redbrick/nomad
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cleanup: traefik entrypoints and format (#56)

Browse source
This commit is contained in:
wizzdom 2024-09-11 23:50:08 +01:00 committed by GitHub
parent 808451749c
commit 2a1f84163c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 80 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
jobs/nginx/atlas.hcl
View file

@ -1,6 +1,6 @@
job "atlas" { job "atlas" {
datacenters = ["aperture"] datacenters = ["aperture"]
type = "service" type = "service"
meta { meta {
git-sha = "" git-sha = ""
@ -19,10 +19,10 @@ job "atlas" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
@ -40,8 +40,9 @@ job "atlas" {
driver = "docker" driver = "docker"
config { config {
image = "ghcr.io/redbrick/atlas:latest" image = "ghcr.io/redbrick/atlas:latest"
ports = ["http"] ports = ["http"]
force_pull = true
} }
resources { resources {

6
jobs/nginx/cawnj-test.hcl
View file

@ -20,10 +20,10 @@ job "cawnj-test" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",

6
jobs/nginx/karting.hcl
View file

@ -20,10 +20,10 @@ job "nginx-karting" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",

38
jobs/nginx/nginx.hcl
View file

@ -20,10 +20,10 @@ job "nginx" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
@ -49,7 +49,7 @@ job "nginx" {
} }
template { template {
source = "local/index.html" source = "local/index.html"
destination = "local/index.html" destination = "local/index.html"
} }
} }
@ -72,10 +72,10 @@ job "nginx" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
@ -88,7 +88,7 @@ job "nginx" {
task "glados" { task "glados" {
constraint { constraint {
attribute = "${attr.unique.hostname}" attribute = "${attr.unique.hostname}"
value = "glados" value = "glados"
} }
driver = "docker" driver = "docker"
@ -105,7 +105,7 @@ job "nginx" {
} }
template { template {
source = "local/glados.html" source = "local/glados.html"
destination = "local/index.html" destination = "local/index.html"
} }
} }
@ -128,10 +128,10 @@ job "nginx" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
@ -144,7 +144,7 @@ job "nginx" {
task "wheatley" { task "wheatley" {
constraint { constraint {
attribute = "${attr.unique.hostname}" attribute = "${attr.unique.hostname}"
value = "wheatley" value = "wheatley"
} }
driver = "docker" driver = "docker"
@ -162,7 +162,7 @@ job "nginx" {
} }
template { template {
source = "local/wheatley.html" source = "local/wheatley.html"
destination = "local/index.html" destination = "local/index.html"
} }
} }
@ -185,10 +185,10 @@ job "nginx" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
@ -201,7 +201,7 @@ job "nginx" {
task "chell" { task "chell" {
constraint { constraint {
attribute = "${attr.unique.hostname}" attribute = "${attr.unique.hostname}"
value = "chell" value = "chell"
} }
driver = "docker" driver = "docker"
@ -219,7 +219,7 @@ job "nginx" {
} }
template { template {
source = "local/chell.html" source = "local/chell.html"
destination = "local/index.html" destination = "local/index.html"
} }
} }

12
jobs/services/api.hcl
View file

@ -17,10 +17,10 @@ job "api" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
@ -68,14 +68,14 @@ EMAIL_SENDER={{ key "api/smtp/sender" }}
EOH EOH
} }
template { template {
destination = "local/ldap.secret" destination = "local/ldap.secret"
perms = "600" perms = "600"
data = "{{ key \"api/ldap/secret\" }}" # this is necessary as the secret has no EOF data = "{{ key \"api/ldap/secret\" }}" # this is necessary as the secret has no EOF
} }
resources { resources {
cpu = 300 cpu = 300
memory = 1024 memory = 1024
} }
} }

2
jobs/services/brickbot.hcl
View file

@ -23,7 +23,7 @@ job "brickbot2" {
template { template {
destination = "local/ldap.secret" destination = "local/ldap.secret"
perms = "600" perms = "600"
data = "{{ key \"api/ldap/secret\" }}" # this is necessary as the secret has no EOF data = "{{ key \"api/ldap/secret\" }}" # this is necessary as the secret has no EOF
} }
template { template {

2
jobs/services/hedgedoc-backup.hcl
View file

@ -17,7 +17,7 @@ job "hedgedoc-backup" {
} }
template { template {
data = <<EOH data = <<EOH
#!/bin/bash #!/bin/bash
file=/storage/backups/nomad/postgres/hedgedoc/postgresql-hedgedoc-$(date +%Y-%m-%d_%H-%M-%S).sql file=/storage/backups/nomad/postgres/hedgedoc/postgresql-hedgedoc-$(date +%Y-%m-%d_%H-%M-%S).sql

