From 1d34890a749e1db868552c70dd620a1554968b59 Mon Sep 17 00:00:00 2001
From: James Hackett <jamesthackett1@gmail.com>
Date: Thu, 8 Dec 2022 22:59:29 +0000
Subject: [PATCH] moves jobs to new directory and adds consul kv

---
 jobs/dcufm.hcl                      | 116 ++++++++++++++++++++++++++++
 {nomad => jobs}/nginx/chell.html    |   0
 {nomad => jobs}/nginx/glados.html   |   0
 {nomad => jobs}/nginx/index.html    |   0
 {nomad => jobs}/nginx/nginx.hcl     |   0
 {nomad => jobs}/nginx/wheatley.html |   0
 {nomad/traefik => jobs}/traefik.hcl |  10 +++
 7 files changed, 126 insertions(+)
 create mode 100644 jobs/dcufm.hcl
 rename {nomad => jobs}/nginx/chell.html (100%)
 rename {nomad => jobs}/nginx/glados.html (100%)
 rename {nomad => jobs}/nginx/index.html (100%)
 rename {nomad => jobs}/nginx/nginx.hcl (100%)
 rename {nomad => jobs}/nginx/wheatley.html (100%)
 rename {nomad/traefik => jobs}/traefik.hcl (81%)

diff --git a/jobs/dcufm.hcl b/jobs/dcufm.hcl
new file mode 100644
index 0000000..959da2e
--- /dev/null
+++ b/jobs/dcufm.hcl
@@ -0,0 +1,116 @@
+job "dcufm" {
+  datacenters = ["aperture"]
+
+  type = "service"
+
+  group "icecast" {
+    count = 1
+    network {
+      port "http" {
+        static = 2333
+      }
+    }
+
+    constraint {
+      attribute = "${attr.unique.hostname}"
+      value = "wheatley"
+    }
+    
+    service {
+      port = "http"
+      name = "icecast-stream"
+      check {
+        type = "http"
+        path = "/"
+        interval = "10s"
+        timeout = "2s"
+      }
+
+      tags = [
+        "traefik.enable=true",
+        "traefik.http.routers.icecast-stream.rule=Host(`dcufm.redbrick.dcu.ie`)",
+        "traefik.http.routers.icecast-stream.entrypoints=web,websecure",
+        "traefik.http.routers.icecast-stream.service=icecast-stream",
+        "traefik.http.routers.icecast-stream.tls=true",
+        "traefik.tcp.services.icecast-stream.loadbalancer.server.port=${NOMAD_PORT_http}",
+        "traefik.tcp.routers.icecast-stream.service=icecast-stream",
+        "traefik.tcp.routers.icecast-stream.rule=HostSNI(`dcufm.redbrick.dcu.ie`)",
+        "traefik.tcp.routers.icecast-stream.entrypoints=web,websecure",
+        "traefik.tcp.routers.icecast-stream.tls=true",
+        "traefik.tcp.routers.icecast-stream.tls.certresolver=lets-encrypt",
+      ]
+    }
+
+    task "icecast2" {
+      driver = "docker"
+      config {
+        image = "moul/icecast"
+        ports = ["http"]
+        volumes = [
+          "local/icecast_dcufm.xml:/etc/icecast2/icecast.xml"
+        ]        
+      }
+
+      template {
+        data = <<EOH
+<icecast>
+    <limits>
+        <clients>500</clients>
+        <sources>5</sources>
+        <threadpool>5</threadpool>
+        <queue-size>524288</queue-size>
+        <client-timeout>30</client-timeout>
+        <header-timeout>15</header-timeout>
+        <source-timeout>10</source-timeout>
+        <burst-on-connect>1</burst-on-connect>
+        <burst-size>65535</burst-size>
+    </limits>
+
+    <authentication>
+        <source-password>{{ key dcufm/passwords/source }}</source-password>
+        <relay-password>{{ key dcufm/passwords/relay }}</relay-password>
+
+        <admin-user>{{ key dcufm/users/admin }}</admin-user>
+        <admin-password>{{ key dcufm/passwords/admin }}</admin-password>
+    </authentication>
+
+    <hostname>dcufm.redbrick.dcu.ie</hostname>
+
+    <listen-socket>
+        <port>{{ env "NOMAD_PORT_http" }}</port>
+        <bind-address>0.0.0.0</bind-address>
+    </listen-socket>
+
+    <fileserve>1</fileserve>
+
+    <paths>
+        <basedir>/usr/share/icecast2</basedir>
+
+        <logdir>/var/log/icecast2</logdir>
+        <webroot>/usr/share/icecast2/web</webroot>
+        <adminroot>/usr/share/icecast2/admin</adminroot>
+
+        <alias source="/" dest="/status.xsl"/>
+    </paths>
+
+    <mount>
+        <mount-name>/stream.mp3</mount-name>
+        <fallback-mount>/fallback.mp3</fallback-mount>
+        <fallback-override>1</fallback-override>
+        <fallback-when-full>1</fallback-when-full>
+    </mount>
+
+    <logging>
+        <accesslog>access.log</accesslog>
+        <errorlog>error.log</errorlog>
+        <loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->
+        <logsize>10000</logsize> <!-- Max size of a logfile -->
+    </logging>
+</icecast>
+EOH
+
+        destination = "local/icecast_dcufm.xml"
+      }
+    }
+  }
+}
diff --git a/nomad/nginx/chell.html b/jobs/nginx/chell.html
similarity index 100%
rename from nomad/nginx/chell.html
rename to jobs/nginx/chell.html
diff --git a/nomad/nginx/glados.html b/jobs/nginx/glados.html
similarity index 100%
rename from nomad/nginx/glados.html
rename to jobs/nginx/glados.html
diff --git a/nomad/nginx/index.html b/jobs/nginx/index.html
similarity index 100%
rename from nomad/nginx/index.html
rename to jobs/nginx/index.html
diff --git a/nomad/nginx/nginx.hcl b/jobs/nginx/nginx.hcl
similarity index 100%
rename from nomad/nginx/nginx.hcl
rename to jobs/nginx/nginx.hcl
diff --git a/nomad/nginx/wheatley.html b/jobs/nginx/wheatley.html
similarity index 100%
rename from nomad/nginx/wheatley.html
rename to jobs/nginx/wheatley.html
diff --git a/nomad/traefik/traefik.hcl b/jobs/traefik.hcl
similarity index 81%
rename from nomad/traefik/traefik.hcl
rename to jobs/traefik.hcl
index 03d1b09..075efe9 100644
--- a/nomad/traefik/traefik.hcl
+++ b/jobs/traefik.hcl
@@ -37,8 +37,13 @@ job "traefik" {
 [entryPoints]
   [entryPoints.web]
   address = ":80"
+  [entryPoints.web.http.redirections.entryPoint]
+    to = "websecure"
+    scheme = "https"
+
   [entryPoints.websecure]
   address = ":443"
+
   [entryPoints.traefik]
   address = ":8080"
 
@@ -59,6 +64,11 @@ job "traefik" {
 #  [providers.nomad.endpoint]
 #    address = "127.0.0.1:4646"
 #    scheme = "http"
+
+[certificatesResolvers.lets-encrypt.acme]
+  email = "elected-admins@redbrick.dcu.ie"
+  storage = "local/acme.json"
+  [certificatesResolvers.lets-encrypt.acme.tlsChallenge]
 EOF
         destination = "/local/traefik.toml"
       }