formatting
This commit is contained in:
parent
732d4b458d
commit
a3abcb41a3
@ -1,29 +1,29 @@
|
||||
|
||||
job "MQTT" {
|
||||
datacenters = ["homelab"]
|
||||
priority = 50
|
||||
type = "service"
|
||||
priority = 50
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
value = "oscar"
|
||||
value = "oscar"
|
||||
}
|
||||
|
||||
group "MQTT"{
|
||||
group "MQTT" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "zigbee2mqtt" {
|
||||
to = 8090
|
||||
}
|
||||
port "mosquittoMQTT" {
|
||||
static= 1883
|
||||
to = 1883
|
||||
static = 1883
|
||||
to = 1883
|
||||
}
|
||||
port "mosquittoWS" {
|
||||
to = 9001
|
||||
static = 9001
|
||||
to = 9001
|
||||
static = 9001
|
||||
}
|
||||
}
|
||||
task "mosquitto" {
|
||||
@ -36,9 +36,9 @@ job "MQTT" {
|
||||
}
|
||||
config {
|
||||
image = "eclipse-mosquitto"
|
||||
ports = ["mosquittoWS","mosquittoMQTT"]
|
||||
ports = ["mosquittoWS", "mosquittoMQTT"]
|
||||
volumes = [
|
||||
"/mnt/diskstation/nomad/mosquitto:/mosquitto/data",
|
||||
"/mnt/diskstation/nomad/mosquitto:/mosquitto/data",
|
||||
"local/mosquitto.conf:/mosquitto/config/mosquitto.conf"
|
||||
]
|
||||
|
||||
@ -47,7 +47,7 @@ job "MQTT" {
|
||||
TZ = "Europe/Paris"
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
persistence false
|
||||
log_dest stdout
|
||||
listener 1883
|
||||
@ -66,19 +66,19 @@ connection_messages true
|
||||
name = "Zigbee2MQTT"
|
||||
port = "zigbee2mqtt"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=zigbee.mqtt",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://www.zigbee2mqtt.io/logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_zigbee2mqtt}",
|
||||
"homer.enable=true",
|
||||
"homer.name=zigbee.mqtt",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://www.zigbee2mqtt.io/logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_zigbee2mqtt}",
|
||||
|
||||
]
|
||||
}
|
||||
config {
|
||||
image = "koenkk/zigbee2mqtt"
|
||||
privileged= true
|
||||
ports = ["zigbee2mqtt"]
|
||||
image = "koenkk/zigbee2mqtt"
|
||||
privileged = true
|
||||
ports = ["zigbee2mqtt"]
|
||||
volumes = [
|
||||
"/mnt/diskstation/nomad/zigbee2mqtt:/app/data",
|
||||
"local/configuration.yaml:/app/data/configuration.yaml",
|
||||
@ -92,7 +92,7 @@ connection_messages true
|
||||
}
|
||||
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
# MQTT settings
|
||||
mqtt:
|
||||
# MQTT base topic for Zigbee2MQTT MQTT messages
|
||||
|
@ -1,12 +1,12 @@
|
||||
|
||||
job "alertmanager" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "alertmanager"{
|
||||
group "alertmanager" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -27,7 +27,7 @@ job "alertmanager" {
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_http}",
|
||||
|
||||
]
|
||||
]
|
||||
check {
|
||||
name = "alertmanager_ui port alive"
|
||||
type = "http"
|
||||
|
@ -1,11 +1,11 @@
|
||||
|
||||
job "chainetv" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "2"
|
||||
}
|
||||
group "chainetv"{
|
||||
group "chainetv" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -19,20 +19,20 @@ job "chainetv" {
|
||||
name = "chainetv"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=ChaineTV",
|
||||
"homer.service=Application",
|
||||
"homer.icon=fas fa-tv",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win/${NOMAD_JOB_NAME}",
|
||||
"homer.enable=true",
|
||||
"homer.name=ChaineTV",
|
||||
"homer.service=Application",
|
||||
"homer.icon=fas fa-tv",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win/${NOMAD_JOB_NAME}",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`www.ducamps.win`)&&PathPrefix(`/chainetv`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=www.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=chainetv,chainetvStrip",
|
||||
"traefik.http.middlewares.chainetv.headers.customrequestheaders.X-Script-Name=/chainetv",
|
||||
"traefik.http.middlewares.chainetvStrip.stripprefix.prefixes=/chainetv",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`www.ducamps.win`)&&PathPrefix(`/chainetv`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=www.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=chainetv,chainetvStrip",
|
||||
"traefik.http.middlewares.chainetv.headers.customrequestheaders.X-Script-Name=/chainetv",
|
||||
"traefik.http.middlewares.chainetvStrip.stripprefix.prefixes=/chainetv",
|
||||
|
||||
]
|
||||
}
|
||||
|
@ -1,25 +1,25 @@
|
||||
|
||||
job "crowdsec-agent" {
|
||||
datacenters = ["homelab","hetzner"]
|
||||
type = "system"
|
||||
datacenters = ["homelab", "hetzner"]
|
||||
type = "system"
|
||||
meta {
|
||||
forcedeploy = "2"
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
|
||||
group "crowdsec-agent"{
|
||||
group "crowdsec-agent" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "metric"{
|
||||
port "metric" {
|
||||
to = 6060
|
||||
}
|
||||
}
|
||||
task "crowdsec-agent" {
|
||||
service {
|
||||
name= "crowdsec-metrics"
|
||||
name = "crowdsec-metrics"
|
||||
port = "metric"
|
||||
tags = [
|
||||
]
|
||||
@ -36,11 +36,11 @@ job "crowdsec-agent" {
|
||||
|
||||
}
|
||||
env {
|
||||
COLLECTIONS= "crowdsecurity/traefik crowdsecurity/home-assistant LePresidente/gitea"
|
||||
DISABLE_LOCAL_API= "true"
|
||||
COLLECTIONS = "crowdsecurity/traefik crowdsecurity/home-assistant LePresidente/gitea"
|
||||
DISABLE_LOCAL_API = "true"
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
---
|
||||
source: docker
|
||||
container_name_regexp:
|
||||
@ -66,15 +66,15 @@ EOH
|
||||
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
LOCAL_API_URL = {{- range service "crowdsec-api" }} "http://{{ .Address }}:{{ .Port }}"{{- end }}
|
||||
AGENT_USERNAME = "{{ env "node.unique.name" }}"
|
||||
{{with secret "secrets/data/crowdsec"}}
|
||||
AGENT_PASSWORD = "{{.Data.data.AGENT_PASSWORD}}"
|
||||
{{end}}
|
||||
EOH
|
||||
destination ="secret/agent.env"
|
||||
env = "true"
|
||||
destination = "secret/agent.env"
|
||||
env = "true"
|
||||
}
|
||||
resources {
|
||||
memory = 100
|
||||
|
@ -1,10 +1,10 @@
|
||||
job "crowdsec-api" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "-1"
|
||||
}
|
||||
vault{
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
}
|
||||
group "crowdsec-api" {
|
||||
@ -12,30 +12,30 @@ job "crowdsec-api" {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
