infrastructure/services.auto.tfvars

677 lines
12 KiB
HCL

services = {
"acme_dns" = {
host = "node001"
dns = [{
domain = "acme.serguzim.me"
}]
monitoring = {
url = "/health"
group = "7-support"
}
ports = [
{
description = "DNS"
port = 53
protocol = "tcp"
type = "firewall"
},
{
description = "DNS"
port = 53
protocol = "udp"
type = "firewall"
}
]
auth = false
database = true
s3 = false
},
"authentik" = {
host = "node001"
dns = [{
domain = "auth.serguzim.me"
}]
monitoring = {
url = "/-/health/live/"
group = "4-services"
}
certificates = ["auth.serguzim.me"]
auth = false
database = true
s3 = false
mail = "auth"
},
"backup" = {
host = "*"
auth = false
database = false
s3 = false
},
"caddy" = {
host = "*"
ports = [
{
description = "HTTP"
port = 80
protocol = "tcp"
type = "reverse_proxy"
},
{
description = "HTTPS"
port = 443
protocol = "tcp"
type = "reverse_proxy"
},
{
description = "HTTP/3 QUIC"
port = 443
protocol = "udp"
type = "reverse_proxy"
},
#"2019:2019",
]
auth = false
database = false
s3 = false
},
"dokku" = {
host = "node001"
dns = [
{
domain = "paas.serguzim.me"
},
{
domain = "*.paas.serguzim.me"
name = "dokku-wildcard"
alias = "dokku"
},
{
domain = "serguzim.me"
name = "webpage-serguzim"
alias = "dokku"
},
{
domain = "www.serguzim.me"
name = "webpage-serguzim-www"
alias = "webpage-serguzim"
},
]
backup = [{
name = "dokku"
type = "directory"
path = "/var/lib/dokku"
}]
monitoring = {
group = "7-support"
}
ports = [
{
description = "SSH for dokku"
port = 3022
protocol = "tcp"
type = "firewall"
}
]
auth = false
database = false
s3 = false
},
"extra_services" = {
host = "node001"
auth = false
database = false
s3 = false
},
"forgejo" = {
host = "node001"
dns = [{
domain = "git.serguzim.me"
}]
backup = [{
name = "forgejo_data"
type = "docker"
}]
monitoring = {
url = "/api/v1/version"
group = "4-services"
}
ports = [
{
description = "SSH for forgejo"
port = 22
protocol = "tcp"
type = "firewall"
}
]
auth = true
auth_redirects = ["https://git.serguzim.me/user/oauth2/auth.serguzim.me/callback"]
database = true
s3 = true
mail = "git"
},
"forgejo_runner" = {
host = "node001"
auth = false
database = false
s3 = false
},
"healthcheck" = {
host = "node001"
auth = false
database = false
s3 = false
},
"gatus" = {
host = "node001"
dns = [{
domain = "status.serguzim.me"
}]
backup = [{
name = "gatus_data"
type = "docker"
}]
auth = false
database = false
s3 = false
mail = "status"
},
"homebox" = {
host = "node001"
dns = [{
domain = "inventory.serguzim.me"
}]
backup = [{
name = "homebox_data"
type = "docker"
}]
monitoring = {
url = "/api/v1/status"
group = "4-services"
conditions = [
"DEFAULT",
"[BODY].health == true"
]
}
auth = false
database = false
s3 = false
mail = "inventory"
},
"immich" = {
host = "node001"
dns = [{
domain = "gallery.serguzim.me"
}]
backup = [
#{
# name = "immich_upload"
# type = "docker_remote"
#},
{
name = "immich_database"
type = "hook"
}
]
monitoring = {
group = "4-services"
}
auth = true
auth_redirects = ["https://gallery.serguzim.me/auth/login"]
database = false
s3 = false
},
"influxdb" = {
host = "node001"
dns = [{
domain = "tick.serguzim.me"
}]
backup = [{
name = "influxdb_data"
type = "docker"
}]
monitoring = {
url = "/health"
group = "4-services"
conditions = [
"DEFAULT",
"[BODY].status == pass"
]
}
auth = false
database = false
s3 = false
},
"jellyfin" = {
host = "node001"
dns = [{
domain = "media.serguzim.me"
}]
backup = [
{
name = "jellyfin_config"
type = "docker"
},
#{
# name = "jellyfin_media"
# type = "docker_remote"
#}
]
monitoring = {
url = "/health"
group = "4-services"
conditions = [
"DEFAULT",
"[BODY] == Healthy"
]
}
auth = false
database = false
s3 = false
},
"lego" = {
host = "*"
auth = false
database = false
s3 = false
},
"linkwarden" = {
host = "node001"
dns = [{
domain = "bookmarks.serguzim.me"
}]
monitoring = {
url = "/api/v1/logins"
group = "4-services"
}
auth = true
auth_cert = "rsa"
auth_redirects = ["https://bookmarks.serguzim.me/api/v1/auth/callback/authentik"]
database = true
s3 = true
},
mailcowdockerized = {
host = "node003"
dns = [{
domain = "mail.serguzim.me"
}]
backup = [{
name = "mailcowdockerized"
type = "hook"
}]
monitoring = {
group = "4-services"
}
ports = [
{
description = "SMTP"
port = 25
protocol = "tcp"
type = "firewall"
},
{
description = "SMTP TLS"
port = 465
protocol = "tcp"
type = "firewall"
},
{
description = "SMTP StartTLS"
port = 587
protocol = "tcp"
type = "firewall"
},
{
description = "IMAPS"
port = 993
protocol = "tcp"
type = "firewall"
