gitea works with Postgre which is not exposed publicly, thanks to Consul Connect - the bug was that Nomad could not reach Consul's gRPC due to IPv4/6 mis-configuration

hammerhead/app/gitea/deploy/gitea.hcl

@@ -12,7 +12,10 @@ job "gitea" {
 
     network {
       mode = "bridge"
-      port "http" { to = 3000 }
+      port "http" { 
+        static = 3000
+        to = 3000 
+      }
       port "ssh" { to = 22 }
     }
 
@@ -51,7 +54,7 @@ job "gitea" {
               destination_name = "postgres"
               local_bind_port = "5432"
               # Optional
-              # local_bind_address = "127.0.0.1"
+              local_bind_address = "127.0.0.1"
             }
           }
         }
@@ -99,9 +102,9 @@ EOH
       }
 
       env {
-        DOMAIN = "gitea.hammerhead.luxeylab.net"
+        DOMAIN     = "gitea.hammerhead.luxeylab.net"
         SSH_DOMAIN = "gitea.hammerhead.luxeylab.net"
-        DB_HOST   = "${NOMAD_UPSTREAM_ADDR_postgres}"
+        DB_HOST    = "${NOMAD_UPSTREAM_ADDR_postgres}"
       }
     }
   }

hammerhead/os/config/consul.json

@@ -4,29 +4,20 @@
   "advertise_addr": "2001:41d0:8:ba0b::1",
   "addresses": {
     "dns": "[::]",
-    "http": "[::]"
+    "http": "[::]",
+    "grpc": "[::]"
   },
-  "retry_join": [
-        "2001:41d0:8:ba0b::1" 
-     ],
   "bootstrap_expect": 1,
   "server": true,
-  "ui": true,
+  "ui_config": {
+    "enabled": true
+  },
   "ports": {
      "dns": 53,
      "grpc": 8502
   },
-  "recursors": [
-    "213.186.33.99",
-    "172.104.136.243"
-  ],
   "encrypt": "2B2vxbfCRzu3Q29LEJAZBg==",
   "domain": "hammerhead.deuxfleurs.fr",
-  "performance": {
-    "raft_multiplier": 10,
-    "rpc_hold_timeout": "30s",
-    "leave_drain_time": "30s"
-  },
   "connect": {
     "enabled": true
   }

hammerhead/os/config/consul.old.json

@@ -0,0 +1,40 @@
+{
+  "data_dir": "/var/lib/consul",
+  "bind_addr": "[::]",
+  "advertise_addr": "2001:41d0:8:ba0b::1",
+  "addresses": {
+    "dns": "[::]",
+    "http": "[::]"
+  },
+  "retry_join": [
+        "2001:41d0:8:ba0b::1" 
+     ],
+  "bootstrap_expect": 1,
+  "server": true,
+  "ui": {
+    "enabled": true
+  },
+  "acl": {
+    "enabled": true,
+    "default_policy": "deny",
+    "enable_token_persistence": true,
+  },
+  "ports": {
+     "dns": 53,
+     "grpc": 8502
+  },
+  "recursors": [
+    "213.186.33.99",
+    "172.104.136.243"
+  ],
+  "encrypt": "2B2vxbfCRzu3Q29LEJAZBg==",
+  "domain": "hammerhead.deuxfleurs.fr",
+  "performance": {
+    "raft_multiplier": 10,
+    "rpc_hold_timeout": "30s",
+    "leave_drain_time": "30s"
+  },
+  "connect": {
+    "enabled": true
+  }
+}

hammerhead/os/config/nomad.hcl

@@ -10,6 +10,8 @@ advertise {
   serf = "2001:41d0:8:ba0b::1"
 }
 
+bind_addr = "[::]"
+
 data_dir = "/var/lib/nomad"
 
 server {
@@ -19,11 +21,11 @@ server {
 
 consul {
   address = "[::1]:8500"
+  grpc_address = "[::1]:8502"
 }
 
 client {
   enabled = true
-  #cpu_total_compute = 4000
   servers = ["[::1]:4648"]
   network_interface = "eno1"
   options {