58 lines
1.2 KiB
HCL
58 lines
1.2 KiB
HCL
data "docker_registry_image" "gluetun" {
|
|
name = "qmcgaw/gluetun:latest"
|
|
}
|
|
|
|
resource "docker_image" "gluetun" {
|
|
name = data.docker_registry_image.gluetun.name
|
|
pull_triggers = [data.docker_registry_image.gluetun.sha256_digest]
|
|
}
|
|
|
|
resource "docker_container" "gluetun" {
|
|
image = docker_image.gluetun.image_id
|
|
name = "gluetun"
|
|
hostname = "proxy"
|
|
|
|
capabilities {
|
|
add = ["CAP_NET_ADMIN"]
|
|
}
|
|
|
|
env = [
|
|
"TZ=Europe/Amsterdam",
|
|
"VPN_SERVICE_PROVIDER=airvpn",
|
|
"VPN_TYPE=wireguard",
|
|
"WIREGUARD_PRIVATE_KEY=AMh4GiVDxxCv0xqUeNHW+koQAGAsC2ZrMkTc/aQJLWM=",
|
|
"WIREGUARD_PRESHARED_KEY=PI5KBRmurT3M+s9jrKQGxQXk8dMmmqLFhCFCH19ttBo=",
|
|
"WIREGUARD_ADDRESSES=10.159.242.252/32",
|
|
"FIREWALL_VPN_INPUT_PORTS=47836",
|
|
"SERVER_COUNTRIES=Netherlands",
|
|
"FIREWALL_INPUT_PORTS=8112"
|
|
]
|
|
|
|
devices {
|
|
host_path = "/dev/net/tun"
|
|
container_path = "/dev/net/tun"
|
|
permissions = "rwm"
|
|
}
|
|
|
|
mounts {
|
|
target = "/gluetun/config"
|
|
source = "/var/lib/containers/gluetun"
|
|
type = "bind"
|
|
}
|
|
|
|
privileged = true
|
|
restart = "always"
|
|
|
|
networks_advanced {
|
|
name = docker_network.container-public.name
|
|
ipv4_address = "192.168.3.27"
|
|
}
|
|
|
|
lifecycle {
|
|
ignore_changes = [
|
|
ulimit,
|
|
log_opts
|
|
]
|
|
}
|
|
}
|