},
{
description = "POPS"
port = 995
protocol = "tcp"
type = "firewall"
},
{
description = "Sieve"
port = 4190
protocol = "tcp"
type = "firewall"
}
]
auth = false
database = false
s3 = false
},
"minio" = {
host = "node001"
dns = [
{
domain = "s3.serguzim.me"
},
{
domain = "console.s3.serguzim.me"
name = "minio-console"
alias = "minio"
}
]
backup = [{
name = "minio_data"
type = "docker"
}]
monitoring = {
url = "/minio/health/live"
group = "7-support"
}
auth = true
auth_redirects = ["https://console.s3.serguzim.me/oauth_callback"]
database = false
s3 = false
},
"ntfy" = {
host = "node001"
dns = [{
domain = "push.serguzim.me"
}]
backup = [{
name = "ntfy_data"
type = "docker"
}]
monitoring = {
url = "/v1/health"
group = "4-services"
conditions = [
"DEFAULT",
"[BODY].healthy == true"
]
}
auth = false
database = false
s3 = false
},
"postgresql" = {
host = "node001"
dns = [{
domain = "db.serguzim.me"
}]
backup = [{
name = "postgresql"
type = "hook"
}]
monitoring = {
url = "tcp://db.serguzim.me:5432"
group = "7-support"
conditions = [
"[CONNECTED] == true"
]
}
certificates = ["db.serguzim.me"]
auth = false
database = false
s3 = false
},
"reitanlage_oranienburg" = {
host = "node001"
dns = [
{
domain = "reitanlage-oranienburg.de"
},
{
domain = "www.reitanlage-oranienburg.de"
name = "reitanlage_oranienburg-www"
alias = "reitanlage_oranienburg"
}
]
backup = [{
name = "reitanlage_oranienburg_data"
type = "docker"
}]
monitoring = {
group = "5-websites"
}
auth = false
database = false
s3 = false
},
"shlink" = {
host = "node001"
dns = [
{
domain = "msrg.cc"
},
{
domain = "msvg.cc"
name = "shlink-msvg"
alias = "shlink"
}
]
monitoring = {
url = "/rest/health"
group = "4-services"
conditions = [
"DEFAULT",
"[BODY].status == pass"
]
}
auth = false
database = true
s3 = false
},
"synapse" = {
host = "node001"
dns = [
{
domain = "matrix.serguzim.me"
},
{
domain = "matrix.msrg.cc"
name = "synapse-msrg"
alias = "synapse"
}
]
backup = [{
name = "synapse_media_store"
type = "docker"
}]
monitoring = {
url = "/_matrix/client/versions"
group = "4-services"
}
ports = [
{
description = "Matrix"
port = 8448
protocol = "tcp"
type = "reverse_proxy"
}
]
auth = true
auth_redirects = ["https://matrix.serguzim.me/_synapse/client/oidc/callback"]
database = true
s3 = false
mail = "matrix"
},
"tandoor" = {
host = "node001"
dns = [{
domain = "recipes.serguzim.me"
}]
backup = [{
name = "tandoor_mediafiles"
type = "docker"
}]
monitoring = {
url = "/accounts/login/"
group = "4-services"
}
auth = false
database = true
s3 = false
},
"teamspeak_fallback" = {
host = "node001"
dns = [
{
domain = "ts.serguzim.me"
},
{
domain = "hook.serguzim.me"
name = "teamspeak_fallback-hook"
alias = "teamspeak_fallback"
}
]
backup = [{
name = "teamspeak_fallback_data"
type = "docker"
}]
monitoring = {
group = "7-support"
}
ports = [
{
description = "Teamspeak server"
port = 9987
protocol = "udp"
type = "firewall"
},
{
description = "Teamspeak filetransfer"
port = 30033
protocol = "tcp"
type = "firewall"
},
{
description = "Teamspeak serverquery"
port = 10011
protocol = "tcp"
type = "firewall"
}
]
auth = false
database = false
s3 = false
}
"telegraf" = {
host = "node001"
auth = false
database = true
s3 = false
},
"tinytinyrss" = {
host = "node001"
dns = [{
domain = "rss.serguzim.me"
}]
monitoring = {
url = "/tt-rss/"
group = "4-services"
}
auth = false
database = true
s3 = false
},
"umami" = {
host = "node001"
dns = [{
domain = "analytics.serguzim.me"
}]
monitoring = {
url = "/api/heartbeat"
group = "4-services"
}
auth = false
database = true
s3 = false
},
"vikunja" = {
host = "node001"
dns = [{
domain = "todo.serguzim.me"
}]
backup = [{
name = "vikunja_data"
type = "docker"
}]
monitoring = {
url = "/api/v1/info"
group = "4-services"
}
auth = true
auth_redirects = ["https://todo.serguzim.me/auth/openid/authserguzimme"]
database = true
s3 = false
mail = "todo"
},
"watchtower" = {
host = "*"
auth = false
database = false
s3 = false
mail = "watchtower"
},
"wiki_js" = {
host = "node001"
dns = [{
domain = "wiki.serguzim.me"
}]
monitoring = {
group = "4-services"
}
auth = true
auth_redirects = ["https://wiki.serguzim.me/login/f792bc7d-1a25-4437-944e-55eaf0111102/callback"]
database = true
s3 = false
mail = "wiki"
},
"woodpecker" = {
host = "node001"
dns = [
{
domain = "ci.serguzim.me"
},
{
domain = "agents.ci.serguzim.me"
name = "woodpecker-agents"
alias = "woodpecker"
}
]
monitoring = {
url = "/healthz"
group = "4-services"
}
auth = false
database = true
s3 = false
}
}