From 1beced4c65dbabfafdfe1587f1f1e936e28c814b Mon Sep 17 00:00:00 2001 From: LUXEY Adrien Date: Sun, 6 Jun 2021 18:59:20 +0200 Subject: [PATCH] gitea works with Postgre which is not exposed publicly, thanks to Consul Connect - the bug was that Nomad could not reach Consul's gRPC due to IPv4/6 mis-configuration --- hammerhead/app/gitea/deploy/gitea.hcl | 11 +++++--- hammerhead/os/config/consul.json | 19 ++++--------- hammerhead/os/config/consul.old.json | 40 +++++++++++++++++++++++++++ hammerhead/os/config/nomad.hcl | 4 ++- 4 files changed, 55 insertions(+), 19 deletions(-) create mode 100644 hammerhead/os/config/consul.old.json diff --git a/hammerhead/app/gitea/deploy/gitea.hcl b/hammerhead/app/gitea/deploy/gitea.hcl index 9f6e1db..a30f36c 100644 --- a/hammerhead/app/gitea/deploy/gitea.hcl +++ b/hammerhead/app/gitea/deploy/gitea.hcl @@ -12,7 +12,10 @@ job "gitea" { network { mode = "bridge" - port "http" { to = 3000 } + port "http" { + static = 3000 + to = 3000 + } port "ssh" { to = 22 } } @@ -51,7 +54,7 @@ job "gitea" { destination_name = "postgres" local_bind_port = "5432" # Optional - # local_bind_address = "127.0.0.1" + local_bind_address = "127.0.0.1" } } } @@ -99,9 +102,9 @@ EOH } env { - DOMAIN = "gitea.hammerhead.luxeylab.net" + DOMAIN = "gitea.hammerhead.luxeylab.net" SSH_DOMAIN = "gitea.hammerhead.luxeylab.net" - DB_HOST = "${NOMAD_UPSTREAM_ADDR_postgres}" + DB_HOST = "${NOMAD_UPSTREAM_ADDR_postgres}" } } } diff --git a/hammerhead/os/config/consul.json b/hammerhead/os/config/consul.json index 7abcabc..4d34030 100644 --- a/hammerhead/os/config/consul.json +++ b/hammerhead/os/config/consul.json @@ -4,29 +4,20 @@ "advertise_addr": "2001:41d0:8:ba0b::1", "addresses": { "dns": "[::]", - "http": "[::]" + "http": "[::]", + "grpc": "[::]" }, - "retry_join": [ - "2001:41d0:8:ba0b::1" - ], "bootstrap_expect": 1, "server": true, - "ui": true, + "ui_config": { + "enabled": true + }, "ports": { "dns": 53, "grpc": 8502 }, - "recursors": [ - "213.186.33.99", - "172.104.136.243" - ], "encrypt": "2B2vxbfCRzu3Q29LEJAZBg==", "domain": "hammerhead.deuxfleurs.fr", - "performance": { - "raft_multiplier": 10, - "rpc_hold_timeout": "30s", - "leave_drain_time": "30s" - }, "connect": { "enabled": true } diff --git a/hammerhead/os/config/consul.old.json b/hammerhead/os/config/consul.old.json new file mode 100644 index 0000000..2ec65a2 --- /dev/null +++ b/hammerhead/os/config/consul.old.json @@ -0,0 +1,40 @@ +{ + "data_dir": "/var/lib/consul", + "bind_addr": "[::]", + "advertise_addr": "2001:41d0:8:ba0b::1", + "addresses": { + "dns": "[::]", + "http": "[::]" + }, + "retry_join": [ + "2001:41d0:8:ba0b::1" + ], + "bootstrap_expect": 1, + "server": true, + "ui": { + "enabled": true + }, + "acl": { + "enabled": true, + "default_policy": "deny", + "enable_token_persistence": true, + }, + "ports": { + "dns": 53, + "grpc": 8502 + }, + "recursors": [ + "213.186.33.99", + "172.104.136.243" + ], + "encrypt": "2B2vxbfCRzu3Q29LEJAZBg==", + "domain": "hammerhead.deuxfleurs.fr", + "performance": { + "raft_multiplier": 10, + "rpc_hold_timeout": "30s", + "leave_drain_time": "30s" + }, + "connect": { + "enabled": true + } +} diff --git a/hammerhead/os/config/nomad.hcl b/hammerhead/os/config/nomad.hcl index d7107b8..1a45a88 100644 --- a/hammerhead/os/config/nomad.hcl +++ b/hammerhead/os/config/nomad.hcl @@ -10,6 +10,8 @@ advertise { serf = "2001:41d0:8:ba0b::1" } +bind_addr = "[::]" + data_dir = "/var/lib/nomad" server { @@ -19,11 +21,11 @@ server { consul { address = "[::1]:8500" + grpc_address = "[::1]:8502" } client { enabled = true - #cpu_total_compute = 4000 servers = ["[::1]:4648"] network_interface = "eno1" options {