vincent/homelab
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

formatting

Browse Source
This commit is contained in:
vincent 2022-10-29 10:40:01 +02:00
parent 732d4b458d
commit a3abcb41a3
29 changed files with 500 additions and 500 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
nomad-job/MQTT.nomad
View File

@ -11,14 +11,14 @@ job "MQTT" {
value = "oscar" value = "oscar"
} }
group "MQTT"{ group "MQTT" {
network { network {
mode = "host" mode = "host"
port "zigbee2mqtt" { port "zigbee2mqtt" {
to = 8090 to = 8090
} }
port "mosquittoMQTT" { port "mosquittoMQTT" {
static= 1883 static = 1883
to = 1883 to = 1883
} }
port "mosquittoWS" { port "mosquittoWS" {
@ -36,7 +36,7 @@ job "MQTT" {
} }
config { config {
image = "eclipse-mosquitto" image = "eclipse-mosquitto"
ports = ["mosquittoWS","mosquittoMQTT"] ports = ["mosquittoWS", "mosquittoMQTT"]
volumes = [ volumes = [
"/mnt/diskstation/nomad/mosquitto:/mosquitto/data", "/mnt/diskstation/nomad/mosquitto:/mosquitto/data",
"local/mosquitto.conf:/mosquitto/config/mosquitto.conf" "local/mosquitto.conf:/mosquitto/config/mosquitto.conf"
@ -47,7 +47,7 @@ job "MQTT" {
TZ = "Europe/Paris" TZ = "Europe/Paris"
} }
template { template {
data= <<EOH data = <<EOH
persistence false persistence false
log_dest stdout log_dest stdout
listener 1883 listener 1883
@ -77,7 +77,7 @@ connection_messages true
} }
config { config {
image = "koenkk/zigbee2mqtt" image = "koenkk/zigbee2mqtt"
privileged= true privileged = true
ports = ["zigbee2mqtt"] ports = ["zigbee2mqtt"]
volumes = [ volumes = [
"/mnt/diskstation/nomad/zigbee2mqtt:/app/data", "/mnt/diskstation/nomad/zigbee2mqtt:/app/data",
@ -92,7 +92,7 @@ connection_messages true
} }
template { template {
data= <<EOH data = <<EOH
# MQTT settings # MQTT settings
mqtt: mqtt:
# MQTT base topic for Zigbee2MQTT MQTT messages # MQTT base topic for Zigbee2MQTT MQTT messages

2
nomad-job/alertmanager.nomad
View File

@ -6,7 +6,7 @@ job "alertmanager" {
forcedeploy = "0" forcedeploy = "0"
} }
group "alertmanager"{ group "alertmanager" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {

2
nomad-job/chainetv.nomad
View File

@ -5,7 +5,7 @@ job "chainetv" {
meta { meta {
forcedeploy = "2" forcedeploy = "2"
} }
group "chainetv"{ group "chainetv" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {

18
nomad-job/crowdsec-agent.nomad
View File

@ -1,25 +1,25 @@
job "crowdsec-agent" { job "crowdsec-agent" {
datacenters = ["homelab","hetzner"] datacenters = ["homelab", "hetzner"]
type = "system" type = "system"
meta { meta {
forcedeploy = "2" forcedeploy = "2"
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
group "crowdsec-agent"{ group "crowdsec-agent" {
network { network {
mode = "host" mode = "host"
port "metric"{ port "metric" {
to = 6060 to = 6060
} }
} }
task "crowdsec-agent" { task "crowdsec-agent" {
service { service {
name= "crowdsec-metrics" name = "crowdsec-metrics"
port = "metric" port = "metric"
tags = [ tags = [
] ]
@ -36,8 +36,8 @@ job "crowdsec-agent" {
} }
env { env {
COLLECTIONS= "crowdsecurity/traefik crowdsecurity/home-assistant LePresidente/gitea" COLLECTIONS = "crowdsecurity/traefik crowdsecurity/home-assistant LePresidente/gitea"
DISABLE_LOCAL_API= "true" DISABLE_LOCAL_API = "true"
} }
template { template {
data = <<EOH data = <<EOH
@ -73,7 +73,7 @@ AGENT_USERNAME = "{{ env "node.unique.name" }}"
AGENT_PASSWORD = "{{.Data.data.AGENT_PASSWORD}}" AGENT_PASSWORD = "{{.Data.data.AGENT_PASSWORD}}"
{{end}} {{end}}
EOH EOH
destination ="secret/agent.env" destination = "secret/agent.env"
env = "true" env = "true"
} }
resources { resources {