11
jobs/services/hedgedoc.hcl
View file

@ -5,7 +5,7 @@ job "hedgedoc" {
group "web" { group "web" {
network { network {
# mode = "bridge" # mode = "bridge"
port "http" { port "http" {
to = 3000 to = 3000
} }
@ -30,11 +30,10 @@ job "hedgedoc" {
"traefik.frontend.headers.STSSeconds=63072000", "traefik.frontend.headers.STSSeconds=63072000",
"traefik.frontend.headers.browserXSSFilter=true", "traefik.frontend.headers.browserXSSFilter=true",
"traefik.frontend.headers.contentTypeNosniff=true", "traefik.frontend.headers.contentTypeNosniff=true",
"traefik.frontend.headers.customResponseHeaders=alt-svc:h2=l3sb47bzhpbelafss42pspxzqo3tipuk6bg7nnbacxdfbz7ao6semtyd.onion:443; ma=2592000",
"traefik.enable=true", "traefik.enable=true",
"traefik.port=${NOMAD_PORT_http}", "traefik.port=${NOMAD_PORT_http}",
"traefik.http.routers.md.entrypoints=web,websecure",
"traefik.http.routers.md.rule=Host(`md.redbrick.dcu.ie`) || Host(`md.rb.dcu.ie`)", "traefik.http.routers.md.rule=Host(`md.redbrick.dcu.ie`) || Host(`md.rb.dcu.ie`)",
"traefik.http.routers.md.tls=true",
"traefik.http.routers.md.tls.certresolver=lets-encrypt", "traefik.http.routers.md.tls.certresolver=lets-encrypt",
] ]
} }
@ -44,7 +43,7 @@ job "hedgedoc" {
constraint { constraint {
attribute = "${attr.unique.hostname}" attribute = "${attr.unique.hostname}"
value = "chell" value = "chell"
} }
config { config {
@ -89,7 +88,7 @@ EOH
constraint { constraint {
attribute = "${attr.unique.hostname}" attribute = "${attr.unique.hostname}"
value = "chell" value = "chell"
} }
config { config {
@ -97,7 +96,7 @@ EOH
ports = ["db"] ports = ["db"]
volumes = [ volumes = [
"/opt/postgres/hedgedoc:/var/lib/postgresql/data" "/opt/postgres/hedgedoc:/var/lib/postgresql/data"
] ]
} }

2
jobs/services/members-mysql-backup.hcl
View file

@ -17,7 +17,7 @@ job "members-mysql-backup" {
} }
template { template {
data = <<EOH data = <<EOH
#!/bin/bash #!/bin/bash
file=/storage/backups/nomad/mysql/members/members-mysql-$(date +%Y-%m-%d_%H-%M-%S).sql file=/storage/backups/nomad/mysql/members/members-mysql-$(date +%Y-%m-%d_%H-%M-%S).sql

2
jobs/services/members-mysql.hcl
View file

@ -38,7 +38,7 @@ EOH
} }
template { template {
data = <<EOH data = <<EOH
[server] [server]
[mariadbd] [mariadbd]

20
jobs/services/plausible.hcl
View file

@ -1,6 +1,6 @@
job "plausible" { job "plausible" {
datacenters = ["aperture"] datacenters = ["aperture"]
type = "service" type = "service"
group "web" { group "web" {
network { network {
@ -18,16 +18,16 @@ job "plausible" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.plausible.rule=Host(`plausible.redbrick.dcu.ie`)", "traefik.http.routers.plausible.rule=Host(`plausible.redbrick.dcu.ie`)",
"traefik.http.routers.plausible.entrypoints=websecure", "traefik.http.routers.plausible.entrypoints=web,websecure",
"traefik.http.routers.plausible.tls.certresolver=lets-encrypt" "traefik.http.routers.plausible.tls.certresolver=lets-encrypt"
] ]
} }
@ -39,11 +39,11 @@ job "plausible" {
ports = ["http"] ports = ["http"]
command = "/bin/sh" command = "/bin/sh"
args = ["-c", "sleep 10 && /entrypoint.sh db migrate && /entrypoint.sh run"] args = ["-c", "sleep 10 && /entrypoint.sh db migrate && /entrypoint.sh run"]
} }
template { template {
data = <<EOH data = <<EOH
BASE_URL=https://plausible.redbrick.dcu.ie BASE_URL=https://plausible.redbrick.dcu.ie
SECRET_KEY_BASE={{ key "plausible/secret" }} SECRET_KEY_BASE={{ key "plausible/secret" }}
TOTP_VAULT_KEY={{ key "plausible/totp/key" }} TOTP_VAULT_KEY={{ key "plausible/totp/key" }}
@ -72,7 +72,7 @@ SMTP_USER_PWD={{ key "plausible/smtp/password" }}
DISABLE_REGISTRATION=invite_only DISABLE_REGISTRATION=invite_only
EOH EOH
destination = "local/file.env" destination = "local/file.env"
env = true env = true
} }
resources { resources {
@ -104,7 +104,7 @@ EOH
} }
template { template {
data = <<EOH data = <<EOH
<clickhouse> <clickhouse>
<logger> <logger>
<level>warning</level> <level>warning</level>
@ -126,7 +126,7 @@ EOH
} }
template { template {
data = <<EOH data = <<EOH
<clickhouse> <clickhouse>
<profiles> <profiles>
<default> <default>

