2021-05-05 19:17:56 +01:00
|
|
|
variable "prod" {}
|
2021-02-07 23:45:55 +00:00
|
|
|
variable "tls_secret_name" {}
|
|
|
|
|
variable "client_certificate_secret_name" {}
|
|
|
|
|
variable "hackmd_db_password" {}
|
|
|
|
|
variable "mailserver_accounts" {}
|
|
|
|
|
variable "mailserver_aliases" {}
|
2021-02-18 22:26:36 +00:00
|
|
|
variable "mailserver_opendkim_key" {}
|
2022-12-17 14:04:52 +00:00
|
|
|
variable "mailserver_sasl_passwd" {}
|
2021-02-07 23:45:55 +00:00
|
|
|
variable "pihole_web_password" {}
|
|
|
|
|
variable "webhook_handler_secret" {}
|
|
|
|
|
variable "wireguard_wg_0_conf" {}
|
|
|
|
|
variable "wireguard_wg_0_key" {}
|
|
|
|
|
variable "wireguard_firewall_sh" {}
|
|
|
|
|
variable "bind_db_viktorbarzin_me" {}
|
|
|
|
|
variable "bind_db_viktorbarzin_lan" {}
|
|
|
|
|
variable "bind_named_conf_options" {}
|
|
|
|
|
variable "alertmanager_account_password" {}
|
2021-05-05 19:17:56 +01:00
|
|
|
variable "dbaas_root_password" {}
|
2023-11-24 17:38:49 +00:00
|
|
|
variable "dbaas_postgresql_root_password" {}
|
|
|
|
|
variable "dbaas_pgadmin_password" {}
|
2021-02-10 21:17:31 +00:00
|
|
|
variable "drone_github_client_id" {}
|
|
|
|
|
variable "drone_github_client_secret" {}
|
|
|
|
|
variable "drone_rpc_secret" {}
|
2023-10-21 22:54:45 +00:00
|
|
|
variable "oauth2_proxy_client_id" {}
|
|
|
|
|
variable "oauth2_proxy_client_secret" {}
|
2023-10-22 14:07:14 +00:00
|
|
|
variable "oauth2_proxy_authenticated_emails" {}
|
2021-04-17 19:19:04 +01:00
|
|
|
variable "url_shortener_geolite_license_key" {}
|
2021-05-04 19:11:09 +01:00
|
|
|
variable "url_shortener_api_key" {}
|
2021-05-05 19:17:56 +01:00
|
|
|
variable "url_shortener_mysql_password" {}
|
2021-02-27 19:31:40 +00:00
|
|
|
variable "webhook_handler_fb_verify_token" {}
|
2021-02-27 20:56:14 +00:00
|
|
|
variable "webhook_handler_fb_page_token" {}
|
2021-03-09 21:43:14 +00:00
|
|
|
variable "webhook_handler_fb_app_secret" {}
|
2021-03-15 23:32:56 +00:00
|
|
|
variable "webhook_handler_git_user" {}
|
|
|
|
|
variable "webhook_handler_git_token" {}
|
2021-03-31 23:35:09 +01:00
|
|
|
variable "webhook_handler_ssh_key" {}
|
2024-01-23 20:30:39 +00:00
|
|
|
variable "technitium_username" {}
|
|
|
|
|
variable "technitium_password" {}
|
2021-04-05 15:06:24 +01:00
|
|
|
variable "idrac_username" {}
|
|
|
|
|
variable "idrac_password" {}
|
2022-01-06 20:09:20 +00:00
|
|
|
variable "alertmanager_slack_api_url" {}
|
2022-06-02 16:05:14 +01:00
|
|
|
variable "home_assistant_configuration" {}
|
2022-11-19 17:51:04 +00:00
|
|
|
variable "shadowsocks_password" {}
|
2023-04-25 23:54:38 +01:00
|
|
|
variable "finance_app_db_connection_string" {}
|
2023-10-27 12:22:45 +00:00
|
|
|
variable "finance_app_currency_converter_api_key" {}
|
2023-03-26 14:42:17 +01:00
|
|
|
variable "finance_app_graphql_api_secret" {}
|
2023-11-06 22:44:30 +00:00
|
|
|
variable "finance_app_gocardless_secret_key" {}
|
|
|
|
|
variable "finance_app_gocardless_secret_id" {}
|
2023-09-15 23:13:19 +00:00
|
|
|
variable "headscale_config" {}
|
2024-01-06 21:33:05 +00:00
|
|
|
variable "headscale_acl" {}
|
2023-11-18 14:54:55 +00:00
|
|
|
variable "immich_postgresql_password" {}
|
2023-11-18 18:38:59 +00:00
|
|
|
variable "ingress_honeypotapikey" {}
|
2023-11-25 13:33:03 +00:00
|
|
|
variable "ingress_crowdsec_api_key" {}
|
