Cleanup terraform files
by moving core infra into it's own file
This commit is contained in:
83
2-nomad-config/1-infra.tf
Normal file
83
2-nomad-config/1-infra.tf
Normal file
@@ -0,0 +1,83 @@
|
||||
provider "nomad" {
|
||||
# For some reason nomad is binding to the tailscale IP but not the (local) IP that we get for the same hostname
|
||||
address = "http://jaglan-beta-m01:4646"
|
||||
}
|
||||
|
||||
terraform {
|
||||
backend "local" {
|
||||
path = "./.tfstate/terraform.tfstate"
|
||||
}
|
||||
}
|
||||
|
||||
terraform {
|
||||
required_providers {
|
||||
sops = {
|
||||
source = "carlpett/sops"
|
||||
version = "~> 0.5"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
data "sops_file" "secrets" {
|
||||
source_file = "secrets.enc.json"
|
||||
}
|
||||
|
||||
// Networking
|
||||
|
||||
resource "nomad_job" "traefik" {
|
||||
jobspec = file("traefik.nomad.hcl")
|
||||
}
|
||||
|
||||
// Authentication
|
||||
|
||||
resource "nomad_job" "authelia" {
|
||||
jobspec = file("authelia.nomad.hcl")
|
||||
}
|
||||
|
||||
// Data
|
||||
|
||||
resource "nomad_job" "csi-smb" {
|
||||
jobspec = file("csi-smb.nomad.hcl")
|
||||
}
|
||||
|
||||
data "nomad_plugin" "smb" {
|
||||
plugin_id = "smb"
|
||||
wait_for_healthy = true
|
||||
}
|
||||
|
||||
resource "nomad_job" "postgres" {
|
||||
jobspec = file("postgres.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "pgadmin" {
|
||||
jobspec = file("pgadmin.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "pgbackup" {
|
||||
jobspec = file("pgbackup.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_csi_volume_registration" "unraid_database_dump" {
|
||||
#Note: Before chaning the definition of this volume you need to stop the jobs that are using it
|
||||
depends_on = [data.nomad_plugin.smb]
|
||||
plugin_id = "smb"
|
||||
|
||||
volume_id = "unraid_database_dump"
|
||||
name = "unraid_database_dump"
|
||||
|
||||
external_id = "unraid_database_dump"
|
||||
|
||||
capability {
|
||||
access_mode = "single-node-writer"
|
||||
attachment_mode = "file-system"
|
||||
}
|
||||
|
||||
context = {
|
||||
source = "//192.168.1.192/database-dump"
|
||||
}
|
||||
|
||||
secrets = {
|
||||
"username" = "nomad"
|
||||
"password" = data.sops_file.secrets.data["unraid.nomad"]
|
||||
}
|
||||
}
|
||||
@@ -1,23 +1,3 @@
|
||||
provider "nomad" {
|
||||
# For some reason nomad is binding to the tailscale IP but not the (local) IP that we get for the same hostname
|
||||
address = "http://jaglan-beta-m01:4646"
|
||||
}
|
||||
|
||||
terraform {
|
||||
required_providers {
|
||||
sops = {
|
||||
source = "carlpett/sops"
|
||||
version = "~> 0.5"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
terraform {
|
||||
backend "local" {
|
||||
path = "./.tfstate/terraform.tfstate"
|
||||
}
|
||||
}
|
||||
|
||||
resource "nomad_job" "glance" {
|
||||
jobspec = file("glance.nomad.hcl")
|
||||
}
|
||||
@@ -26,35 +6,11 @@ resource "nomad_job" "hello_world" {
|
||||
jobspec = file("hello-world.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "traefik" {
|
||||
jobspec = file("traefik.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "authelia" {
|
||||
jobspec = file("authelia.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "webapp" {
|
||||
jobspec = file("webapp.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "csi-smb" {
|
||||
jobspec = file("csi-smb.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "postgres" {
|
||||
jobspec = file("postgres.nomad.hcl")
|
||||
}
|
||||
|
||||
resource "nomad_job" "pgadmin" {
|
||||
jobspec = file("pgadmin.nomad.hcl")
|
||||
}
|
||||
|
||||
data "nomad_plugin" "smb" {
|
||||
plugin_id = "smb"
|
||||
wait_for_healthy = true
|
||||
}
|
||||
|
||||
resource "nomad_csi_volume_registration" "unraid_transfer" {
|
||||
#Note: Before chaning the definition of this volume you need to stop the jobs that are using it
|
||||
depends_on = [data.nomad_plugin.smb]
|
||||
@@ -84,35 +40,6 @@ resource "nomad_job" "transfer" {
|
||||
jobspec = file("transfer.nomad.hcl")
|
||||
}
|
||||
|
||||
data "sops_file" "secrets" {
|
||||
source_file = "secrets.enc.json"
|
||||
}
|
||||
|
||||
resource "nomad_csi_volume_registration" "unraid_database_dump" {
|
||||
#Note: Before chaning the definition of this volume you need to stop the jobs that are using it
|
||||
depends_on = [data.nomad_plugin.smb]
|
||||
plugin_id = "smb"
|
||||
|
||||
volume_id = "unraid_database_dump"
|
||||
name = "unraid_database_dump"
|
||||
|
||||
external_id = "unraid_database_dump"
|
||||
|
||||
capability {
|
||||
access_mode = "single-node-writer"
|
||||
attachment_mode = "file-system"
|
||||
}
|
||||
|
||||
context = {
|
||||
source = "//192.168.1.192/database-dump"
|
||||
}
|
||||
|
||||
secrets = {
|
||||
"username" = "nomad"
|
||||
"password" = data.sops_file.secrets.data["unraid.nomad"]
|
||||
}
|
||||
}
|
||||
|
||||
resource "nomad_csi_volume_registration" "unraid_appdata_transferfilebrowser" {
|
||||
#Note: Before chaning the definition of this volume you need to stop the jobs that are using it
|
||||
depends_on = [data.nomad_plugin.smb]
|
||||
@@ -139,6 +66,4 @@ resource "nomad_csi_volume_registration" "unraid_appdata_transferfilebrowser" {
|
||||
}
|
||||
}
|
||||
|
||||
resource "nomad_job" "pgbackup" {
|
||||
jobspec = file("pgbackup.nomad.hcl")
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user