static = 8898
|
||||
to = 8080
|
||||
to = 8080
|
||||
}
|
||||
port "metric"{
|
||||
port "metric" {
|
||||
to = 6060
|
||||
}
|
||||
}
|
||||
task "crowdsec-api" {
|
||||
service {
|
||||
name= "crowdsec-metrics"
|
||||
service {
|
||||
name = "crowdsec-metrics"
|
||||
port = "metric"
|
||||
tags = [
|
||||
]
|
||||
}
|
||||
driver = "docker"
|
||||
driver = "docker"
|
||||
service {
|
||||
name= "crowdsec-api"
|
||||
name = "crowdsec-api"
|
||||
port = "http"
|
||||
tags = [
|
||||
|
||||
]
|
||||
}
|
||||
config {
|
||||
image ="crowdsecurity/crowdsec"
|
||||
ports = ["http","metric"]
|
||||
image = "crowdsecurity/crowdsec"
|
||||
ports = ["http", "metric"]
|
||||
volumes = [
|
||||
"/mnt/diskstation/nomad/crowdsec/db:/var/lib/crowdsec/data",
|
||||
"/mnt/diskstation/nomad/crowdsec/data:/etc/crowdsec_data",
|
||||
@ -43,21 +43,21 @@ job "crowdsec-api" {
|
||||
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
DISABLE_AGENT = "true"
|
||||
{{with secret "secrets/data/crowdsec"}}
|
||||
AGENT_USERNAME = "{{.Data.data.AGENT_USERNAME}}"
|
||||
AGENT_PASSWORD = "{{.Data.data.AGENT_PASSWORD}}"
|
||||
{{end}}
|
||||
EOH
|
||||
destination ="secret/api.env"
|
||||
env = "true"
|
||||
destination = "secret/api.env"
|
||||
env = "true"
|
||||
}
|
||||
resources {
|
||||
memory = 99
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
@ -1,12 +1,12 @@
|
||||
|
||||
job "dashboard" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "1"
|
||||
}
|
||||
|
||||
group "dashboard"{
|
||||
group "dashboard" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -20,10 +20,10 @@ job "dashboard" {
|
||||
name = "homer"
|
||||
port = "http"
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
]
|
||||
}
|
||||
config {
|
||||
@ -35,7 +35,7 @@ job "dashboard" {
|
||||
|
||||
}
|
||||
env {
|
||||
INIT_ASSETS= 0
|
||||
INIT_ASSETS = 0
|
||||
}
|
||||
|
||||
resources {
|
||||
@ -45,19 +45,19 @@ job "dashboard" {
|
||||
task "homer-service-discovery" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image= "ducampsv/homer-service-discovery"
|
||||
image = "ducampsv/homer-service-discovery"
|
||||
volumes = [
|
||||
"/mnt/diskstation/nomad/homer/config.yml:/config.yml",
|
||||
"local/base.yml:/base.yml"
|
||||
]
|
||||
}
|
||||
env {
|
||||
SERVICE_DISCOVERY="Consul"
|
||||
CONSUL_HOST = "consul.service.consul:8500"
|
||||
SERVICE_DISCOVERY = "Consul"
|
||||
CONSUL_HOST = "consul.service.consul:8500"
|
||||
}
|
||||
|
||||
template{
|
||||
data = <<EOH
|
||||
template {
|
||||
data = <<EOH
|
||||
title: "HomeLab dashboard"
|
||||
subtitle: "VincentDcmps"
|
||||
logo: "assets/logo.png"
|
||||
@ -138,7 +138,7 @@ services:
|
||||
|
||||
}
|
||||
resources {
|
||||
memory= 30
|
||||
memory = 30
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
job "drone" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
}
|
||||
@ -15,7 +15,7 @@ job "drone" {
|
||||
}
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
value = "amd64"
|
||||
}
|
||||
task "drone-server" {
|
||||
driver = "docker"
|
||||
@ -49,7 +49,7 @@ job "drone" {
|
||||
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/droneCI"}}
|
||||
DRONE_GITEA_SERVER="https://git.ducamps.win"
|
||||
DRONE_GITEA_CLIENT_ID="{{ .Data.data.DRONE_GITEA_CLIENT_ID }}"
|
||||
@ -64,18 +64,18 @@ job "drone" {
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "local/drone.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 100
|
||||
}
|
||||
}
|
||||
|
||||
task "drone-runner"{
|
||||
task "drone-runner" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "drone/drone-runner-docker:latest"
|
||||
volumes =[
|
||||
volumes = [
|
||||
"/var/run/docker.sock:/var/run/docker.sock",
|
||||
]
|
||||
}
|
||||
@ -83,7 +83,7 @@ job "drone" {
|
||||
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/droneCI"}}
|
||||
DRONE_RPC_HOST="drone.ducamps.win"
|
||||
DRONE_RPC_PROTO="https"
|
||||
@ -91,7 +91,7 @@ job "drone" {
|
||||
{{ end }}
|
||||
EOH
|
||||
destination = "local/drone-runner.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 50
|
||||
@ -102,13 +102,13 @@ job "drone" {
|
||||
group "Drone-ARM-Runner" {
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "arm"
|
||||
value = "arm"
|
||||
}
|
||||
task "drone-ARM-runner"{
|
||||
task "drone-ARM-runner" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "drone/drone-runner-docker:latest"
|
||||
volumes =[
|
||||
image = "drone/drone-runner-docker:1.8.2-linux-arm"
|
||||
volumes = [
|
||||
"/var/run/docker.sock:/var/run/docker.sock",
|
||||
]
|
||||
}
|
||||
@ -116,7 +116,7 @@ job "drone" {
|
||||
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/droneCI"}}
|
||||
DRONE_RPC_HOST="drone.ducamps.win"
|
||||
DRONE_RPC_PROTO="https"
|
||||
@ -124,7 +124,7 @@ job "drone" {
|
||||
{{ end }}
|
||||
EOH
|
||||
destination = "local/drone-runner.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 50
|
||||
|
@ -1,23 +1,23 @@
|
||||
|
||||
job "filestash" {
|
||||
datacenters = ["hetzner"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
|
||||
group "filestash"{
|
||||
group "filestash" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 8334
|
||||
}
|
||||
port "onlyoffice"{
|
||||
port "onlyoffice" {
|
||||
to = 80
|
||||
}
|
||||
}
|
||||
@ -27,16 +27,16 @@ job "filestash" {
|
||||
name = "filestash"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=FileStash",
|
||||
"homer.service=Application",
|
||||
"homer.url=http://file.ducamps.win",
|
||||
"homer.logo=http://file.ducamps.win/assets/logo/apple-touch-icon.png",
|
||||
"homer.target=_blank",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`file.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=file.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"homer.enable=true",
|
||||
"homer.name=FileStash",
|
||||
"homer.service=Application",
|
||||
"homer.url=http://file.ducamps.win",
|
||||
"homer.logo=http://file.ducamps.win/assets/logo/apple-touch-icon.png",
|
||||
"homer.target=_blank",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`file.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=file.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
|
||||
|
||||
]
|
||||
@ -50,11 +50,11 @@ job "filestash" {
|
