forked from Deuxfleurs/nixcfg
màj config gitea
This commit is contained in:
parent
c31de0e94f
commit
14b59ba4b0
6 changed files with 75 additions and 8 deletions
|
@ -1,4 +1,4 @@
|
|||
job "core:bottin" {
|
||||
job "core-bottin" {
|
||||
datacenters = ["orion", "neptune", "scorpio"]
|
||||
type = "system"
|
||||
priority = 90
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
job "core:d53" {
|
||||
job "core-d53" {
|
||||
datacenters = ["neptune", "orion", "bespin"]
|
||||
type = "service"
|
||||
priority = 90
|
||||
|
@ -61,4 +61,42 @@ EOH
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Dummy task for Gitea (still on an external VM), runs on any bespin node
|
||||
# and allows D53 to automatically update the A record for git.deuxfleurs.fr
|
||||
# to the IPv4 address of the bespin site (that changes occasionnaly)
|
||||
group "gitea-dummy" {
|
||||
count = 1
|
||||
|
||||
network {
|
||||
port "dummy" {
|
||||
to = 999
|
||||
}
|
||||
}
|
||||
|
||||
task "main" {
|
||||
driver = "docker"
|
||||
|
||||
constraint {
|
||||
attribute = "${meta.site}"
|
||||
operator = "="
|
||||
value = "bespin"
|
||||
}
|
||||
|
||||
config {
|
||||
image = "alpine"
|
||||
command = "sh"
|
||||
args = ["-c", "while true; do echo x; sleep 60; done"]
|
||||
ports = [ "dummy" ]
|
||||
}
|
||||
|
||||
service {
|
||||
name = "gitea-dummy"
|
||||
port = "dummy"
|
||||
tags = [
|
||||
"d53-a git.deuxfleurs.fr",
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
job "core:diplonat" {
|
||||
job "core-diplonat" {
|
||||
datacenters = ["orion", "neptune", "scorpio", "bespin"]
|
||||
type = "system"
|
||||
priority = 90
|
||||
|
@ -53,9 +53,6 @@ DIPLONAT_CONSUL_URL=https://consul.service.prod.consul:8501
|
|||
DIPLONAT_CONSUL_TLS_SKIP_VERIFY=true
|
||||
DIPLONAT_CONSUL_CLIENT_CERT=/etc/diplonat/consul-client.crt
|
||||
DIPLONAT_CONSUL_CLIENT_KEY=/etc/diplonat/consul-client.key
|
||||
{{ if env "meta.site" | eq "bespin" }}
|
||||
DIPLONAT_IPV6_ONLY=true
|
||||
{{ end }}
|
||||
RUST_LOG=debug
|
||||
EOH
|
||||
destination = "secrets/env"
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
job "core:tricot" {
|
||||
datacenters = ["orion", "neptune", "scorpio", "bespin"]
|
||||
job "core-tricot" {
|
||||
# bespin pas pour l'instant, on a des soucis de SSL avec gitea
|
||||
# on pourra mettre bespin quand on aura migré gitea de la vm vers le cluster
|
||||
# en attendant, les deux ne sont pas capables de partager les certificats SSL
|
||||
# donc on laisse la VM gitea gérer les certifs et prendre tout le trafic http(s)
|
||||
datacenters = ["orion", "neptune", "scorpio"]
|
||||
type = "system"
|
||||
priority = 90
|
||||
|
||||
|
|
|
@ -60,6 +60,24 @@ curl -vv -X PUT http://localhost:8500/v1/catalog/register -H "Content-Type: app
|
|||
}
|
||||
EOF
|
||||
|
||||
curl -vv -X PUT http://localhost:8500/v1/catalog/register -H "Content-Type: application/json" --data @- <<EOF
|
||||
{
|
||||
"Datacenter": "prod",
|
||||
"Node": "lindy",
|
||||
"Address": "192.168.1.184",
|
||||
"NodeMeta": {
|
||||
"site": "neptune",
|
||||
"cname_target": "neptune.site.deuxfleurs.fr."
|
||||
},
|
||||
"Service": {
|
||||
"Service": "lx-apimtest",
|
||||
"Tags": ["tricot apimtest.adnab.me"],
|
||||
"Address": "192.168.1.184",
|
||||
"Port": 8920
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
|
||||
curl -vv -X PUT http://localhost:8500/v1/catalog/register -H "Content-Type: application/json" --data @- <<EOF
|
||||
{
|
||||
|
|
|
@ -4,4 +4,14 @@
|
|||
deuxfleurs.siteName = "bespin";
|
||||
deuxfleurs.staticIPv4.defaultGateway = "192.168.5.254";
|
||||
deuxfleurs.cnameTarget = "bespin.site.deuxfleurs.fr.";
|
||||
|
||||
# Allow all ports from gateway for janky UPnP/IGD daemon
|
||||
# networking.firewall = {
|
||||
# extraCommands = ''
|
||||
# iptables -A INPUT -s ${cfg.staticIPv4.defaultGateway} -p udp -j ACCEPT
|
||||
# '';
|
||||
# extraStopCommands = ''
|
||||
# iptables -D INPUT -s ${cfg.staticIPv4.defaultGateway} -p udp -j ACCEPT
|
||||
# '';
|
||||
# };
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue