adrien/infrastructure
1
0
Fork 0
forked from Deuxfleurs/infrastructure
Code Issues Pull requests Releases Wiki Activity
infrastructure/hammerhead/app/gitea/deploy/gitea.hcl
LUXEY Adrien 66818430bb postgres and gitea work without SSL
2021-06-05 09:02:32 +02:00

88 lines
2.1 KiB
HCL
Raw Blame History

job "gitea" {
datacenters = ["dc1"]
group "gitea" {
count = 1
volume "gitea-data" {
type = "host"
read_only = false
source = "gitea-data"
}
network {
port "http" { to = 3000 }
port "ssh" { to = 22 }
}
service {
name = "gitea-frontend"
port = "http"
# check {
# name = "alive"
# type = "tcp"
# interval = "10s"
# timeout = "2s"
# }
}
service {
name = "gitea-ssh"
port = "ssh"
# check {
# name = "alive"
# type = "tcp"
# interval = "10s"
# timeout = "2s"
# }
}
task "gitea" {
driver = "docker"
config {
# Exposes the http & ssh ports from the container to the host.
# Lame because anyone can access gitea bypassing nginx from :3000
# Necessary because without further mesh-net config,
# nginx can't access the container's port.
ports = ["http", "ssh"]
image = "gitea/gitea:1.14.2"
volumes = [
"/etc/timezone:/etc/timezone:ro",
"/etc/localtime:/etc/localtime:ro"
]
}
volume_mount {
volume = "gitea-data"
destination = "/data"
read_only = false
}
template {
# Consul Template only works in template stanza.
# We need it to fetch secret values from Consul.
# The "env = true" parameter sets the environment with the data.
# "destination" key is required but its value doesn't matter.
data = <<EOH
DB_TYPE = "postgres"
DB_USER = "{{ key "secrets/postgres/gitea/user" }}"
DB_PASSWD = "{{ key "secrets/postgres/gitea/password" }}"
DB_NAME = "{{ key "secrets/postgres/gitea/db_name" }}"
DB_HOST = "{{ with service "postgres" }}{{ with index . 0 }}{{ .Address }}:{{ .Port }}{{ end }}{{ end }}"
EOH
destination = "secrets/env"
env = true
change_mode = "restart"
}
env {
DOMAIN = "gitea.hammerhead.luxeylab.net"
SSH_DOMAIN = "gitea.hammerhead.luxeylab.net"
}
}
}
}
Reference in a new issue View git blame Copy permalink