forked from Deuxfleurs/nixcfg
Compare commits
12 commits
14c6dae001
...
a513690004
| Author | SHA1 | Date | |
|---|---|---|---|
| a513690004 | |||
| f55891ba21 | |||
| 9a6935ac90 | |||
|
3b777ddeb6 | ||
|
|
ca59237057 | ||
| 28b58b3776 | |||
|
7db40a8dcf | ||
|
|
c56ce9134c | ||
| 1d40a3c7c0 | |||
|
|
5dc7c3132b | ||
| 22fbadef2e | |||
| 43189a5fc2 |
15 changed files with 52 additions and 18 deletions
|
|
@ -14,14 +14,14 @@ job "backup_daily" {
|
|||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "="
|
||||
value = "ananas"
|
||||
value = "celeri"
|
||||
}
|
||||
|
||||
task "main" {
|
||||
driver = "docker"
|
||||
|
||||
config {
|
||||
image = "restic/restic:0.16.0"
|
||||
image = "restic/restic:0.16.4"
|
||||
entrypoint = [ "/bin/sh", "-c" ]
|
||||
args = [ "restic backup /mail && restic forget --group-by paths --keep-within 1m1d --keep-within-weekly 3m --keep-within-monthly 1y && restic prune --max-unused 50% --max-repack-size 2G && restic check" ]
|
||||
volumes = [
|
||||
|
|
@ -116,7 +116,7 @@ EOH
|
|||
driver = "docker"
|
||||
|
||||
config {
|
||||
image = "restic/restic:0.16.0"
|
||||
image = "restic/restic:0.16.4"
|
||||
entrypoint = [ "/bin/sh", "-c" ]
|
||||
args = [ "restic backup $NOMAD_ALLOC_DIR/consul.json && restic forget --group-by paths --keep-within 1m1d --keep-within-weekly 3m --keep-within-monthly 1y && restic prune --max-unused 50% --max-repack-size 2G && restic check" ]
|
||||
}
|
||||
|
|
@ -152,14 +152,14 @@ EOH
|
|||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "="
|
||||
value = "concombre"
|
||||
value = "courgette"
|
||||
}
|
||||
|
||||
task "main" {
|
||||
driver = "docker"
|
||||
|
||||
config {
|
||||
image = "restic/restic:0.16.0"
|
||||
image = "restic/restic:0.16.4"
|
||||
entrypoint = [ "/bin/sh", "-c" ]
|
||||
args = [ "restic backup /cryptpad && restic forget --group-by paths --keep-within 1m1d --keep-within-weekly 3m --keep-within-monthly 1y && restic prune --max-unused 50% --max-repack-size 2G && restic check" ]
|
||||
volumes = [
|
||||
|
|
|
|||
|
|
@ -34,15 +34,13 @@ job "coturn" {
|
|||
ports = [ "prometheus", "turn_ctrl", "turn_data0", "turn_data1", "turn_data2",
|
||||
"turn_data3", "turn_data4", "turn_data5", "turn_data6", "turn_data7",
|
||||
"turn_data8", "turn_data9" ]
|
||||
entrypoint = ["/local/docker-entrypoint.sh"]
|
||||
network_mode = "host"
|
||||
volumes = [
|
||||
"secrets/docker-entrypoint.sh:/usr/local/bin/docker-entrypoint.sh",
|
||||
]
|
||||
}
|
||||
|
||||
template {
|
||||
data = file("../config/docker-entrypoint.sh")
|
||||
destination = "secrets/docker-entrypoint.sh"
|
||||
destination = "local/docker-entrypoint.sh"
|
||||
perms = 555
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -116,7 +116,10 @@ module.exports = {
|
|||
"[adrn@pad.deuxfleurs.fr/PxDpkPwd-jDJWkfWdAzFX7wtnLpnPlBeYZ4MmoEYS6E=]",
|
||||
"[lx@pad.deuxfleurs.fr/FwQzcXywx1FIb83z6COB7c3sHnz8rNSDX1xhjPuH3Fg=]",
|
||||
"[trinity-1686a@pad.deuxfleurs.fr/Pu6Ef03jEsAGBbZI6IOdKd6+5pORD5N51QIYt4-Ys1c=]",
|
||||
"[Jill@pad.deuxfleurs.fr/tLW7W8EVNB2KYETXEaOYR+HmNiBQtZj7u+SOxS3hGmg=]"
|
||||
"[Jill@pad.deuxfleurs.fr/tLW7W8EVNB2KYETXEaOYR+HmNiBQtZj7u+SOxS3hGmg=]",
|
||||
"[vincent@pad.deuxfleurs.fr/07FQiE8w1iztRWwzbRJzEy3xIqnNR31mUFjLNiGXjwU=]",
|
||||
"[boris@pad.deuxfleurs.fr/kHo5LIhSxDFk39GuhGRp+XKlMjNe+lWfFWM75cINoTQ=]",
|
||||
"[maximilien@pad.deuxfleurs.fr/UoXHLejYRUjvX6t55hAQKpjMdU-3ecg4eDhAeckZmyE=]"
|
||||
],
|
||||
|
||||
/* =====================
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
job "cryptpad" {
|
||||
datacenters = ["scorpio"]
|
||||
datacenters = ["neptune"]
|
||||
type = "service"
|
||||
|
||||
group "cryptpad" {
|
||||
|
|
@ -22,7 +22,7 @@ job "cryptpad" {
|
|||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "="
|
||||
value = "abricot"
|
||||
value = "courgette"
|
||||
}
|
||||
|
||||
config {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
job "email" {
|
||||
datacenters = ["scorpio"]
|
||||
datacenters = ["neptune"]
|
||||
type = "service"
|
||||
priority = 65
|
||||
|
||||
|
|
@ -31,7 +31,7 @@ job "email" {
|
|||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "="