||||
|
||||
}
|
||||
env {
|
||||
APPLICATION_URL= ""
|
||||
APPLICATION_URL = ""
|
||||
}
|
||||
|
||||
resources {
|
||||
cpu = 100
|
||||
cpu = 100
|
||||
memory = 300
|
||||
}
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
job "git" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
|
||||
group "gitea" {
|
||||
network {
|
||||
@ -37,7 +37,7 @@ job "git" {
|
||||
]
|
||||
}
|
||||
service {
|
||||
name= "gitea-ssh"
|
||||
name = "gitea-ssh"
|
||||
port = "ssh"
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
@ -51,32 +51,32 @@ job "git" {
|
||||
"http",
|
||||
"ssh"
|
||||
]
|
||||
volumes = [
|
||||
"/mnt/diskstation/git:/repo",
|
||||
"/mnt/diskstation/nomad/gitea:/data"
|
||||
]
|
||||
volumes = [
|
||||
"/mnt/diskstation/git:/repo",
|
||||
"/mnt/diskstation/nomad/gitea:/data"
|
||||
]
|
||||
}
|
||||
env {
|
||||
USER_UID = 1000000
|
||||
USER_GUID = 985
|
||||
GITEA__server__DOMAIN = "git.ducamps.win"
|
||||
GITEA__server__ROOT_URL = "https://git.ducamps.win"
|
||||
GITEA__server__SSH_DOMAIN = "git.ducamps.win"
|
||||
GITEA__server__SSH_PORT = "2222"
|
||||
GITEA__server__SSH_LISTEN_PORT = "2222"
|
||||
GITEA__server__START_SSH_SERVER = "false"
|
||||
GITEA__database__DB_TYPE = "postgres"
|
||||
GITEA__database__HOST = "db1.ducamps.win"
|
||||
GITEA__database__NAME = "gitea"
|
||||
GITEA__database__USER = "gitea"
|
||||
USER_UID = 1000000
|
||||
USER_GUID = 985
|
||||
GITEA__server__DOMAIN = "git.ducamps.win"
|
||||
GITEA__server__ROOT_URL = "https://git.ducamps.win"
|
||||
GITEA__server__SSH_DOMAIN = "git.ducamps.win"
|
||||
GITEA__server__SSH_PORT = "2222"
|
||||
GITEA__server__SSH_LISTEN_PORT = "2222"
|
||||
GITEA__server__START_SSH_SERVER = "false"
|
||||
GITEA__database__DB_TYPE = "postgres"
|
||||
GITEA__database__HOST = "db1.ducamps.win"
|
||||
GITEA__database__NAME = "gitea"
|
||||
GITEA__database__USER = "gitea"
|
||||
GITEA__service__DISABLE_REGISTRATION = "true"
|
||||
GITEA__repository__ROOT = "/repo"
|
||||
GITEA__server__APP_DATA_PATH = "/data"
|
||||
GITEA__server__LFS_CONTENT_PATH = "/repo/LFS"
|
||||
GITEA__webhook__ALLOWED_HOST_LIST = "drone.ducamps.win"
|
||||
GITEA__repository__ROOT = "/repo"
|
||||
GITEA__server__APP_DATA_PATH = "/data"
|
||||
GITEA__server__LFS_CONTENT_PATH = "/repo/LFS"
|
||||
GITEA__webhook__ALLOWED_HOST_LIST = "drone.ducamps.win"
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/gitea"}}
|
||||
GITEA__database__PASSWD = "{{.Data.data.PASSWD}}"
|
||||
GITEA__security__SECRET_KEY = "{{.Data.data.secret_key}}"
|
||||
@ -85,7 +85,7 @@ job "git" {
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/gitea.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 400
|
||||
|
@ -7,14 +7,14 @@ job "grafana" {
|
||||
group "grafana" {
|
||||
network {
|
||||
port "http" {
|
||||
to = 3000
|
||||
to = 3000
|
||||
}
|
||||
}
|
||||
|
||||
service {
|
||||
name = "grafana"
|
||||
port = "http"
|
||||
tags= [
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Grafana",
|
||||
"homer.service=Monitoring",
|
||||
|
@ -1,29 +1,29 @@
|
||||
|
||||
job "homeassistant" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
value = "oscar"
|
||||
attribute = "${attr.unique.hostname}"
|
||||
value = "oscar"
|
||||
}
|
||||
|
||||
group "homeassistant"{
|
||||
group "homeassistant" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 8123
|
||||
to = 8123
|
||||
static = 8123
|
||||
}
|
||||
port "coap"{
|
||||
to = 5683
|
||||
port "coap" {
|
||||
to = 5683
|
||||
static = 5683
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
|
||||
@ -35,17 +35,17 @@ job "homeassistant" {
|
||||
name = "${NOMAD_TASK_NAME}"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Hass",
|
||||
"homer.service=Application",
|
||||
"homer.subtitle=Home Assistant",
|
||||
"homer.logo=https://raw.githubusercontent.com/home-assistant/assets/master/logo/logo-small.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://${NOMAD_TASK_NAME}.ducamps.win",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_TASK_NAME}.rule=Host(`${NOMAD_TASK_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_TASK_NAME}.tls.domains[0].sans=${NOMAD_TASK_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_TASK_NAME}.tls.certresolver=myresolver",
|
||||
"homer.enable=true",
|
||||
"homer.name=Hass",
|
||||
"homer.service=Application",
|
||||
"homer.subtitle=Home Assistant",
|
||||
"homer.logo=https://raw.githubusercontent.com/home-assistant/assets/master/logo/logo-small.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://${NOMAD_TASK_NAME}.ducamps.win",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_TASK_NAME}.rule=Host(`${NOMAD_TASK_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_TASK_NAME}.tls.domains[0].sans=${NOMAD_TASK_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_TASK_NAME}.tls.certresolver=myresolver",
|
||||
]
|
||||
check {
|
||||
type = "tcp"
|
||||
@ -54,9 +54,9 @@ job "homeassistant" {
|
||||
}
|
||||
}
|
||||
config {
|
||||
image = "homeassistant/home-assistant:stable"
|
||||
ports = ["http","coap"]
|
||||
privileged = "true"
|
||||
image = "homeassistant/home-assistant:stable"
|
||||
ports = ["http", "coap"]
|
||||
privileged = "true"
|
||||
network_mode = "host"
|
||||
volumes = [
|
||||
"/mnt/diskstation/nomad/hass:/config",
|
||||
@ -68,8 +68,8 @@ job "homeassistant" {
|
||||
resources {
|
||||
cpu = 800 # 500 MHz
|
||||
memory = 512 # 512 MB
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -1,20 +1,20 @@
|
||||
|
||||
job "jellyfin" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
group "jellyfin"{
|
||||
group "jellyfin" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 8096
|
||||
to = 8096
|
||||
}
|
||||
}
|
||||
|
||||
@ -23,7 +23,7 @@ job "jellyfin" {
|
||||
service {
|
||||
name = "jellyfin"
|
||||
port = "http"
|
||||
tags = [
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=jellyfin",
|
||||
"homer.service=Application",
|
||||
@ -49,19 +49,19 @@ job "jellyfin" {
|
||||
]
|
||||
devices = [
|
||||
{
|
||||
host_path = "/dev/dri/renderD128"
|
||||
container_path = "/dev/dri/renderD128"
|
||||
host_path = "/dev/dri/renderD128"
|
||||
container_path = "/dev/dri/renderD128"
|
||||
},
|
||||
{
|
||||
host_path = "/dev/dri/card0"
|
||||
