forked from Deuxfleurs/nixcfg
add teabag (for static cms)
This commit is contained in:
parent
a4eb0b2b56
commit
4ef04f7971
3 changed files with 102 additions and 0 deletions
11
cluster/prod/app/cms/config/teabag.env
Normal file
11
cluster/prod/app/cms/config/teabag.env
Normal file
|
@ -0,0 +1,11 @@
|
|||
HOST=0.0.0.0
|
||||
PORT={{ env "NOMAD_PORT_web_port" }}
|
||||
SESSION_SECRET={{ key "secrets/cms/teabag/session" | trimSpace }}
|
||||
|
||||
GITEA_KEY={{ key "secrets/cms/teabag/gitea_key" | trimSpace }}
|
||||
GITEA_SECRET={{ key "secrets/cms/teabag/gitea_secret" | trimSpace }}
|
||||
GITEA_BASE_URL=http://git.deuxfleurs.fr
|
||||
GITEA_AUTH_URI=login/oauth/authorize
|
||||
GITEA_TOKEN_URI=login/oauth/access_token
|
||||
GITEA_USER_URI=api/v1/user
|
||||
CALLBACK_URI=http://teabag.deuxfleurs.fr/callback
|
74
cluster/prod/app/cms/deploy/cms.hcl
Normal file
74
cluster/prod/app/cms/deploy/cms.hcl
Normal file
|
@ -0,0 +1,74 @@
|
|||
job "cms" {
|
||||
datacenters = ["neptune", "orion"]
|
||||
type = "service"
|
||||
|
||||
priority = 100
|
||||
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
group "auth" {
|
||||
count = 1
|
||||
|
||||
network {
|
||||
port "web_port" { }
|
||||
}
|
||||
|
||||
task "teabag" {
|
||||
driver = "docker"
|
||||
config {
|
||||
# Using a digest to pin the container as no tag is provided
|
||||
# https://github.com/denyskon/teabag/pkgs/container/teabag
|
||||
image = "ghcr.io/denyskon/teabag@sha256:d5af7c6caf172727fbfa047c8ee82f9087ef904f0f3bffdeec656be04e9e0a14"
|
||||
ports = [ "web_port" ]
|
||||
volumes = [
|
||||
"secrets/teabag.env:/etc/teabag/teabag.env",
|
||||
]
|
||||
}
|
||||
|
||||
template {
|
||||
data = file("../config/teabag.env")
|
||||
destination = "secrets/teabag.env"
|
||||
}
|
||||
|
||||
resources {
|
||||
memory = 20
|
||||
memory_max = 50
|
||||
cpu = 50
|
||||
}
|
||||
|
||||
service {
|
||||
name = "teabag"
|
||||
tags = [
|
||||
"teabag",
|
||||
"tricot teabag.deuxfleurs.fr",
|
||||
"d53-cname teabag.deuxfleurs.fr",
|
||||
]
|
||||
port = "web_port"
|
||||
check {
|
||||
type = "http"
|
||||
protocol = "http"
|
||||
port = "web_port"
|
||||
path = "/"
|
||||
interval = "60s"
|
||||
timeout = "5s"
|
||||
check_restart {
|
||||
limit = 3
|
||||
grace = "600s"
|
||||
ignore_warnings = false
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
restart {
|
||||
interval = "30m"
|
||||
attempts = 20
|
||||
delay = "15s"
|
||||
mode = "delay"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
17
cluster/prod/app/cms/secrets.toml
Normal file
17
cluster/prod/app/cms/secrets.toml
Normal file
|
@ -0,0 +1,17 @@
|
|||
# HTTP Session Encryption Key
|
||||
[secrets."cms/teabag/session"]
|
||||
type = 'command'
|
||||
rotate = true
|
||||
command = 'openssl rand -base64 32'
|
||||
|
||||
# Gitea Application Token
|
||||
[secrets."cms/teabag/gitea_key"]
|
||||
type = 'user'
|
||||
description = 'Gitea Application Key'
|
||||
example = '4fea0...'
|
||||
|
||||
[secrets."cms/teabag/gitea_secret"]
|
||||
type = 'user'
|
||||
description = 'Gitea Secret Key'
|
||||
example = 'gto_bz6f...'
|
||||
|
Loading…
Reference in a new issue