14
nomad-job/crowdsec-api.nomad
View File

@ -4,7 +4,7 @@ job "crowdsec-api" {
meta { meta {
forcedeploy = "-1" forcedeploy = "-1"
} }
vault{ vault {
policies = ["access-tables"] policies = ["access-tables"]
} }
group "crowdsec-api" { group "crowdsec-api" {
@ -14,28 +14,28 @@ job "crowdsec-api" {
static = 8898 static = 8898
to = 8080 to = 8080
} }
port "metric"{ port "metric" {
to = 6060 to = 6060
} }
} }
task "crowdsec-api" { task "crowdsec-api" {
service { service {
name= "crowdsec-metrics" name = "crowdsec-metrics"
port = "metric" port = "metric"
tags = [ tags = [
] ]
} }
driver = "docker" driver = "docker"
service { service {
name= "crowdsec-api" name = "crowdsec-api"
port = "http" port = "http"
tags = [ tags = [
] ]
} }
config { config {
image ="crowdsecurity/crowdsec" image = "crowdsecurity/crowdsec"
ports = ["http","metric"] ports = ["http", "metric"]
volumes = [ volumes = [
"/mnt/diskstation/nomad/crowdsec/db:/var/lib/crowdsec/data", "/mnt/diskstation/nomad/crowdsec/db:/var/lib/crowdsec/data",
"/mnt/diskstation/nomad/crowdsec/data:/etc/crowdsec_data", "/mnt/diskstation/nomad/crowdsec/data:/etc/crowdsec_data",
@ -50,7 +50,7 @@ DISABLE_AGENT = "true"
AGENT_PASSWORD = "{{.Data.data.AGENT_PASSWORD}}" AGENT_PASSWORD = "{{.Data.data.AGENT_PASSWORD}}"
{{end}} {{end}}
EOH EOH
destination ="secret/api.env" destination = "secret/api.env"
env = "true" env = "true"
} }
resources { resources {

12
nomad-job/dashboard.nomad
View File

@ -6,7 +6,7 @@ job "dashboard" {
forcedeploy = "1" forcedeploy = "1"
} }
group "dashboard"{ group "dashboard" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
@ -35,7 +35,7 @@ job "dashboard" {
} }
env { env {
INIT_ASSETS= 0 INIT_ASSETS = 0
} }
resources { resources {
@ -45,18 +45,18 @@ job "dashboard" {
task "homer-service-discovery" { task "homer-service-discovery" {
driver = "docker" driver = "docker"
config { config {
image= "ducampsv/homer-service-discovery" image = "ducampsv/homer-service-discovery"
volumes = [ volumes = [
"/mnt/diskstation/nomad/homer/config.yml:/config.yml", "/mnt/diskstation/nomad/homer/config.yml:/config.yml",
"local/base.yml:/base.yml" "local/base.yml:/base.yml"
] ]
} }
env { env {
SERVICE_DISCOVERY="Consul" SERVICE_DISCOVERY = "Consul"
CONSUL_HOST = "consul.service.consul:8500" CONSUL_HOST = "consul.service.consul:8500"
} }
template{ template {
data = <<EOH data = <<EOH
title: "HomeLab dashboard" title: "HomeLab dashboard"
subtitle: "VincentDcmps" subtitle: "VincentDcmps"
@ -138,7 +138,7 @@ services:
} }
resources { resources {
memory= 30 memory = 30
} }
} }