2
jobs/services/postgres-backup.hcl
View file

@ -17,7 +17,7 @@ job "postgres-backup" {
} }
template { template {
data = <<EOH data = <<EOH
#!/bin/bash #!/bin/bash
file=/storage/backups/nomad/postgres/postgres-$(date +%Y-%m-%d_%H-%M-%S).sql file=/storage/backups/nomad/postgres/postgres-$(date +%Y-%m-%d_%H-%M-%S).sql

6
jobs/services/privatebin.hcl
View file

@ -17,10 +17,10 @@ job "privatebin" {
port = "http" port = "http"
check { check {
type = "http" type = "http"
path = "/" path = "/"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
tags = [ tags = [

2
jobs/services/shlink.hcl
View file

@ -19,6 +19,7 @@ job "shlink" {
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.shlink-api.entrypoints=web,websecure",
"traefik.http.routers.shlink-api.rule=Host(`s.rb.dcu.ie`)", "traefik.http.routers.shlink-api.rule=Host(`s.rb.dcu.ie`)",
"traefik.http.routers.shlink-api.tls=true", "traefik.http.routers.shlink-api.tls=true",
"traefik.http.routers.shlink-api.tls.certresolver=lets-encrypt", "traefik.http.routers.shlink-api.tls.certresolver=lets-encrypt",
@ -77,6 +78,7 @@ EOH
# #
# tags = [ # tags = [
# "traefik.enable=true", # "traefik.enable=true",
# "traefik.http.routers.shlink-web.entrypoints=web,websecure",
# "traefik.http.routers.shlink-web.rule=Host(`shlink.rb.dcu.ie`)", # "traefik.http.routers.shlink-web.rule=Host(`shlink.rb.dcu.ie`)",
# "traefik.http.routers.shlink-web.tls=true", # "traefik.http.routers.shlink-web.tls=true",
# "traefik.http.routers.shlink-web.tls.certresolver=lets-encrypt", # "traefik.http.routers.shlink-web.tls.certresolver=lets-encrypt",

1
jobs/socs/dcusr-outline.hcl
View file

@ -37,6 +37,7 @@ job "dcusr-outline" {
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
"traefik.port=${NOMAD_PORT_http}", "traefik.port=${NOMAD_PORT_http}",
"traefik.http.routers.dcusr-outline.entrypoints=web,websecure",
"traefik.http.routers.dcusr-outline.rule=Host(`${NOMAD_META_domain}`)", "traefik.http.routers.dcusr-outline.rule=Host(`${NOMAD_META_domain}`)",
"traefik.http.routers.dcusr-outline.tls=true", "traefik.http.routers.dcusr-outline.tls=true",
"traefik.http.routers.dcusr-outline.tls.certresolver=lets-encrypt", "traefik.http.routers.dcusr-outline.tls.certresolver=lets-encrypt",

8
jobs/user-projects/general/midnight-calendarbot.hcl
View file

@ -1,6 +1,6 @@
job "midnight-calendarbot" { job "midnight-calendarbot" {
datacenters = ["aperture"] datacenters = ["aperture"]
type = "service" type = "service"
group "calendarbot" { group "calendarbot" {
count = 1 count = 1
@ -9,17 +9,17 @@ job "midnight-calendarbot" {
driver = "docker" driver = "docker"
config { config {
image = "ghcr.io/nightmarishblue/calendarbot:master" image = "ghcr.io/nightmarishblue/calendarbot:latest"
force_pull = true force_pull = true
} }
template { template {
data = <<EOH data = <<EOH
BOT_TOKEN={{ key "user-projects/midnight/calendarbot/discord/token" }} BOT_TOKEN={{ key "user-projects/midnight/calendarbot/discord/token" }}
APPLICATION_ID={{ key "user-projects/midnight/calendarbot/discord/appid" }} APPLICATION_ID={{ key "user-projects/midnight/calendarbot/discord/appid" }}
EOH EOH
destination = "local/.env" destination = "local/.env"
env = true env = true
} }
} }
} }