|
|
|
|
variable "ingress_crowdsec_captcha_secret_key" {}
|
|
|
|
|
variable "ingress_crowdsec_captcha_site_key" {}
|
2023-11-18 19:13:40 +00:00
|
|
|
variable "vaultwarden_smtp_password" {}
|
2023-11-24 17:38:49 +00:00
|
|
|
variable "resume_database_url" {}
|
|
|
|
|
variable "resume_redis_url" {}
|
2024-01-04 22:11:32 +00:00
|
|
|
variable "frigate_valchedrym_camera_credentials" { default = "" }
|
2024-02-03 13:46:13 +00:00
|
|
|
variable "paperless_db_password" {}
|
2024-08-18 18:14:17 +00:00
|
|
|
variable "diun_nfty_token" {}
|
2024-12-29 18:16:42 +00:00
|
|
|
variable "diun_slack_url" {}
|
2024-09-28 20:10:44 +00:00
|
|
|
variable "nextcloud_db_password" {}
|
2024-10-18 22:37:47 +00:00
|
|
|
variable "homepage_credentials" {}
|
2024-11-12 20:20:10 +00:00
|
|
|
variable "authentik_secret_key" {}
|
|
|
|
|
variable "authentik_postgres_password" {}
|
2024-11-23 12:15:21 +00:00
|
|
|
variable "linkwarden_postgresql_password" {}
|
|
|
|
|
variable "linkwarden_authentik_client_id" {}
|
|
|
|
|
variable "linkwarden_authentik_client_secret" {}
|
2024-12-23 18:20:16 +00:00
|
|
|
variable "cloudflare_tunnel_token" {}
|
|
|
|
|
variable "cloudflare_api_key" {}
|
|
|
|
|
variable "cloudflare_email" {}
|
|
|
|
|
variable "cloudflare_account_id" {}
|
|
|
|
|
variable "cloudflare_zone_id" {}
|
|
|
|
|
variable "cloudflare_tunnel_id" {}
|
|
|
|
|
variable "public_ip" {}
|
|
|
|
|
variable "cloudflare_proxied_names" {}
|
|
|
|
|
variable "cloudflare_non_proxied_names" {}
|
2024-12-30 18:50:35 +00:00
|
|
|
variable "owntracks_credentials" {}
|
2024-12-30 22:14:59 +00:00
|
|
|
variable "dawarich_database_password" {}
|
2025-05-31 21:50:16 +00:00
|
|
|
variable "geoapify_api_key" {}
|
2025-01-14 20:12:26 +00:00
|
|
|
variable "tandoor_database_password" {}
|
|
|
|
|
variable "tandoor_email_password" {}
|
2025-05-10 19:12:01 +00:00
|
|
|
variable "n8n_postgresql_password" {}
|
2025-06-30 20:43:07 +00:00
|
|
|
variable "realestate_crawler_db_password" {}
|
2025-07-27 10:18:01 +00:00
|
|
|
variable "realestate_crawler_notification_settings" {
|
|
|
|
|
type = map(string)
|
|
|
|
|
default = {
|
|
|
|
|
}
|
|
|
|
|
}
|
2025-07-27 10:31:38 +00:00
|
|
|
variable "kured_notify_url" {}
|
|
|
|
|
|
2025-07-27 10:18:01 +00:00
|
|
|
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2025-04-06 18:15:11 +00:00
|
|
|
variable "defcon_level" {
|
|
|
|
|
type = number
|
|
|
|
|
default = 5
|
|
|
|
|
validation {
|
|
|
|
|
condition = var.defcon_level >= 1 && var.defcon_level <= 5
|
|
|
|
|
error_message = "DEFCON level must be between 1 and 5"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
locals {
|
|
|
|
|
defcon_modules = {
|
|
|
|
|
1 : [],
|
|
|
|
|
2 : [],
|
|
|
|
|
3 : [],
|
|
|
|
|
4 : [],
|
|
|
|
|
5 : ["blog"],
|
|
|
|
|
}
|
|
|
|
|
active_modules = distinct(flatten([
|
|
|
|
|
for level in range(1, var.defcon_level + 1) : # From current level to 5
|
|
|
|
|
lookup(local.defcon_modules, level, [])
|
|
|
|
|
]))
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-08 21:49:22 +00:00
|
|
|
resource "null_resource" "core_services" {
|
|
|
|
|
# List all the core modules that must be provisioned first
|
2023-09-15 13:57:53 +00:00
|
|
|
depends_on = [module.metallb]
|
2021-02-08 21:49:22 +00:00
|
|
|
}
|
|
|
|
|
|
2021-02-07 23:45:55 +00:00
|
|
|
module "blog" {
|
