redeploy bagage

This commit is contained in:
Quentin 2023-04-05 15:50:46 +02:00
parent c9f122bcd3
commit 0e4c641db7
Signed by untrusted user: quentin
GPG key ID: E9602264D639FF68
3 changed files with 91 additions and 1 deletions

View file

@ -0,0 +1,86 @@
job "bagage" {
datacenters = ["orion", "neptune"]
type = "service"
priority = 90
constraint {
attribute = "${attr.cpu.arch}"
value = "amd64"
}
group "main" {
count = 1
network {
port "web_port" {
static = 8080
to = 8080
}
port "ssh_port" {
static = 2222
to = 2222
}
}
task "server" {
driver = "docker"
config {
image = "superboum/amd64_bagage:v11"
readonly_rootfs = false
network_mode = "host"
volumes = [
"secrets/id_rsa:/id_rsa"
]
ports = [ "web_port", "ssh_port" ]
}
env {
BAGAGE_LDAP_ENDPOINT = "bottin.service.prod.consul:389"
}
resources {
memory = 200
cpu = 100
}
template {
data = "{{ key \"secrets/bagage/id_rsa\" }}"
destination = "secrets/id_rsa"
}
service {
name = "bagage-ssh"
port = "ssh_port"
address_mode = "host"
tags = [
"bagage",
"(diplonat (tcp_port 2222))"
]
}
service {
name = "bagage-webdav"
tags = [
"bagage",
"tricot bagage.deuxfleurs.fr",
"d53-cname bagage.deuxfleurs.fr",
]
port = "web_port"
address_mode = "host"
check {
type = "tcp"
port = "web_port"
address_mode = "host"
interval = "60s"
timeout = "5s"
check_restart {
limit = 3
grace = "90s"
ignore_warnings = false
}
}
}
}
}
}

View file

@ -0,0 +1,4 @@
[secrets."bagage/id_rsa"]
type = 'command'
rotate = true
command = 'ssh-keygen -q -f >(cat) -N "" <<< y 2>/dev/null 1>&2 ; true'

View file

@ -22,7 +22,7 @@ job "albatros" {
task "controller" { task "controller" {
driver = "docker" driver = "docker"
config { config {
image = "dxflrs/albatros:750015b3fff91af8b9b86869411216a06bd13614" image = "dxflrs/albatros:76c59221d171eb56a2ce2bfa630502ff78eeae74"
ports = [ "http" ] ports = [ "http" ]
volumes = [ volumes = [
"secrets/certs:/var/run/secrets/albatros" "secrets/certs:/var/run/secrets/albatros"