integrate the whole infrastructure in one repo

2023-01-30 14:04:25 +01:00
parent 78309962bd
commit 2da501e3c7
2 changed files with 106 additions and 18 deletions
--- a/main.tf
+++ b/main.tf
@ -4,6 +4,19 @@ terraform {
      source = "hetznercloud/hcloud"
      version = "1.36.2"
    }
+    docker = {
+      source = "kreuzwerker/docker"
+      version = "3.0.1"
+    }
+    postgresql = {
+      source = "cyrilgdn/postgresql"
+      version = "1.18.0"
+    }
+    time = {
+      source = "hashicorp/time"
+      version = "0.9.1"
+    }
+
  }

  backend "http" {
@ -34,15 +47,6 @@ resource "hcloud_firewall" "default" {
    ]
    port = "3000"
  }
-  rule {
-    description = "postgres"
-    direction = "in"
-    protocol = "tcp"
-    source_ips = [
-      "0.0.0.0/0"
-    ]
-    port = "5432"
-  }
  rule {
    description = "http"
    direction = "in"
@ -61,15 +65,6 @@ resource "hcloud_firewall" "default" {
    ]
    port = "443"
  }
-  rule {
-    description = "mqtt/tls"
-    direction = "in"
-    protocol = "tcp"
-    source_ips = [
-      "0.0.0.0/0"
-    ]
-    port = "8883"
-  }
  rule {
    description = "ssh"
    direction = "in"
@ -103,3 +98,85 @@ output "IPAddress" {
  value = hcloud_server.saerbeck01.ipv4_address
  description = "Main Address"
 }
+
+
+provider "docker" {
+  host = "ssh://root@${hcloud_server.saerbeck01.ipv4_address}:22"
+  ssh_opts = [
+    "-o", "StrictHostKeyChecking=no", 
+    "-o", "UserKnownHostsFile=/dev/null",
+    "-i", "../infrastructure/tf-key"
+  ]
+}
+
+
+resource "docker_volume" "timescaledb-data" {
+  name = "timescaledb-data"
+}
+
+resource "docker_image" "timescaledb-image" {
+  name = "timescale/timescaledb:latest-pg12"
+}
+
+resource "docker_container" "timescaledb-server" {
+  name = "timescaledb-server"
+  image = docker_image.timescaledb-image.image_id
+  volumes {
+    container_path = "/var/lib/postgresql/data"
+    volume_name = docker_volume.timescaledb-data.name
+  }
+  restart = "always"
+  ports {
+    internal = 5432
+    external = 5432
+  }
+  env = [
+    "POSTGRES_USER=root",
+    "POSTGRES_PASSWORD=${var.postgres_password}"
+  ]
+}
+
+
+resource "docker_image" "grafana-image" {
+  name = "grafana/grafana:9.3.6"
+}
+
+resource "docker_container" "grafana-server" {
+  name = "grafana-server"
+  image = docker_image.grafana-image.image_id
+  restart = "always"
+  ports {
+    internal = 3000
+    external = 3000
+  }
+  env = [
+    "GF_SECURITY_ADMIN_USER=admin",
+    "GF_SECURITY_ADMIN_PASSWORD=${var.grafana_password}"
+  ]
+}
+
+
+resource "docker_volume" "gitlab-runner-data" {
+  name = "gitlab-runner-data"
+}
+
+resource "docker_image" "gitlab-runner-image" {
+  name = "gitlab/gitlab-runner:v15.5.2"
+}
+
+resource "docker_container" "gitlab-runner" {
+  name = "gitlab-runner"
+  image = docker_image.gitlab-runner-image.image_id
+  restart = "always"
+  volumes {
+    container_path = "/etc/gitlab-runner"
+    volume_name = docker_volume.gitlab-runner-data.name
+  }
+  volumes {
+    container_path = "/var/run/docker.sock"
+    host_path = "/var/run/docker.sock"
+  }
+  env = [
+  ]
+}
+
--- a/variables.tf
+++ b/variables.tf
@ -2,3 +2,14 @@ variable "hcloud_token" {
  sensitive = true 
  type = string
 }
+
+variable "postgres_password" {
+  sensitive = true
+  type = string
+}
+
+variable "grafana_password" {
+  sensitive = true
+  type = string
+}
+