Terraform docker module is a module to help docker maintenance over terraform. It should replace other means of docker maintenance like docker-compose.
There are several advantages of maintaining docker on terraform.
- Infrastructure as code.
- CI/CD. Many CI tools offers some way to automate terraform execution.
- Remote execution. You don't need to manually ssh into servers.
This module uses under the hood Docker Provider.
Example:
provider "docker" {
host = "tcp://192.168.0.100:2375/"
}
module "proxy" {
source = "murillozampieri/module/docker"
version = "<add latest version>"
image = "masnagam/nginx-proxy:latest"
container_name = "proxy"
restart_policy = "always"
docker_networks = {
"proxy-tier" = {
ipam_config = {
aux_address = {}
gateway = "10.0.20.1"
subnet = "10.0.20.0/24"
}
}
}
ports = [
{
internal = 80
external = 80
protocol = "tcp"
},
{
internal = 443
external = 443
protocol = "tcp"
}
]
named_volumes = {
"nginx_confs" = {
container_path = "/etc/nginx/conf.d"
read_only = false
create = true
},
"nginx_html" = {
container_path = "/var/www/html"
read_only = false
create = true
}
}
host_paths = {
"/media/letsencrypt/etc/letsencrypt/live" = {
container_path = "/etc/nginx/certs"
read_only = false
},
"/media/letsencrypt/etc/letsencrypt/archive" = {
container_path = "/etc/nginx/archive"
read_only = false
},
"/var/run/docker.sock" = {
container_path = "/tmp/docker.sock"
read_only = true
}
}
capabilities = {
add = ["NET_ADMIN"]
drop = []
}
networks_advanced = {
name = "proxy-tier"
ipv4_address = "10.0.20.100"
ipv6_address = null
aliases = null
}
labels = [
{
label = "xpto"
value = "xpto-value"
}
]
}
module "letsencrypt-companion" {
source = "murillozampieri/module/docker"
version = "<add latest version>"
image = "jrcs/letsencrypt-nginx-proxy-companion"
container_name = "letsencrypt-companion"
restart_policy = "always"
volumes_from_containers = [
"proxy"
]
host_paths = {
"/var/run/docker.sock" = {
container_path = "/var/run/docker.sock"
read_only = true
}
}
networks_advanced = {
name = "proxy-tier"
ipv4_address = "10.0.20.101"
ipv6_address = null
aliases = null
}
}| Name | Version |
|---|---|
| terraform | >= 0.13 |
| docker | ~> 2.7 |
| Name | Version |
|---|---|
| docker | ~> 2.7 |
No modules.
| Name | Type |
|---|---|
| docker_container.default | resource |
| docker_image.default | resource |
| docker_network.default | resource |
| docker_volume.default | resource |
| docker_registry_image.default | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| capabilities | Add or drop container capabilities | object({ |
null |
no |
| command | Override the default command | list(string) |
null |
no |
| container_name | Custom container name | string |
null |
no |
| devices | Device mappings | map(object({ |
{} |
no |
| dns | Set custom dns servers for the container | list(string) |
null |
no |
| docker_networks | List of custom networks to create | map(object({ |
{} |
no |
| environment | Add environment variables | map(string) |
null |
no |
| healthcheck | Test to check if container is healthy | object({ |
null |
no |
| host_paths | Mount host paths | map(object({ |
{} |
no |
| hostname | Set docker hostname | string |
null |
no |
| image | Specify the image to start the container from. Can either be a repository/tag or a partial image ID | string |
n/a | yes |
| named_volumes | Mount named volumes | map(object({ |
{} |
no |
| network_mode | Specify a custom network mode | string |
null |
no |
| networks_advanced | Advanced network options for the container | object({ |
null |
no |
| ports | Expose ports | list(object({ |
null |
no |
| privileged | Give extended privileges to this container | bool |
false |
no |
| restart_policy | Restart policy. Default: no | string |
"no" |
no |
| volumes_from_containers | Mount volumes from another container | list(any) |
null |
no |
| working_dir | Working directory inside the container | string |
null |
no |
| Name | Description |
|---|---|
| devices | n/a |
| environment | n/a |
| volumes | n/a |