83 lines
1.9 KiB
HCL
83 lines
1.9 KiB
HCL
job "api" {
|
|
datacenters = ["aperture"]
|
|
|
|
type = "service"
|
|
|
|
group "api" {
|
|
count = 1
|
|
|
|
network {
|
|
port "http" {
|
|
to = 80
|
|
}
|
|
}
|
|
|
|
service {
|
|
name = "api"
|
|
port = "http"
|
|
|
|
check {
|
|
type = "http"
|
|
path = "/"
|
|
interval = "10s"
|
|
timeout = "2s"
|
|
}
|
|
|
|
tags = [
|
|
"traefik.enable=true",
|
|
"traefik.http.routers.api.rule=Host(`api.redbrick.dcu.ie`)",
|
|
"traefik.http.routers.api.entrypoints=web,websecure",
|
|
"traefik.http.routers.api.tls.certresolver=lets-encrypt",
|
|
]
|
|
}
|
|
|
|
task "api" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "ghcr.io/redbrick/api:latest"
|
|
ports = ["http"]
|
|
volumes = [
|
|
"/oldstorage:/storage",
|
|
"/oldstorage/home:/home",
|
|
"local/ldap.secret:/etc/ldap.secret",
|
|
]
|
|
auth {
|
|
username = "${DOCKER_USER}"
|
|
password = "${DOCKER_PASS}"
|
|
}
|
|
}
|
|
template {
|
|
destination = "local/.env"
|
|
env = true
|
|
change_mode = "restart"
|
|
data = <<EOH
|
|
DOCKER_USER={{ key "api/ghcr/username" }}
|
|
DOCKER_PASS={{ key "api/ghcr/password" }}
|
|
AUTH_USERNAME={{ key "api/auth/username" }}
|
|
AUTH_PASSWORD={{ key "api/auth/password" }}
|
|
LDAP_URI={{ key "api/ldap/uri" }}
|
|
LDAP_ROOTBINDDN={{ key "api/ldap/rootbinddn" }}
|
|
LDAP_SEARCHBASE={{ key "api/ldap/searchbase" }}
|
|
EMAIL_DOMAIN=redbrick.dcu.ie
|
|
EMAIL_SERVER={{ key "api/smtp/server" }}
|
|
EMAIL_PORT=587
|
|
EMAIL_USERNAME={{ key "api/smtp/username" }}
|
|
EMAIL_PASSWORD={{ key "api/smtp/password" }}
|
|
EMAIL_SENDER={{ key "api/smtp/sender" }}
|
|
EOH
|
|
}
|
|
|
|
template {
|
|
destination = "local/ldap.secret"
|
|
perms = "600"
|
|
data = "{{ key \"api/ldap/secret\" }}" # this is necessary as the secret has no EOF
|
|
}
|
|
|
|
resources {
|
|
cpu = 300
|
|
memory = 1024
|
|
}
|
|
}
|
|
}
|
|
}
|