52 lines
933 B
HCL
52 lines
933 B
HCL
data "docker_registry_image" "fail2ban" {
|
|
name = "linuxserver/fail2ban:latest"
|
|
}
|
|
|
|
resource "docker_image" "fail2ban" {
|
|
name = data.docker_registry_image.fail2ban.name
|
|
pull_triggers = [data.docker_registry_image.fail2ban.sha256_digest]
|
|
}
|
|
|
|
resource "docker_container" "fail2ban" {
|
|
image = docker_image.fail2ban.image_id
|
|
name = "fail2ban"
|
|
restart = "always"
|
|
|
|
capabilities {
|
|
add = ["CAP_NET_ADMIN", "CAP_NET_RAW"]
|
|
}
|
|
|
|
env = [
|
|
"TZ=Europe/Amsterdam",
|
|
"PUID=1000",
|
|
"PGID=1000"
|
|
]
|
|
|
|
mounts {
|
|
target = "/config"
|
|
source = "/var/lib/containers/fail2ban/config"
|
|
type = "bind"
|
|
}
|
|
|
|
mounts {
|
|
target = "/var/log"
|
|
source = "/var/log"
|
|
type = "bind"
|
|
read_only = true
|
|
}
|
|
|
|
mounts {
|
|
target = "/remotelogs/nginx"
|
|
source = "/var/lib/containers/nginx-lb/log"
|
|
type = "bind"
|
|
read_only = true
|
|
}
|
|
|
|
lifecycle {
|
|
ignore_changes = [
|
|
ulimit,
|
|
log_opts
|
|
]
|
|
}
|
|
}
|