container_path = "/dev/dri/card0"
|
||||
host_path = "/dev/dri/card0"
|
||||
container_path = "/dev/dri/card0"
|
||||
}
|
||||
]
|
||||
|
||||
}
|
||||
resources {
|
||||
memory = 2000
|
||||
cpu= 3000
|
||||
cpu = 3000
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,12 +1,12 @@
|
||||
|
||||
job "loki" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "loki"{
|
||||
group "loki" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -44,7 +44,7 @@ job "loki" {
|
||||
]
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
auth_enabled: false
|
||||
server:
|
||||
http_listen_port: 3100
|
||||
|
@ -1,11 +1,11 @@
|
||||
job "node-exporter" {
|
||||
datacenters = ["homelab","hetzner"]
|
||||
type = "system"
|
||||
datacenters = ["homelab", "hetzner"]
|
||||
type = "system"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "node-exporter"{
|
||||
group "node-exporter" {
|
||||
network {
|
||||
port "http" {
|
||||
}
|
||||
@ -14,11 +14,11 @@ job "node-exporter" {
|
||||
name = "node-exporter"
|
||||
port = "http"
|
||||
check {
|
||||
type = "http"
|
||||
port = "http"
|
||||
path = "/"
|
||||
interval = "10s"
|
||||
timeout = "2s"
|
||||
type = "http"
|
||||
port = "http"
|
||||
path = "/"
|
||||
interval = "10s"
|
||||
timeout = "2s"
|
||||
success_before_passing = "3"
|
||||
failures_before_critical = "3"
|
||||
check_restart {
|
||||
@ -59,7 +59,7 @@ job "node-exporter" {
|
||||
}
|
||||
|
||||
resources {
|
||||
cpu = 20
|
||||
cpu = 20
|
||||
memory = 30
|
||||
}
|
||||
}
|
||||
|
@ -1,12 +1,12 @@
|
||||
|
||||
job "pacoloco" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "pacoloco"{
|
||||
group "pacoloco" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -19,10 +19,10 @@ job "pacoloco" {
|
||||
name = "pacoloco"
|
||||
port = "http"
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`arch.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=arch.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`arch.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=arch.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
]
|
||||
}
|
||||
config {
|
||||
@ -36,7 +36,7 @@ job "pacoloco" {
|
||||
}
|
||||
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
port: 9129
|
||||
cache_dir: /var/cache/pacoloco
|
||||
purge_files_after: 360000
|
||||
@ -54,7 +54,7 @@ prefetch:
|
||||
ttl_unaccessed_in_days: 30
|
||||
ttl_unupdated_in_days: 300
|
||||
EOH
|
||||
destination = "local/pacoloco.yaml"
|
||||
destination = "local/pacoloco.yaml"
|
||||
}
|
||||
resources {
|
||||
memory = 200
|
||||
|
@ -1,18 +1,18 @@
|
||||
|
||||
job "paperless-ng" {
|
||||
datacenters = ["homelab"]
|
||||
priority= 50
|
||||
type = "service"
|
||||
priority = 50
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
group "paperless-ng"{
|
||||
group "paperless-ng" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -22,15 +22,15 @@ job "paperless-ng" {
|
||||
to = 6379
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
task "redis" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image= "redis"
|
||||
ports= ["redis"]
|
||||
image = "redis"
|
||||
ports = ["redis"]
|
||||
}
|
||||
resources {
|
||||
memory = 100
|
||||
@ -42,23 +42,23 @@ job "paperless-ng" {
|
||||
name = "${JOB}"
|
||||
port = "http"
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"homer.enable=true",
|
||||
"homer.name=Paperless",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://${NOMAD_JOB_NAME}.ducamps.win/static/frontend/fr-FR/apple-touch-icon.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"homer.enable=true",
|
||||
"homer.name=Paperless",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://${NOMAD_JOB_NAME}.ducamps.win/static/frontend/fr-FR/apple-touch-icon.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://${NOMAD_JOB_NAME}.ducamps.win",
|
||||
]
|
||||
check {
|
||||
type = "http"
|
||||
name = "paperless-ng_health"
|
||||
path="/"
|
||||
type = "http"
|
||||
name = "paperless-ng_health"
|
||||
path = "/"
|
||||
interval = "30s"
|
||||
timeout = "5s"
|
||||
timeout = "5s"
|
||||
}
|
||||
}
|
||||
config {
|
||||
@ -73,26 +73,26 @@ job "paperless-ng" {
|
||||
|
||||
}
|
||||
env {
|
||||
PAPERLESS_REDIS= "redis://${NOMAD_ADDR_redis}"
|
||||
PAPERLESS_DBHOST= "db1.ducamps.win"
|
||||
PAPERLESS_DBNAME= "paperless"
|
||||
PAPERLESS_DBUSER= "paperless"
|
||||
PAPERLESS_OCR_LANGUAGE="fra"
|
||||
PAPERLESS_CONSUMER_POLLING="60"
|
||||
PAPERLESS_URL="https://${NOMAD_JOB_NAME}.ducamps.win"
|
||||
PAPERLESS_ALLOWED_HOSTS="*"
|
||||
PAPERLESS_REDIS = "redis://${NOMAD_ADDR_redis}"
|
||||
PAPERLESS_DBHOST = "db1.ducamps.win"
|
||||
PAPERLESS_DBNAME = "paperless"
|
||||
PAPERLESS_DBUSER = "paperless"
|
||||
PAPERLESS_OCR_LANGUAGE = "fra"
|
||||
PAPERLESS_CONSUMER_POLLING = "60"
|
||||
PAPERLESS_URL = "https://${NOMAD_JOB_NAME}.ducamps.win"
|
||||
PAPERLESS_ALLOWED_HOSTS = "*"
|
||||
}
|
||||
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
PAPERLESS_DBPASS= {{ with secret "secrets/data/paperless"}}{{.Data.data.DB_PASSWORD }}{{end}}
|
||||
EOH
|
||||
destination = "secrets/paperless.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 800
|
||||
cpu = 2000
|
||||
cpu = 2000
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,39 +1,39 @@
|
||||
|
||||
job "pihole" {
|
||||
datacenters = ["homelab"]
|
||||
priority= 100
|
||||
priority = 100
|
||||
meta {
|
||||
force = 1
|
||||
}
|
||||
type = "service"
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
value = "oscar"
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
value = "oscar"
|
||||
}
|
||||
group "pi-hole" {
|
||||
group "pi-hole" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "dns" {
|
||||
static = 53
|
||||
static = 53
|
||||
}
|
||||
port "http" {
|
||||
static = 8090
|
||||
to = 80
|
||||
static = 8090
|
||||
to = 80
|
||||
}
|
||||
}
|
||||
service {
|
||||
name = "pihole-gui"
|
||||
tags = ["pihole", "admin",
|
||||
"homer.enable=true",
|
||||
"homer.name=Pi-hole",
|
||||
"homer.service=Application",
|
||||
"homer.type=PiHole",
|
||||
"homer.logo=http://${NOMAD_ADDR_http}/admin/img/logo.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_http}/admin",
|
||||
name = "pihole-gui"
|
||||
tags = ["pihole", "admin",
|
||||
"homer.enable=true",
|
||||
"homer.name=Pi-hole",