16
nomad-job/drone.nomad
View File

@ -49,7 +49,7 @@ job "drone" {
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/droneCI"}} {{ with secret "secrets/data/droneCI"}}
DRONE_GITEA_SERVER="https://git.ducamps.win" DRONE_GITEA_SERVER="https://git.ducamps.win"
DRONE_GITEA_CLIENT_ID="{{ .Data.data.DRONE_GITEA_CLIENT_ID }}" DRONE_GITEA_CLIENT_ID="{{ .Data.data.DRONE_GITEA_CLIENT_ID }}"
@ -71,11 +71,11 @@ job "drone" {
} }
} }
task "drone-runner"{ task "drone-runner" {
driver = "docker" driver = "docker"
config { config {
image = "drone/drone-runner-docker:latest" image = "drone/drone-runner-docker:latest"
volumes =[ volumes = [
"/var/run/docker.sock:/var/run/docker.sock", "/var/run/docker.sock:/var/run/docker.sock",
] ]
} }
@ -83,7 +83,7 @@ job "drone" {
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/droneCI"}} {{ with secret "secrets/data/droneCI"}}
DRONE_RPC_HOST="drone.ducamps.win" DRONE_RPC_HOST="drone.ducamps.win"
DRONE_RPC_PROTO="https" DRONE_RPC_PROTO="https"
@ -104,11 +104,11 @@ job "drone" {
attribute = "${attr.cpu.arch}" attribute = "${attr.cpu.arch}"
value = "arm" value = "arm"
} }
task "drone-ARM-runner"{ task "drone-ARM-runner" {
driver = "docker" driver = "docker"
config { config {
image = "drone/drone-runner-docker:latest" image = "drone/drone-runner-docker:1.8.2-linux-arm"
volumes =[ volumes = [
"/var/run/docker.sock:/var/run/docker.sock", "/var/run/docker.sock:/var/run/docker.sock",
] ]
} }
@ -116,7 +116,7 @@ job "drone" {
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/droneCI"}} {{ with secret "secrets/data/droneCI"}}
DRONE_RPC_HOST="drone.ducamps.win" DRONE_RPC_HOST="drone.ducamps.win"
DRONE_RPC_PROTO="https" DRONE_RPC_PROTO="https"

6
nomad-job/filestash.nomad
View File

@ -11,13 +11,13 @@ job "filestash" {
} }
group "filestash"{ group "filestash" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
to = 8334 to = 8334
} }
port "onlyoffice"{ port "onlyoffice" {
to = 80 to = 80
} }
} }
@ -50,7 +50,7 @@ job "filestash" {
} }
env { env {
APPLICATION_URL= "" APPLICATION_URL = ""
} }
resources { resources {

4
nomad-job/gitea.nomad
View File

@ -37,7 +37,7 @@ job "git" {
] ]
} }
service { service {
name= "gitea-ssh" name = "gitea-ssh"
port = "ssh" port = "ssh"
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
@ -76,7 +76,7 @@ job "git" {
GITEA__webhook__ALLOWED_HOST_LIST = "drone.ducamps.win" GITEA__webhook__ALLOWED_HOST_LIST = "drone.ducamps.win"
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/gitea"}} {{ with secret "secrets/data/gitea"}}
GITEA__database__PASSWD = "{{.Data.data.PASSWD}}" GITEA__database__PASSWD = "{{.Data.data.PASSWD}}"
GITEA__security__SECRET_KEY = "{{.Data.data.secret_key}}" GITEA__security__SECRET_KEY = "{{.Data.data.secret_key}}"

