feat: upgrade letsencrypt to caddy

darklab8 · Jan 12, 2025 · 9472879 · 9472879
1 parent 31457ba
commit 9472879
Show file tree

Hide file tree

Showing 5 changed files with 57 additions and 42 deletions.
diff --git a/tf/modules/darkstat/dns.tf b/tf/modules/darkstat/dns.tf
@@ -0,0 +1,16 @@
+module "dns" {
+  source = "../../../../infra/tf/modules/cloudflare_dns"
+  zone   = var.zone
+  dns_records = [{
+    type    = "A"
+    value   = var.ipv4_address
+    name    = var.stat_prefix
+    proxied = false
+    }, {
+    type    = "A"
+    value   = var.ipv4_address
+    name    = var.relay_prefix
+    proxied = false
+    }
+  ]
+}
diff --git a/tf/modules/darkstat/input.tf b/tf/modules/darkstat/input.tf
@@ -24,4 +24,13 @@ variable "darkstat_port" {
 }
 variable "relay_port" {
   type = number
-}
+}
+variable "stat_prefix" {
+  type = string
+}
+variable "relay_prefix" {
+  type = string
+}
+variable "zone" {
+  type = string
+}
diff --git a/tf/modules/darkstat/main.tf b/tf/modules/darkstat/main.tf
@@ -9,18 +9,43 @@ resource "docker_image" "darkstat" {
   keep_locally = true
 }
 
+data "docker_network" "caddy" {
+  name = "caddy"
+}
+
 resource "docker_service" "darkstat" {
   name = "darkstat-${var.environment}"
 
   task_spec {
     networks_advanced {
       name = docker_network.network.id
     }
+    networks_advanced {
+      name = data.docker_network.caddy.id
+    }
+
     container_spec {
       image = docker_image.darkstat.name
       env   = local.envs
       #   args = ["sleep", "infinity"]
 
+      labels {
+        label = "caddy_0"
+        value = "${var.stat_prefix}.${var.zone}"
+      }
+      labels {
+        label = "caddy_0.reverse_proxy"
+        value = "{{upstreams 8000}}"
+      }
+      labels {
+        label = "caddy_1"
+        value = "${var.relay_prefix}.${var.zone}"
+      }
+      labels {
+        label = "caddy_1.reverse_proxy"
+        value = "{{upstreams 8080}}"
+      }
+
       mounts {
         target    = "/data"
         source    = var.discovery_path

diff --git a/tf/production/main.tf b/tf/production/main.tf
@@ -16,30 +16,8 @@ module "darkstat" {
   EOT
   darkstat_port      = 8000
   relay_port         = 8080
-}
-
-module "nginx" {
-  source = "../modules/docker_nginx"
-}
 
-module "dns" {
-  source = "../../../infra/tf/modules/cloudflare_dns"
-  zone   = "dd84ai.com"
-  dns_records = [{
-    type    = "A"
-    value   = module.data_cluster.node_darklab.ipv4_address
-    name    = "darkstat"
-    proxied = false
-    }, {
-    type    = "A"
-    value   = module.data_cluster.node_darklab.ipv4_address
-    name    = "darkrelay"
-    proxied = false
-    }, {
-    type    = "A"
-    value   = module.data_cluster.node_darklab.ipv4_address
-    name    = "test"
-    proxied = false
-    }
-  ]
+  stat_prefix  = "darkstat"
+  relay_prefix = "darkrelay"
+  zone         = "dd84ai.com"
 }
diff --git a/tf/staging/main.tf b/tf/staging/main.tf
@@ -15,21 +15,8 @@ module "darkstat" {
   EOT
   darkstat_port      = 8001
   relay_port         = 8081
-}
 
-module "dns" {
-  source = "../../../infra/tf/modules/cloudflare_dns"
-  zone   = "dd84ai.com"
-  dns_records = [{
-    type    = "A"
-    value   = module.data_cluster.node_darklab.ipv4_address
-    name    = "darkstat-staging"
-    proxied = false
-    }, {
-    type    = "A"
-    value   = module.data_cluster.node_darklab.ipv4_address
-    name    = "darkrelay-staging"
-    proxied = false
-    }
-  ]
+  stat_prefix  = "darkstat-staging"
+  relay_prefix = "darkrelay-staging"
+  zone         = "dd84ai.com"
 }