forked from Deuxfleurs/nixcfg
redeploy bagage
This commit is contained in:
parent
c9f122bcd3
commit
0e4c641db7
3 changed files with 91 additions and 1 deletions
86
cluster/prod/app/bagage/deploy/bagage.hcl
Normal file
86
cluster/prod/app/bagage/deploy/bagage.hcl
Normal file
|
@ -0,0 +1,86 @@
|
||||||
|
job "bagage" {
|
||||||
|
datacenters = ["orion", "neptune"]
|
||||||
|
type = "service"
|
||||||
|
priority = 90
|
||||||
|
|
||||||
|
constraint {
|
||||||
|
attribute = "${attr.cpu.arch}"
|
||||||
|
value = "amd64"
|
||||||
|
}
|
||||||
|
|
||||||
|
group "main" {
|
||||||
|
count = 1
|
||||||
|
|
||||||
|
network {
|
||||||
|
port "web_port" {
|
||||||
|
static = 8080
|
||||||
|
to = 8080
|
||||||
|
}
|
||||||
|
port "ssh_port" {
|
||||||
|
static = 2222
|
||||||
|
to = 2222
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
task "server" {
|
||||||
|
driver = "docker"
|
||||||
|
config {
|
||||||
|
image = "superboum/amd64_bagage:v11"
|
||||||
|
readonly_rootfs = false
|
||||||
|
network_mode = "host"
|
||||||
|
volumes = [
|
||||||
|
"secrets/id_rsa:/id_rsa"
|
||||||
|
]
|
||||||
|
ports = [ "web_port", "ssh_port" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
BAGAGE_LDAP_ENDPOINT = "bottin.service.prod.consul:389"
|
||||||
|
}
|
||||||
|
|
||||||
|
resources {
|
||||||
|
memory = 200
|
||||||
|
cpu = 100
|
||||||
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = "{{ key \"secrets/bagage/id_rsa\" }}"
|
||||||
|
destination = "secrets/id_rsa"
|
||||||
|
}
|
||||||
|
|
||||||
|
service {
|
||||||
|
name = "bagage-ssh"
|
||||||
|
port = "ssh_port"
|
||||||
|
address_mode = "host"
|
||||||
|
tags = [
|
||||||
|
"bagage",
|
||||||
|
"(diplonat (tcp_port 2222))"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
service {
|
||||||
|
name = "bagage-webdav"
|
||||||
|
tags = [
|
||||||
|
"bagage",
|
||||||
|
"tricot bagage.deuxfleurs.fr",
|
||||||
|
"d53-cname bagage.deuxfleurs.fr",
|
||||||
|
]
|
||||||
|
port = "web_port"
|
||||||
|
address_mode = "host"
|
||||||
|
check {
|
||||||
|
type = "tcp"
|
||||||
|
port = "web_port"
|
||||||
|
address_mode = "host"
|
||||||
|
interval = "60s"
|
||||||
|
timeout = "5s"
|
||||||
|
check_restart {
|
||||||
|
limit = 3
|
||||||
|
grace = "90s"
|
||||||
|
ignore_warnings = false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
4
cluster/prod/app/bagage/secrets.toml
Normal file
4
cluster/prod/app/bagage/secrets.toml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
[secrets."bagage/id_rsa"]
|
||||||
|
type = 'command'
|
||||||
|
rotate = true
|
||||||
|
command = 'ssh-keygen -q -f >(cat) -N "" <<< y 2>/dev/null 1>&2 ; true'
|
|
@ -22,7 +22,7 @@ job "albatros" {
|
||||||
task "controller" {
|
task "controller" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "dxflrs/albatros:750015b3fff91af8b9b86869411216a06bd13614"
|
image = "dxflrs/albatros:76c59221d171eb56a2ce2bfa630502ff78eeae74"
|
||||||
ports = [ "http" ]
|
ports = [ "http" ]
|
||||||
volumes = [
|
volumes = [
|
||||||
"secrets/certs:/var/run/secrets/albatros"
|
"secrets/certs:/var/run/secrets/albatros"
|
||||||
|
|
Loading…
Reference in a new issue