nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests |Archive

commit 51dae1f05536f83558409f129a1ea161791c1193
parent 6c2ad4a41034e05a0e0835f7426153d471c7d218
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Fri, 26 May 2023 01:03:19 +0200

feat: more dynamic ports

Diffstat:
Mhcl/default/0x0/0x0.nomad | 10++--------
Mhcl/default/0x0/templates/nginx.conf.tmpl | 4++--
Mhcl/default/aload/aload.nomad | 1-
Mhcl/default/ampache/ampache.nomad | 1-
Mhcl/default/cv/cv.nomad | 5+----
Mhcl/default/cv/templates/nginx.conf.tmpl | 2+-
Mhcl/default/diary/diary.nomad | 5+----
Mhcl/default/diary/templates/nginx.conf.tmpl | 2+-
Mhcl/default/git/git.nomad | 2--
Mhcl/default/mastodon/mastodon.nomad | 11+++--------
Mhcl/default/mastodon/templates/nginx.conf.tmpl | 4++--
Mhcl/default/myheats-demo/myheats-demo.nomad | 5+----
Mhcl/default/myheats-demo/templates/nginx.conf.tmpl | 2+-
Mhcl/default/myheats/myheats.nomad | 5+----
Mhcl/default/myheats/templates/nginx.conf.tmpl | 2+-
Mhcl/default/snibox/snibox.nomad | 5+----
Mhcl/default/snibox/templates/nginx.conf.tmpl | 2+-
Mhcl/default/writefreely/templates/config.ini.tmpl | 5++---
Mhcl/default/writefreely/templates/nginx.conf.tmpl | 2+-
Mhcl/default/writefreely/writefreely.nomad | 9++-------
20 files changed, 24 insertions(+), 60 deletions(-)