2
nomad-job/grafana.nomad
View File

@ -14,7 +14,7 @@ job "grafana" {
service { service {
name = "grafana" name = "grafana"
port = "http" port = "http"
tags= [ tags = [
"homer.enable=true", "homer.enable=true",
"homer.name=Grafana", "homer.name=Grafana",
"homer.service=Monitoring", "homer.service=Monitoring",

12
nomad-job/homeassistant.nomad
View File

@ -10,20 +10,20 @@ job "homeassistant" {
value = "oscar" value = "oscar"
} }
group "homeassistant"{ group "homeassistant" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
to = 8123 to = 8123
static = 8123 static = 8123
} }
port "coap"{ port "coap" {
to = 5683 to = 5683
static = 5683 static = 5683
} }
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
@ -55,7 +55,7 @@ job "homeassistant" {
} }
config { config {
image = "homeassistant/home-assistant:stable" image = "homeassistant/home-assistant:stable"
ports = ["http","coap"] ports = ["http", "coap"]
privileged = "true" privileged = "true"
network_mode = "host" network_mode = "host"
volumes = [ volumes = [
@ -72,4 +72,4 @@ job "homeassistant" {
} }
} }
} }

4
nomad-job/jellyfin.nomad
View File

@ -10,7 +10,7 @@ job "jellyfin" {
value = "amd64" value = "amd64"
} }
group "jellyfin"{ group "jellyfin" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
@ -61,7 +61,7 @@ job "jellyfin" {
} }
resources { resources {
memory = 2000 memory = 2000
cpu= 3000 cpu = 3000
} }
} }

2
nomad-job/loki.nomad
View File

@ -6,7 +6,7 @@ job "loki" {
forcedeploy = "0" forcedeploy = "0"
} }
group "loki"{ group "loki" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {

4
nomad-job/node-exporter.nomad
View File

@ -1,11 +1,11 @@
job "node-exporter" { job "node-exporter" {
datacenters = ["homelab","hetzner"] datacenters = ["homelab", "hetzner"]
type = "system" type = "system"
meta { meta {
forcedeploy = "0" forcedeploy = "0"
} }
group "node-exporter"{ group "node-exporter" {
network { network {
port "http" { port "http" {
} }

4
nomad-job/pacoloco.nomad
View File

@ -6,7 +6,7 @@ job "pacoloco" {
forcedeploy = "0" forcedeploy = "0"
} }
group "pacoloco"{ group "pacoloco" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
@ -36,7 +36,7 @@ job "pacoloco" {
} }
template { template {
data= <<EOH data = <<EOH
port: 9129 port: 9129
cache_dir: /var/cache/pacoloco cache_dir: /var/cache/pacoloco
purge_files_after: 360000 purge_files_after: 360000

