iac/modules/caddy_reverse/main.tf

152 lines
4.2 KiB
Terraform
Raw Normal View History

2025-01-10 15:10:39 +00:00
locals {
data_device_path = "/dev/vdb"
caddy_version = "2.8.4-alpine"
caddy_config_dir_path = "/opt/caddy_config"
caddy_data_volume_name = "caddy_data"
caddy_network_name = "caddy_net"
data_disk = {
device = local.data_device_path
wipeTable = true
partitions = [
{
label = local.caddy_data_volume_name
number = 1
sizeMiB = 512
wipePartitionEntry = true
shouldExist = true
resize = true
},
]
}
caddy_data_filesystem = {
device = "${local.data_device_path}1"
format = "ext4"
label = local.caddy_data_volume_name
}
caddy_data_volume_file = {
path = "/etc/containers/systemd/${local.caddy_data_volume_name}.volume"
user = {id = 0}
group = {id = 0}
mode = 420 # 0644
contents = {
source = format(
"data:text/plain;base64,%s",
base64encode(
templatefile(
"${path.module}/files/caddy_data.volume.tftpl",
{
caddy_data_volume_name = local.caddy_data_volume_name
}
)
)
)
}
}
caddy_config_directory = {
path = local.caddy_config_dir_path
user = {id = 0}
group = {id = 0}
mode = 420 # 0644
}
caddyfile_file = {
path = "${local.caddy_config_dir_path}/Caddyfile"
user = {id = 0}
group = {id = 0}
mode = 420 # 0644
contents = {
source = format(
"data:text/plain;base64,%s",
base64encode(
templatefile(
"${path.module}/files/Caddyfile.tftpl",
{
vhosts = var.vhosts
}
)
)
)
}
}
caddy_network_file = {
path = "/etc/containers/systemd/${local.caddy_network_name}.network"
user = {id = 0}
group = {id = 0}
mode = 420 # 0644
contents = {
source = format(
"data:text/plain;base64,%s",
base64encode(
templatefile(
"${path.module}/files/caddy.network.tftpl",
{
caddy_network_name = local.caddy_network_name
}
)
)
)
}
}
caddy_container_file = {
path = "/etc/containers/systemd/caddy.container"
user = {id = 0}
group = {id = 0}
mode = 420 # 0644
contents = {
source = format(
"data:text/plain;base64,%s",
base64encode(
templatefile(
"${path.module}/files/caddy.container.tftpl",
{
caddy_version = local.caddy_version
caddy_data_volume_name = local.caddy_data_volume_name
caddy_config_file_path = "${local.caddy_config_dir_path}/Caddyfile"
caddy_network_name = local.caddy_network_name
}
)
)
)
}
}
ignition_config = jsonencode({
ignition = {
version = "3.4.0"
}
storage = {
disks = [
local.data_disk,
]
filesystems = [
local.caddy_data_filesystem,
]
files = [
local.caddy_data_volume_file,
local.caddyfile_file,
local.caddy_network_file,
local.caddy_container_file,
]
directories = [
local.caddy_config_directory,
]
}
passwd = {
users = [
{
name = "core"
sshAuthorizedKeys = var.ssh_authorized_keys
}
]
}
})
}