nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests
commit 51dae1f05536f83558409f129a1ea161791c1193
parent 6c2ad4a41034e05a0e0835f7426153d471c7d218
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Fri, 26 May 2023 01:03:19 +0200

feat: more dynamic ports

Diffstat:

Mhcl/default/0x0/0x0.nomad | 10++--------


Mhcl/default/0x0/templates/nginx.conf.tmpl | 4++--


Mhcl/default/aload/aload.nomad | 1-


Mhcl/default/ampache/ampache.nomad | 1-


Mhcl/default/cv/cv.nomad | 5+----


Mhcl/default/cv/templates/nginx.conf.tmpl | 2+-


Mhcl/default/diary/diary.nomad | 5+----


Mhcl/default/diary/templates/nginx.conf.tmpl | 2+-


Mhcl/default/git/git.nomad | 2--


Mhcl/default/mastodon/mastodon.nomad | 11+++--------


Mhcl/default/mastodon/templates/nginx.conf.tmpl | 4++--


Mhcl/default/myheats-demo/myheats-demo.nomad | 5+----


Mhcl/default/myheats-demo/templates/nginx.conf.tmpl | 2+-


Mhcl/default/myheats/myheats.nomad | 5+----


Mhcl/default/myheats/templates/nginx.conf.tmpl | 2+-


Mhcl/default/snibox/snibox.nomad | 5+----


Mhcl/default/snibox/templates/nginx.conf.tmpl | 2+-


Mhcl/default/writefreely/templates/config.ini.tmpl | 5++---


Mhcl/default/writefreely/templates/nginx.conf.tmpl | 2+-


Mhcl/default/writefreely/writefreely.nomad | 9++-------


20 files changed, 24 insertions(+), 60 deletions(-)

diff --git a/hcl/default/0x0/0x0.nomad b/hcl/default/0x0/0x0.nomad
@@ -22,14 +22,8 @@ job "0x0" {
       port "fhost" {
         to = 8000
       }
-      port "http" {
-        to = 8999
-        static = 8999
-      }
-      port "https" {
-        to = 8998
-        static = 8998
-      }
+      port "http" {}
+      port "https" {}
     }
 
     service {
diff --git a/hcl/default/0x0/templates/nginx.conf.tmpl b/hcl/default/0x0/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               8999;
+    listen               {{ env "NOMAD_PORT_http" }};
 
     location / {
         proxy_set_header X-Real-IP $remote_addr;
@@ -9,7 +9,7 @@ server {
 }
 
 server {
-    listen               8998 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/0x0.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/0x0.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/aload/aload.nomad b/hcl/default/aload/aload.nomad
@@ -14,7 +14,6 @@ job "aload" {
     network {
       port "http" {
         to = 80
-        static = 8092
       }
     }
 
diff --git a/hcl/default/ampache/ampache.nomad b/hcl/default/ampache/ampache.nomad
@@ -28,7 +28,6 @@ job "ampache" {
       }
       port "https" {
         to = 443
-        static = 44391
       }
     }
 
diff --git a/hcl/default/cv/cv.nomad b/hcl/default/cv/cv.nomad
@@ -15,10 +15,7 @@ job "cv" {
       port "jekyll" {
         to = 4000
       }
-      port "https" {
-        to = 443
-        static = 44361
-      }
+      port "https" {}
     }
 
     service {
diff --git a/hcl/default/cv/templates/nginx.conf.tmpl b/hcl/default/cv/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               443 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/cv.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/cv.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/diary/diary.nomad b/hcl/default/diary/diary.nomad
@@ -15,10 +15,7 @@ job "diary" {
       port "jekyll" {
         to = 4000
       }
-      port "https" {
-        to = 443
-        static = 44362
-      }
+      port "https" {}
     }
 
     service {
diff --git a/hcl/default/diary/templates/nginx.conf.tmpl b/hcl/default/diary/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               443 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/diary.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/diary.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/git/git.nomad b/hcl/default/git/git.nomad
@@ -26,11 +26,9 @@ job "git" {
     network {
       port "stagit" {
         to = 443
-        static = 44328
       }
       port "smarthttp" {
         to = 443
-        static = 44318
       }
     }
 
diff --git a/hcl/default/mastodon/mastodon.nomad b/hcl/default/mastodon/mastodon.nomad
@@ -28,13 +28,8 @@ job "mastodon" {
       port "redis" {
         to = 6379
       }
-      port "https" {
-        to = 443
-        static = 44393
-      }
-      port "mastodon_web" {
-        to = 3000
-      }
+      port "https" {}
+      port "mastodon_web" {}
       port "mastodon_streaming" {
         to = 4000
       }
@@ -113,7 +108,7 @@ job "mastodon" {
         image = "tootsuite/mastodon:latest"
         ports = ["mastodon_web"]
         command = "bash"
-        args = ["-c", "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"]
+        args = ["-c", "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p ${NOMAD_PORT_mastodon_web}"]
       }
 
       volume_mount {
diff --git a/hcl/default/mastodon/templates/nginx.conf.tmpl b/hcl/default/mastodon/templates/nginx.conf.tmpl
@@ -16,8 +16,8 @@ upstream streaming {
 proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g;
 
 server {
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
+  listen {{ env "NOMAD_PORT_https" }} ssl http2;
+  listen [::]:{{ env "NOMAD_PORT_https" }} ssl http2;
   server_name m.in0rdr.ch;
 
   ssl_protocols TLSv1.2 TLSv1.3;
diff --git a/hcl/default/myheats-demo/myheats-demo.nomad b/hcl/default/myheats-demo/myheats-demo.nomad
@@ -20,10 +20,7 @@ job "myheats-demo" {
       port "myheats" {
         to = 3000
       }
-      port "https" {
-        to = 443
-        static = 44395
-      }
+      port "https" {}
     }
 
     service {
diff --git a/hcl/default/myheats-demo/templates/nginx.conf.tmpl b/hcl/default/myheats-demo/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               443 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/myheats-demo.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/myheats-demo.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/myheats/myheats.nomad b/hcl/default/myheats/myheats.nomad
@@ -15,10 +15,7 @@ job "myheats" {
       port "jekyll" {
         to = 4000
       }
-      port "https" {
-        to = 443
-        static = 44362
-      }
+      port "https" {}
     }
 
     service {
diff --git a/hcl/default/myheats/templates/nginx.conf.tmpl b/hcl/default/myheats/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               443 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/myheats.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/myheats.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/snibox/snibox.nomad b/hcl/default/snibox/snibox.nomad
@@ -26,10 +26,7 @@ job "snibox" {
       port "server" {
         to = 3000
       }
-      port "https" {
-        to = 443
-        static = 44392
-      }
+      port "https" {}
     }
 
     service {
diff --git a/hcl/default/snibox/templates/nginx.conf.tmpl b/hcl/default/snibox/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               443 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/snibox.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/snibox.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/writefreely/templates/config.ini.tmpl b/hcl/default/writefreely/templates/config.ini.tmpl
@@ -1,6 +1,6 @@
 [server]
 hidden_host          = 
-port                 = 8080
+port                 = {{ env "NOMAD_PORT_web" }}
 bind                 = 0.0.0.0
 tls_cert_path        = 
 tls_key_path         = 
@@ -99,4 +99,4 @@ allow_disconnect   = false
 map_user_id        = 
 map_username       = 
 map_display_name   = 
-map_email          =
-\ No newline at end of file
+map_email          =
diff --git a/hcl/default/writefreely/templates/nginx.conf.tmpl b/hcl/default/writefreely/templates/nginx.conf.tmpl
@@ -1,5 +1,5 @@
 server {
-    listen               443 ssl;
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
 
     ssl_certificate      /etc/letsencrypt/live/write.in0rdr.ch/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/write.in0rdr.ch/privkey.pem;
diff --git a/hcl/default/writefreely/writefreely.nomad b/hcl/default/writefreely/writefreely.nomad
@@ -23,13 +23,8 @@ job "writefreely" {
     }
 
     network {
-      port "web" {
-        to = 8080
-      }
-      port "https" {
-        to = 443
-        static = 44394
-      }
+      port "web" {}
+      port "https" {}
     }
 
     service {