98 lines
2.0 KiB
HCL
98 lines
2.0 KiB
HCL
job "boardgame-manager" {
|
|
|
|
|
|
datacenters = ["dc1"]
|
|
region = "global"
|
|
|
|
|
|
|
|
|
|
group "boardgame-manager" {
|
|
|
|
network {
|
|
mode = "bridge"
|
|
}
|
|
|
|
service {
|
|
name = "boardgame-manager"
|
|
port = 8080
|
|
|
|
connect {
|
|
sidecar_service {
|
|
}
|
|
sidecar_task {
|
|
config {
|
|
args = [
|
|
"-c",
|
|
"${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
|
|
"-l",
|
|
"${meta.connect.log_level}",
|
|
"--concurrency",
|
|
"${meta.connect.proxy_concurrency}",
|
|
"--disable-hot-restart"
|
|
]
|
|
}
|
|
|
|
resources {
|
|
cpu = 50
|
|
memory = 64
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
|
|
tags = [
|
|
|
|
"traefik.enable=true",
|
|
"traefik.http.routers.boardgame-manager.entrypoints=https",
|
|
"traefik.http.routers.boardgame-manager.rule=Host(`bgm.example.org`)",
|
|
"traefik.http.middlewares.csp-boardgame-manager.headers.contentsecuritypolicy=default-src 'self';font-src 'self' data:;img-src 'self' data: https://www.gravatar.com;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';",
|
|
"traefik.http.routers.boardgame-manager.middlewares=security-headers@file,rate-limit-std@file,forward-proto@file,inflight-std@file,hsts@file,compression@file,csp-boardgame-manager",
|
|
|
|
]
|
|
}
|
|
|
|
volume "data" {
|
|
type = "csi"
|
|
source = "bgm-data"
|
|
attachment_mode = "file-system"
|
|
access_mode = "single-node-writer"
|
|
}
|
|
|
|
|
|
|
|
task "boardgame-manager" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "danielberteaud/boardgame-manager:24.3-1"
|
|
pids_limit = 100
|
|
readonly_rootfs = true
|
|
}
|
|
|
|
env {
|
|
|
|
LANG = "fr_FR.utf8"
|
|
TZ = "Europe/Paris"
|
|
|
|
}
|
|
|
|
volume_mount {
|
|
volume = "data"
|
|
destination = "/opt/bgm/databases"
|
|
}
|
|
|
|
|
|
resources {
|
|
cpu = 20
|
|
memory = 192
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
}
|