staging: run bottin as nix job

This commit is contained in:
Alex 2022-12-01 22:49:55 +01:00
parent bc88622ea2
commit e67b460ae2
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE

View file

@ -14,22 +14,18 @@ job "directory" {
network {
port "ldap_port" {
static = 389
to = 389
}
}
task "bottin" {
driver = "docker"
driver = "nix2"
config {
image = "superboum/bottin_amd64:22"
network_mode = "host"
readonly_rootfs = true
ports = [ "ldap_port" ]
volumes = [
"secrets/config.json:/config.json",
"secrets:/etc/bottin",
packages = [
"git+https://git.deuxfleurs.fr/Deuxfleurs/bottin.git?ref=main&rev=9cab98d2cee386ece54b000bbdf2346da8b55eed"
]
command = "bottin"
}
user = "root" # needed to bind port 389
resources {
memory = 100
@ -37,22 +33,22 @@ job "directory" {
template {
data = file("../config/bottin/config.json.tpl")
destination = "secrets/config.json"
destination = "config.json"
}
template {
data = "{{ key \"secrets/consul/consul-ca.crt\" }}"
destination = "secrets/consul-ca.crt"
destination = "etc/bottin/consul-ca.crt"
}
template {
data = "{{ key \"secrets/consul/consul-client.crt\" }}"
destination = "secrets/consul-client.crt"
destination = "etc/bottin/consul-client.crt"
}
template {
data = "{{ key \"secrets/consul/consul-client.key\" }}"
destination = "secrets/consul-client.key"
destination = "etc/bottin/consul-client.key"
}
template {
@ -70,7 +66,6 @@ EOH
service {
tags = ["bottin"]
port = "ldap_port"
address_mode = "host"
name = "bottin"
check {
type = "tcp"