myheats.nomad (1762B)
1 job "myheats-demo" { 2 datacenters = ["dc1"] 3 4 vault { 5 policies = ["myheats"] 6 change_mode = "noop" 7 } 8 9 group "server" { 10 count = 1 11 12 volume "tls" { 13 type = "csi" 14 source = "certbot" 15 access_mode = "multi-node-multi-writer" 16 attachment_mode = "file-system" 17 } 18 19 network { 20 port "myheats" { 21 to = 3000 22 } 23 port "https" { 24 to = 443 25 static = 44395 26 } 27 } 28 29 service { 30 port = "https" 31 } 32 33 task "myheats" { 34 driver = "docker" 35 36 config { 37 image = "127.0.0.1:5000/myheats:latest" 38 ports = ["myheats"] 39 } 40 41 env { 42 REACT_APP_DOC_TITLE = "MyHeats Demo 🔥" 43 } 44 45 template { 46 # render sensitive env vars in a template from Vault secrets 47 env = true 48 destination = "${NOMAD_SECRETS_DIR}/env" 49 data = <<EOT 50 REACT_APP_SUPABASE_URL = "https://aaxkgqazjhwumoljibld.supabase.co" 51 REACT_APP_SUPABASE_KEY = "{{with secret "kv/myheats"}}{{index .Data.data.supabase_key}}{{end}}" 52 EOT 53 } 54 55 resources { 56 memory = 512 57 cpu = 300 58 } 59 } 60 61 task "nginx" { 62 driver = "docker" 63 64 config { 65 image = "nginx:stable-alpine" 66 ports = ["https"] 67 volumes = [ 68 # mount the templated config from the task directory to the container 69 "local/myheats-demo.conf:/etc/nginx/conf.d/myheats-demo.conf", 70 ] 71 } 72 73 volume_mount { 74 volume = "tls" 75 destination = "/etc/letsencrypt" 76 } 77 78 template { 79 destination = "${NOMAD_TASK_DIR}/myheats-demo.conf" 80 data = file("./templates/nginx.conf.tmpl") 81 } 82 83 resources { 84 memory = 128 85 cpu = 200 86 } 87 } 88 } 89 }