32
nomad-job/paperless-ng.nomad
View File

@ -1,7 +1,7 @@
job "paperless-ng" { job "paperless-ng" {
datacenters = ["homelab"] datacenters = ["homelab"]
priority= 50 priority = 50
type = "service" type = "service"
meta { meta {
forcedeploy = "0" forcedeploy = "0"
@ -12,7 +12,7 @@ job "paperless-ng" {
value = "amd64" value = "amd64"
} }
group "paperless-ng"{ group "paperless-ng" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
@ -22,15 +22,15 @@ job "paperless-ng" {
to = 6379 to = 6379
} }
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
task "redis" { task "redis" {
driver = "docker" driver = "docker"
config { config {
image= "redis" image = "redis"
ports= ["redis"] ports = ["redis"]
} }
resources { resources {
memory = 100 memory = 100
@ -56,7 +56,7 @@ job "paperless-ng" {
check { check {
type = "http" type = "http"
name = "paperless-ng_health" name = "paperless-ng_health"
path="/" path = "/"
interval = "30s" interval = "30s"
timeout = "5s" timeout = "5s"
} }
@ -73,18 +73,18 @@ job "paperless-ng" {
} }
env { env {
PAPERLESS_REDIS= "redis://${NOMAD_ADDR_redis}" PAPERLESS_REDIS = "redis://${NOMAD_ADDR_redis}"
PAPERLESS_DBHOST= "db1.ducamps.win" PAPERLESS_DBHOST = "db1.ducamps.win"
PAPERLESS_DBNAME= "paperless" PAPERLESS_DBNAME = "paperless"
PAPERLESS_DBUSER= "paperless" PAPERLESS_DBUSER = "paperless"
PAPERLESS_OCR_LANGUAGE="fra" PAPERLESS_OCR_LANGUAGE = "fra"
PAPERLESS_CONSUMER_POLLING="60" PAPERLESS_CONSUMER_POLLING = "60"
PAPERLESS_URL="https://${NOMAD_JOB_NAME}.ducamps.win" PAPERLESS_URL = "https://${NOMAD_JOB_NAME}.ducamps.win"
PAPERLESS_ALLOWED_HOSTS="*" PAPERLESS_ALLOWED_HOSTS = "*"
} }
template { template {
data= <<EOH data = <<EOH
PAPERLESS_DBPASS= {{ with secret "secrets/data/paperless"}}{{.Data.data.DB_PASSWORD }}{{end}} PAPERLESS_DBPASS= {{ with secret "secrets/data/paperless"}}{{.Data.data.DB_PASSWORD }}{{end}}
EOH EOH
destination = "secrets/paperless.env" destination = "secrets/paperless.env"

20
nomad-job/pihole.nomad
View File

@ -1,7 +1,7 @@
job "pihole" { job "pihole" {
datacenters = ["homelab"] datacenters = ["homelab"]
priority= 100 priority = 100
meta { meta {
force = 1 force = 1
} }
@ -43,20 +43,20 @@ job "pihole" {
"dns", "dns",
"http", "http",
] ]
volumes =[ volumes = [
"local/dnsmasq.d/02-localresolver.conf:/etc/dnsmasq.d/02-localresolver.conf", "local/dnsmasq.d/02-localresolver.conf:/etc/dnsmasq.d/02-localresolver.conf",
"/mnt/diskstation/nomad/pihole:/etc/pihole" "/mnt/diskstation/nomad/pihole:/etc/pihole"
] ]
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
env { env {
TZ= "Europe/Paris" TZ = "Europe/Paris"
DNS1= "1.1.1.1" DNS1 = "1.1.1.1"
DNS2= "80.67.169.40" DNS2 = "80.67.169.40"
} }
template { template {
@ -67,8 +67,8 @@ job "pihole" {
change_mode = "noop" change_mode = "noop"
env = true env = true
} }
template{ template {
data= <<EOH data = <<EOH
server=/ducamps.win/192.168.1.10 server=/ducamps.win/192.168.1.10
{{range service "consul"}}server=/consul/{{.Address}}#8600 {{range service "consul"}}server=/consul/{{.Address}}#8600
{{end}} {{end}}
@ -76,7 +76,7 @@ domain=ducamps.win
no-negcache no-negcache
local-ttl=2 local-ttl=2
EOH EOH
destination="local/dnsmasq.d/02-localresolver.conf" destination = "local/dnsmasq.d/02-localresolver.conf"
change_mode = "restart" change_mode = "restart"
} }

4
nomad-job/promtail.nomad
View File

@ -1,12 +1,12 @@
job "promtail" { job "promtail" {
datacenters = ["homelab","hetzner"] datacenters = ["homelab", "hetzner"]
type = "system" type = "system"
meta { meta {
forcedeploy = "0" forcedeploy = "0"
} }
group "promtail"{ group "promtail" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {

8
nomad-job/radicale.nomad
View File

@ -5,15 +5,15 @@ job "radicale" {
meta { meta {
forcedeploy = "0" forcedeploy = "0"
} }
group "radicale"{ group "radicale" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
to = 5232 to = 5232
} }
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
task "radicale" { task "radicale" {
@ -50,7 +50,7 @@ job "radicale" {
} }
env { env {
TAKE_FILE_OWNERSHIP=false TAKE_FILE_OWNERSHIP = false
} }
template { template {
data = <<EOH data = <<EOH

