homelab/drone.nomad

job "drone" {
  datacenters = ["homelab"]
  type = "service"
  constraint {
    attribute = "${attr.cpu.arch}"
    value = "amd64"
  }

  group "droneCI" {
    network {
      mode = "host"
      port "http" {
        to = 80
      }
    }
    vault {
      policies = ["access-tables"]
    }
    task "drone-server" {
      driver = "docker"
      service {
        name = "drone"
        port = "http"
        tags = [
          "traefik.enable=true",
          "traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
          "traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
          "traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
          "traefik.http.middlewares.httpsRedirect.redirectscheme.scheme=https",
          "traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=httpsRedirect"

        ]
      }
      config {
        image = "drone/drone:latest"
        ports = [
          "http"
        ]
      }
      env {

      }
      template {
        data= <<EOH
          {{ with secret "secrets/data/droneCI"}}
          DRONE_GITEA_SERVER="https://git.ducamps.win"
          DRONE_GITEA_CLIENT_ID="{{ .Data.data.DRONE_GITEA_CLIENT_ID }}"
          DRONE_GITEA_CLIENT_SECRET="{{ .Data.data.DRONE_GITEA_CLIENT_SECRET }}"
          DRONE_GITEA_ALWAYS_AUTH="True"
          DRONE_USER_CREATE="username:vincent,admin:true"
          DRONE_DATABASE_DRIVER="postgres"
          DRONE_DATABASE_DATASOURCE="postgres://drone:{{ .Data.data.DRONE_DB_PASSWORD }}@db1.ducamps.win:5432/drone?sslmode=disable"
          DRONE_RPC_SECRET="{{ .Data.data.DRONE_RPC_SECRET }}"
          DRONE_SERVER_HOST="drone.ducamps.win"
          DRONE_SERVER_PROTO="https"
          {{end}}
          EOH
        destination = "local/drone.env"
        env = true
      }
    }

    task "drone-runner"{
      driver = "docker"
      config {
        image = "drone/drone-runner-docker:latest"
        volumes =[
          "/var/run/docker.sock:/var/run/docker.sock",
        ]
      }
      env {

      }
      template {
        data= <<EOH
          {{ with secret "secrets/data/droneCI"}}
          DRONE_RPC_HOST="drone.ducamps.win"
          DRONE_RPC_PROTO="https"
          DRONE_RPC_SECRET= "{{ .Data.data.DRONE_RPC_SECRET}}"
          {{ end }}
          EOH
        destination = "local/drone-runner.env"
        env = true
      }
    }

  }
}
add drone job 2022-04-24 10:47:17 +00:00			`job "drone" {`
			`datacenters = ["homelab"]`
			`type = "service"`
add amd64 contrainst to drone 2022-04-27 18:22:49 +00:00			`constraint {`
			`attribute = "${attr.cpu.arch}"`
			`value = "amd64"`
			`}`
add drone job 2022-04-24 10:47:17 +00:00
			`group "droneCI" {`
			`network {`
			`mode = "host"`
			`port "http" {`
			`to = 80`
			`}`
			`}`
			`vault {`
			`policies = ["access-tables"]`
			`}`
			`task "drone-server" {`
			`driver = "docker"`
			`service {`
			`name = "drone"`
			`port = "http"`
			`tags = [`
			`"traefik.enable=true",`
implement TLS 2022-04-24 20:19:18 +00:00			"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
add drone job 2022-04-24 10:47:17 +00:00			`"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",`
implement TLS 2022-04-24 20:19:18 +00:00			`"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",`
			`"traefik.http.middlewares.httpsRedirect.redirectscheme.scheme=https",`
			`"traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=httpsRedirect"`

add drone job 2022-04-24 10:47:17 +00:00			`]`
			`}`
			`config {`
			`image = "drone/drone:latest"`
			`ports = [`
			`"http"`
			`]`
			`}`
			`env {`

			`}`
			`template {`
			`data= <<EOH`
			`{{ with secret "secrets/data/droneCI"}}`
			`DRONE_GITEA_SERVER="https://git.ducamps.win"`
			`DRONE_GITEA_CLIENT_ID="{{ .Data.data.DRONE_GITEA_CLIENT_ID }}"`
			`DRONE_GITEA_CLIENT_SECRET="{{ .Data.data.DRONE_GITEA_CLIENT_SECRET }}"`
			`DRONE_GITEA_ALWAYS_AUTH="True"`
			`DRONE_USER_CREATE="username:vincent,admin:true"`
			`DRONE_DATABASE_DRIVER="postgres"`
			`DRONE_DATABASE_DATASOURCE="postgres://drone:{{ .Data.data.DRONE_DB_PASSWORD }}@db1.ducamps.win:5432/drone?sslmode=disable"`
			`DRONE_RPC_SECRET="{{ .Data.data.DRONE_RPC_SECRET }}"`
			`DRONE_SERVER_HOST="drone.ducamps.win"`
			`DRONE_SERVER_PROTO="https"`
			`{{end}}`
			`EOH`
			`destination = "local/drone.env"`
			`env = true`
			`}`
			`}`

			`task "drone-runner"{`
			`driver = "docker"`
			`config {`
			`image = "drone/drone-runner-docker:latest"`
			`volumes =[`
			`"/var/run/docker.sock:/var/run/docker.sock",`
			`]`
			`}`
			`env {`

			`}`
			`template {`
			`data= <<EOH`
			`{{ with secret "secrets/data/droneCI"}}`
			`DRONE_RPC_HOST="drone.ducamps.win"`
			`DRONE_RPC_PROTO="https"`
			`DRONE_RPC_SECRET= "{{ .Data.data.DRONE_RPC_SECRET}}"`
			`{{ end }}`
			`EOH`
			`destination = "local/drone-runner.env"`
			`env = true`
			`}`
			`}`

			`}`
			`}`