2025-04-06 18:15:11 +00:00
|
|
|
count = contains(local.active_modules, "blog") ? 1 : 0
|
2021-02-07 23:45:55 +00:00
|
|
|
source = "./blog"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2021-02-10 21:17:31 +00:00
|
|
|
# dockerhub_password = var.dockerhub_password
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
2023-09-15 13:57:53 +00:00
|
|
|
# module "bind" {
|
|
|
|
|
# source = "./bind"
|
|
|
|
|
# db_viktorbarzin_me = var.bind_db_viktorbarzin_me
|
|
|
|
|
# db_viktorbarzin_lan = var.bind_db_viktorbarzin_lan
|
|
|
|
|
# named_conf_options = var.bind_named_conf_options
|
|
|
|
|
# }
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2021-05-03 14:59:17 +01:00
|
|
|
module "dbaas" {
|
2023-11-24 17:38:49 +00:00
|
|
|
source = "./dbaas"
|
|
|
|
|
prod = var.prod
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
dbaas_root_password = var.dbaas_root_password
|
|
|
|
|
postgresql_root_password = var.dbaas_postgresql_root_password
|
2023-11-25 13:33:03 +00:00
|
|
|
pgadmin_password = var.dbaas_pgadmin_password
|
2021-05-03 14:59:17 +01:00
|
|
|
}
|
2021-04-17 19:19:04 +01:00
|
|
|
|
2021-05-03 01:26:42 +01:00
|
|
|
module "descheduler" {
|
|
|
|
|
source = "./descheduler"
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 09:18:13 +00:00
|
|
|
# module "dnscrypt" {
|
|
|
|
|
# source = "./dnscrypt"
|
|
|
|
|
# }
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2021-02-10 21:17:31 +00:00
|
|
|
# CI/CD
|
|
|
|
|
module "drone" {
|
|
|
|
|
source = "./drone"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
|
|
|
|
|
github_client_id = var.drone_github_client_id
|
|
|
|
|
github_client_secret = var.drone_github_client_secret
|
|
|
|
|
rpc_secret = var.drone_rpc_secret
|
|
|
|
|
server_host = "drone.viktorbarzin.me"
|
|
|
|
|
server_proto = "https"
|
|
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-07 23:45:55 +00:00
|
|
|
module "f1-stream" {
|
|
|
|
|
source = "./f1-stream"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module "hackmd" {
|
|
|
|
|
source = "./hackmd"
|
|
|
|
|
hackmd_db_password = var.hackmd_db_password
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
2023-04-02 19:34:57 +01:00
|
|
|
# module "kafka" {
|
|
|
|
|
# source = "./kafka"
|
|
|
|
|
# client_certificate_secret_name = var.client_certificate_secret_name
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2021-03-21 14:20:48 +00:00
|
|
|
|
2021-02-07 23:45:55 +00:00
|
|
|
module "kms" {
|
|
|
|
|
source = "./kms"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
|
2021-02-08 21:49:22 +00:00
|
|
|
depends_on = [null_resource.core_services]
|
|
|
|
|
}
|
2021-02-07 23:45:55 +00:00
|
|
|
|
|
|
|
|
module "k8s-dashboard" {
|
|
|
|
|
source = "./k8s-dashboard"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
client_certificate_secret_name = var.client_certificate_secret_name
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module "mailserver" {
|
|
|
|
|
source = "./mailserver"
|
2021-02-18 22:26:36 +00:00
|
|
|
tls_secret_name = var.tls_secret_name
|
2021-02-07 23:45:55 +00:00
|
|
|
mailserver_accounts = var.mailserver_accounts
|
|
|
|
|
postfix_account_aliases = var.mailserver_aliases
|
2021-02-18 22:26:36 +00:00
|
|
|
opendkim_key = var.mailserver_opendkim_key
|
2022-12-17 14:04:52 +00:00
|
|
|
sasl_passwd = var.mailserver_sasl_passwd