|
||||
"homer.service=Application",
|
||||
"homer.type=PiHole",
|
||||
"homer.logo=http://${NOMAD_ADDR_http}/admin/img/logo.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_http}/admin",
|
||||
|
||||
]
|
||||
port = "http"
|
||||
]
|
||||
port = "http"
|
||||
}
|
||||
task "server" {
|
||||
driver = "docker"
|
||||
@ -43,32 +43,32 @@ job "pihole" {
|
||||
"dns",
|
||||
"http",
|
||||
]
|
||||
volumes =[
|
||||
"local/dnsmasq.d/02-localresolver.conf:/etc/dnsmasq.d/02-localresolver.conf",
|
||||
"/mnt/diskstation/nomad/pihole:/etc/pihole"
|
||||
volumes = [
|
||||
"local/dnsmasq.d/02-localresolver.conf:/etc/dnsmasq.d/02-localresolver.conf",
|
||||
"/mnt/diskstation/nomad/pihole:/etc/pihole"
|
||||
]
|
||||
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
env {
|
||||
TZ= "Europe/Paris"
|
||||
DNS1= "1.1.1.1"
|
||||
DNS2= "80.67.169.40"
|
||||
}
|
||||
env {
|
||||
TZ = "Europe/Paris"
|
||||
DNS1 = "1.1.1.1"
|
||||
DNS2 = "80.67.169.40"
|
||||
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
WEBPASSWORD="{{with secret "secrets/data/pihole"}}{{.Data.data.WEBPASSWORD}}{{end}}"
|
||||
EOH
|
||||
destination = "local/file.env"
|
||||
change_mode = "noop"
|
||||
env = true
|
||||
}
|
||||
template{
|
||||
data= <<EOH
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
server=/ducamps.win/192.168.1.10
|
||||
{{range service "consul"}}server=/consul/{{.Address}}#8600
|
||||
{{end}}
|
||||
@ -76,7 +76,7 @@ domain=ducamps.win
|
||||
no-negcache
|
||||
local-ttl=2
|
||||
EOH
|
||||
destination="local/dnsmasq.d/02-localresolver.conf"
|
||||
destination = "local/dnsmasq.d/02-localresolver.conf"
|
||||
change_mode = "restart"
|
||||
|
||||
}
|
||||
|
@ -17,7 +17,7 @@ job "prometheus" {
|
||||
delay = "15s"
|
||||
mode = "fail"
|
||||
}
|
||||
vault {
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
}
|
||||
|
||||
@ -100,10 +100,10 @@ scrape_configs:
|
||||
EOH
|
||||
}
|
||||
template {
|
||||
destination = "local/nomad-alert-rules.yml"
|
||||
destination = "local/nomad-alert-rules.yml"
|
||||
right_delimiter = "]]"
|
||||
left_delimiter = "[["
|
||||
data = <<EOH
|
||||
left_delimiter = "[["
|
||||
data = <<EOH
|
||||
---
|
||||
groups:
|
||||
- name: nomad_alerts
|
||||
@ -166,13 +166,13 @@ EOH
|
||||
service {
|
||||
name = "prometheus"
|
||||
tags = ["urlprefix-/",
|
||||
"homer.enable=true",
|
||||
"homer.name=Prometheus",
|
||||
"homer.service=Monitoring",
|
||||
"homer.type=Prometheus",
|
||||
"homer.logo=https://upload.wikimedia.org/wikipedia/commons/thumb/3/38/Prometheus_software_logo.svg/173px-Prometheus_software_logo.svg.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_prometheus_ui}",
|
||||
"homer.enable=true",
|
||||
"homer.name=Prometheus",
|
||||
"homer.service=Monitoring",
|
||||
"homer.type=Prometheus",
|
||||
"homer.logo=https://upload.wikimedia.org/wikipedia/commons/thumb/3/38/Prometheus_software_logo.svg/173px-Prometheus_software_logo.svg.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_prometheus_ui}",
|
||||
|
||||
|
||||
]
|
||||
|
@ -1,12 +1,12 @@
|
||||
|
||||
job "promtail" {
|
||||
datacenters = ["homelab","hetzner"]
|
||||
type = "system"
|
||||
datacenters = ["homelab", "hetzner"]
|
||||
type = "system"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "promtail"{
|
||||
group "promtail" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
@ -47,7 +47,7 @@ job "promtail" {
|
||||
env {
|
||||
HOSTNAME = "${attr.unique.hostname}"
|
||||
}
|
||||
template {
|
||||
template {
|
||||
data = <<EOTC
|
||||
positions:
|
||||
filename: {{ env "NOMAD_ALLOC_DIR"}}/positions.yaml
|
||||
|
@ -1,19 +1,19 @@
|
||||
|
||||
job "radicale" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
group "radicale"{
|
||||
group "radicale" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 5232
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
task "radicale" {
|
||||
@ -22,21 +22,21 @@ job "radicale" {
|
||||
name = "radicale"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Radicale",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://radicale.org/assets/logo.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win/${NOMAD_JOB_NAME}",
|
||||
"homer.enable=true",
|
||||
"homer.name=Radicale",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://radicale.org/assets/logo.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win/${NOMAD_JOB_NAME}",
|
||||
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`www.ducamps.win`)&&PathPrefix(`/radicale`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=www.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=radicaleHeader,radicalestrip",
|
||||
"traefik.http.middlewares.radicaleHeader.headers.customrequestheaders.X-Script-Name=/radicale",
|
||||
"traefik.http.middlewares.radicalestrip.stripprefix.prefixes=/radicale",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`www.ducamps.win`)&&PathPrefix(`/radicale`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=www.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=radicaleHeader,radicalestrip",
|
||||
"traefik.http.middlewares.radicaleHeader.headers.customrequestheaders.X-Script-Name=/radicale",
|
||||
"traefik.http.middlewares.radicalestrip.stripprefix.prefixes=/radicale",
|
||||
|
||||
]
|
||||
}
|
||||
@ -50,10 +50,10 @@ job "radicale" {
|
||||
|
||||
}
|
||||
env {
|
||||
TAKE_FILE_OWNERSHIP=false
|
||||
TAKE_FILE_OWNERSHIP = false
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
[server]
|
||||
hosts = 0.0.0.0:5232
|
||||
[auth]
|
||||
|
@ -1,23 +1,23 @@
|
||||
|
||||
job "torrent" {
|
||||
datacenters = ["hetzner"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
group "bittorent"{
|
||||
group "bittorent" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 8080
|
||||
to = 8080
|
||||
host_network = "private"
|
||||
}
|
||||
port "torrent" {
|
||||
static=6881
|
||||
static = 6881
|
||||
host_network = "public"
|
||||
}
|
||||
port "ecoute" {
|
||||
static= 50000
|
||||
static = 50000
|
||||
host_network = "public"
|
||||
}
|
||||
}
|
||||
@ -27,16 +27,16 @@ job "torrent" {
|
||||
name = "bittorent"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=torrent",
|
||||
"homer.url=https://torrent.ducamps.win",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://${NOMAD_JOB_NAME}.ducamps.win/images/favicon-196x196.png",
