nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests |Archive

commit 872a0eddecda6248b8a1140af083870c8df8cb81
parent ab882552f6b367811a5063f94d41a9b28e7911f8
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Fri, 14 Jun 2024 17:58:10 +0200

feat(bastard): add nomad task

Diffstat:
Ahcl/default/bastard-operator/bastard-operator.nomad | 70++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Ahcl/default/bastard-operator/templates/nginx.conf.tmpl | 12++++++++++++
2 files changed, 82 insertions(+), 0 deletions(-)

diff --git a/hcl/default/bastard-operator/bastard-operator.nomad b/hcl/default/bastard-operator/bastard-operator.nomad @@ -0,0 +1,70 @@ +job "bastard" { + datacenters = ["dc1"] + + group "operator" { + count = 1 + + volume "tls" { + type = "csi" + source = "certbot" + access_mode = "multi-node-multi-writer" + attachment_mode = "file-system" + } + + network { + port "http" { + to = 8080 + } + port "https" {} + } + + service { + port = "https" + } + + task "nginx" { + driver = "podman" + + config { + image = "docker.io/library/nginx:stable-alpine" + ports = ["https"] + volumes = [ + # mount the templated config from the task directory to the container + "local/bastard.conf:/etc/nginx/conf.d/bastard.conf", + ] + } + + volume_mount { + volume = "tls" + destination = "/etc/letsencrypt" + } + + template { + destination = "${NOMAD_TASK_DIR}/bastard.conf" + data = file("./templates/nginx.conf.tmpl") + } + + resources { + memory = 50 + memory_max = 128 + cpu = 200 + } + } + + task "bastard" { + driver = "podman" + + config { + image = "127.0.0.1:5000/bastard-operator:latest" + force_pull = true + ports = ["http"] + } + + resources { + memory = 50 + memory_max = 128 + cpu = 200 + } + } + } +} diff --git a/hcl/default/bastard-operator/templates/nginx.conf.tmpl b/hcl/default/bastard-operator/templates/nginx.conf.tmpl @@ -0,0 +1,12 @@ +server { + listen {{ env "NOMAD_PORT_https" }} ssl; + + ssl_certificate /etc/letsencrypt/live/bastard.in0rdr.ch/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/bastard.in0rdr.ch/privkey.pem; + + root /app; + + location / { + proxy_pass http://{{ env "NOMAD_ADDR_http" }}; + } +}