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module "metallb" {
|
|
|
|
|
source = "./metallb"
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-17 19:22:04 +00:00
|
|
|
module "monitoring" {
|
2021-02-07 23:45:55 +00:00
|
|
|
source = "./monitoring"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
alertmanager_account_password = var.alertmanager_account_password
|
2021-04-05 15:06:24 +01:00
|
|
|
idrac_username = var.idrac_username
|
|
|
|
|
idrac_password = var.idrac_password
|
2022-01-06 20:09:20 +00:00
|
|
|
alertmanager_slack_api_url = var.alertmanager_slack_api_url
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
2024-12-31 17:15:23 +00:00
|
|
|
# module "oauth" {
|
|
|
|
|
# source = "./oauth-proxy"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# oauth2_proxy_client_id = var.oauth2_proxy_client_id
|
|
|
|
|
# oauth2_proxy_client_secret = var.oauth2_proxy_client_secret
|
|
|
|
|
# authenticated_emails = var.oauth2_proxy_authenticated_emails
|
|
|
|
|
|
|
|
|
|
# depends_on = [null_resource.core_services]
|
|
|
|
|
# }
|
2021-02-27 19:31:40 +00:00
|
|
|
|
2024-01-08 22:34:40 +00:00
|
|
|
# module "openid_help_page" {
|
|
|
|
|
# source = "./openid_help_page"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
2021-02-08 21:49:22 +00:00
|
|
|
|
2024-01-08 22:34:40 +00:00
|
|
|
# depends_on = [null_resource.core_services]
|
|
|
|
|
# }
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2023-09-15 09:16:54 +00:00
|
|
|
# module "pihole" {
|
|
|
|
|
# source = "./pihole"
|
|
|
|
|
# web_password = var.pihole_web_password
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2023-09-15 09:16:54 +00:00
|
|
|
# tls_secret_name = var.tls_secret_name
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2023-09-15 09:16:54 +00:00
|
|
|
# depends_on = [module.bind] # DNS goes like pihole -> bind -> dnscrypt
|
|
|
|
|
# }
|
2021-02-07 23:45:55 +00:00
|
|
|
|
2021-02-17 19:22:04 +00:00
|
|
|
module "privatebin" {
|
2021-02-07 23:45:55 +00:00
|
|
|
source = "./privatebin"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
2021-02-25 21:55:00 +00:00
|
|
|
# module "vault" {
|
|
|
|
|
# source = "./vault"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2021-02-14 13:17:24 +00:00
|
|
|
|
2021-03-17 21:02:53 +00:00
|
|
|
module "reloader" {
|
|
|
|
|
source = "./reloader"
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-19 17:51:04 +00:00
|
|
|
module "shadowsocks" {
|
|
|
|
|
source = "./shadowsocks"
|
|
|
|
|
password = var.shadowsocks_password
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-19 00:03:30 +00:00
|
|
|
module "city-guesser" {
|
|
|
|
|
source = "./city-guesser"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
depends_on = [null_resource.core_services]
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-28 17:23:01 +02:00
|
|
|
module "echo" {
|
|
|
|
|
source = "./echo"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
depends_on = [null_resource.core_services]
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-17 19:19:04 +01:00
|
|
|
module "url" {
|
|
|
|
|
source = "./url-shortener"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
geolite_license_key = var.url_shortener_geolite_license_key
|
2021-05-04 19:11:09 +01:00
|
|
|
api_key = var.url_shortener_api_key
|
2021-05-05 19:17:56 +01:00
