From fcc56cfbf561fe2873007ed466b0fccf48232181 Mon Sep 17 00:00:00 2001 From: Niklas van Schrick Date: Wed, 18 Mar 2026 22:07:24 +0100 Subject: [PATCH] Setup deployment for landing page --- modules/docker/cygnus/cygnus.tf | 54 ++++++++++++++++++++++++++++++ modules/docker/cygnus/main.tf | 12 +++++++ modules/docker/cygnus/network.tf | 3 ++ modules/docker/cygnus/postgres.tf | 46 +++++++++++++++++++++++++ modules/docker/cygnus/variables.tf | 7 ++++ system/administration/main.tf | 9 +++++ system/domain/main.tf | 9 ----- 7 files changed, 131 insertions(+), 9 deletions(-) create mode 100644 modules/docker/cygnus/cygnus.tf create mode 100644 modules/docker/cygnus/main.tf create mode 100644 modules/docker/cygnus/network.tf create mode 100644 modules/docker/cygnus/postgres.tf create mode 100644 modules/docker/cygnus/variables.tf diff --git a/modules/docker/cygnus/cygnus.tf b/modules/docker/cygnus/cygnus.tf new file mode 100644 index 0000000..80fd83e --- /dev/null +++ b/modules/docker/cygnus/cygnus.tf @@ -0,0 +1,54 @@ +data "docker_registry_image" "cygnus" { + name = "ghcr.io/code0-tech/cygnus:1026" +} + +resource "docker_image" "cygnus" { + name = data.docker_registry_image.cygnus.name + pull_triggers = [data.docker_registry_image.cygnus.sha256_digest] +} + +resource "random_password" "payload_secret" { + length = 32 +} + +resource "random_password" "payload_user_password" { + length = 32 +} + +locals { + cygnus_env = [ + # Cygnus + "NODE_ENV=production", + "PAYLOAD_SECRET=${random_password.payload_secret.result}", + "PAYLOAD_USER_PASS=${random_password.payload_user_password.result}", + "DATABASE_URL=postgresql://cygnus:${random_password.db.result}@${docker_container.postgres.hostname}:5432/payload", + "HOSTNAME=0.0.0.0", + + # Proxy + "VIRTUAL_HOST=${var.web_url}" + ] +} + +resource "docker_container" "cygnus" { + image = docker_image.cygnus.image_id + name = "cygnus_cygnus" + restart = "always" + + env = local.cygnus_env + + network_mode = "bridge" + + networks_advanced { + name = docker_network.cygnus.name + } + + networks_advanced { + name = var.docker_proxy_network_id + } + + lifecycle { + replace_triggered_by = [ + docker_container.postgres.id + ] + } +} diff --git a/modules/docker/cygnus/main.tf b/modules/docker/cygnus/main.tf new file mode 100644 index 0000000..4f8d7f9 --- /dev/null +++ b/modules/docker/cygnus/main.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.6.2" + } + gitlab = { + source = "gitlabhq/gitlab" + version = "18.9.0" + } + } +} diff --git a/modules/docker/cygnus/network.tf b/modules/docker/cygnus/network.tf new file mode 100644 index 0000000..d5f8174 --- /dev/null +++ b/modules/docker/cygnus/network.tf @@ -0,0 +1,3 @@ +resource "docker_network" "cygnus" { + name = "cygnus" +} diff --git a/modules/docker/cygnus/postgres.tf b/modules/docker/cygnus/postgres.tf new file mode 100644 index 0000000..a9db970 --- /dev/null +++ b/modules/docker/cygnus/postgres.tf @@ -0,0 +1,46 @@ +data "docker_registry_image" "postgres" { + name = "postgres:16-alpine" +} + +resource "docker_image" "postgres" { + name = data.docker_registry_image.postgres.name + pull_triggers = [data.docker_registry_image.postgres.sha256_digest] +} + +resource "docker_volume" "pgdata" { + name = "cygnus_pgdata" +} + +resource "random_password" "db" { + length = 32 + special = false +} + +locals { + postgres_env = [ + "POSTGRES_USER=cygnus", + "POSTGRES_PASSWORD=${random_password.db.result}", + "POSTGRES_DB=payload", + "POSTGRES_PORT=5432", + ] +} + +//noinspection HILUnresolvedReference +resource "docker_container" "postgres" { + image = docker_image.postgres.image_id + name = "cygnus_postgres" + restart = "always" + + env = local.postgres_env + + volumes { + volume_name = docker_volume.pgdata.name + container_path = "/var/lib/postgresql/data" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.cygnus.name + } +} diff --git a/modules/docker/cygnus/variables.tf b/modules/docker/cygnus/variables.tf new file mode 100644 index 0000000..0dc91f1 --- /dev/null +++ b/modules/docker/cygnus/variables.tf @@ -0,0 +1,7 @@ +variable "docker_proxy_network_id" { + type = string +} + +variable "web_url" { + type = string +} diff --git a/system/administration/main.tf b/system/administration/main.tf index 1e74ca1..d2f3527 100644 --- a/system/administration/main.tf +++ b/system/administration/main.tf @@ -23,6 +23,7 @@ module "proxy" { certificate_hostnames = [ "outline.code0.tech", + "code0.tech" ] } @@ -33,6 +34,13 @@ module "outline" { docker_proxy_network_id = module.proxy.docker_proxy_network_id } +module "cygnus" { + source = "../../modules/docker/cygnus" + + web_url = "code0.tech" + docker_proxy_network_id = module.proxy.docker_proxy_network_id +} + module "pyxis" { source = "../../modules/docker/pyxis" } @@ -50,6 +58,7 @@ resource "cloudflare_dns_record" "server_ip" { resource "cloudflare_dns_record" "server_cname" { for_each = toset([ + "code0.tech", "outline.code0.tech", ]) diff --git a/system/domain/main.tf b/system/domain/main.tf index 32e0a04..7dcfc10 100644 --- a/system/domain/main.tf +++ b/system/domain/main.tf @@ -37,15 +37,6 @@ module "docs_pages" { gitlab_unique_pages_url = "docs-code0-tech-c91f18c0d2259c041bf05138b194e6bb082059fe38eff2e.gitlab.io" } -module "landing_page_pages" { - source = "../../modules/gitlab/pages_domain" - - cloudflare_domain_name = "code0.tech" - cloudflare_zone_id = data.cloudflare_zones.main_domain.result[0].id - gitlab_project_path = "code0-tech/development/cygnus" - gitlab_unique_pages_url = "landing-page-code0-tech-development-b2dc2848e053fa1893b1dfbb1ba.gitlab.io" -} - resource "cloudflare_dns_record" "github_verification" { name = "_github-challenge-code0-tech-org.code0.tech" type = "TXT"