Run Tricot as Nix flake instead of Docker image

This commit is contained in:
Alex 2022-12-01 16:04:47 +01:00
parent e4684ae169
commit 9d0a2d8914
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE

View file

@ -15,17 +15,16 @@ job "frontend" {
}
task "server" {
driver = "docker"
driver = "nix2"
config {
image = "lxpz/amd64_tricot:41"
network_mode = "host"
readonly_rootfs = true
ports = [ "http_port", "https_port" ]
volumes = [
"secrets:/etc/tricot",
packages = [
"git+https://git.deuxfleurs.fr/Deuxfleurs/tricot.git?ref=main&rev=0ae7f5fbd924a293dcd3f1b6b61fc3cc46bd3876"
]
command = "tricot"
# cap_add = [ "net_bind_service" ] # this doesn't work for whatever reason, so we need to put user = "root" instead
}
user = "root"
resources {
cpu = 2000
@ -41,17 +40,17 @@ job "frontend" {
template {
data = "{{ key \"secrets/consul/consul-ca.crt\" }}"
destination = "secrets/consul-ca.crt"
destination = "etc/tricot/consul-ca.crt"
}
template {
data = "{{ key \"secrets/consul/consul-client.crt\" }}"
destination = "secrets/consul-client.crt"
destination = "etc/tricot/consul-client.crt"
}
template {
data = "{{ key \"secrets/consul/consul-client.key\" }}"
destination = "secrets/consul-client.key"
destination = "etc/tricot/consul-client.key"
}
template {