diff --git a/hcl/default/0x0/0x0.nomad b/hcl/default/0x0/0x0.nomad @@ -22,14 +22,8 @@ job "0x0" { port "fhost" { to = 8000 } - port "http" { - to = 8999 - static = 8999 - } - port "https" { - to = 8998 - static = 8998 - } + port "http" {} + port "https" {} } service { diff --git a/hcl/default/0x0/templates/nginx.conf.tmpl b/hcl/default/0x0/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 8999; + listen {{ env "NOMAD_PORT_http" }}; location / { proxy_set_header X-Real-IP $remote_addr; @@ -9,7 +9,7 @@ server { } server { - listen 8998 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/0x0.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/0x0.in0rdr.ch/privkey.pem; diff --git a/hcl/default/aload/aload.nomad b/hcl/default/aload/aload.nomad @@ -14,7 +14,6 @@ job "aload" { network { port "http" { to = 80 - static = 8092 } } diff --git a/hcl/default/ampache/ampache.nomad b/hcl/default/ampache/ampache.nomad @@ -28,7 +28,6 @@ job "ampache" { } port "https" { to = 443 - static = 44391 } } diff --git a/hcl/default/cv/cv.nomad b/hcl/default/cv/cv.nomad @@ -15,10 +15,7 @@ job "cv" { port "jekyll" { to = 4000 } - port "https" { - to = 443 - static = 44361 - } + port "https" {} } service { diff --git a/hcl/default/cv/templates/nginx.conf.tmpl b/hcl/default/cv/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 443 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/cv.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/cv.in0rdr.ch/privkey.pem; diff --git a/hcl/default/diary/diary.nomad b/hcl/default/diary/diary.nomad @@ -15,10 +15,7 @@ job "diary" { port "jekyll" { to = 4000 } - port "https" { - to = 443 - static = 44362 - } + port "https" {} } service { diff --git a/hcl/default/diary/templates/nginx.conf.tmpl b/hcl/default/diary/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 443 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/diary.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/diary.in0rdr.ch/privkey.pem; diff --git a/hcl/default/git/git.nomad b/hcl/default/git/git.nomad @@ -26,11 +26,9 @@ job "git" { network { port "stagit" { to = 443 - static = 44328 } port "smarthttp" { to = 443 - static = 44318 } } diff --git a/hcl/default/mastodon/mastodon.nomad b/hcl/default/mastodon/mastodon.nomad @@ -28,13 +28,8 @@ job "mastodon" { port "redis" { to = 6379 } - port "https" { - to = 443 - static = 44393 - } - port "mastodon_web" { - to = 3000 - } + port "https" {} + port "mastodon_web" {} port "mastodon_streaming" { to = 4000 } @@ -113,7 +108,7 @@ job "mastodon" { image = "tootsuite/mastodon:latest" ports = ["mastodon_web"] command = "bash" - args = ["-c", "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"] + args = ["-c", "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p ${NOMAD_PORT_mastodon_web}"] } volume_mount { diff --git a/hcl/default/mastodon/templates/nginx.conf.tmpl b/hcl/default/mastodon/templates/nginx.conf.tmpl @@ -16,8 +16,8 @@ upstream streaming { proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g; server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen {{ env "NOMAD_PORT_https" }} ssl http2; + listen [::]:{{ env "NOMAD_PORT_https" }} ssl http2; server_name m.in0rdr.ch; ssl_protocols TLSv1.2 TLSv1.3; diff --git a/hcl/default/myheats-demo/myheats-demo.nomad b/hcl/default/myheats-demo/myheats-demo.nomad @@ -20,10 +20,7 @@ job "myheats-demo" { port "myheats" { to = 3000 } - port "https" { - to = 443 - static = 44395 - } + port "https" {} } service { diff --git a/hcl/default/myheats-demo/templates/nginx.conf.tmpl b/hcl/default/myheats-demo/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 443 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/myheats-demo.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/myheats-demo.in0rdr.ch/privkey.pem; diff --git a/hcl/default/myheats/myheats.nomad b/hcl/default/myheats/myheats.nomad @@ -15,10 +15,7 @@ job "myheats" { port "jekyll" { to = 4000 } - port "https" { - to = 443 - static = 44362 - } + port "https" {} } service { diff --git a/hcl/default/myheats/templates/nginx.conf.tmpl b/hcl/default/myheats/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 443 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/myheats.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/myheats.in0rdr.ch/privkey.pem; diff --git a/hcl/default/snibox/snibox.nomad b/hcl/default/snibox/snibox.nomad @@ -26,10 +26,7 @@ job "snibox" { port "server" { to = 3000 } - port "https" { - to = 443 - static = 44392 - } + port "https" {} } service { diff --git a/hcl/default/snibox/templates/nginx.conf.tmpl b/hcl/default/snibox/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 443 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/snibox.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/snibox.in0rdr.ch/privkey.pem; diff --git a/hcl/default/writefreely/templates/config.ini.tmpl b/hcl/default/writefreely/templates/config.ini.tmpl @@ -1,6 +1,6 @@ [server] hidden_host = -port = 8080 +port = {{ env "NOMAD_PORT_web" }} bind = 0.0.0.0 tls_cert_path = tls_key_path = @@ -99,4 +99,4 @@ allow_disconnect = false map_user_id = map_username = map_display_name = -map_email = -\ No newline at end of file +map_email = diff --git a/hcl/default/writefreely/templates/nginx.conf.tmpl b/hcl/default/writefreely/templates/nginx.conf.tmpl @@ -1,5 +1,5 @@ server { - listen 443 ssl; + listen {{ env "NOMAD_PORT_https" }} ssl; ssl_certificate /etc/letsencrypt/live/write.in0rdr.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/write.in0rdr.ch/privkey.pem; diff --git a/hcl/default/writefreely/writefreely.nomad b/hcl/default/writefreely/writefreely.nomad @@ -23,13 +23,8 @@ job "writefreely" { } network { - port "web" { - to = 8080 - } - port "https" { - to = 443 - static = 44394 - } + port "web" {} + port "https" {} } service {