|
|
|
mysql_password = var.url_shortener_mysql_password
|
2021-04-17 19:19:04 +01:00
|
|
|
}
|
|
|
|
|
|
2021-02-17 19:22:04 +00:00
|
|
|
module "webhook_handler" {
|
2021-02-07 23:45:55 +00:00
|
|
|
source = "./webhook_handler"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
webhook_secret = var.webhook_handler_secret
|
2021-02-27 19:31:40 +00:00
|
|
|
fb_verify_token = var.webhook_handler_fb_verify_token
|
2021-02-27 20:56:14 +00:00
|
|
|
fb_page_token = var.webhook_handler_fb_page_token
|
2021-03-09 21:43:14 +00:00
|
|
|
fb_app_secret = var.webhook_handler_fb_app_secret
|
2021-03-15 23:32:56 +00:00
|
|
|
git_user = var.webhook_handler_git_user
|
|
|
|
|
git_token = var.webhook_handler_git_token
|
2021-03-31 23:35:09 +01:00
|
|
|
ssh_key = var.webhook_handler_ssh_key
|
2021-02-08 21:49:22 +00:00
|
|
|
|
|
|
|
|
depends_on = [null_resource.core_services]
|
2021-02-07 23:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
2025-04-06 18:15:11 +00:00
|
|
|
module "wireguard" {
|
|
|
|
|
source = "./wireguard"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
wg_0_conf = var.wireguard_wg_0_conf
|
|
|
|
|
wg_0_key = var.wireguard_wg_0_key
|
|
|
|
|
firewall_sh = var.wireguard_firewall_sh
|
|
|
|
|
}
|
2022-06-02 16:05:14 +01:00
|
|
|
|
2024-01-08 22:45:55 +00:00
|
|
|
# module "home_assistant" {
|
|
|
|
|
# source = "./home_assistant"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# client_certificate_secret_name = var.client_certificate_secret_name
|
|
|
|
|
# configuration_yaml = var.home_assistant_configuration
|
|
|
|
|
# }
|
2023-03-06 18:56:00 +02:00
|
|
|
|
|
|
|
|
module "finance_app" {
|
2023-10-27 12:22:45 +00:00
|
|
|
source = "./finance_app"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
graphql_api_secret = var.finance_app_graphql_api_secret
|
|
|
|
|
db_connection_string = var.finance_app_db_connection_string
|
|
|
|
|
currency_converter_api_key = var.finance_app_currency_converter_api_key
|
2023-11-06 22:44:30 +00:00
|
|
|
gocardless_secret_key = var.finance_app_gocardless_secret_key
|
|
|
|
|
gocardless_secret_id = var.finance_app_gocardless_secret_id
|
2023-03-06 18:56:00 +02:00
|
|
|
}
|
2023-04-09 13:18:57 +01:00
|
|
|
|
|
|
|
|
module "excalidraw" {
|
|
|
|
|
source = "./excalidraw"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2023-04-17 01:28:03 +01:00
|
|
|
|
2023-05-10 17:21:47 +00:00
|
|
|
module "infra-maintenance" {
|
2024-01-23 20:30:39 +00:00
|
|
|
source = "./infra-maintenance"
|
|
|
|
|
git_user = var.webhook_handler_git_user
|
|
|
|
|
git_token = var.webhook_handler_git_token
|
|
|
|
|
technitium_username = var.technitium_username
|
|
|
|
|
technitium_password = var.technitium_password
|
2023-05-10 17:21:47 +00:00
|
|
|
}
|
2023-04-17 01:28:03 +01:00
|
|
|
|
2023-08-06 16:44:31 +00:00
|
|
|
module "travel_blog" {
|
|
|
|
|
source = "./travel_blog"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 09:20:16 +00:00
|
|
|
module "technitium" {
|
|
|
|
|
source = "./technitium"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2024-10-20 12:47:29 +00:00
|
|
|
homepage_token = var.homepage_credentials["technitium"]["token"]
|
2023-09-14 09:20:16 +00:00
|
|
|
}
|
|
|
|
|
|
2023-09-15 09:13:16 +00:00
|
|
|
module "headscale" {
|
2023-09-15 23:13:19 +00:00
|
|
|
