Add borg, crawl4ai en open-webui

2026-05-16 08:42:35 +02:00
parent b1835f9281
commit fb8246245c
6 changed files with 157 additions and 9 deletions
@@ -0,0 +1,120 @@
+
+data "docker_registry_image" "authelia" {
+  name = "ghcr.io/authelia/authelia:latest"
+}
+
+data "docker_registry_image" "authelia-redis" {
+  name = "redis:8"
+}
+
+resource "docker_image" "authelia" {
+  name = data.docker_registry_image.authelia.name
+  pull_triggers = [data.docker_registry_image.authelia.sha256_digest]
+}
+
+
+resource "docker_image" "authelia-redis" {
+  name = data.docker_registry_image.authelia-redis.name
+  pull_triggers = [data.docker_registry_image.authelia-redis.sha256_digest]
+}
+
+resource "docker_network" "authelia-redis" {
+  name = "authelia-redis"
+}
+
+resource "docker_network" "authelia" {
+  name = "authelia"
+}
+
+resource "docker_container" "authelia" {
+  image = docker_image.authelia.image_id
+  name = "authelia"
+  restart = "always"
+
+  env = [
+    "PUID=1000",
+    "PGID=1000",
+    "AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE=/secrets/JWT_SECRET",
+    "AUTHELIA_SESSION_SECRET_FILE=/secrets/SESSION_SECRET",
+    "AUTHELIA_SESSION_REDIS_PASSWORD_FILE=/secrets/REDIS_PASSWORD",
+    "AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE=/secrets/STORAGE_PASSWORD",
+    "AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE=/secrets/STORAGE_ENCRYPTION_KEY",
+    "AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE=/secrets/NOTIFIER_SMTP_PASSWORD"
+  ]
+
+  mounts {
+    target = "/config"
+    source = "/var/lib/containers/authelia/config"
+    type = "bind"
+  }
+
+  mounts {
+    target = "/secrets"
+    source = "/var/lib/containers/authelia/secrets"
+    type = "bind"
+  }
+
+  networks_advanced {
+    name = docker_network.container-public.name
+    ipv4_address = "192.168.3.58"
+  }
+
+  networks_advanced {
+    name = docker_network.authelia.name
+  }
+
+  networks_advanced {
+    name = docker_network.authelia-redis.name
+  }
+
+  lifecycle {
+    ignore_changes = [
+      ulimit,
+      log_opts
+    ]
+  }
+}
+
+
+resource "docker_container" "authelia-redis" {
+  image = docker_image.authelia-redis.image_id
+  name = "authelia-redis"
+  restart = "always"
+
+  env = [
+    "REDIS_ARGS=--requirepass kI9FkH2gpTlhUQsmWTC7wqb3"
+  ]
+
+  command = [
+    "redis-server",
+    "--save", "900", "1",       # RDB: save after 900s if ≥1 change
+    "--save", "300", "10",      # RDB: save after 300s if ≥10 changes
+    "--save", "60",  "10000",   # RDB: save after 60s if ≥10k changes
+    "--dbfilename", "dump.rdb",
+    "--dir", "/data",
+    "--appendonly", "no",       # Optional: disable AOF to prioritize RDB as requested
+    "--maxmemory", "256mb",
+    "--maxmemory-policy", "allkeys-lru",
+    "--protected-mode", "no",   # Only safe inside isolated Docker network!
+    "--bind", "0.0.0.0",
+    "--port", "6379"
+  ]
+
+  mounts {
+    target = "/data"
+    source = "/var/lib/containers/authelia/redis"
+    type = "bind"
+  }
+
+
+  networks_advanced {
+    name = docker_network.authelia-redis.name
+  }
+
+  lifecycle {
+    ignore_changes = [
+      ulimit,
+      log_opts
+    ]
+  }
+}