|
||||
"homer.target=_blank",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"homer.enable=true",
|
||||
"homer.name=torrent",
|
||||
"homer.url=https://torrent.ducamps.win",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://${NOMAD_JOB_NAME}.ducamps.win/images/favicon-196x196.png",
|
||||
"homer.target=_blank",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
|
||||
|
||||
]
|
||||
@ -47,7 +47,7 @@ job "torrent" {
|
||||
"http",
|
||||
"torrent",
|
||||
"ecoute"
|
||||
]
|
||||
]
|
||||
volumes = [
|
||||
"/mnt/hetzner/storagebox/rutorrentConfig:/data",
|
||||
"/mnt/hetzner/storagebox/file:/downloads"
|
||||
@ -55,10 +55,10 @@ job "torrent" {
|
||||
|
||||
}
|
||||
env {
|
||||
PUID=1024
|
||||
PGID=984
|
||||
UMASK=002
|
||||
WEBUI_PORT="8070"
|
||||
PUID = 1024
|
||||
PGID = 984
|
||||
UMASK = 002
|
||||
WEBUI_PORT = "8070"
|
||||
}
|
||||
|
||||
resources {
|
||||
|
@ -1,26 +1,26 @@
|
||||
|
||||
job "seedboxsync" {
|
||||
datacenters = ["homelab"]
|
||||
priority = 50
|
||||
type = "batch"
|
||||
priority = 50
|
||||
type = "batch"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
value = "amd64"
|
||||
}
|
||||
periodic {
|
||||
cron = "0,30 * * * *"
|
||||
cron = "0,30 * * * *"
|
||||
prohibit_overlap = true
|
||||
}
|
||||
group "seedboxsync"{
|
||||
group "seedboxsync" {
|
||||
network {
|
||||
mode = "host"
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
}
|
||||
task "server" {
|
||||
driver = "docker"
|
||||
@ -32,19 +32,19 @@ job "seedboxsync" {
|
||||
volumes = [
|
||||
"/mnt/diskstation/media/download:/media"
|
||||
]
|
||||
args=[
|
||||
"-u" ,"${USERNAME},${PASSWORD}",
|
||||
"-e" ,"mirror -c -P 5 -x seed ${REMOTE_PATH} /media;quit",
|
||||
args = [
|
||||
"-u", "${USERNAME},${PASSWORD}",
|
||||
"-e", "mirror -c -P 5 -x seed ${REMOTE_PATH} /media;quit",
|
||||
"${REMOTE_SERVER}"
|
||||
]
|
||||
|
||||
}
|
||||
env {
|
||||
USER_ID=1000001
|
||||
GROUP_ID=1000007
|
||||
USER_ID = 1000001
|
||||
GROUP_ID = 1000007
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/seedbox"}}
|
||||
USERNAME = "{{ .Data.data.username }}"
|
||||
PASSWORD = "{{ .Data.data.password }}"
|
||||
@ -53,7 +53,7 @@ job "seedboxsync" {
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/sample.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 100
|
||||
|
@ -1,44 +1,44 @@
|
||||
|
||||
job "supysonic" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
group "supysonic"{
|
||||
group "supysonic" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "fcgi" {
|
||||
to = 5000
|
||||
}
|
||||
port "http" {
|
||||
to=80
|
||||
to = 80
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
service {
|
||||
name = "supysonic"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Supysonic",
|
||||
"homer.service=Application",
|
||||
"homer.icon=fas fa-headphones",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"homer.enable=true",
|
||||
"homer.name=Supysonic",
|
||||
"homer.service=Application",
|
||||
"homer.icon=fas fa-headphones",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_JOB_NAME}.ducamps.win",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
|
||||
|
||||
]
|
||||
@ -47,8 +47,8 @@ job "supysonic" {
|
||||
task "supysonic-frontend" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image= "nginx:alpine"
|
||||
ports= [
|
||||
image = "nginx:alpine"
|
||||
ports = [
|
||||
"http"
|
||||
]
|
||||
volumes = [
|
||||
@ -56,7 +56,7 @@ job "supysonic" {
|
||||
]
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
worker_processes auto;
|
||||
pid /var/run/nginx.pid;
|
||||
events {
|
||||
@ -83,36 +83,36 @@ http {
|
||||
destination = "etc/nginx/nginx.conf"
|
||||
|
||||
}
|
||||
resources {
|
||||
memory = 75
|
||||
}
|
||||
resources {
|
||||
memory = 75
|
||||
}
|
||||
}
|
||||
task "supysonic-server" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "ogarcia/supysonic:full-sql"
|
||||
ports = ["fcgi"]
|
||||
force_pull= true
|
||||
image = "ogarcia/supysonic:full-sql"
|
||||
ports = ["fcgi"]
|
||||
force_pull = true
|
||||
volumes = [
|
||||
"/mnt/diskstation/music:/mnt/diskstation/music"
|
||||
]
|
||||
|
||||
}
|
||||
env {
|
||||
SUPYSONIC_RUN_MODE= "fcgi-port"
|
||||
SUPYSONIC_DAEMON_ENABLED = "true"
|
||||
SUPYSONIC_RUN_MODE = "fcgi-port"
|
||||
SUPYSONIC_DAEMON_ENABLED = "true"
|
||||
SUPYSONIC_WEBAPP_LOG_LEVEL = "WARNING"
|
||||
SUPYSONIC_DAEMON_LOG_LEVEL = "INFO"
|
||||
SUPYSONIC_DAEMON_LOG_LEVEL = "INFO"
|
||||
}
|
||||
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/supysonic"}}
|
||||
SUPYSONIC_DB_URI = "postgres://supysonic:{{ .Data.data.db_password}}@db1.ducamps.win/supysonic"
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/supysonic.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 256
|
||||
|
@ -1,26 +1,26 @@
|
||||
|
||||
job "syncthing" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "syncthing"{
|
||||
group "syncthing" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 8384
|
||||
}
|
||||
port "listen"{
|
||||
port "listen" {
|
||||
static = 22000
|
||||
}
|
||||
port "discovery" {
|
||||
static = 21027
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
task "syncthing" {
|
||||
@ -29,12 +29,12 @@ job "syncthing" {
|
||||
name = "syncthing-web"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Syncthing",
|
||||
"homer.service=Application",
|
||||
"homer.logo=http://${NOMAD_ADDR_http}/assets/img/logo-horizontal.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_http}",
|
||||
"homer.enable=true",
|
||||
"homer.name=Syncthing",
|
||||
"homer.service=Application",
|
||||
"homer.logo=http://${NOMAD_ADDR_http}/assets/img/logo-horizontal.svg",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_http}",
|
||||
]
|
||||
}
|
||||
config {
|
||||
|
@ -1,34 +1,34 @@
|
||||
job "traefik-ingress" {
|
||||
datacenters = ["hetzner"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
|
||||
meta {
|
||||
force_deploy= 1
|
||||
force_deploy = 1
|
||||
}
|
||||
group "traefik-ingress" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
static = 80
|
||||
static = 80
|
||||
host_network = "public"
|
||||
}
|
||||
port "https" {
|
||||
static = 443
|
||||
static = 443