source = "./headscale"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
headscale_config = var.headscale_config
|
2024-01-07 17:48:46 +00:00
|
|
|
headscale_acl = var.headscale_acl
|
2023-09-15 09:13:16 +00:00
|
|
|
}
|
|
|
|
|
|
2023-10-21 12:14:31 +00:00
|
|
|
module "dashy" {
|
|
|
|
|
source = "./dashy"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2023-10-22 14:07:14 +00:00
|
|
|
|
|
|
|
|
# module "localai" {
|
|
|
|
|
# source = "./localai"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2023-10-29 23:36:18 +00:00
|
|
|
|
|
|
|
|
module "vaultwarden" {
|
|
|
|
|
source = "./vaultwarden"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2023-11-24 11:08:25 +00:00
|
|
|
smtp_password = var.vaultwarden_smtp_password
|
2023-10-29 23:36:18 +00:00
|
|
|
}
|
2023-11-01 13:27:23 +00:00
|
|
|
|
|
|
|
|
module "reverse-proxy" {
|
2024-10-20 13:04:40 +00:00
|
|
|
source = "./reverse_proxy"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
truenas_homepage_token = var.homepage_credentials["reverse_proxy"]["truenas_token"]
|
|
|
|
|
pfsense_homepage_token = var.homepage_credentials["reverse_proxy"]["pfsense_token"]
|
2023-11-01 13:27:23 +00:00
|
|
|
}
|
2023-11-04 00:51:01 +00:00
|
|
|
|
|
|
|
|
# Selfhosted Firefox send
|
|
|
|
|
module "send" {
|
|
|
|
|
source = "./send"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2023-11-04 01:07:41 +00:00
|
|
|
|
|
|
|
|
module "redis" {
|
|
|
|
|
source = "./redis"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2023-11-11 02:26:25 +00:00
|
|
|
|
|
|
|
|
module "ytdlp" {
|
|
|
|
|
source = "./youtube_dl"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2023-11-18 14:54:55 +00:00
|
|
|
|
|
|
|
|
module "immich" {
|
|
|
|
|
source = "./immich"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
postgresql_password = var.immich_postgresql_password
|
2024-10-18 22:37:47 +00:00
|
|
|
homepage_token = var.homepage_credentials["immich"]["token"]
|
2023-11-18 14:54:55 +00:00
|
|
|
}
|
|
|
|
|
|
2023-11-18 16:18:26 +00:00
|
|
|
module "nginx-ingress" {
|
2023-11-25 13:33:03 +00:00
|
|
|
source = "./nginx-ingress"
|
|
|
|
|
honeypotapikey = var.ingress_honeypotapikey
|
|
|
|
|
crowdsec_api_key = var.ingress_crowdsec_api_key
|
|
|
|
|
crowdsec_captcha_secret_key = var.ingress_crowdsec_captcha_secret_key
|
|
|
|
|
crowdsec_captcha_site_key = var.ingress_crowdsec_captcha_site_key
|
2023-11-18 16:18:26 +00:00
|
|
|
}
|
2023-11-24 11:08:25 +00:00
|
|
|
|
2025-05-10 19:12:01 +00:00
|
|
|
# module "crowdsec" {
|
|
|
|
|
# source = "./crowdsec"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# homepage_username = var.homepage_credentials["crowdsec"]["username"]
|
|
|
|
|
# homepage_password = var.homepage_credentials["crowdsec"]["password"]
|
|
|
|
|
# }
|
2023-11-24 17:38:49 +00:00
|
|
|
|
|
|
|
|
# Seems like it needs S3 even if pg is local...
|
|
|
|
|
# module "resume" {
|
|
|
|
|
# source = "./resume"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# redis_url = var.resume_redis_url
|
|
|
|
|
# database_url = var.resume_database_url
|
|
|
|
|
# }
|
2023-12-17 12:22:29 +00:00
|
|
|
|
|
|
|
|
module "uptime-kuma" {
|
|
|
|
|
source = "./uptime-kuma"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2023-12-27 13:49:48 +00:00
|
|
|
|
|
|
|
|
module "calibre" {
|
2024-10-18 22:37:47 +00:00
|
|
|
