diff --git a/modules/infrastructure/variables.tf b/modules/infrastructure/variables.tf index 5396a3b..8071d6b 100644 --- a/modules/infrastructure/variables.tf +++ b/modules/infrastructure/variables.tf @@ -23,8 +23,6 @@ variable "services" { name = string type = string }))) - ports = optional(list(string)) - certificates = optional(list(string)) auth = bool auth_cert = optional(string) auth_redirects = optional(list(string)) diff --git a/modules/services/variables.tf b/modules/services/variables.tf index a5b866a..fe72923 100644 --- a/modules/services/variables.tf +++ b/modules/services/variables.tf @@ -14,8 +14,6 @@ variable "services" { name = string type = string }))) - ports = optional(list(string)) - certificates = optional(list(string)) auth = bool auth_cert = optional(string) auth_redirects = optional(list(string)) diff --git a/playbooks/filter_plugins/service_filters.py b/playbooks/filter_plugins/service_filters.py index d3a0f38..37befc6 100644 --- a/playbooks/filter_plugins/service_filters.py +++ b/playbooks/filter_plugins/service_filters.py @@ -5,6 +5,7 @@ class FilterModule(object): 'services_to_dnscontrol': self.services_to_dnscontrol, 'services_get_backups': self.services_get_backups, 'service_get_backups': self.service_get_backups, + 'services_ports_to_docker': self.services_ports_to_docker, 'service_get_domain': self.service_get_domain, } @@ -46,6 +47,14 @@ class FilterModule(object): return dns_0.get("domain") return None + def services_ports_to_docker(self, ports, type_filter=None): + result = [] + for port in ports: + if type_filter and port.get("type") != type_filter: + continue + result.append(f"{port['port']}:{port['port']}/{port['protocol']}") + return result + def services_to_dnscontrol(self, services): result = {} for service in services: diff --git a/playbooks/roles/caddy/vars/main.yml b/playbooks/roles/caddy/vars/main.yml index c75c710..40c8042 100644 --- a/playbooks/roles/caddy/vars/main.yml +++ b/playbooks/roles/caddy/vars/main.yml @@ -6,7 +6,7 @@ caddy_acmedns_url: "https://{{ acme_dns.host }}" caddy_ports_default: - "{{ host_vpn.ip }}:2019:2019" -caddy_ports_extra: "{{ host_services | map(attribute='ports') | flatten }}" +caddy_ports_extra: "{{ host_services | map(attribute='ports') | flatten | services_ports_to_docker('reverse_proxy') }}" caddy_ports: "{{ caddy_ports_default | union(caddy_ports_extra) }}" caddy_env: diff --git a/services.auto.tfvars b/services.auto.tfvars index 11d0bf5..9a7e69d 100644 --- a/services.auto.tfvars +++ b/services.auto.tfvars @@ -42,9 +42,21 @@ services = { name = "caddy" host = "*" ports = [ - "80:80", - "443:443", - "443:443/udp", + { + port = 80 + protocol = "tcp" + type = "reverse_proxy" + }, + { + port = 443 + protocol = "tcp" + type = "reverse_proxy" + }, + { + port = 443 + protocol = "tcp" + type = "reverse_proxy" + }, #"2019:2019", ] auth = false @@ -418,7 +430,13 @@ services = { url = "/_matrix/client/versions" group = "4-services" } - ports = ["8448:8448"] + ports = [ + { + port = 8448 + protocol = "tcp" + type = "reverse_proxy" + } + ] auth = true auth_redirects = ["https://matrix.serguzim.me/_synapse/client/oidc/callback"] database = true diff --git a/variables.tf b/variables.tf index 9aa52d8..6b6e6b0 100644 --- a/variables.tf +++ b/variables.tf @@ -145,7 +145,11 @@ variable "services" { group = optional(string) conditions = optional(list(string)) })) - ports = optional(list(string)) + ports = optional(list(object({ + port = number + protocol = string + type = string + }))) certificates = optional(list(string)) auth = bool auth_cert = optional(string)