|
||||
host_network = "public"
|
||||
}
|
||||
port "admin" {
|
||||
static = 9080
|
||||
static = 9080
|
||||
host_network = "private"
|
||||
}
|
||||
port "ssh" {
|
||||
static = 2222
|
||||
static = 2222
|
||||
host_network = "public"
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies=["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
}
|
||||
task "traefik" {
|
||||
task "traefik" {
|
||||
driver = "docker"
|
||||
service {
|
||||
name = "traefik"
|
||||
@ -41,13 +41,13 @@ job "traefik-ingress" {
|
||||
name = "traefik-admin"
|
||||
port = "admin"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Traefik admin",
|
||||
"homer.subtitle=WAN",
|
||||
"homer.service=Platform",
|
||||
"homer.logo=https://upload.wikimedia.org/wikipedia/commons/1/1b/Traefik.logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_admin}",
|
||||
"homer.enable=true",
|
||||
"homer.name=Traefik admin",
|
||||
"homer.subtitle=WAN",
|
||||
"homer.service=Platform",
|
||||
"homer.logo=https://upload.wikimedia.org/wikipedia/commons/1/1b/Traefik.logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_admin}",
|
||||
|
||||
|
||||
]
|
||||
@ -61,7 +61,7 @@ job "traefik-ingress" {
|
||||
"admin",
|
||||
"ssh"
|
||||
]
|
||||
volumes =[
|
||||
volumes = [
|
||||
"local/traefik.toml:/etc/traefik/traefik.toml",
|
||||
"/mnt/diskstation/nomad/traefik/acme.json:/acme.json"
|
||||
]
|
||||
@ -69,17 +69,17 @@ job "traefik-ingress" {
|
||||
}
|
||||
# vault{
|
||||
#}
|
||||
env {
|
||||
}
|
||||
template{
|
||||
data=<<EOH
|
||||
env {
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
GANDIV5_API_KEY = "{{with secret "secrets/data/gandi"}}{{.Data.data.API_KEY}}{{end}}"
|
||||
EOH
|
||||
destination= "secrets/gandi.env"
|
||||
env = true
|
||||
}
|
||||
template{
|
||||
data= <<EOH
|
||||
destination = "secrets/gandi.env"
|
||||
env = true
|
||||
}
|
||||
template {
|
||||
data = <<EOH
|
||||
[entryPoints]
|
||||
|
||||
[entrypoints.ssh]
|
||||
@ -118,15 +118,15 @@ job "traefik-ingress" {
|
||||
|
||||
|
||||
EOH
|
||||
destination = "local/traefik.toml"
|
||||
env = false
|
||||
change_mode = "noop"
|
||||
left_delimiter = "{{{"
|
||||
destination = "local/traefik.toml"
|
||||
env = false
|
||||
change_mode = "noop"
|
||||
left_delimiter = "{{{"
|
||||
right_delimiter = "}}}"
|
||||
}
|
||||
resources {
|
||||
memory = 200
|
||||
}
|
||||
}
|
||||
resources {
|
||||
memory = 200
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,28 +1,28 @@
|
||||
job "traefik-local" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
|
||||
group "traefik-local" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
static = 80
|
||||
static = 80
|
||||
}
|
||||
port "https" {
|
||||
static = 443
|
||||
static = 443
|
||||
}
|
||||
port "ssh" {
|
||||
static = 2222
|
||||
}
|
||||
port "admin" {
|
||||
port "admin" {
|
||||
static = 9080
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies=["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
}
|
||||
|
||||
task "traefik" {
|
||||
task "traefik" {
|
||||
driver = "docker"
|
||||
service {
|
||||
name = "traefik-local"
|
||||
@ -35,13 +35,13 @@ job "traefik-local" {
|
||||
name = "traefik-local-admin"
|
||||
port = "admin"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Traefik admin",
|
||||
"homer.subtitle=LAN",
|
||||
"homer.service=Platform",
|
||||
"homer.logo=https://upload.wikimedia.org/wikipedia/commons/1/1b/Traefik.logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_admin}",
|
||||
"homer.enable=true",
|
||||
"homer.name=Traefik admin",
|
||||
"homer.subtitle=LAN",
|
||||
"homer.service=Platform",
|
||||
"homer.logo=https://upload.wikimedia.org/wikipedia/commons/1/1b/Traefik.logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=http://${NOMAD_ADDR_admin}",
|
||||
|
||||
|
||||
]
|
||||
@ -55,7 +55,7 @@ job "traefik-local" {
|
||||
"admin",
|
||||
"ssh"
|
||||
]
|
||||
volumes =[
|
||||
volumes = [
|
||||
"local/traefik.toml:/etc/traefik/traefik.toml",
|
||||
"/mnt/diskstation/nomad/traefik/acme-local.json:/acme.json"
|
||||
]
|
||||
@ -65,16 +65,16 @@ job "traefik-local" {
|
||||
#}
|
||||
env {
|
||||
}
|
||||
template{
|
||||
data=<<EOH
|
||||
template {
|
||||
data = <<EOH
|
||||
GANDIV5_API_KEY = "{{with secret "secrets/data/gandi"}}{{.Data.data.API_KEY}}{{end}}"
|
||||
EOH
|
||||
destination= "secrets/gandi.env"
|
||||
env = true
|
||||
destination = "secrets/gandi.env"
|
||||
env = true
|
||||
}
|
||||
|
||||
template{
|
||||
data= <<EOH
|
||||
template {
|
||||
data = <<EOH
|
||||
[entryPoints]
|
||||
[entryPoints.web]
|
||||
address = ":80"
|
||||
@ -115,10 +115,10 @@ job "traefik-local" {
|
||||
|
||||
|
||||
EOH
|
||||
destination = "local/traefik.toml"
|
||||
env = false
|
||||
change_mode = "noop"
|
||||
left_delimiter = "{{{"
|
||||
destination = "local/traefik.toml"
|
||||
env = false
|
||||
change_mode = "noop"
|
||||
left_delimiter = "{{{"
|
||||
right_delimiter = "}}}"
|
||||
}
|
||||
resources {
|
||||
|
@ -1,22 +1,22 @@
|
||||
job "tt-rss" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
|
||||
constraint {
|
||||
constraint {
|
||||
attribute = "${attr.cpu.arch}"
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
value = "amd64"
|
||||
}
|
||||
|
||||
|
||||
group "tt-rss" {
|
||||
ephemeral_disk {
|
||||
migrate = true
|
||||
size = 200
|
||||
size = 200
|
||||
sticky = true
|
||||
}
|
||||
network {
|
||||
mode = "host"
|
||||
port "http"{
|
||||
port "http" {
|
||||
to = 80
|
||||
}
|
||||
port "appPort" {
|
||||
@ -30,12 +30,12 @@ job "tt-rss" {
|
||||
name = "tt-rss"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=TT-RSS",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://framalibre.org/sites/default/files/styles/thumbnail/public/leslogos/ic_launcher_1.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win/tt-rss",
|
||||
"homer.enable=true",
|
||||
"homer.name=TT-RSS",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://framalibre.org/sites/default/files/styles/thumbnail/public/leslogos/ic_launcher_1.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win/tt-rss",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`www.ducamps.win`)&&PathPrefix(`/tt-rss`)",
|
||||
@ -50,27 +50,27 @@ job "tt-rss" {
|
||||
config {
|
