add vaultwarden
This commit is contained in:
parent
c53fe3bc34
commit
47ac056f6a
70
vaultwarden.nomad
Normal file
70
vaultwarden.nomad
Normal file
@ -0,0 +1,70 @@
|
||||
|
||||
job "vaultwarden" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "vaultwarden"{
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 80
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
|
||||
}
|
||||
task "server" {
|
||||
driver = "docker"
|
||||
service {
|
||||
name = "vaultwarden"
|
||||
port = "http"
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`vault.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=vault.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
]
|
||||
check {
|
||||
type = "http"
|
||||
path = "/"
|
||||
interval = "60s"
|
||||
timeout = "20s"
|
||||
|
||||
check_restart {
|
||||
limit = 3
|
||||
grace = "240s"
|
||||
}
|
||||
}
|
||||
}
|
||||
config {
|
||||
image = "vaultwarden/server"
|
||||
ports = ["http"]
|
||||
volumes = [
|
||||
"/mnt/diskstation/nomad/vaultwarden:/data"
|
||||
]
|
||||
|
||||
}
|
||||
env {
|
||||
DATA_FOLDER = "/data"
|
||||
WEB_VAULT_ENABLED = "true"
|
||||
DOMAIN = "https://vault.ducamps.win"
|
||||
|
||||
}
|
||||
|
||||
template {
|
||||
data= <<EOH
|
||||
{{ with secret "secrets/data/vaultwarden"}}
|
||||
DATABASE_URL=postgresql://vaultwarden:{{ .Data.data.DB_PASSWORD }}@db1.ducamps.win/vaultwarden
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/vaultwarden.env"
|
||||
env = true
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user