2022-05-07 08:38:13 +00:00
|
|
|
|
|
|
|
job "vaultwarden" {
|
2022-10-14 11:08:10 +00:00
|
|
|
datacenters = ["homelab"]
|
2022-12-10 16:10:32 +00:00
|
|
|
priority = 90
|
2022-10-29 08:40:01 +00:00
|
|
|
type = "service"
|
2022-05-07 08:38:13 +00:00
|
|
|
meta {
|
|
|
|
forcedeploy = "0"
|
|
|
|
}
|
2024-02-21 18:03:31 +00:00
|
|
|
constraint {
|
|
|
|
attribute = "${node.class}"
|
|
|
|
operator = "set_contains"
|
|
|
|
value = "cluster"
|
|
|
|
}
|
2022-10-29 08:40:01 +00:00
|
|
|
group "vaultwarden" {
|
2022-05-07 08:38:13 +00:00
|
|
|
network {
|
|
|
|
mode = "host"
|
|
|
|
port "http" {
|
|
|
|
to = 80
|
|
|
|
}
|
|
|
|
}
|
2022-10-29 08:40:01 +00:00
|
|
|
vault {
|
2022-10-30 08:33:39 +00:00
|
|
|
policies = ["vaultwarden"]
|
2022-05-07 08:38:13 +00:00
|
|
|
|
|
|
|
}
|
2022-05-12 09:36:04 +00:00
|
|
|
task "vaultwarden" {
|
2022-05-07 08:38:13 +00:00
|
|
|
driver = "docker"
|
|
|
|
service {
|
|
|
|
name = "vaultwarden"
|
|
|
|
port = "http"
|
|
|
|
tags = [
|
2022-10-29 08:40:01 +00:00
|
|
|
"homer.enable=true",
|
|
|
|
"homer.name=VaultWarden",
|
|
|
|
"homer.service=Application",
|
|
|
|
"homer.logo=https://yunohost.org/user/images/bitwarden_logo.png",
|
|
|
|
"homer.target=_blank",
|
2023-11-05 18:08:17 +00:00
|
|
|
"homer.url=https://${NOMAD_JOB_NAME}.ducamps.eu",
|
2022-05-23 19:44:34 +00:00
|
|
|
|
2022-10-29 08:40:01 +00:00
|
|
|
"traefik.enable=true",
|
2023-11-05 18:08:17 +00:00
|
|
|
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`vault.ducamps.eu`)",
|
|
|
|
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=vault.ducamps.eu",
|
2022-10-29 08:40:01 +00:00
|
|
|
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
2023-10-07 16:40:40 +00:00
|
|
|
"traefik.http.routers.${NOMAD_JOB_NAME}.entrypoints=web,websecure",
|
2022-05-07 08:38:13 +00:00
|
|
|
]
|
|
|
|
check {
|
|
|
|
type = "http"
|
|
|
|
path = "/"
|
|
|
|
interval = "60s"
|
|
|
|
timeout = "20s"
|
|
|
|
|
|
|
|
check_restart {
|
|
|
|
limit = 3
|
|
|
|
grace = "240s"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
config {
|
|
|
|
image = "vaultwarden/server"
|
|
|
|
ports = ["http"]
|
|
|
|
volumes = [
|
|
|
|
"/mnt/diskstation/nomad/vaultwarden:/data"
|
|
|
|
]
|
|
|
|
|
|
|
|
}
|
|
|
|
env {
|
2022-10-29 08:40:01 +00:00
|
|
|
DATA_FOLDER = "/data"
|
|
|
|
WEB_VAULT_ENABLED = "true"
|
2023-11-05 18:08:17 +00:00
|
|
|
DOMAIN = "https://vault.ducamps.eu"
|
2022-05-07 08:38:13 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
template {
|
2022-10-29 08:40:01 +00:00
|
|
|
data = <<EOH
|
2022-10-30 08:33:39 +00:00
|
|
|
{{ with secret "secrets/data/database/vaultwarden"}}
|
2023-11-01 07:42:04 +00:00
|
|
|
DATABASE_URL=postgresql://vaultwarden:{{ .Data.data.password }}@active.db.service.consul/vaultwarden
|
2022-05-07 08:38:13 +00:00
|
|
|
{{end}}
|
|
|
|
EOH
|
|
|
|
destination = "secrets/vaultwarden.env"
|
2022-10-29 08:40:01 +00:00
|
|
|
env = true
|
2022-05-07 08:38:13 +00:00
|
|
|
}
|
2022-05-12 09:36:04 +00:00
|
|
|
resources {
|
|
|
|
memory = 150
|
|
|
|
}
|
2022-05-07 08:38:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|