homelab/nomad-job/tt-rss.nomad

208 lines
5.4 KiB
Plaintext
Raw Normal View History

2022-04-28 20:56:08 +00:00
job "tt-rss" {
2022-09-13 19:21:04 +00:00
datacenters = ["homelab"]
2022-12-10 16:10:32 +00:00
priority = 90
2022-10-29 08:40:01 +00:00
type = "service"
2022-04-28 20:56:08 +00:00
2022-10-29 08:40:01 +00:00
constraint {
2022-09-18 12:50:21 +00:00
attribute = "${attr.cpu.arch}"
2022-10-29 08:40:01 +00:00
value = "amd64"
}
constraint {
attribute = "${node.class}"
operator = "set_contains"
value = "cluster"
}
2022-04-28 20:56:08 +00:00
2023-10-08 12:52:53 +00:00
group "ttrss" {
2022-04-28 20:56:08 +00:00
ephemeral_disk {
migrate = true
2022-10-29 08:40:01 +00:00
size = 200
2022-04-28 20:56:08 +00:00
sticky = true
}
network {
mode = "host"
2022-10-29 08:40:01 +00:00
port "http" {
2022-04-28 20:56:08 +00:00
to = 80
}
port "appPort" {
to = 9000
}
}
vault {
2022-10-30 08:33:39 +00:00
policies = ["ttrss"]
2022-04-28 20:56:08 +00:00
}
service {
name = "tt-rss"
port = "http"
tags = [
2022-10-29 08:40:01 +00:00
"homer.enable=true",
"homer.name=TT-RSS",
"homer.service=Application",
2024-04-12 06:56:12 +00:00
"homer.logo=https://www.ducamps.eu/tt-rss/images/favicon-72px.png",
2022-10-29 08:40:01 +00:00
"homer.target=_blank",
2023-11-05 18:08:17 +00:00
"homer.url=https://www.ducamps.eu/tt-rss",
2022-05-23 19:44:34 +00:00
2022-04-28 20:56:08 +00:00
"traefik.enable=true",
2023-11-05 18:08:17 +00:00
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`www.ducamps.eu`)&&PathPrefix(`/tt-rss`)",
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=www.ducamps.eu",
2022-04-28 20:56:08 +00:00
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
2023-10-07 16:40:40 +00:00
"traefik.http.routers.${NOMAD_JOB_NAME}.entrypoints=web,websecure",
2022-04-28 20:56:08 +00:00
]
}
2022-05-12 09:36:51 +00:00
task "ttrss-app" {
2022-04-28 20:56:08 +00:00
driver = "docker"
config {
2024-03-17 17:58:24 +00:00
image = "docker.service.consul:5000/cthulhoo/ttrss-fpm-pgsql-static"
2022-04-28 20:56:08 +00:00
ports = [
2022-10-29 08:40:01 +00:00
"appPort"
2022-04-28 20:56:08 +00:00
]
volumes = [
2024-04-24 19:23:39 +00:00
"${NOMAD_ALLOC_DIR}/data:/var/www/html",
"/mnt/diskstation/nomad/tt-rss/ttrss-auth-oidc:/var/www/html/tt-rss/plugins.local/auth_oidc"
2022-04-28 20:56:08 +00:00
]
}
env {
2022-10-29 08:40:01 +00:00
TTRSS_DB-TYPE = "pgsql"
2023-11-01 08:08:47 +00:00
TTRSS_DB_HOST = "active.db.service.consul"
2022-10-29 08:40:01 +00:00
TTRSS_DB_NAME = "ttrss"
TTRSS_DB_USER = "ttrss"
2023-11-05 18:08:17 +00:00
TTRSS_SELF_URL_PATH = "https://www.ducamps.eu/tt-rss"
2024-04-24 19:23:39 +00:00
TTRSS_PLUGINS = "auth_oidc, auth_internal"
TTRSS_AUTH_OIDC_NAME= "Authelia"
TTRSS_AUTH_OIDC_URL = "https://auth.ducamps.eu"