source = "./calibre"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
homepage_username = var.homepage_credentials["calibre-web"]["username"]
|
|
|
|
|
homepage_password = var.homepage_credentials["calibre-web"]["password"]
|
2023-12-27 13:49:48 +00:00
|
|
|
}
|
2023-12-29 11:59:36 +00:00
|
|
|
|
2023-12-29 14:35:08 +00:00
|
|
|
# Audiobooks are served using audiobookshelf; still looking for a usecawe for JF
|
|
|
|
|
# module "jellyfin" {
|
|
|
|
|
# source = "./jellyfin"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2023-12-29 14:11:33 +00:00
|
|
|
|
|
|
|
|
module "audiobookshelf" {
|
|
|
|
|
source = "./audiobookshelf"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-01-01 23:11:16 +00:00
|
|
|
|
2025-05-04 11:23:26 +00:00
|
|
|
# module "frigate" {
|
|
|
|
|
# source = "./frigate"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# valchedrym_camera_credentials = var.frigate_valchedrym_camera_credentials
|
|
|
|
|
# }
|
2024-01-06 19:18:09 +00:00
|
|
|
|
|
|
|
|
# TODO: Currently very unstable and half of the functionality does not work:
|
|
|
|
|
# notifications, import from todoist, email
|
|
|
|
|
# module "vikunja" {
|
|
|
|
|
# source = "./vikunja"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2024-01-06 21:33:05 +00:00
|
|
|
|
2024-04-28 21:14:25 +00:00
|
|
|
module "cloudflared" {
|
|
|
|
|
source = "./cloudflared"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2024-12-23 18:20:16 +00:00
|
|
|
|
|
|
|
|
cloudflare_api_key = var.cloudflare_api_key
|
|
|
|
|
cloudflare_email = var.cloudflare_email
|
|
|
|
|
cloudflare_account_id = var.cloudflare_account_id
|
|
|
|
|
cloudflare_zone_id = var.cloudflare_zone_id
|
|
|
|
|
cloudflare_tunnel_id = var.cloudflare_tunnel_id
|
|
|
|
|
public_ip = var.public_ip
|
|
|
|
|
cloudflare_proxied_names = var.cloudflare_proxied_names
|
|
|
|
|
cloudflare_non_proxied_names = var.cloudflare_non_proxied_names
|
|
|
|
|
cloudflare_tunnel_token = var.cloudflare_tunnel_token
|
2024-04-28 21:14:25 +00:00
|
|
|
}
|
2024-01-07 17:48:46 +00:00
|
|
|
|
2024-02-20 21:52:52 +00:00
|
|
|
# module "istio" {
|
|
|
|
|
# source = "./istio"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2024-01-16 20:24:19 +00:00
|
|
|
|
|
|
|
|
# module "authelia" {
|
|
|
|
|
# source = "./authelia"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
|
|
|
|
|
|
|
|
|
# module "discount-bandit" {
|
|
|
|
|
# source = "./discount-bandit"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2024-01-20 14:54:23 +00:00
|
|
|
|
2024-10-18 22:37:47 +00:00
|
|
|
module "metrics-server" {
|
|
|
|
|
source = "./metrics-server"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-02-03 13:46:13 +00:00
|
|
|
|
|
|
|
|
module "paperless-ngx" {
|
|
|
|
|
source = "./paperless-ngx"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
db_password = var.paperless_db_password
|
2024-10-18 22:37:47 +00:00
|
|
|
# homepage_token = var.homepage_credentials["paperless-ngx"]["token"]
|
|
|
|
|
homepage_username = var.homepage_credentials["paperless-ngx"]["username"]
|
|
|
|
|
homepage_password = var.homepage_credentials["paperless-ngx"]["password"]
|
2024-02-03 13:46:13 +00:00
|
|
|
}
|
2024-02-17 13:24:27 +00:00
|
|
|
|
|
|
|
|
module "jsoncrack" {
|
|
|
|
|
source = "./jsoncrack"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-02-25 16:28:40 +00:00
