nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests |Archive

writefreely.nomad (3923B)


      1 job "writefreely" {
      2   datacenters = ["dc1"]
      3 
      4   vault {}
      5 
      6   group "server" {
      7     count = 1
      8 
      9     volume "tls" {
     10       type = "csi"
     11       source = "certbot"
     12       access_mode = "multi-node-multi-writer"
     13       attachment_mode = "file-system"
     14     }
     15     volume "writefreely" {
     16       type = "csi"
     17       source = "writefreely"
     18       access_mode = "multi-node-multi-writer"
     19       attachment_mode = "file-system"
     20     }
     21 
     22     network {
     23       port "web" {}
     24       port "https" {
     25         static = 44394
     26       }
     27     }
     28 
     29     # Prepare database schema
     30     # https://github.com/writefreely/writefreely/blob/develop/docker-setup.sh
     31     task "db-upgrade" {
     32       driver = "podman"
     33 
     34       config {
     35         image = "docker.io/arm64v8/mysql:latest"
     36         command = "/bin/sh"
     37         args = ["-c", "mysql < $NOMAD_TASK_DIR/schema.sql"]
     38         volumes = [
     39           # mount the templated config from the task directory to the container
     40           "local/my.cnf:/etc/mysql/conf.d/my.cnf",
     41         ]
     42         
     43       }
     44 
     45       template {
     46         # Fetch sensitive db connection vars from Vault secrets
     47         destination = "${NOMAD_TASK_DIR}/my.cnf"
     48         data = file("./templates/my.cnf.tmpl")
     49       }
     50       template {
     51         # Create db tables
     52         destination = "${NOMAD_TASK_DIR}/schema.sql"
     53         data = file("./templates/schema.sql.tmpl")
     54       }
     55 
     56       resources {
     57         memory = 50
     58         memory_max = 128
     59         cpu = 100
     60       }
     61 
     62       lifecycle {
     63         hook = "prestart"
     64         sidecar = false
     65       }
     66     }
     67 
     68     # Generate keys used for the encryption of certain user data.
     69     # Because user data becomes unrecoverable without these keys,
     70     # this won't overwrite any existing key, and instead outputs a message.
     71     # https://github.com/writefreely/writefreely/blob/develop/docker-setup.sh
     72     task "gen-keys" {
     73       driver = "podman"
     74 
     75       config {
     76         image = "ghcr.io/writefreely/writefreely:latest"
     77         entrypoint = [""]
     78         command = "/bin/sh"
     79         args = ["-c", "cmd/writefreely/writefreely --gen-keys || true"]
     80         volumes = [
     81           # mount the templated config from the task directory to the container
     82           "local/config.ini:/go/config.ini",
     83         ]
     84       }
     85 
     86       volume_mount {
     87         volume = "writefreely"
     88         destination = "/go/keys"
     89       }
     90 
     91       template {
     92         destination = "${NOMAD_TASK_DIR}/config.ini"
     93         data = file("./templates/config.ini.tmpl")
     94       }
     95 
     96       resources {
     97         memory = 50
     98         memory_max = 128
     99         cpu = 100
    100       }
    101 
    102       lifecycle {
    103         hook = "prestart"
    104         sidecar = false
    105       }
    106     }
    107 
    108     task "writefreely" {
    109       driver = "podman"
    110 
    111       config {
    112         image = "ghcr.io/writefreely/writefreely:latest"
    113         force_pull = true
    114         ports = ["web"]
    115         volumes = [
    116           # mount the templated config from the task directory to the container
    117           "local/config.ini:/go/config.ini",
    118         ]
    119       }
    120 
    121       volume_mount {
    122         volume = "writefreely"
    123         destination = "/go/keys"
    124       }
    125 
    126       template {
    127         destination = "${NOMAD_TASK_DIR}/config.ini"
    128         data = file("./templates/config.ini.tmpl")
    129       }
    130 
    131       resources {
    132         memory = 50
    133         memory_max = 256
    134         cpu    = 200
    135       }
    136     }
    137 
    138     task "nginx" {
    139       driver = "podman"
    140 
    141       config {
    142         image = "docker.io/library/nginx:stable-alpine"
    143         ports = ["https"]
    144         volumes = [
    145           # mount the templated config from the task directory to the container
    146           "local/writefreely.conf:/etc/nginx/conf.d/writefreely.conf",
    147         ]
    148       }
    149 
    150       volume_mount {
    151         volume = "tls"
    152         destination = "/etc/letsencrypt"
    153       }
    154 
    155       template {
    156         destination = "${NOMAD_TASK_DIR}/writefreely.conf"
    157         data = file("./templates/nginx.conf.tmpl")
    158       }
    159 
    160       resources {
    161         memory = 50
    162         memory_max = 256
    163         cpu    = 200
    164       }
    165     }
    166 
    167   }
    168 }