps/fefan/lib/services/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/modules/apps/fefan/lib/services/act_runner.service b/modules/apps/fefan/lib/services/act_runner.service deleted file mode 100644 index 72043da..0000000 --- a/modules/apps/fefan/lib/services/act_runner.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Gitea Actions runner -Documentation=https://gitea.com/gitea/act_runner -After=docker.service - -[Service] -ExecStart=/usr/local/bin/act_runner daemon --config /home/act_runner/config.yaml -ExecReload=/bin/kill -s HUP $MAINPID -WorkingDirectory=/home/act_runner -TimeoutSec=0 -RestartSec=10 -Restart=always -User=act_runner - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/modules/apps/fefan/lib/services/create-backup.service b/modules/apps/fefan/lib/services/create-backup.service deleted file mode 100644 index c0ace1f..0000000 --- a/modules/apps/fefan/lib/services/create-backup.service +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Backup Service -Wants=network.target -After=network.target docker.service - -[Service] -Type=oneshot -User=root -ExecStart=/usr/local/bin/backup.sh \ No newline at end of file diff --git a/modules/apps/fefan/lib/services/create-backup.timer b/modules/apps/fefan/lib/services/create-backup.timer deleted file mode 100644 index 0e9d735..0000000 --- a/modules/apps/fefan/lib/services/create-backup.timer +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Run backup weekly - -[Timer] -OnCalendar=Sun *-*-* 01:00:00 -Persistent=true - -[Install] -WantedBy=timers.target \ No newline at end of file diff --git a/modules/apps/fefan/lib/services/restore-backup.service b/modules/apps/fefan/lib/services/restore-backup.service deleted file mode 100644 index 9bfcd33..0000000 --- a/modules/apps/fefan/lib/services/restore-backup.service +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Restore latest backup -After=network.target -Requires=docker.service - -[Service] -Type=oneshot -User=root -ExecStart=/usr/local/bin/restore-backup.sh \ No newline at end of file diff --git a/modules/apps/fefan/main.tf b/modules/apps/fefan/main.tf index 268ca3a..f2e9021 100644 --- a/modules/apps/fefan/main.tf +++ b/modules/apps/fefan/main.tf @@ -15,6 +15,7 @@ module "vm" { ssh_public_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip + cloudinit_config = templatefile( "${path.module}/cloud-init/service.yaml", { @@ -22,15 +23,17 @@ module "vm" { domain = var.domain ssh_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip - environment-setup-script = indent(6, file("${path.module}/lib/scripts/env.sh")) restore-backup-script = indent(6, file("${path.module}/lib/scripts/restore-backup.sh")) - restore-backup-service = indent(6, file("${path.module}/lib/services/restore-backup.service")) + restore-backup-service = indent(6, file("${path.module}/../common/services/docker/restore-backup.service")) create-backup-script = indent(6, file("${path.module}/lib/scripts/create-backup.sh")) - create-backup-service = indent(6, file("${path.module}/lib/services/create-backup.service")) - create-backup-timer = indent(6, file("${path.module}/lib/services/create-backup.timer")) - act_runner-service = indent(6, file("${path.module}/lib/services/act_runner.service")) - act_runner-install-script = indent(6, file("${path.module}/lib/scripts/install-runner.sh")) - fefan-install-script = indent(6, file("${path.module}/lib/scripts/install-fefan.sh")) + create-backup-service = indent(6, file("${path.module}}/../common/services/docker/create-backup.service")) + create-backup-timer = indent(6, file("${path.module}/../common/services/create-backup.timer")) + + act_runner-service = indent(6, file("${path.module}/../common/services/act_runner.service")) + act_runner-install-script = indent(6, file("${path.module}/../common/scripts/install-runner.sh")) + + service-install-script = indent(6, file("${path.module}/../common/scripts/install-service-ci.sh")) + env-file-content = indent(6, file("${path.module}/.env")) } ) diff --git a/modules/apps/fefan/variables.tf b/modules/apps/fefan/variables.tf index cfc12a3..c2feb6d 100644 --- a/modules/apps/fefan/variables.tf +++ b/modules/apps/fefan/variables.tf @@ -1,22 +1,27 @@ variable "name" { + description = "Virtual Machine name" type = string } variable "vm_id" { + description = "Virtual Machine id" type = number } variable "node_name" { + description = "Proxmox node name" type = string default = "mop" } variable "cores" { + description = "Number of CPU cores for this virtual machine" type = number default = 2 } variable "memory" { + description = "Memory RAM for this virtual machine" type = number default = 2048 } @@ -28,35 +33,39 @@ variable "balloon" { } variable "template_id" { + description = "Virtual machine template ID" type = number } variable "ssh_public_key" { - type = string description = "Public SSH key for cloud-init user" + type = string } variable "hostname" { - description = "VM hostname" + description = "Virtual Machine hostname ()" type = string default = "test" } variable "domain" { - description = "VM domain" + description = "Virtual Machine domain (example.fr)" type = string default = "" } variable "disk_size" { + description = "Disk size for the virtual machine" type = number default = 10 } variable "proxmox_host_ip" { + description = "Proxmox host base ip" type = string } variable "vm_ip_address" { + description = "Virtual machine ip" type = string } \ No newline at end of file diff --git a/modules/apps/gateway/.env.example b/modules/apps/gateway/.env.example index 8eb1ad1..d2c3c3c 100644 --- a/modules/apps/gateway/.env.example +++ b/modules/apps/gateway/.env.example @@ -1,8 +1,11 @@ +# Environment files +ENV_FILE_LOCATION=/opt/environment/.env + +# Application Specifics #openssl rand -hex 20 -WEBHOOK_SECRET=xxx TRAEFIK_VERSION=v3.6.7 TRAEFIK_BINARY=/usr/local/bin/traefik TRAEFIK_USER=traefik TRAEFIK_CONF=/home/traefik/traefik.yml GATEWAY_REPOSITORY=/Mop/gateway -GATEWAY_REPOSITORY_LOCATION=/home/traefik/gateway \ No newline at end of file +DYNAMIC_CONFIG_LOCATION=/home/gateway/services.yaml \ No newline at end of file diff --git a/modules/apps/gateway/cloud-init/service.yaml b/modules/apps/gateway/cloud-init/service.yaml index a976e3e..da6eee5 100644 --- a/modules/apps/gateway/cloud-init/service.yaml +++ b/modules/apps/gateway/cloud-init/service.yaml @@ -26,11 +26,7 @@ packages: - gunicorn write_files: - - path: /opt/gateway/env.sh - permissions: "0644" - content: | - ${environment-setup-script} - - path: /opt/gateway/gateway.env + - path: /opt/environment/.env permissions: "0644" content: | ${env-file-content} @@ -38,14 +34,6 @@ write_files: permissions: "0755" content: | ${install-traefik-script} - - path: /usr/local/bin/pull-webhook.py - permissions: "0755" - content: | - ${pull-webhook-script} - - path: /etc/systemd/system/pull-webhook.service - permissions: "0755" - content: | - ${pull-webhook-service} - path: /etc/systemd/system/traefik.service permissions: "0755" content: | @@ -53,8 +41,6 @@ write_files: runcmd: - /opt/gateway/install-traefik.sh - - systemctl enable pull-webhook.service - - systemctl start pull-webhook.service final_message: | Base system ready for ${hostname} \ No newline at end of file diff --git a/modules/apps/gateway/lib/scripts/env.sh b/modules/apps/gateway/lib/scripts/env.sh deleted file mode 100644 index 36d57eb..0000000 --- a/modules/apps/gateway/lib/scripts/env.