|
|
|
|
2025-01-05 23:25:15 +00:00
|
|
|
# module "servarr" {
|
|
|
|
|
# source = "./servarr"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2024-05-19 05:39:04 +00:00
|
|
|
|
2024-06-01 10:59:06 +00:00
|
|
|
# module "dnscat2" {
|
|
|
|
|
# source = "./dnscat2"
|
|
|
|
|
# # tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2024-06-08 19:22:35 +00:00
|
|
|
|
2025-05-04 11:23:26 +00:00
|
|
|
# module "ollama" { # Disabled as it requires too much resources...
|
2025-04-06 18:15:11 +00:00
|
|
|
# source = "./ollama"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
2024-06-23 12:25:47 +00:00
|
|
|
|
|
|
|
|
module "ntfy" {
|
|
|
|
|
source = "./ntfy"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-07-08 18:32:38 +00:00
|
|
|
|
|
|
|
|
module "cyberchef" {
|
|
|
|
|
source = "./cyberchef"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-08-13 18:44:00 +00:00
|
|
|
|
|
|
|
|
module "diun" {
|
|
|
|
|
source = "./diun"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2024-08-18 18:14:17 +00:00
|
|
|
diun_nfty_token = var.diun_nfty_token
|
2024-12-29 18:16:42 +00:00
|
|
|
diun_slack_url = var.diun_slack_url
|
2024-08-18 18:14:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module "meshcentral" {
|
|
|
|
|
source = "./meshcentral"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2024-08-13 18:44:00 +00:00
|
|
|
}
|
2024-09-20 02:26:43 +00:00
|
|
|
# module "netbox" {
|
|
|
|
|
# source = "./netbox"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
|
|
|
|
|
2024-09-28 20:10:44 +00:00
|
|
|
module "nextcloud" {
|
|
|
|
|
source = "./nextcloud"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
db_password = var.nextcloud_db_password
|
|
|
|
|
}
|
2024-10-18 22:37:47 +00:00
|
|
|
|
|
|
|
|
module "homepage" {
|
|
|
|
|
source = "./homepage"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-11-05 21:55:45 +00:00
|
|
|
|
|
|
|
|
module "matrix" {
|
|
|
|
|
source = "./matrix"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-11-12 20:20:10 +00:00
|
|
|
|
|
|
|
|
module "authentik" {
|
|
|
|
|
source = "./authentik"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
secret_key = var.authentik_secret_key
|
|
|
|
|
postgres_password = var.authentik_postgres_password
|
|
|
|
|
}
|
2024-11-22 00:47:00 +00:00
|
|
|
|
2024-11-23 12:15:21 +00:00
|
|
|
module "linkwarden" {
|
|
|
|
|
source = "./linkwarden"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
postgresql_password = var.linkwarden_postgresql_password
|
|
|
|
|
authentik_client_id = var.linkwarden_authentik_client_id
|
|
|
|
|
authentik_client_secret = var.linkwarden_authentik_client_secret
|
|
|
|
|
}
|
2024-12-01 13:04:27 +00:00
|
|
|
|
|
|
|
|
module "actualbudget" {
|
|
|
|
|
source = "./actualbudget"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2024-12-30 18:50:35 +00:00
|
|
|
|
|
|
|
|
module "owntracks" {
|
|
|
|
|
source = "./owntracks"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
owntracks_credentials = var.owntracks_credentials
|
|
|
|
|
}
|
2024-12-30 22:14:59 +00:00
|
|
|
|
|
|
|
|
module "dawarich" {
|
|
|
|
|
source = "./dawarich"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
database_password = var.dawarich_database_password
|
2025-05-31 21:50:16 +00:00
|
|
|
geoapify_api_key = var.geoapify_api_key
|
2024-12-30 22:14:59 +00:00
|
|
|
}
|
2025-01-10 20:47:03 +00:00
|
|
|
|
|
|
|
|
module "changedetection" {
|
|
|
|
|
source = "./changedetection"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2025-01-14 20:12:26 +00:00
|
|
|
module "tandoor" {
|
|
|
|
|
source = "./tandoor"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
tandoor_database_password = var.tandoor_database_password
|
|
|
|
|
tandoor_email_password = var.tandoor_email_password
|
|
|
|
|
}
|
2025-05-10 19:12:01 +00:00
|
|
|
|
|
|
|
|
module "n8n" {
|
|
|
|
|
source = "./n8n"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
postgresql_password = var.n8n_postgresql_password
|
|
|
|
|
}
|
2025-05-30 14:03:58 +00:00
|
|
|
|
|
|
|
|
module "real-estate-crawler" {
|
2025-07-27 10:18:01 +00:00
|
|
|
source = "./real-estate-crawler"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
db_password = var.realestate_crawler_db_password
|
|
|
|
|
notification_settings = var.realestate_crawler_notification_settings
|
2025-05-30 14:03:58 +00:00
|
|
|
}
|
2025-06-01 00:19:10 +00:00
|
|
|
|
|
|
|
|
module "tor-proxy" {
|
|
|
|
|
source = "./tor-proxy"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
|
|
|
|
}
|
2025-06-30 20:43:07 +00:00
|
|
|
|
2025-07-27 10:18:01 +00:00
|
|
|
module "kured" {
|
|
|
|
|
source = "./kured"
|
|
|
|
|
tls_secret_name = var.tls_secret_name
|
2025-07-27 10:31:38 +00:00
|
|
|
notify_url = var.kured_notify_url
|
2025-07-27 10:18:01 +00:00
|
|
|
}
|
|
|
|
|
|
2025-06-30 20:43:07 +00:00
|
|
|
# module "onlyoffice" {
|
|
|
|
|
# source = "./onlyoffice"
|
|
|
|
|
# tls_secret_name = var.tls_secret_name
|
|
|
|
|
# }
|