14
nomad-job/rutorrent.nomad
View File

@ -5,7 +5,7 @@ job "torrent" {
meta { meta {
forcedeploy = "0" forcedeploy = "0"
} }
group "bittorent"{ group "bittorent" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
@ -13,11 +13,11 @@ job "torrent" {
host_network = "private" host_network = "private"
} }
port "torrent" { port "torrent" {
static=6881 static = 6881
host_network = "public" host_network = "public"
} }
port "ecoute" { port "ecoute" {
static= 50000 static = 50000
host_network = "public" host_network = "public"
} }
} }
@ -55,10 +55,10 @@ job "torrent" {
} }
env { env {
PUID=1024 PUID = 1024
PGID=984 PGID = 984
UMASK=002 UMASK = 002
WEBUI_PORT="8070" WEBUI_PORT = "8070"
} }
resources { resources {

18
nomad-job/seedboxsync.nomad
View File

@ -15,12 +15,12 @@ job "seedboxsync" {
cron = "0,30 * * * *" cron = "0,30 * * * *"
prohibit_overlap = true prohibit_overlap = true
} }
group "seedboxsync"{ group "seedboxsync" {
network { network {
mode = "host" mode = "host"
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
task "server" { task "server" {
driver = "docker" driver = "docker"
@ -32,19 +32,19 @@ job "seedboxsync" {
volumes = [ volumes = [
"/mnt/diskstation/media/download:/media" "/mnt/diskstation/media/download:/media"
] ]
args=[ args = [
"-u" ,"${USERNAME},${PASSWORD}", "-u", "${USERNAME},${PASSWORD}",
"-e" ,"mirror -c -P 5 -x seed ${REMOTE_PATH} /media;quit", "-e", "mirror -c -P 5 -x seed ${REMOTE_PATH} /media;quit",
"${REMOTE_SERVER}" "${REMOTE_SERVER}"
] ]
} }
env { env {
USER_ID=1000001 USER_ID = 1000001
GROUP_ID=1000007 GROUP_ID = 1000007
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/seedbox"}} {{ with secret "secrets/data/seedbox"}}
USERNAME = "{{ .Data.data.username }}" USERNAME = "{{ .Data.data.username }}"
PASSWORD = "{{ .Data.data.password }}" PASSWORD = "{{ .Data.data.password }}"

18
nomad-job/supysonic.nomad
View File

@ -10,18 +10,18 @@ job "supysonic" {
value = "amd64" value = "amd64"
} }
group "supysonic"{ group "supysonic" {
network { network {
mode = "host" mode = "host"
port "fcgi" { port "fcgi" {
to = 5000 to = 5000
} }
port "http" { port "http" {
to=80 to = 80
} }
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
service { service {
@ -47,8 +47,8 @@ job "supysonic" {
task "supysonic-frontend" { task "supysonic-frontend" {
driver = "docker" driver = "docker"
config { config {
image= "nginx:alpine" image = "nginx:alpine"
ports= [ ports = [
"http" "http"
] ]
volumes = [ volumes = [
@ -92,21 +92,21 @@ http {
config { config {
image = "ogarcia/supysonic:full-sql" image = "ogarcia/supysonic:full-sql"
ports = ["fcgi"] ports = ["fcgi"]
force_pull= true force_pull = true
volumes = [ volumes = [
"/mnt/diskstation/music:/mnt/diskstation/music" "/mnt/diskstation/music:/mnt/diskstation/music"
] ]
} }
env { env {
SUPYSONIC_RUN_MODE= "fcgi-port" SUPYSONIC_RUN_MODE = "fcgi-port"
SUPYSONIC_DAEMON_ENABLED = "true" SUPYSONIC_DAEMON_ENABLED = "true"
SUPYSONIC_WEBAPP_LOG_LEVEL = "WARNING" SUPYSONIC_WEBAPP_LOG_LEVEL = "WARNING"
SUPYSONIC_DAEMON_LOG_LEVEL = "INFO" SUPYSONIC_DAEMON_LOG_LEVEL = "INFO"
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/supysonic"}} {{ with secret "secrets/data/supysonic"}}
SUPYSONIC_DB_URI = "postgres://supysonic:{{ .Data.data.db_password}}@db1.ducamps.win/supysonic" SUPYSONIC_DB_URI = "postgres://supysonic:{{ .Data.data.db_password}}@db1.ducamps.win/supysonic"
{{end}} {{end}}

