add traefik job

This commit is contained in:
vincent 2022-04-24 12:47:41 +02:00
parent 8d316503c0
commit 7be11cc028
2 changed files with 175 additions and 0 deletions

89
traefik-ingress.nomad Normal file
View File

@ -0,0 +1,89 @@
job "traefik-ingress" {
datacenters = ["hetzner"]
type = "service"
group "traefik-ingress" {
network {
mode = "host"
port "http" {
static = 80
host_network = "public"
}
port "https" {
static = 443
host_network = "public"
}
port "admin" {
static = 9080
host_network = "private"
}
}
task "server" {
driver = "docker"
service {
name = "traefik"
tags = ["traefik"]
port = "https"
}
service {
name = "traefik-admin"
port = "admin"
tags = [
"traefik.enable=true",
"traefik.http.routers.${NOMAD_JOB_NAME}_insecure.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
]
}
config {
image = "traefik"
ports = [
"http",
"https",
"admin"
]
volumes =[
"local/traefik.toml:/etc/traefik/traefik.toml"
#"/mnt/diskstation/nomad/traefik/acme.json:acme.json"
]
}
# vault{
#}
env {
}
template{
data= <<EOH
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address = ":443"
[entryPoints.traefik]
address = ":9080"
[http.middlewares]
[http.middlewares.https-redirect.redirectscheme]
scheme = "https"
[providers.consulCatalog]
exposedByDefault = false
[providers.consulCatalog.endpoint]
address = "10.0.0.1:8500"
[log]
[api]
dashboard = true
insecure = true
[ping]
EOH
destination = "local/traefik.toml"
env = false
change_mode = "noop"
left_delimiter = "{{{"
right_delimiter = "}}}"
}
}
}
}

86
traefik-local.nomad Normal file
View File

@ -0,0 +1,86 @@
job "traefik-local" {
datacenters = ["homelab"]
type = "service"
group "traefik-local" {
network {
mode = "host"
port "http" {
static = 80
}
port "https" {
static = 443
}
port "admin" {
static = 9080
}
}
task "server" {
driver = "docker"
service {
name = "traefik"
tags = ["traefik"]
port = "https"
}
service {
name = "traefik-admin"
port = "admin"
tags = [
"traefik.enable=true",
"traefik.http.routers.${NOMAD_JOB_NAME}_insecure.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
]
}
config {
image = "traefik"
ports = [
"http",
"https",
"admin"
]
volumes =[
"local/traefik.toml:/etc/traefik/traefik.toml"
#"/mnt/diskstation/nomad/traefik/acme.json:acme.json"
]
}
# vault{
#}
env {
}
template{
data= <<EOH
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address = ":443"
[entryPoints.traefik]
address = ":9080"
[http.middlewares]
[http.middlewares.https-redirect.redirectscheme]
scheme = "https"
[providers.consulCatalog]
exposedByDefault = false
[providers.consulCatalog.endpoint]
address = "127.0.0.1:8500"
[log]
[api]
dashboard = true
insecure = true
[ping]
EOH
destination = "local/traefik.toml"
env = false
change_mode = "noop"
left_delimiter = "{{{"
right_delimiter = "}}}"
}
}
}
}