certbot.nomad (1382B)
1 # Create a Nomad variable certbot/domains with the list of domains: 2 # cn1.example.com,san1.example.com,cn2.example.com,more.domains,.. 3 # 4 # Also, store the letsencrypt email address in variable certbot/email 5 6 job "certbot" { 7 datacenters = ["dc1"] 8 type = "batch" 9 10 periodic { 11 crons = [ 12 "@daily" 13 ] 14 } 15 16 group "certbot" { 17 count = 1 18 19 volume "certbot-data" { 20 type = "csi" 21 source = "certbot" 22 access_mode = "multi-node-multi-writer" 23 attachment_mode = "file-system" 24 } 25 26 network { 27 port "http" { 28 to = 80 29 static = 8080 30 } 31 port "https" { 32 to = 443 33 static = 4433 34 } 35 } 36 37 task "request" { 38 driver = "podman" 39 40 volume_mount { 41 volume = "certbot-data" 42 destination = "/etc/letsencrypt" 43 } 44 45 template { 46 destination = "${NOMAD_TASK_DIR}/certbot-request.sh" 47 data = file("./templates/certbot-request.sh.tmpl") 48 perms = 755 49 } 50 51 config { 52 image = "certbot/certbot:arm64v8-latest" 53 force_pull = true 54 ports = ["http", "https"] 55 volumes = [ 56 "local/certbot-request.sh:/opt/certbot/tools/certbot-request.sh" 57 ] 58 entrypoint = ["./tools/certbot-request.sh"] 59 } 60 61 resources { 62 memory = 50 63 memory_max = 128 64 cpu = 300 65 } 66 } 67 } 68 }