8
nomad-job/syncthing.nomad
View File

@ -6,21 +6,21 @@ job "syncthing" {
forcedeploy = "0" forcedeploy = "0"
} }
group "syncthing"{ group "syncthing" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
to = 8384 to = 8384
} }
port "listen"{ port "listen" {
static = 22000 static = 22000
} }
port "discovery" { port "discovery" {
static = 21027 static = 21027
} }
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
task "syncthing" { task "syncthing" {

18
nomad-job/traefik-ingress.nomad
View File

@ -3,7 +3,7 @@ job "traefik-ingress" {
type = "service" type = "service"
meta { meta {
force_deploy= 1 force_deploy = 1
} }
group "traefik-ingress" { group "traefik-ingress" {
network { network {
@ -25,8 +25,8 @@ job "traefik-ingress" {
host_network = "public" host_network = "public"
} }
} }
vault{ vault {
policies=["access-tables"] policies = ["access-tables"]
} }
task "traefik" { task "traefik" {
driver = "docker" driver = "docker"
@ -61,7 +61,7 @@ job "traefik-ingress" {
"admin", "admin",
"ssh" "ssh"
] ]
volumes =[ volumes = [
"local/traefik.toml:/etc/traefik/traefik.toml", "local/traefik.toml:/etc/traefik/traefik.toml",
"/mnt/diskstation/nomad/traefik/acme.json:/acme.json" "/mnt/diskstation/nomad/traefik/acme.json:/acme.json"
] ]
@ -71,15 +71,15 @@ job "traefik-ingress" {
#} #}
env { env {
} }
template{ template {
data=<<EOH data = <<EOH
GANDIV5_API_KEY = "{{with secret "secrets/data/gandi"}}{{.Data.data.API_KEY}}{{end}}" GANDIV5_API_KEY = "{{with secret "secrets/data/gandi"}}{{.Data.data.API_KEY}}{{end}}"
EOH EOH
destination= "secrets/gandi.env" destination = "secrets/gandi.env"
env = true env = true
} }
template{ template {
data= <<EOH data = <<EOH
[entryPoints] [entryPoints]
[entrypoints.ssh] [entrypoints.ssh]

16
nomad-job/traefik-local.nomad
View File

@ -18,8 +18,8 @@ job "traefik-local" {
static = 9080 static = 9080
} }
} }
vault{ vault {
policies=["access-tables"] policies = ["access-tables"]
} }
task "traefik" { task "traefik" {
@ -55,7 +55,7 @@ job "traefik-local" {
"admin", "admin",
"ssh" "ssh"
] ]
volumes =[ volumes = [
"local/traefik.toml:/etc/traefik/traefik.toml", "local/traefik.toml:/etc/traefik/traefik.toml",
"/mnt/diskstation/nomad/traefik/acme-local.json:/acme.json" "/mnt/diskstation/nomad/traefik/acme-local.json:/acme.json"
] ]
@ -65,16 +65,16 @@ job "traefik-local" {
#} #}
env { env {
} }
template{ template {
data=<<EOH data = <<EOH
GANDIV5_API_KEY = "{{with secret "secrets/data/gandi"}}{{.Data.data.API_KEY}}{{end}}" GANDIV5_API_KEY = "{{with secret "secrets/data/gandi"}}{{.Data.data.API_KEY}}{{end}}"
EOH EOH
destination= "secrets/gandi.env" destination = "secrets/gandi.env"
env = true env = true
} }
template{ template {
data= <<EOH data = <<EOH
[entryPoints] [entryPoints]
[entryPoints.web] [entryPoints.web]
address = ":80" address = ":80"

