From 71767b52a5d35ba95b7dcad80b52239b68052d40 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Mon, 10 Feb 2020 17:49:53 +0100
Subject: [PATCH] Configuration de Guichet

---
 consul/configuration/.gitignore               |  2 +
 .../{ => directory}/bottin/config.json        |  0
 .../directory/guichet/config.json             | 15 +++++
 nomad/bottin2.hcl                             | 58 ++++++++++++++++++-
 4 files changed, 72 insertions(+), 3 deletions(-)
 rename consul/configuration/{ => directory}/bottin/config.json (100%)
 create mode 100644 consul/configuration/directory/guichet/config.json

diff --git a/consul/configuration/.gitignore b/consul/configuration/.gitignore
index bc3a54e..8c55cc6 100644
--- a/consul/configuration/.gitignore
+++ b/consul/configuration/.gitignore
@@ -25,3 +25,5 @@
 !email/sogo/sogo.conf.tpl
 
 !chat/**/*
+
+!directory/*/*
diff --git a/consul/configuration/bottin/config.json b/consul/configuration/directory/bottin/config.json
similarity index 100%
rename from consul/configuration/bottin/config.json
rename to consul/configuration/directory/bottin/config.json
diff --git a/consul/configuration/directory/guichet/config.json b/consul/configuration/directory/guichet/config.json
new file mode 100644
index 0000000..9dde56a
--- /dev/null
+++ b/consul/configuration/directory/guichet/config.json
@@ -0,0 +1,15 @@
+{
+  "http_bind_addr": ":9991",
+  "ldap_server_addr": "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389",
+
+  "base_dn": "dc=deuxfleurs,dc=fr",
+  "user_base_dn": "ou=users,dc=deuxfleurs,dc=fr",
+  "user_name_attr": "cn",
+  "group_base_dn": "ou=groups,dc=deuxfleurs,dc=fr",
+  "group_name_attr": "cn",
+
+  "admin_account": "cn=admin,dc=deuxfleurs,dc=fr",
+  "group_can_admin": "cn=admin,ou=groups,dc=deuxfleurs,dc=fr",
+  "group_can_invite": "cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr"
+}
+
diff --git a/nomad/bottin2.hcl b/nomad/bottin2.hcl
index 2f8068c..a092f8b 100644
--- a/nomad/bottin2.hcl
+++ b/nomad/bottin2.hcl
@@ -7,12 +7,12 @@ job "directory2" {
     value     = "amd64"
   }
 
-  group "ldap" {
+  group "bottin" {
     count = 1
     task "server" {
       driver = "docker"
       config {
-        image = "lxpz/bottin_amd64:6"
+        image = "lxpz/bottin_amd64:8"
         readonly_rootfs = true
         port_map {
           ldap_port = 1389
@@ -32,7 +32,7 @@ job "directory2" {
       }
 
       template {
-        data = "{{ key \"configuration/bottin/config.json\" }}"
+        data = "{{ key \"configuration/directory/bottin/config.json\" }}"
         destination = "secrets/config.json"
       }
 
@@ -55,5 +55,57 @@ job "directory2" {
       }
     }
   }
+
+  group "guichet" {
+    count = 1
+    task "server" {
+      driver = "docker"
+      config {
+        image = "lxpz/guichet_amd64:1"
+        readonly_rootfs = true
+        port_map {
+          web_port = 9991
+        }
+		volumes = [
+			"secrets/config.json:/config.json"
+		]
+      }
+
+      template {
+	    data = "{{ key \"configuration/directory/guichet/config.json\" }}"
+        destination = "secrets/config.json"
+      }
+
+      resources {
+        memory = 100
+        network {
+          port "web_port" {}
+        }
+      }
+
+      service {
+        name = "guichet"
+        tags = [
+			"guichet",
+			"traefik.enable=true",
+			  "traefik.frontend.entryPoints=https,http",
+			  "traefik.frontend.rule=Host:guichet.deuxfleurs.fr,guichet.deuxfleurs.org",
+		]
+        port = "web_port"
+        address_mode = "host"
+        check {
+          type = "tcp"
+          port = "web_port"
+          interval = "60s"
+          timeout = "5s"
+          check_restart {
+            limit = 3
+            grace = "90s"
+            ignore_warnings = false
+          }
+        }
+      }
+    }
+  }
 }