Pretix: add pretix job for dcu solar racing

Co-authored-by: wizzdom <wizzdom@redbrick.dcu.ie>
2024-09-04 01:20:46 +01:00 · 2024-09-04 01:20:46 +01:00 · f0bad6ce1a
commit f0bad6ce1a
parent 58d0f8f803
1 changed files with 154 additions and 0 deletions
--- a/jobs/services/pretix.hcl
+++ b/jobs/services/pretix.hcl
@ -0,0 +1,154 @@
+job "pretix" {
+  datacenters = ["aperture"]
+
+  type = "service"
+
+  group "web" {
+    network {
+    # mode = "bridge"
+      port "http" {
+        to = 80
+      }
+
+      port "db" {
+        to = 5432
+        static = 5432
+      }
+
+      port "redis" {
+        to = 6379
+      }
+    }
+
+    service {
+      name = "pretix"
+      port = "http"
+
+      # check {
+      #   type     = "http"
+      #   path     = "/"
+      #   interval = "10s"
+      #   timeout  = "2s"
+      # }
+
+      tags = [
+        "traefik.enable=true",
+        "traefik.port=${NOMAD_PORT_http}",
+        "traefik.http.routers.pretix.rule=Host(`tickets.solarracing.ie`)",
+        "traefik.http.routers.pretix.tls=true",
+        "traefik.http.routers.pretix.tls.certresolver=lets-encrypt",
+      ]
+    }
+
+    task "app" {
+      driver = "docker"
+
+      config {
+        image = "pretix/standalone:stable"
+        ports = ["http"]
+
+        volumes = [
+          "local/pretix.cfg:/etc/pretix/pretix.cfg",
+          "/storage/nomad/pretix/data:/data"
+        ]
+
+      }
+
+      resources {
+          memory = 15000
+        }
+
+      template {
+        data        = <<EOH
+[pretix]
+instance_name=DCU Solar Racing
+url=https://tickets.solarracing.ie
+currency=EUR
+; DO NOT change the following value, it has to be set to the location of the
+; directory *inside* the docker container
+datadir=/data
+registration=on
+
+[locale]
+timezone=Europe/Dublin
+
+[database]
+backend=postgresql
+name={{ key "pretix/db/name" }}
+user={{ key "pretix/db/user" }}
+password={{ key "pretix/db/password" }}
+host={{ env "NOMAD_IP_db" }}
+port={{ env "NOMAD_PORT_db" }}
+
+[mail]
+from={{ key "pretix/mail/from" }}
+host={{ key "pretix/mail/host" }}
+user={{ key "pretix/mail/user" }}
+password={{ key "pretix/mail/password" }}
+port=465
+tls=on
+ssl=off
+
+[redis]
+location=redis://{{ env "NOMAD_ADDR_redis" }}/0
+; Remove the following line if you are unsure about your redis'security
+; to reduce impact if redis gets compromised.
+sessions=true
+
+[celery]
+backend=redis://{{ env "NOMAD_ADDR_redis" }}/1
+broker=redis://{{ env "NOMAD_ADDR_redis" }}/2
+EOH
+        destination = "local/pretix.cfg"
+      }
+    }
+
+
+    task "pretix-db" {
+      driver = "docker"
+
+      config {
+        image = "postgres:16-alpine"
+        ports = ["db"]
+
+        volumes = [
+          "/storage/nomad/pretix/db:/var/lib/postgresql/data",
+          "local/pg_hba.conf:/pg_hba.conf",
+        ]
+      }
+
+      template {
+        data        = <<EOH
+POSTGRES_USER={{ key "pretix/db/user" }}
+POSTGRES_PASSWORD={{ key "pretix/db/password" }}
+EOH
+        destination = "local/db.env"
+        env         = true
+      }
+
+      template {
+        data = <<EOH
+local   all             all                                     trust
+host    all             all             127.0.0.1/32            trust
+host    all             all             172.17.0.1/32           trust
+host    all             all             ::1/128                 trust
+local   replication     all                                     trust
+host    replication     all             127.0.0.1/32            trust
+host    replication     all             ::1/128                 trust
+host 	all 		    all 		    all 			        scram-sha-256
+EOH
+
+        destination = "local/pg_hba.conf"
+      }
+    }
+
+    task "redis" {
+      driver = "docker"
+
+      config {
+        image = "redis:latest"
+        ports = ["redis"]
+      }
+    }
+  }
+}