Terraform docker module is a module to help docker maintenance over terraform. It should replace other means of docker maintenance like docker-compose.
There are several advantages of maintaining docker on terraform.
- Infrastructure as code.
- CI/CD. Many CI tools offers some way to automate terraform execution.
- Remote execution. You don't need to manually ssh into servers.
This module uses under the hood Docker Provider.
Example:
provider "docker" {
host = "tcp://192.168.0.100:2375/"
}
module "proxy" {
source = "alinefr/module/docker"
version = "<add latest version>"
image = "masnagam/nginx-proxy:latest"
container_name = "proxy"
restart_policy = "always"
docker_networks = {
"proxy-tier" = {
ipam_config = {
aux_address = {}
gateway = "10.0.20.1"
subnet = "10.0.20.0/24"
}
}
}
ports = [
{
internal = 80
external = 80
protocol = "tcp"
},
{
internal = 443
external = 443
protocol = "tcp"
}
]
named_volumes = {
"nginx_confs" = {
container_path = "/etc/nginx/conf.d"
read_only = false
create = true
},
"nginx_html" = {
container_path = "/var/www/html"
read_only = false
create = true
}
}
host_paths = {
"/media/letsencrypt/etc/letsencrypt/live" = {
container_path = "/etc/nginx/certs"
read_only = false
},
"/media/letsencrypt/etc/letsencrypt/archive" = {
container_path = "/etc/nginx/archive"
read_only = false
},
"/var/run/docker.sock" = {
container_path = "/tmp/docker.sock"
read_only = true
}
}
capabilities = {
add = ["NET_ADMIN"]
drop = []
}
networks_advanced = {
name = "proxy-tier"
ipv4_address = "10.0.20.100"
ipv6_address = null
aliases = null
}
}
module "letsencrypt-companion" {
source = "alinefr/module/docker"
version = "<add latest version>"
image = "jrcs/letsencrypt-nginx-proxy-companion"
container_name = "letsencrypt-companion"
restart_policy = "always"
volumes_from_containers = [
"proxy"
]
host_paths = {
"/var/run/docker.sock" = {
container_path = "/var/run/docker.sock"
read_only = true
}
}
networks_advanced = {
name = "proxy-tier"
ipv4_address = "10.0.20.101"
ipv6_address = null
aliases = null
}
}
Name | Version |
---|---|
terraform | ~> 1.4 |
docker | ~> 3.0 |
Name | Version |
---|---|
docker | ~> 3.0 |
No modules.
Name | Type |
---|---|
docker_container.default | resource |
docker_image.default | resource |
docker_network.default | resource |
docker_volume.default | resource |
docker_registry_image.default | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
capabilities | Add or drop container capabilities | object({ |
null |
no |
command | Override the default command | list(string) |
null |
no |
container_name | Custom container name | string |
null |
no |
devices | Device mappings | map(object({ |
{} |
no |
dns | Set custom dns servers for the container | list(string) |
null |
no |
docker_networks | List of custom networks to createhcl |
any |
[] |
no |
entrypoint | Override the default entrypoint | list(string) |
null |
no |
environment | Add environment variables | map(string) |
null |
no |
existing_image | Specify an existing image from another module | string |
null |
no |
healthcheck | Test to check if container is healthy | object({ |
null |
no |
host_paths | Mount host paths | map(object({ |
{} |
no |
hostname | Set docker hostname | string |
null |
no |
image | Specify the image to start the container from. Can either be a repository/tag or a partial image ID | string |
null |
no |
init | If init process should be used as the PID 1 in the container | bool |
false |
no |
named_volumes | Mount named volumes | map(object({ |
{} |
no |
network_mode | Specify a custom network mode | string |
null |
no |
networks_advanced | Advanced network options for the containerhcl |
any |
null |
no |
ports | Expose ports | list(object({ |
null |
no |
privileged | Give extended privileges to this container | bool |
false |
no |
restart_policy | Restart policy. Default: no | string |
"no" |
no |
volumes_from_containers | Mount volumes from another container | list(any) |
null |
no |
working_dir | Working directory inside the container | string |
null |
no |
Name | Description |
---|---|
capabilities | n/a |
command | n/a |
container_name | n/a |
devices | n/a |
dns | n/a |
docker_networks | n/a |
docker_volumes | n/a |
entrypoint | n/a |
environment | n/a |
healthcheck | n/a |
hostname | n/a |
image_id | n/a |
image_name | n/a |
init | n/a |
network_mode | n/a |
networks_advanced | n/a |
ports | n/a |
privileged | n/a |
restart | n/a |
volumes | n/a |
working_dir | n/a |