10
nomad-job/tt-rss.nomad
View File

@ -16,7 +16,7 @@ job "tt-rss" {
} }
network { network {
mode = "host" mode = "host"
port "http"{ port "http" {
to = 80 to = 80
} }
port "appPort" { port "appPort" {
@ -64,7 +64,7 @@ job "tt-rss" {
TTRSS_SELF_URL_PATH = "https://www.ducamps.win/tt-rss" TTRSS_SELF_URL_PATH = "https://www.ducamps.win/tt-rss"
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/ttrss"}} {{ with secret "secrets/data/ttrss"}}
TTRSS_DB_PASS = "{{ .Data.data.DB_PASS }}" TTRSS_DB_PASS = "{{ .Data.data.DB_PASS }}"
{{end}} {{end}}
@ -96,7 +96,7 @@ job "tt-rss" {
TTRSS_SELF_URL_PATH = "https://rss.ducamps.win/tt-rss" TTRSS_SELF_URL_PATH = "https://rss.ducamps.win/tt-rss"
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/ttrss"}} {{ with secret "secrets/data/ttrss"}}
TTRSS_DB_PASS = "{{ .Data.data.DB_PASS }}" TTRSS_DB_PASS = "{{ .Data.data.DB_PASS }}"
{{end}} {{end}}
@ -113,8 +113,8 @@ job "tt-rss" {
task "ttrss-frontend" { task "ttrss-frontend" {
driver = "docker" driver = "docker"
config { config {
image= "nginx:alpine" image = "nginx:alpine"
ports= [ ports = [
"http" "http"
] ]
volumes = [ volumes = [

8
nomad-job/vaultwarden.nomad
View File

@ -6,15 +6,15 @@ job "vaultwarden" {
forcedeploy = "0" forcedeploy = "0"
} }
group "vaultwarden"{ group "vaultwarden" {
network { network {
mode = "host" mode = "host"
port "http" { port "http" {
to = 80 to = 80
} }
} }
vault{ vault {
policies= ["access-tables"] policies = ["access-tables"]
} }
task "vaultwarden" { task "vaultwarden" {
@ -63,7 +63,7 @@ job "vaultwarden" {
} }
template { template {
data= <<EOH data = <<EOH
{{ with secret "secrets/data/vaultwarden"}} {{ with secret "secrets/data/vaultwarden"}}
DATABASE_URL=postgresql://vaultwarden:{{ .Data.data.DB_PASSWORD }}@db1.ducamps.win/vaultwarden DATABASE_URL=postgresql://vaultwarden:{{ .Data.data.DB_PASSWORD }}@db1.ducamps.win/vaultwarden
{{end}} {{end}}

8
nomad-job/www.nomad
View File

@ -37,14 +37,14 @@ job "www" {
ports = [ ports = [
"http" "http"
] ]
volumes =[ volumes = [
"local/nginx.conf:/etc/nginx/nginx.conf", "local/nginx.conf:/etc/nginx/nginx.conf",
"/srv/http:/usr/share/nginx/html" "/srv/http:/usr/share/nginx/html"
] ]
} }
template{ template {
data= <<EOH data = <<EOH
worker_processes auto; worker_processes auto;
pid /var/run/nginx.pid; pid /var/run/nginx.pid;
events { events {
@ -73,7 +73,7 @@ http {
} }
EOH EOH
destination="local/nginx.conf" destination = "local/nginx.conf"
} }
resources { resources {
memory = 50 memory = 50