nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests

hivedav-demo.nomad (2614B)

      1 job "hivedav-demo" {
      2   datacenters = ["dc1"]
      3 
      4   priority = 80
      5 
      6   vault {}
      7 
      8   group "server" {
      9     count = 1
     10 
     11     volume "tls" {		
     12       type = "csi"		
     13       source = "certbot"		
     14       access_mode = "multi-node-multi-writer"		
     15       attachment_mode = "file-system"		
     16     }
     17 
     18     network {
     19       port "https" {
     20         static = 44399
     21       }
     22       port "hivedav" {
     23         to = 3737
     24         static = 44398
     25       }
     26     }
     27 
     28     task "nginx" {
     29       driver = "podman"
     30 
     31       config {
     32         image = "docker.io/library/nginx:stable-alpine"
     33         ports = ["https"]
     34         volumes = [
     35           # mount the templated config from the task directory to the container
     36           "local/hivedav-demo.conf:/etc/nginx/conf.d/hivedav-demo.conf",
     37         ]
     38       }
     39 
     40       volume_mount {
     41         volume = "tls"
     42         destination = "/etc/letsencrypt"
     43       }
     44 
     45       template {
     46         destination = "${NOMAD_TASK_DIR}/hivedav-demo.conf"
     47         data = file("./templates/nginx.conf.tmpl")
     48       }
     49 
     50       resources {
     51         memory = 50
     52         memory_max = 128
     53         cpu    = 200
     54       }
     55     }
     56 
     57     task "hivedav-demo" {
     58       driver = "podman"
     59 
     60       config {
     61         image = "127.0.0.1:5000/hivedav:latest"
     62         force_pull = true
     63         ports = ["hivedav"]
     64         volumes = [
     65           # mount the templated config from the task directory to the container
     66           "local/app.env:/app/app.env",
     67         ]
     68         #command = "/bin/sh"
     69         #args = ["-c", "sleep 3600"]
     70       }
     71 
     72       env {
     73         HIVEDAV_HOST = "meet.in0rdr.ch"
     74         HIVEDAV_CALENDAR = 1
     75       }
     76 
     77       template {
     78         # render sensitive env vars in a template from Vault secrets
     79         env = true
     80         destination = "${NOMAD_SECRETS_DIR}/env"
     81         data = <<EOT
     82 HIVEDAV_CALDAV_HOST = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_CALDAV_HOST}}{{end}}"
     83 HIVEDAV_CALDAV_USER = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_CALDAV_USER}}{{end}}"
     84 HIVEDAV_CALDAV_PASSWORD = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_CALDAV_PASSWORD}}{{end}}"
     85 HIVEDAV_SMTP_HOST = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_SMTP_HOST}}{{end}}"
     86 HIVEDAV_SMTP_USER = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_SMTP_USER}}{{end}}"
     87 HIVEDAV_SMTP_PASSWORD = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_SMTP_PASSWORD}}{{end}}"
     88 EOT
     89       }
     90 
     91       template {
     92         destination = "${NOMAD_TASK_DIR}/app.env"
     93         data = file("./templates/app.env.tmpl")
     94       }
     95 
     96       resources {
     97         memory = 50
     98         memory_max = 128
     99         cpu    = 200
    100       }
    101     }
    102   }
    103 }