nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests |Archive

commit d82b481359faf6f9b8686dd641e9868ce8708613
parent b1e10a670ac0befba1a69571ee34f516fd051c48
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Thu, 24 Oct 2024 23:07:27 +0200

feat(myheats): build_frontend and separate env

Diffstat:
Mhcl/default/myheats-demo/myheats-demo.nomad | 74+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------
Mhcl/default/myheats-demo/templates/backend-env.local.tmpl | 17++++-------------
Mhcl/default/myheats-demo/templates/frontend-env.local.tmpl | 9---------
3 files changed, 69 insertions(+), 31 deletions(-)

diff --git a/hcl/default/myheats-demo/myheats-demo.nomad b/hcl/default/myheats-demo/myheats-demo.nomad @@ -8,11 +8,15 @@ job "myheats-demo" { group "server" { count = 1 - volume "tls" { - type = "csi" - source = "certbot" - access_mode = "multi-node-multi-writer" - attachment_mode = "file-system" + ephemeral_disk { + size = 500 + } + + volume "tls" { + type = "csi" + source = "certbot" + access_mode = "multi-node-multi-writer" + attachment_mode = "file-system" } network { @@ -58,13 +62,65 @@ job "myheats-demo" { } } + # Prepare latest MyHeats frontend release + task "build_frontend" { + driver = "podman" + + template { + # render sensitive env vars in a template from Vault secrets + env = true + destination = "${NOMAD_SECRETS_DIR}/frontend-env" + data = file("./templates/frontend-env.local.tmpl") + } + + env { + VERSION = "master" + } + + config { + image = "docker.io/node:18-alpine" + command = "/bin/sh" + args = ["-c", <<EOT + echo "Downloading and building MyHeats version '$VERSION'.." + # TODO: use Nomad artefact + wget -qO /tmp/myheats.tar.gz https://code.in0rdr.ch/myheats/archive/myheats-$VERSION.tar.gz + tar --strip-components=1 -C /alloc/data -xvf /tmp/myheats.tar.gz + cd /alloc/data + npm ci && npm run build + EOT + ] + volumes = [ + # mount the templated config from the task directory to the container + "secrets/frontend-env:/${NOMAD_TASK_DIR}/local/app/.env.local", + ] + } + + resources { + memory = 50 + memory_max = 256 + cpu = 200 + } + + lifecycle { + hook = "prestart" + sidecar = false + } + } + task "frontend" { driver = "podman" config { image = "127.0.0.1:5000/myheats-nginx:latest" - force_pull = true ports = ["frontend_http"] + command = "/bin/sh" + args = ["-c", <<EOT + echo "Copyng new distribution from workdir" + rm -rf /usr/share/nginx/html/* + cp -r /alloc/data/dist/* /usr/share/nginx/html/ + nginx -g 'daemon off;' + EOT + ] } resources { @@ -78,19 +134,19 @@ job "myheats-demo" { driver = "podman" config { - image = "127.0.0.1:5000/myheats:latest" + image = "127.0.0.1:5000/myheats-api:latest" force_pull = true ports = ["api_http"] volumes = [ # mount the templated config from the task directory to the container - "secrets/env:/app/.env.local", + "secrets/backend-env:/app/.env.local", ] } template { # render sensitive env vars in a template from Vault secrets env = true - destination = "${NOMAD_SECRETS_DIR}/env" + destination = "${NOMAD_SECRETS_DIR}/backend-env" data = file("./templates/backend-env.local.tmpl") } diff --git a/hcl/default/myheats-demo/templates/backend-env.local.tmpl b/hcl/default/myheats-demo/templates/backend-env.local.tmpl @@ -1,16 +1,7 @@ -########## -# Shared # -########## - -# Full URI to backend http API -VITE_API_URI=http://{{ env "NOMAD_IP_api_http" }} -# Backend API port -VITE_API_PORT={{ env "NOMAD_PORT_api_http" }} - -########### -# Backend # -########### - +# API server protocol and bind address +API_URI=http://127.0.0.1 +# Bind port for API server +API_PORT={{ env "NOMAD_PORT_api_http" }} # Redirect url for magic links API_REDIRECT_URI=https://myheats-demo.p0c.ch/authverify # Backend API CORS allowed origins diff --git a/hcl/default/myheats-demo/templates/frontend-env.local.tmpl b/hcl/default/myheats-demo/templates/frontend-env.local.tmpl @@ -1,16 +1,7 @@ -########## -# Shared # -########## - # Full URI to backend http API VITE_API_URI=https://api-myheats-demo.p0c.ch # Backend API http port VITE_API_PORT=443 - -############ -# Frontend # -############ - # Application window title VITE_APP_DOC_TITLE='MyHeats Demo' # Cookie TTL in seconds (session ttl in the admin/judges frontend), 60m