||||
image = "cthulhoo/ttrss-fpm-pgsql-static"
|
||||
ports = [
|
||||
"appPort"
|
||||
"appPort"
|
||||
]
|
||||
volumes = [
|
||||
"${NOMAD_ALLOC_DIR}/data:/var/www/html"
|
||||
]
|
||||
}
|
||||
env {
|
||||
TTRSS_DB-TYPE = "pgsql"
|
||||
TTRSS_DB_HOST = "db1.ducamps.win"
|
||||
TTRSS_DB_NAME = "ttrss"
|
||||
TTRSS_DB_USER = "ttrss"
|
||||
TTRSS_DB-TYPE = "pgsql"
|
||||
TTRSS_DB_HOST = "db1.ducamps.win"
|
||||
TTRSS_DB_NAME = "ttrss"
|
||||
TTRSS_DB_USER = "ttrss"
|
||||
TTRSS_SELF_URL_PATH = "https://www.ducamps.win/tt-rss"
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/ttrss"}}
|
||||
TTRSS_DB_PASS = "{{ .Data.data.DB_PASS }}"
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/tt-rss.env"
|
||||
env = true
|
||||
env = true
|
||||
|
||||
}
|
||||
resources {
|
||||
@ -78,7 +78,7 @@ job "tt-rss" {
|
||||
}
|
||||
}
|
||||
|
||||
task "ttrss-updater" {
|
||||
task "ttrss-updater" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "cthulhoo/ttrss-fpm-pgsql-static"
|
||||
@ -89,20 +89,20 @@ job "tt-rss" {
|
||||
|
||||
}
|
||||
env {
|
||||
TTRSS_DB-TYPE = "pgsql"
|
||||
TTRSS_DB_HOST = "db1.ducamps.win"
|
||||
TTRSS_DB_NAME = "ttrss"
|
||||
TTRSS_DB_USER = "ttrss"
|
||||
TTRSS_DB-TYPE = "pgsql"
|
||||
TTRSS_DB_HOST = "db1.ducamps.win"
|
||||
TTRSS_DB_NAME = "ttrss"
|
||||
TTRSS_DB_USER = "ttrss"
|
||||
TTRSS_SELF_URL_PATH = "https://rss.ducamps.win/tt-rss"
|
||||
}
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/ttrss"}}
|
||||
TTRSS_DB_PASS = "{{ .Data.data.DB_PASS }}"
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/tt-rss.env"
|
||||
env = true
|
||||
env = true
|
||||
|
||||
}
|
||||
resources {
|
||||
@ -113,8 +113,8 @@ job "tt-rss" {
|
||||
task "ttrss-frontend" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image= "nginx:alpine"
|
||||
ports= [
|
||||
image = "nginx:alpine"
|
||||
ports = [
|
||||
"http"
|
||||
]
|
||||
volumes = [
|
||||
@ -124,7 +124,7 @@ job "tt-rss" {
|
||||
}
|
||||
|
||||
template {
|
||||
data = <<EOH
|
||||
data = <<EOH
|
||||
worker_processes auto;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
@ -1,20 +1,20 @@
|
||||
|
||||
job "vaultwarden" {
|
||||
datacenters = ["homelab"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
meta {
|
||||
forcedeploy = "0"
|
||||
}
|
||||
|
||||
group "vaultwarden"{
|
||||
group "vaultwarden" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 80
|
||||
}
|
||||
}
|
||||
vault{
|
||||
policies= ["access-tables"]
|
||||
vault {
|
||||
policies = ["access-tables"]
|
||||
|
||||
}
|
||||
task "vaultwarden" {
|
||||
@ -23,17 +23,17 @@ job "vaultwarden" {
|
||||
name = "vaultwarden"
|
||||
port = "http"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=VaultWarden",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://yunohost.org/user/images/bitwarden_logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"homer.enable=true",
|
||||
"homer.name=VaultWarden",
|
||||
"homer.service=Application",
|
||||
"homer.logo=https://yunohost.org/user/images/bitwarden_logo.png",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://${NOMAD_JOB_NAME}.ducamps.win",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`vault.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=vault.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`vault.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=vault.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
]
|
||||
check {
|
||||
type = "http"
|
||||
@ -56,20 +56,20 @@ job "vaultwarden" {
|
||||
|
||||
}
|
||||
env {
|
||||
DATA_FOLDER = "/data"
|
||||
WEB_VAULT_ENABLED = "true"
|
||||
DOMAIN = "https://vault.ducamps.win"
|
||||
DATA_FOLDER = "/data"
|
||||
WEB_VAULT_ENABLED = "true"
|
||||
DOMAIN = "https://vault.ducamps.win"
|
||||
|
||||
}
|
||||
|
||||
template {
|
||||
data= <<EOH
|
||||
data = <<EOH
|
||||
{{ with secret "secrets/data/vaultwarden"}}
|
||||
DATABASE_URL=postgresql://vaultwarden:{{ .Data.data.DB_PASSWORD }}@db1.ducamps.win/vaultwarden
|
||||
{{end}}
|
||||
EOH
|
||||
destination = "secrets/vaultwarden.env"
|
||||
env = true
|
||||
env = true
|
||||
}
|
||||
resources {
|
||||
memory = 150
|
||||
|
@ -1,34 +1,34 @@
|
||||
job "www" {
|
||||
datacenters = ["hetzner"]
|
||||
type = "service"
|
||||
type = "service"
|
||||
group "www" {
|
||||
network {
|
||||
mode = "host"
|
||||
port "http" {
|
||||
to = 80
|
||||
to = 80
|
||||
host_network = "private"
|
||||
}
|
||||
}
|
||||
service {
|
||||
name = "www"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Website",
|
||||
"homer.service=Application",
|
||||
"homer.icon=fas fa-blog",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win",
|
||||
name = "www"
|
||||
tags = [
|
||||
"homer.enable=true",
|
||||
"homer.name=Website",
|
||||
"homer.service=Application",
|
||||
"homer.icon=fas fa-blog",
|
||||
"homer.target=_blank",
|
||||
"homer.url=https://www.ducamps.win",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.rule=Host(`${NOMAD_JOB_NAME}.ducamps.win`)",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
|
||||
"traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
|
||||
|
||||
"traefik.http.routers.default.rule=Host(`ducamps.win`)",
|
||||
"traefik.http.routers.default.tls.domains[0].sans=ducamps.win",
|
||||
"traefik.http.routers.default.tls.certresolver=myresolver",
|
||||
]
|
||||
port = "http"
|
||||
"traefik.http.routers.default.rule=Host(`ducamps.win`)",
|
||||
"traefik.http.routers.default.tls.domains[0].sans=ducamps.win",
|
||||
"traefik.http.routers.default.tls.certresolver=myresolver",
|
||||
]
|
||||
port = "http"
|
||||
}
|
||||
task "server" {
|
||||
driver = "docker"
|
||||
@ -37,14 +37,14 @@ job "www" {
|
||||
ports = [
|
||||
"http"
|
||||
]
|
||||
volumes =[
|
||||
volumes = [
|
||||
"local/nginx.conf:/etc/nginx/nginx.conf",
|
||||
"/srv/http:/usr/share/nginx/html"
|
||||
]
|
||||
|
||||
}
|
||||
template{
|
||||
data= <<EOH
|
||||
template {
|
||||
data = <<EOH
|
||||
worker_processes auto;
|
||||
pid /var/run/nginx.pid;
|
||||
events {
|
||||
@ -73,7 +73,7 @@ http {
|
||||
|
||||
}
|
||||
EOH
|
||||
destination="local/nginx.conf"
|
||||
destination = "local/nginx.conf"
|
||||
}
|
||||
resources {
|
||||
memory = 50
|
||||
|
Loading…
Reference in New Issue
Block a user