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -a -[ -f /opt/gateway/gateway.env ] && source /opt/gateway/gateway.env -set +a \ No newline at end of file diff --git a/modules/apps/gateway/lib/scripts/install-traefik.sh b/modules/apps/gateway/lib/scripts/install-traefik.sh index a1f43ac..72f3839 100644 --- a/modules/apps/gateway/lib/scripts/install-traefik.sh +++ b/modules/apps/gateway/lib/scripts/install-traefik.sh @@ -1,13 +1,13 @@ #!/bin/bash -# GATEWAY_REPOSITORY_LOCATION (path on vm) +# DYNAMIC_CONFIG_LOCATION (path on vm) # GATEWAY_REPOSITORY (path on gitea) # TRAEFIK_USER # TRAEFIK_BINARY # TRAEFIK_VERSION # TRAEFIK_CONF -source /opt/gateway/env.sh +source /opt/environment/.env if ! id -u $TRAEFIK_USER >/dev/null 2>&1; then adduser \ @@ -32,8 +32,6 @@ chown $TRAEFIK_USER:$TRAEFIK_USER /etc/traefik/acme.json chmod 600 /etc/traefik/acme.json setcap 'cap_net_bind_service=+ep' /usr/local/bin/traefik -git clone https://gitea.aldon.fr/$GATEWAY_REPOSITORY.git $GATEWAY_REPOSITORY_LOCATION - cat > "$TRAEFIK_CONF" </dev/null 2>&1; then @@ -41,15 +41,15 @@ CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS'; CREATE DATABASE $DB_NAME WITH OWNER $DB_USER TEMPLATE template0 ENCODING UTF8 LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8'; EOF -if ls -1 "$GITEA_BACKUPS_DIR"/gitea-dump-*.zip >/dev/null 2>&1; then +if ls -1 "$SERVICE_BACKUPS_DIR"/$SERVICE_BACKUPS_PREFIX-*.$SERVICE_BACKUPS_EXTENSION >/dev/null 2>&1; then echo "---- Backup found, restoring Gitea ----" /usr/local/bin/restore-backup.sh else - echo "---- No backup found in $GITEA_BACKUPS_DIR, skipping restore ----" + echo "---- No backup found in $SERVICE_BACKUPS_DIR, skipping restore ----" fi -sudo chown -R $GITEA_USER:$GITEA_USER $GITEA_BACKUPS_DIR -sudo chmod -R 770 $GITEA_BACKUPS_DIR +sudo chown -R $GITEA_USER:$GITEA_USER $SERVICE_BACKUPS_DIR +sudo chmod -R 770 $SERVICE_BACKUPS_DIR GITEA_SECRET_KEY=$("$GITEA_BINARY" generate secret SECRET_KEY) GITEA_JWT_SECRET=$("$GITEA_BINARY" generate secret JWT_SECRET) @@ -90,7 +90,7 @@ ENABLED=true EOF echo "---- Generated Gitea app.ini with secrets ----" -chown git:git $GITEA_CONF +chown $GITEA_USER:$GITEA_USER $GITEA_CONF chmod 640 $GITEA_CONF systemctl daemon-reload diff --git a/modules/apps/gitea/lib/scripts/restore-backup.sh b/modules/apps/gitea/lib/scripts/restore-backup.sh index 951aabd..d690a33 100644 --- a/modules/apps/gitea/lib/scripts/restore-backup.sh +++ b/modules/apps/gitea/lib/scripts/restore-backup.sh @@ -1,7 +1,7 @@ #!/bin/bash set -euo pipefail -source /opt/gitea/env.sh +source /opt/environment/.env sudo -u postgres psql </dev/null | sort | tail -n1) +LATEST_BACKUP=$(ls -1 $SERVICE_BACKUPS_DIR/$SERVICE_BACKUPS_PREFIX-*.$SERVICE_BACKUPS_EXTENSION 2>/dev/null | sort | tail -n1) if [ -n "$LATEST_BACKUP" ] && [ -f "$LATEST_BACKUP" ]; then TMP_DIR=$(mktemp -d) diff --git a/modules/apps/gitea/lib/services/create-backup.timer b/modules/apps/gitea/lib/services/create-backup.timer deleted file mode 100644 index 0e9d735..0000000 --- a/modules/apps/gitea/lib/services/create-backup.timer +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Run backup weekly - -[Timer] -OnCalendar=Sun *-*-* 01:00:00 -Persistent=true - -[Install] -WantedBy=timers.target \ No newline at end of file diff --git a/modules/apps/gitea/main.tf b/modules/apps/gitea/main.tf index 26fcc7a..70ac8b6 100644 --- a/modules/apps/gitea/main.tf +++ b/modules/apps/gitea/main.tf @@ -15,6 +15,7 @@ module "vm" { ssh_public_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip + cloudinit_config = templatefile( "${path.module}/cloud-init/service.yaml", { @@ -22,12 +23,12 @@ module "vm" { domain = var.domain ssh_key = var.ssh_public_key proxmox_host_ip = var.proxmox_host_ip - environment-setup-script = indent(6, file("${path.module}/lib/scripts/env.sh")) restore-backup-script = indent(6, file("${path.module}/lib/scripts/restore-backup.sh")) restore-backup-service = indent(6, file("${path.module}/lib/services/restore-backup.service")) create-backup-script = indent(6, file("${path.module}/lib/scripts/create-backup.sh")) create-backup-service = indent(6, file("${path.module}/lib/services/create-backup.service")) - create-backup-timer = indent(6, file("${path.module}/lib/services/create-backup.timer")) + create-backup-timer = indent(6, file("${path.module}/../common/services/create-backup.timer")) + install-gitea-script = indent(6, file("${path.module}/lib/scripts/install-gitea.sh")) gitea-service = indent(6, file("${path.module}/lib/services/gitea.service")) diff --git a/modules/apps/gitea/variables.tf b/modules/apps/gitea/variables.tf index cfc12a3..c2feb6d 100644 --- a/modules/apps/gitea/variables.tf +++ b/modules/apps/gitea/variables.tf @@ -1,22 +1,27 @@ variable "name" { + description = "Virtual Machine name" type = string } variable "vm_id" { + description = "Virtual Machine id" type = number } variable "node_name" { + description = "Proxmox node name" type = string default = "mop" } variable "cores" { + description = "Number of CPU cores for this virtual machine" type = number default = 2 } variable "memory" { + description = "Memory RAM for this virtual machine" type = number default = 2048 } @@ -28,35 +33,39 @@ variable "balloon" { } variable "template_id" { + description = "Virtual machine template ID" type = number } variable "ssh_public_key" { - type = string description = "Public SSH key for cloud-init user" + type = string } variable "hostname" { - description = "VM hostname" + description = "Virtual Machine hostname ()" type = string default = "test" } variable "domain" { - description = "VM domain" + description = "Virtual Machine domain (example.fr)" type = string default = "" } variable "disk_size" { + description = "Disk size for the virtual machine" type = number default = 10 } variable "proxmox_host_ip" { + description = "Proxmox host base ip" type = string } variable "vm_ip_address" { + description = "Virtual machine ip" type = string } \ No newline at end of file diff --git a/templates/traefik.services.tpl b/templates/traefik.services.tpl index 0329edd..6ee0342 100644 --- a/templates/traefik.services.tpl +++ b/templates/traefik.services.tpl @@ -1,4 +1,3 @@ -# testt http: routers: http-catchall: diff --git a/terraform.tfvars.example b/terraform.tfvars.example index f8f2ac1..0e553c3 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -1,6 +1,4 @@ ssh_public_key = "" proxmox_api_token = "" proxmox_endpoint = "http://mop:8006" -proxmox_host_ip = "192.168.1.121" -gateway_repository = "../gateway" -gateway_token = "xxx" \ No newline at end of file +proxmox_host_ip = "192.168.1.121" \ No newline at end of file diff --git a/variables.tf b/variables.tf index 0e4754e..a43ea86 100644 --- a/variables.tf +++ b/variables.tf @@ -16,14 +16,4 @@ variable "proxmox_endpoint" { variable "proxmox_host_ip" { description = "Proxmox ip for backup nfs share" type = string -} - -variable "gateway_repository" { - description = "Gateway repository relative path (from this terraform repository), for traefik automatic config generation." - type = string -} - -variable "gateway_token" { - description = "Gateway webhook token same in /module/apps/gateway/.env" - type = string } \ No newline at end of file