Terraform module example for provisioning Portainer on DigitalOcean running behind Nginx with LetsEncrypt.
- Set up a single DigitalOcean droplet running Portainer
- Optionally configure a reverse proxy with LetsEncrypt to run infront of Portainer
- Terraform >= 0.10.8
- Digitalocean account / API token with write access
- SSH Public keys added to your DigitalOcean account
- When using LetsEncrypt, a domain name pointing to the created droplet and an email address. See the LetsEncrypt example.
Create a new Terraform file (main.tf
) and add the following contents:
variable "do_token" {}
module "portainer" {
source = "github.com/thojkooi/terraform-digitalocean-portainer"
do_token = "${var.do_token}"
size = "s-1vcpu-1gb"
name = "portainer"
region = "ams3"
domain = "example.com"
ssh_keys = [1234, 1235, ...]
provision_ssh_key = "~/.ssh/id_rsa"
}
Provide the ssh key ids on your DigitalOcean account. If you are using doctl
, you can find the ids by running:
$ doctl compute ssh-key ls
Once done, run terraform init
to download the necessary providers. When the providers have been downloaded run terraform apply
. After this, you should be able to access the Portainer UI by visiting the public ip adres in your browser.
This module supports running Portainer behind Nginx with LetsEncrypt. An example on how to do this is available in the examples directory. By default, test certificates are requested.
Terraform uses an SSH key to connect to the created droplets in order to issue docker swarm join
commands. By default this uses ~/.ssh/id_rsa
. If you wish to use a different key, you can modify this using the variable provision_ssh_key
. You also need to ensure the public key is added to your DigitalOcean account and it's ID is listed in the ssh_keys
list.
- Read up on the Portainer documentation.
- View Terraform DigitalOcean provider documentation.
This module is licensed under MIT.