diff --git a/modules/kubernetes/monitoring/main.tf b/modules/kubernetes/monitoring/main.tf index 3e619838..30492817 100644 --- a/modules/kubernetes/monitoring/main.tf +++ b/modules/kubernetes/monitoring/main.tf @@ -143,6 +143,36 @@ resource "helm_release" "grafana" { values = [file("${path.module}/grafana_chart_values.yaml")] } +resource "kubernetes_cron_job" "monitor_prom" { + metadata { + name = "monitor-prometheus" + } + spec { + concurrency_policy = "Replace" + failed_jobs_history_limit = 5 + schedule = "*/30 * * * *" + job_template { + metadata { + + } + spec { + template { + metadata { + + } + spec { + container { + name = "monitor-prometheus" + image = "alpine" + command = ["/bin/sh", "-c", "apk add --update curl && curl --connect-timeout 2 prometheus-server.monitoring.svc.cluster.local || curl https://webhook.viktorbarzin.me/fb/message-viktor -d 'Prometheus is down!'"] + } + } + } + } + } + } +} + resource "kubernetes_ingress" "status" { metadata { name = "hetrix-redirect-ingress" diff --git a/modules/kubernetes/wireguard/main.tf b/modules/kubernetes/wireguard/main.tf index 6bf604d2..a574301e 100644 --- a/modules/kubernetes/wireguard/main.tf +++ b/modules/kubernetes/wireguard/main.tf @@ -44,6 +44,8 @@ resource "kubernetes_secret" "wg_0_key" { } data = { "wg0.key" = var.wg_0_key + # If thep rivate key changes the pub key must be updated manually + "wg-ui-config" = format("{\"PrivateKey\": \"%s\",\"PublicKey\": \"%s\",\"Users\": {}}", var.wg_0_key, "3OeDa6Z3Z6vPVxn/WKJujYL7DoDYPPpI5W+2glUYLHU=") } type = "generic" } @@ -217,8 +219,11 @@ resource "kubernetes_deployment" "webui" { labels = { app = "webui" } + # annotations = { + # "configmap.reloader.stakater.com/reload" = "wg0-conf" + # } annotations = { - "configmap.reloader.stakater.com/reload" = "wg0-conf" + "reloader.stakater.com/search" = "true" } } spec { @@ -235,6 +240,21 @@ resource "kubernetes_deployment" "webui" { } } spec { + init_container { + image = "busybox" + name = "setup-config" + command = ["/bin/sh", "-c", "cat /config/config.json && cp /config/config.json /cache/config.json"] + # command = ["/bin/sh", "-c", "cat /config/config.json /cache/config.json; tail -f /dev/null"] + volume_mount { + name = "config" + mount_path = "/config/config.json" + sub_path = "config.json" + } + volume_mount { + name = "cache" + mount_path = "/cache" + } + } container { image = "embarkstudios/wireguard-ui:latest" name = "webui" @@ -265,8 +285,43 @@ resource "kubernetes_deployment" "webui" { add = ["NET_ADMIN", "SYS_MODULE", "CAP_SYS_ADMIN"] } } - } + # volume_mount { + # name = "wg0-key" + # mount_path = "/data/config.json" + # sub_path = "config.json" + # } + volume_mount { + name = "cache" + mount_path = "/data" + } + # volume_mount { + # name = "wg0-key" + # mount_path = "/etc/wireguard/wg0.key" + # sub_path = "wg0.key" + # } + } + # volume { + # name = "wg0-conf" + # config_map { + # name = "wg0-conf" + # } + # } + volume { + name = "config" + secret { + secret_name = "wg0-key" + items { + key = "wg-ui-config" + path = "config.json" + } + } + } + volume { + name = "cache" + empty_dir { + } + } } } } diff --git a/terraform.tfstate b/terraform.tfstate index b751d54a..bd63f9a1 100644 Binary files a/terraform.tfstate and b/terraform.tfstate differ diff --git a/terraform.tfvars b/terraform.tfvars index 436c06ce..80db2d53 100644 Binary files a/terraform.tfvars and b/terraform.tfvars differ