|
||||
value = "ananas"
|
||||
value = "celeri"
|
||||
}
|
||||
|
||||
config {
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ job "woodpecker-ci" {
|
|||
task "server" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "woodpeckerci/woodpecker-server:v2.3.0"
|
||||
image = "woodpeckerci/woodpecker-server:v2.4.1"
|
||||
ports = [ "web_port", "grpc_port" ]
|
||||
network_mode = "host"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,8 +38,8 @@ apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docke
|
|||
## Install the runner
|
||||
|
||||
```bash
|
||||
wget https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/raw/branch/main/app/woodpecker-ci/integration/nix.conf
|
||||
wget https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/raw/branch/main/app/woodpecker-ci/integration/docker-compose.yml
|
||||
wget https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/raw/branch/main/cluster/prod/app/woodpecker-ci/integration/nix.conf
|
||||
wget https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/raw/branch/main/cluster/prod/app/woodpecker-ci/integration/docker-compose.yml
|
||||
```
|
||||
|
||||
Create a new Agent for your runner in the Woodpecker admin, and copy the agent secret value.
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ services:
|
|||
- "./nix.conf:/etc/nix/nix.conf:ro"
|
||||
|
||||
woodpecker-runner:
|
||||
image: woodpeckerci/woodpecker-agent:v2.3.0
|
||||
image: woodpeckerci/woodpecker-agent:v2.4.1
|
||||
restart: always
|
||||
environment:
|
||||
# -- change these for each agent
|
||||
|
|
|
|||
|
|
@ -75,6 +75,12 @@
|
|||
address = "10.83.4.2";
|
||||
endpoint = "82.65.41.110:33742";
|
||||
};
|
||||
"onion" = {
|
||||
siteName = "dathomir";
|
||||
publicKey = "gpeqalqAUaYlMuebv3glQeZyE64+OpkyIHFhfStJQA4=";
|
||||
address = "10.83.5.1";
|
||||
endpoint = "82.64.238.84:33740";
|
||||
};
|
||||
};
|
||||
|
||||
# Pin Nomad version
|
||||
|
|
|
|||
|
|
@ -9,3 +9,4 @@ concombre.machine.deuxfleurs.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3N0QOFNGkC
|
|||
courgette.machine.deuxfleurs.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPCXJeo6yeQeTN7D7OZwLd8zbyU1jWywlhQ29yyk7x+G
|
||||
abricot.machine.deuxfleurs.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhHUQtc5lukPMFkiWf/sTgaUpwNFXHCJoQKu4ooRFy+
|
||||
ananas.machine.deuxfleurs.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHs0zAyBy70oyV56qaMaMAKR7VjEDnsm5LEyZJbM95BL
|
||||
onion.machine.deuxfleurs.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINjBQ67fxwuDDzRPveTko/Sgf0cev3tIvlr3CfAmhF0C
|
||||
|
|
|
|||
10
cluster/prod/node/onion.nix
Normal file
10
cluster/prod/node/onion.nix
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
{ ... }:
|
||||
{
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.timeout = 20;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
deuxfleurs.hostName = "onion";
|
||||
deuxfleurs.staticIPv4.address = "192.168.1.34";
|
||||
deuxfleurs.staticIPv6.address = "2a01:e0a:5e4:1d0:223:24ff:feb0:e866";
|
||||
}
|
||||
1
cluster/prod/node/onion.site.nix
Symbolic link
1
cluster/prod/node/onion.site.nix
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../site/dathomir.nix
|
||||
7
cluster/prod/site/dathomir.nix
Normal file
7
cluster/prod/site/dathomir.nix
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
{ ... }:
|
||||
{
|
||||
deuxfleurs.siteName = "dathomir";
|
||||
deuxfleurs.cnameTarget = "dathomir.site.deuxfleurs.fr";
|
||||
deuxfleurs.publicIPv4 = "82.64.238.84";
|
||||
deuxfleurs.staticIPv4.defaultGateway = "192.168.1.1";
|
||||
}
|
||||
|
|
@ -33,3 +33,5 @@ Host abricot
|
|||
Host ananas
|
||||
HostName ananas.machine.deuxfleurs.fr
|
||||
|
||||
Host onion
|
||||
HostName onion.machine.deuxfleurs.fr
|
||||
|
|
|
|||
|
|
@ -79,6 +79,12 @@ job "telemetry-service" {
|
|||
group "grafana" {
|
||||
count = 1
|
||||
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "!="
|
||||
value = "piranha"
|
||||
}
|
||||
|
||||
network {
|
||||
port "grafana" {
|
||||
static = 3719
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue