From 3592a3083c2b32709fd81ce87542e756785c9812 Mon Sep 17 00:00:00 2001 From: Niklas van Schrick Date: Sat, 13 Jul 2024 20:54:00 +0200 Subject: [PATCH] Setup plane module --- modules/docker/plane/containers.tf | 319 +++++++++++++++++++++++++++++ modules/docker/plane/images.tf | 31 +++ modules/docker/plane/main.tf | 8 + modules/docker/plane/network.tf | 3 + modules/docker/plane/variables.tf | 7 + modules/docker/plane/volumes.tf | 27 +++ 6 files changed, 395 insertions(+) create mode 100644 modules/docker/plane/containers.tf create mode 100644 modules/docker/plane/images.tf create mode 100644 modules/docker/plane/main.tf create mode 100644 modules/docker/plane/network.tf create mode 100644 modules/docker/plane/variables.tf create mode 100644 modules/docker/plane/volumes.tf diff --git a/modules/docker/plane/containers.tf b/modules/docker/plane/containers.tf new file mode 100644 index 0000000..d0f93a2 --- /dev/null +++ b/modules/docker/plane/containers.tf @@ -0,0 +1,319 @@ +resource "random_password" "db" { + length = 32 + special = false +} + +resource "random_password" "application_secret" { + length = 50 + special = false +} + +resource "random_password" "minio_access_key_id" { + length = 32 + special = false +} + +resource "random_password" "minio_secret_access_key" { + length = 32 + special = false +} + +locals { + postgres_env = [ + "POSTGRES_USER=plane", + "POSTGRES_PASSWORD=${random_password.db.result}", + "POSTGRES_DB=plane", + "POSTGRES_PORT=5432", + ] + minio_env = [ + "MINIO_ROOT_USER=${random_password.minio_access_key_id.result}", + "MINIO_ROOT_PASSWORD=${random_password.minio_secret_access_key.result}", + ] + app_env = concat([ + ### MAIN + "WEB_URL=https://${var.web_url}", + "DEBUG=0", + # "SENTRY_DSN=", + # "SENTRY_ENVIRONMENT=", + "CORS_ALLOWED_ORIGINS=https://${var.web_url}", + + ### GUNICORN + "GUNICORN_WORKERS=1", + + ### DB + "PGHOST=${docker_container.postgres.name}", + "DATABASE_URL=postgresql://plane:${random_password.db.result}@${docker_container.postgres.name}/plane", + + ### REDIS + "REDIS_HOST=${docker_container.valkey.name}", + "REDIS_PORT=6379", + "REDIS_URL=redis://${docker_container.valkey.name}:6379", + + ### APPLICATION SECRET + "SECRET_KEY=${random_password.application_secret.result}", + + ### DATA STORE + "USE_MINIO=1", + "AWS_REGION=", + "AWS_ACCESS_KEY_ID=${random_password.minio_access_key_id.result}", + "AWS_SECRET_ACCESS_KEY=${random_password.minio_secret_access_key.result}", + "AWS_S3_ENDPOINT_URL=http://${docker_container.minio.name}:9000", + "AWS_S3_BUCKET_NAME=plane-uploads", + + ### ADMIN / SPACE URLS + "ADMIN_BASE_URL=", + "SPACE_BASE_URL=", + "APP_BAS_URL=" + ], local.postgres_env, local.minio_env) +} + +//noinspection HILUnresolvedReference +resource "docker_container" "postgres" { + image = docker_image.postgres.image_id + name = "plane_postgres" + restart = "always" + + command = ["postgres", "-c", "max_connections=1000"] + + env = local.postgres_env + + volumes { + volume_name = docker_volume.pgdata.name + container_path = "/var/lib/postgresql/data" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "valkey" { + image = docker_image.valkey.image_id + name = "plane_valkey" + restart = "always" + + volumes { + volume_name = docker_volume.redisdata.name + container_path = "/data" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "minio" { + image = docker_image.minio.image_id + name = "plane_minio" + restart = "always" + + command = ["server", "/export", "--console-address", ":9090"] + + env = local.minio_env + + volumes { + volume_name = docker_volume.uploads.name + container_path = "/export" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + aliases = ["plane-minio"] + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_web" { + image = docker_image.plane_frontend.image_id + name = "plane_web" + restart = "always" + + command = ["node", "web/server.js", "web"] + + env = local.app_env + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + aliases = ["web"] + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_space" { + image = docker_image.plane_space.image_id + name = "plane_space" + restart = "always" + + command = ["node", "space/server.js", "space"] + + env = local.app_env + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + aliases = ["space"] + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_admin" { + image = docker_image.plane_admin.image_id + name = "plane_admin" + restart = "always" + + command = ["node", "admin/server.js", "admin"] + + env = local.app_env + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + aliases = ["admin"] + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_api" { + image = docker_image.plane_backend.image_id + name = "plane_api" + restart = "always" + + command = ["./bin/docker-entrypoint-api.sh"] + + env = local.app_env + + volumes { + volume_name = docker_volume.logs_api.name + container_path = "/code/plane/logs" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + aliases = ["api"] + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_worker" { + image = docker_image.plane_backend.image_id + name = "plane_worker" + restart = "always" + + command = ["./bin/docker-entrypoint-worker.sh"] + + env = local.app_env + + volumes { + volume_name = docker_volume.logs_worker.name + container_path = "/code/plane/logs" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_beat_worker" { + image = docker_image.plane_backend.image_id + name = "plane_beat_worker" + restart = "always" + + command = ["./bin/docker-entrypoint-beat.sh"] + + env = local.app_env + + volumes { + volume_name = docker_volume.logs_beat_worker.name + container_path = "/code/plane/logs" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_migrator" { + image = docker_image.plane_backend.image_id + name = "plane_migrator" + restart = "on-failure" + must_run = false + + command = ["./bin/docker-entrypoint-migrator.sh"] + + env = local.app_env + + volumes { + volume_name = docker_volume.logs_migrator.name + container_path = "/code/plane/logs" + } + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + } + + lifecycle { + replace_triggered_by = [ + docker_container.plane_admin.id, + docker_container.plane_space.id, + docker_container.plane_api.id, + docker_container.plane_beat_worker.id, + docker_container.plane_web.id, + docker_container.plane_worker.id + ] + } +} + +//noinspection HILUnresolvedReference +resource "docker_container" "plane_proxy" { + image = docker_image.plane_proxy.image_id + name = "plane_proxy" + restart = "always" + + env = [ + "VIRTUAL_HOST=plane.code0.tech", + "BUCKET_NAME=plane-uploads", + "FILE_SIZE_LIMIT=5242880" + ] + + network_mode = "bridge" + + networks_advanced { + name = docker_network.plane.name + } + + networks_advanced { + name = var.docker_proxy_network_id + } + + lifecycle { + replace_triggered_by = [ + docker_container.plane_web.id, + docker_container.plane_api.id, + docker_container.plane_space.id, + docker_container.plane_admin.id, + docker_container.minio.id + ] + } +} diff --git a/modules/docker/plane/images.tf b/modules/docker/plane/images.tf new file mode 100644 index 0000000..948ae27 --- /dev/null +++ b/modules/docker/plane/images.tf @@ -0,0 +1,31 @@ +resource "docker_image" "plane_frontend" { + name = "makeplane/plane-frontend:v0.22-dev" +} + +resource "docker_image" "plane_space" { + name = "makeplane/plane-space:v0.22-dev" +} + +resource "docker_image" "plane_admin" { + name = "makeplane/plane-admin:v0.22-dev" +} + +resource "docker_image" "plane_backend" { + name = "makeplane/plane-backend:v0.22-dev" +} + +resource "docker_image" "plane_proxy" { + name = "makeplane/plane-proxy:v0.22-dev" +} + +resource "docker_image" "postgres" { + name = "postgres:15.5-alpine" +} + +resource "docker_image" "valkey" { + name = "valkey/valkey:7.2.5-alpine" +} + +resource "docker_image" "minio" { + name = "minio/minio:RELEASE.2024-07-10T18-41-49Z" +} diff --git a/modules/docker/plane/main.tf b/modules/docker/plane/main.tf new file mode 100644 index 0000000..a238e2d --- /dev/null +++ b/modules/docker/plane/main.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + docker = { + source = "kreuzwerker/docker" + version = "3.0.2" + } + } +} diff --git a/modules/docker/plane/network.tf b/modules/docker/plane/network.tf new file mode 100644 index 0000000..ea99cb5 --- /dev/null +++ b/modules/docker/plane/network.tf @@ -0,0 +1,3 @@ +resource "docker_network" "plane" { + name = "plane" +} diff --git a/modules/docker/plane/variables.tf b/modules/docker/plane/variables.tf new file mode 100644 index 0000000..0dc91f1 --- /dev/null +++ b/modules/docker/plane/variables.tf @@ -0,0 +1,7 @@ +variable "docker_proxy_network_id" { + type = string +} + +variable "web_url" { + type = string +} diff --git a/modules/docker/plane/volumes.tf b/modules/docker/plane/volumes.tf new file mode 100644 index 0000000..15e4cb9 --- /dev/null +++ b/modules/docker/plane/volumes.tf @@ -0,0 +1,27 @@ +resource "docker_volume" "pgdata" { + name = "plane_pgdata" +} + +resource "docker_volume" "redisdata" { + name = "plane_redisdata" +} + +resource "docker_volume" "uploads" { + name = "plane_uploads" +} + +resource "docker_volume" "logs_api" { + name = "plane_logs_api" +} + +resource "docker_volume" "logs_worker" { + name = "plane_logs_worker" +} + +resource "docker_volume" "logs_beat_worker" { + name = "plane_logs_beat_worker" +} + +resource "docker_volume" "logs_migrator" { + name = "plane_logs_migrator" +}