forked from Deuxfleurs/nixcfg
staging: tricot compilé avec musl, dans une image docker
Correspond à: Deuxfleurs/tricot#15
This commit is contained in:
parent
d0341caf77
commit
b279f1e0db
1 changed files with 14 additions and 9 deletions
|
@ -21,20 +21,25 @@ job "core-tricot" {
|
||||||
}
|
}
|
||||||
|
|
||||||
task "server" {
|
task "server" {
|
||||||
driver = "nix2"
|
driver = "docker"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
packages = [
|
image = "armael/tricot:n6dk1b5xrdww12zf12jbcmihqs6g1brz"
|
||||||
"git+https://git.deuxfleurs.fr/Deuxfleurs/tricot.git?ref=main&rev=9bb505d977cb8bafd8039159241788ff25510d69"
|
network_mode = "host"
|
||||||
|
readonly_rootfs = true
|
||||||
|
ports = [ "http_port", "https_port" ]
|
||||||
|
volumes = [
|
||||||
|
"secrets:/etc/tricot",
|
||||||
]
|
]
|
||||||
command = "tricot"
|
ulimit {
|
||||||
# cap_add = [ "net_bind_service" ] # this doesn't work for whatever reason, so we need to put user = "root" instead
|
nofile = "65535:65535"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
user = "root"
|
|
||||||
|
|
||||||
resources {
|
resources {
|
||||||
cpu = 500
|
cpu = 500
|
||||||
memory = 200
|
memory = 200
|
||||||
|
memory_max = 500
|
||||||
}
|
}
|
||||||
|
|
||||||
restart {
|
restart {
|
||||||
|
@ -46,17 +51,17 @@ job "core-tricot" {
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = "{{ key \"secrets/consul/consul-ca.crt\" }}"
|
data = "{{ key \"secrets/consul/consul-ca.crt\" }}"
|
||||||
destination = "etc/tricot/consul-ca.crt"
|
destination = "secrets/consul-ca.crt"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = "{{ key \"secrets/consul/consul-client.crt\" }}"
|
data = "{{ key \"secrets/consul/consul-client.crt\" }}"
|
||||||
destination = "etc/tricot/consul-client.crt"
|
destination = "secrets/consul-client.crt"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = "{{ key \"secrets/consul/consul-client.key\" }}"
|
data = "{{ key \"secrets/consul/consul-client.key\" }}"
|
||||||
destination = "etc/tricot/consul-client.key"
|
destination = "secrets/consul-client.key"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
|
|
Loading…
Reference in a new issue