commit f91dd9beec8ca6e48130d34f0c5e7b669c8a8bec
parent 56276891195f2f8cc99c57b251e09c984b851c7e
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date: Sun, 21 Jul 2024 16:09:39 +0200
feat: migrate jenkins & registry kv
Diffstat:
6 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/hcl/default/certbot/certbot.nomad b/hcl/default/certbot/certbot.nomad
@@ -1,4 +1,4 @@
-# Create a Nomad variable certbot/domains with the following YAML config:
+# Create a Nomad variable certbot/domains with the list of domains:
# cn1.example.com,san1.example.com,cn2.example.com,more.domains,..
#
# Also, store the letsencrypt email address in variable certbot/email
diff --git a/hcl/default/jenkins/templates/jenkins.yaml.tmpl b/hcl/default/jenkins/templates/jenkins.yaml.tmpl
@@ -1,6 +1,8 @@
unclassified:
location:
- adminAddress: "{{ keyOrDefault "jenkins/admin_address" "address not configured yet <nobody@nowhere>" }}"
+ adminAddress: "{{ if nomadVarExists "nomad/jobs/jenkins" -}}
+ {{ with nomadVar "nomad/jobs/jenkins" }}{{ .admin_address }}{{ end -}}
+ {{ else }}address not configured yet <nobody@nowhere>{{ end}}"
url: "https://jenkins.in0rdr.ch"
hashicorpVault:
configuration:
diff --git a/hcl/infra/registry/README b/hcl/infra/registry/README
@@ -47,8 +47,8 @@ Create Vault policy public-registry.hcl:
capabilities = ["read"]
}
-Create a KV entry "registry/host" in Consul with the public name of the
-registry in plain-text. For example:
+Create a Nomad variable "registry/host" with the public name of the registry in
+plain-text. For example:
hub.docker.com
diff --git a/hcl/infra/registry/docker-pull.nomad b/hcl/infra/registry/docker-pull.nomad
@@ -1,7 +1,5 @@
-# Create a kv entry registry/images in Consul with the following YAML config:
-# ---
-# - image1:latest
-# - image2:v2
+# Create a variable registry/images in Nomad with the list of images:
+# image1:latest,image2:v2,more-images:latest
job "docker-pull" {
datacenters = ["dc1"]
diff --git a/hcl/infra/registry/templates/config.yml.tmpl b/hcl/infra/registry/templates/config.yml.tmpl
@@ -15,8 +15,8 @@ http:
headers:
X-Content-Type-Options: [nosniff]
tls:
- certificate: "/etc/letsencrypt/live/{{ key "registry/host" }}/fullchain.pem"
- key: "/etc/letsencrypt/live/{{ key "registry/host" }}/privkey.pem"
+ certificate: "/etc/letsencrypt/live/{{ with nomadVar "nomad/jobs/registry" }}{{ .host }}{{ end }}/fullchain.pem"
+ key: "/etc/letsencrypt/live/{{ with nomadVar "nomad/jobs/registry" }}{{ .host }}{{ end }}/privkey.pem"
auth:
htpasswd:
realm: basic-realm
diff --git a/hcl/infra/registry/templates/pull.sh.tmpl b/hcl/infra/registry/templates/pull.sh.tmpl
@@ -1,5 +1,7 @@
#!/usr/bin/env sh
# Pull a set of images
-{{ range $k, $v := key "registry/images" | parseYAML }}
+{{ with nomadVar "nomad/jobs/registry" }}
+{{ range $k, $v := key .images.Value | split "," }}
podman pull {{ $v }}
{{- end }}
+{{- end }}
