homelab/nomad-job/platform/grafana.nomad

job "grafana" {
  datacenters = ["homelab"]
  priority    = 50
  type        = "service"
  constraint {
    attribute = "${node.class}"
    operator = "set_contains"
    value = "cluster"
  }
  meta {
    forcedeploiement = 2
  }

  vault {
    policies = ["grafana"]
  }
  group "grafana" {
    network {
      port "http" {
        to = 3000
      }
    }
    service {
      name = "grafana"
      port = "http"
      tags = [
        "homer.enable=true",
        "homer.name=Grafana",
        "homer.service=Monitoring",
        "homer.logo=https://grafana.ducamps.eu/public/img/grafana_icon.svg",
        "homer.target=_blank",
        "homer.url=https://${NOMAD_JOB_NAME}.ducamps.eu",

        "traefik.enable=true",
        "traefik.http.routers.grafana.entryPoints=websecure",
        "traefik.http.routers.grafana.rule=Host(`grafana.ducamps.eu`)",
        "traefik.http.routers.grafana.tls.domains[0].sans=grafana.ducamps.eu",
        "traefik.http.routers.grafana.tls.certresolver=myresolver",
        "traefik.http.routers.grafana.entrypoints=web,websecure",

      ]
    }

    task "dashboard" {
      driver = "docker"
      config {
        image = "docker.service.consul:5000/grafana/grafana"
        ports = ["http"]
        volumes = [
          "local/grafana.ini:/etc/grafana/grafana.ini",
          "/mnt/diskstation/nomad/grafana/lib:/var/lib/grafana"
        ]
      }
      template {
        data = <<EOH
force_migration=true 
[server]
root_url = https://grafana.ducamps.eu
[auth.generic_oauth]
enabled = true
name = Authelia
icon = signin
client_id = grafana
client_secret = {{ with secret "secrets/data/authelia/grafana"}} {{ .Data.data.password }} {{end}}
scopes = openid profile email groups
empty_scopes = false
auth_url = https://auth.ducamps.eu/api/oidc/authorization
token_url = https://auth.ducamps.eu/api/oidc/token
api_url = https://auth.ducamps.eu/api/oidc/userinfo
login_attribute_path = preferred_username
groups_attribute_path = groups
name_attribute_path = name
use_pkce = true
role_attribute_path=contains(groups[*], 'GrafanaAdmins') && 'Admin' || contains(groups[*], 'GrafanaUsers') && 'Viewer'
EOH
        destination = "local/grafana.ini"
      }
      resources {
        memory = 250
      }
    }
  }
}
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`job "grafana" {`
			`datacenters = ["homelab"]`
perf: set nomad priority 2022-12-10 16:10:32 +00:00			`priority = 50`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`type = "service"`
feat: add constrainst to limit nas job 2024-02-21 18:03:31 +00:00			`constraint {`
			`attribute = "${node.class}"`
			`operator = "set_contains"`
			`value = "cluster"`
			`}`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`meta {`
init csi 2024-01-13 17:35:18 +00:00			`forcedeploiement = 2`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`}`
feat: grafanna sso 2024-05-10 13:50:45 +00:00
			`vault {`
			`policies = ["grafana"]`
			`}`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`group "grafana" {`
			`network {`
			`port "http" {`
formatting 2022-10-29 08:40:01 +00:00			`to = 3000`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`}`
			`}`
			`service {`
			`name = "grafana"`
			`port = "http"`
formatting 2022-10-29 08:40:01 +00:00			`tags = [`
add homer cnfig 2022-05-23 19:44:34 +00:00			`"homer.enable=true",`
			`"homer.name=Grafana",`
			`"homer.service=Monitoring",`
big bang ducamps.win -> ducamps.eu 2023-11-05 18:08:17 +00:00			`"homer.logo=https://grafana.ducamps.eu/public/img/grafana_icon.svg",`
add homer cnfig 2022-05-23 19:44:34 +00:00			`"homer.target=_blank",`
big bang ducamps.win -> ducamps.eu 2023-11-05 18:08:17 +00:00			`"homer.url=https://${NOMAD_JOB_NAME}.ducamps.eu",`
add homer cnfig 2022-05-23 19:44:34 +00:00
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`"traefik.enable=true",`
			`"traefik.http.routers.grafana.entryPoints=websecure",`
big bang ducamps.win -> ducamps.eu 2023-11-05 18:08:17 +00:00			"traefik.http.routers.grafana.rule=Host(`grafana.ducamps.eu`)",
			`"traefik.http.routers.grafana.tls.domains[0].sans=grafana.ducamps.eu",`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`"traefik.http.routers.grafana.tls.certresolver=myresolver",`
fix: proxy smtp port 25 issue 2023-10-07 16:40:40 +00:00			`"traefik.http.routers.grafana.entrypoints=web,websecure",`

add prometheus and grafana 2022-05-10 17:41:18 +00:00			`]`
			`}`

			`task "dashboard" {`
indent 2022-05-12 09:37:38 +00:00			`driver = "docker"`
			`config {`
feat: docker pull througt mirror 2024-03-17 17:58:24 +00:00			`image = "docker.service.consul:5000/grafana/grafana"`
indent 2022-05-12 09:37:38 +00:00			`ports = ["http"]`
			`volumes = [`
feat: grafanna sso 2024-05-10 13:50:45 +00:00			`"local/grafana.ini:/etc/grafana/grafana.ini",`
feat: docker pull througt mirror 2024-03-17 17:58:24 +00:00			`"/mnt/diskstation/nomad/grafana/lib:/var/lib/grafana"`
indent 2022-05-12 09:37:38 +00:00			`]`
			`}`
feat: grafanna sso 2024-05-10 13:50:45 +00:00			`template {`
			`data = <<EOH`
			`force_migration=true`
			`[server]`
			`root_url = https://grafana.ducamps.eu`
			`[auth.generic_oauth]`
			`enabled = true`
			`name = Authelia`
			`icon = signin`
			`client_id = grafana`
			`client_secret = {{ with secret "secrets/data/authelia/grafana"}} {{ .Data.data.password }} {{end}}`
			`scopes = openid profile email groups`
			`empty_scopes = false`
			`auth_url = https://auth.ducamps.eu/api/oidc/authorization`
			`token_url = https://auth.ducamps.eu/api/oidc/token`
			`api_url = https://auth.ducamps.eu/api/oidc/userinfo`
			`login_attribute_path = preferred_username`
			`groups_attribute_path = groups`
			`name_attribute_path = name`
			`use_pkce = true`
			`role_attribute_path=contains(groups[], 'GrafanaAdmins') && 'Admin' \|\| contains(groups[], 'GrafanaUsers') && 'Viewer'`
			`EOH`
			`destination = "local/grafana.ini"`
			`}`
indent 2022-05-12 09:37:38 +00:00			`resources {`
perf: increase memory 2023-11-14 16:45:52 +00:00			`memory = 250`
indent 2022-05-12 09:37:38 +00:00			`}`
add prometheus and grafana 2022-05-10 17:41:18 +00:00			`}`
			`}`
			`}`