nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests
commit 872a0eddecda6248b8a1140af083870c8df8cb81
parent ab882552f6b367811a5063f94d41a9b28e7911f8
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Fri, 14 Jun 2024 17:58:10 +0200

feat(bastard): add nomad task

Diffstat:

Ahcl/default/bastard-operator/bastard-operator.nomad | 70++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Ahcl/default/bastard-operator/templates/nginx.conf.tmpl | 12++++++++++++


2 files changed, 82 insertions(+), 0 deletions(-)

diff --git a/hcl/default/bastard-operator/bastard-operator.nomad b/hcl/default/bastard-operator/bastard-operator.nomad
@@ -0,0 +1,70 @@
+job "bastard" {
+  datacenters = ["dc1"]
+
+  group "operator" {
+    count = 1
+
+    volume "tls" {
+      type = "csi"
+      source = "certbot"
+      access_mode = "multi-node-multi-writer"
+      attachment_mode = "file-system"
+    }
+
+    network {
+      port "http" {
+        to = 8080
+      }
+      port "https" {}
+    }
+
+    service {
+      port = "https"
+    }
+
+    task "nginx" {
+      driver = "podman"
+
+      config {
+        image = "docker.io/library/nginx:stable-alpine"
+        ports = ["https"]
+        volumes = [
+          # mount the templated config from the task directory to the container
+          "local/bastard.conf:/etc/nginx/conf.d/bastard.conf",
+        ]
+      }
+
+      volume_mount {
+        volume = "tls"
+        destination = "/etc/letsencrypt"
+      }
+
+      template {
+        destination = "${NOMAD_TASK_DIR}/bastard.conf"
+        data = file("./templates/nginx.conf.tmpl")
+      }
+
+      resources {
+        memory = 50
+        memory_max = 128
+        cpu    = 200
+      }
+    }
+
+    task "bastard" {
+      driver = "podman"
+
+      config {
+        image = "127.0.0.1:5000/bastard-operator:latest"
+        force_pull = true
+        ports = ["http"]
+      }
+
+      resources {
+        memory = 50
+        memory_max = 128
+        cpu    = 200
+      }
+    }
+  }
+}
diff --git a/hcl/default/bastard-operator/templates/nginx.conf.tmpl b/hcl/default/bastard-operator/templates/nginx.conf.tmpl
@@ -0,0 +1,12 @@
+server {
+    listen               {{ env "NOMAD_PORT_https" }} ssl;
+
+    ssl_certificate      /etc/letsencrypt/live/bastard.in0rdr.ch/fullchain.pem;
+    ssl_certificate_key  /etc/letsencrypt/live/bastard.in0rdr.ch/privkey.pem;
+
+    root                 /app;
+
+    location / {
+        proxy_pass       http://{{ env "NOMAD_ADDR_http" }};
+    }
+}