TTRSS_AUTH_OIDC_CLIENT_ID = "ttrss"
2022-04-28 20:56:08 +00:00
}
template {
2022-10-29 08:40:01 +00:00
data = <<EOH
2024-04-24 19:23:39 +00:00
{{ with secret "secrets/data/database/ttrss"}}TTRSS_DB_PASS = "{{ .Data.data.password }}"{{end}}
TTRSS_AUTH_OIDC_CLIENT_SECRET = {{ with secret "secrets/data/authelia/ttrss"}}"{{ .Data.data.password }}"{{end}}
2022-04-28 20:56:08 +00:00
EOH
2024-04-24 19:23:39 +00:00
destination = "secret/tt-rss.env"
2022-10-29 08:40:01 +00:00
env = true
2022-04-28 20:56:08 +00:00
}
2022-05-12 09:36:04 +00:00
resources {
memory = 150
}
2022-04-28 20:56:08 +00:00
}
2022-04-30 19:09:09 +00:00
2022-10-29 08:40:01 +00:00
task "ttrss-updater" {
2022-04-30 19:09:09 +00:00
driver = "docker"
config {
2024-03-17 17:58:24 +00:00
image = "docker.service.consul:5000/cthulhoo/ttrss-fpm-pgsql-static"
2022-04-30 19:09:09 +00:00
volumes = [
"${NOMAD_ALLOC_DIR}/data:/var/www/html"
]
command = "/opt/tt-rss/updater.sh"
}
env {
2022-10-29 08:40:01 +00:00
TTRSS_DB-TYPE = "pgsql"
2023-11-01 07:42:04 +00:00
TTRSS_DB_HOST = "active.db.service.consul"
2022-10-29 08:40:01 +00:00
TTRSS_DB_NAME = "ttrss"
TTRSS_DB_USER = "ttrss"
2023-11-05 18:08:17 +00:00
TTRSS_SELF_URL_PATH = "https://www.ducamps.eu/tt-rss"
2022-04-30 19:09:09 +00:00
}
template {
2022-10-29 08:40:01 +00:00
data = <<EOH
2022-10-30 08:33:39 +00:00
{{ with secret "secrets/data/database/ttrss"}}
TTRSS_DB_PASS = "{{ .Data.data.password }}"
2022-04-30 19:09:09 +00:00
{{end}}
EOH
destination = "secrets/tt-rss.env"
2022-10-29 08:40:01 +00:00
env = true
2022-04-30 19:09:09 +00:00
}
2022-05-12 09:36:04 +00:00
resources {
memory = 150
}
2022-04-30 19:09:09 +00:00
}
2022-05-12 09:36:04 +00:00
task "ttrss-frontend" {
2022-04-28 20:56:08 +00:00
driver = "docker"
config {
2024-03-17 17:58:24 +00:00
image = "docker.service.consul:5000/library/nginx:alpine"
2022-10-29 08:40:01 +00:00
ports = [
2022-04-28 20:56:08 +00:00
"http"
]
volumes = [
"etc/nginx/nginx.conf:/etc/nginx/nginx.conf",
"${NOMAD_ALLOC_DIR}/data:/var/www/html"
]
}
template {
2022-10-29 08:40:01 +00:00
data = <<EOH
2022-04-28 20:56:08 +00:00
worker_processes auto;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
error_log /dev/stderr warn;
sendfile on;
index index.php;
upstream app {
server {{ env "NOMAD_ADDR_appPort" }};
}
server {
listen 80;
listen [::]:80;
root /var/www/html;
location /tt-rss/cache {
aio threads;
internal;
}
location /tt-rss/backups {
internal;
}
location ~ \.php$ {
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_pass app;
}
location / {
try_files $uri $uri/ =404;
}
}
}
EOH
destination = "etc/nginx/nginx.conf"
}
2022-05-12 09:36:04 +00:00
resources {
memory = 50
}
2022-04-28 20:56:08 +00:00
}
}
}