nomad
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lemonldap-ng/lemonldap-ng.nomad.hcl

131 lines
4.6 KiB
HCL
Raw Blame History

job "[[ .instance ]]" {
[[ template "common/job_start" merge .llng . ]]
group "lemonldap-ng" {
[[- $c := merge .llng.engine . ]]
count = [[ $c.count ]]
network {
mode = "bridge"
}
service {
name = "[[ .instance ]][[ .consul.suffix ]]"
port = 8080
[[ template "common/connect" $c ]]
[[- $p := merge .llng.portal . ]]
[[- $m := merge .llng.manager . ]]
[[- $a := merge .llng.api . ]]
tags = [
[[- if $p.traefik.enabled ]]
"[[ $p.traefik.instance ]].enable=true",
"[[ $p.traefik.instance ]].http.routers.[[ .instance ]]-portal[[ .consul.suffix ]].rule=Host(`[[ (urlParse $p.public_url).Hostname ]]`) && !PathRegexp(`^/index\\.psgi/(config|sessions)`)",
"[[ $p.traefik.instance ]].http.routers.[[ .instance ]]-portal[[ .consul.suffix ]].entrypoints=[[ join $p.traefik.entrypoints "," ]]",
"[[ $p.traefik.instance ]].http.routers.[[ .instance ]]-portal[[ .consul.suffix ]].priority=100",
"[[ $p.traefik.instance ]].http.routers.[[ .instance ]]-portal[[ .consul.suffix ]].middlewares=[[ template "common/traefik_middlewares" $p.traefik ]]",
[[- end ]]
[[- if $m.traefik.enabled ]]
[[- if ne $m.traefik.instance $c.traefik.instance ]]
"[[ $m.traefik.instance ]].enable=true",
[[- end ]]
"[[ $m.traefik.instance ]].http.routers.[[ .instance ]]-manager[[ .consul.suffix ]].rule=Host(`[[ (urlParse $m.public_url).Hostname ]]`)",
"[[ $m.traefik.instance ]].http.routers.[[ .instance ]]-manager[[ .consul.suffix ]].entrypoints=[[ join $m.traefik.entrypoints "," ]]",
"[[ $m.traefik.instance ]].http.routers.[[ .instance ]]-manager[[ .consul.suffix ]].middlewares=[[ template "common/traefik_middlewares" $m.traefik ]]",
[[- end ]]
[[- if $a.traefik.enabled ]]
[[- if $a.traefik.instance ne $p.traefik.instance ]]
"[[ $a.traefik.instance ]].enable=true",
[[- end ]]
"[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-api[[ .consul.suffix ]].rule=Host(`[[ (urlParse $p.public_url).Hostname ]]`) && PathRegexp(`^/index\\.psgi/(config|sessions)`)",
"[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-api[[ .consul.suffix ]].entrypoints=[[ join $a.traefik.entrypoints "," ]]",
"[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-api[[ .consul.suffix ]].priority=200",
"[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-api[[ .consul.suffix ]].middlewares=[[ template "common/traefik_middlewares" $a.traefik ]]",
[[- end ]]
]
}
task "lemonldap-ng" {
driver = [[ $c.nomad.driver | toJSON ]]
config {
image = [[ $c.image | toJSON ]]
readonly_rootfs = true
pids_limit = 200
volumes = [
"secrets/lemonldap-ng.ini:/etc/lemonldap-ng/lemonldap-ng.ini:ro",
"local/init-db.sh:/entrypoint.d/20-initdb.sh:ro",
]
[[ template "common/tmpfs" dict "size" "5000000" "target" "/tmp" ]]
}
vault {
policies = ["[[ .instance ]][[ .consul.suffix ]]"]
}
env {
LLNG_NGINX_LISTEN = "127.0.0.1:8080"
LLNG_LISTEN = "unix:/tmp/llng.sock"
LLNG_MANAGER_VHOST = [[ (urlParse .llng.manager.public_url).Hostname | toJSON ]]
LLNG_PORTAL_VHOST = [[ (urlParse .llng.portal.public_url).Hostname | toJSON ]]
CTD_CONFIG = "/local/caretakerd.yaml"
}
[[ template "common/file_env" $c.env ]]
# Main Lemonldap::NG configuration
template {
data =<<_EOT
[[ template "lemonldap-ng/lemonldap-ng.ini.tpl" $c ]]
_EOT
destination = "secrets/lemonldap-ng.ini"
uid = 100048
gid = 100048
perms = 440
}
# This is a striped down config, just used to migrate file based config to database on first start
template {
data =<<_EOT
[[ template "lemonldap-ng/init.ini.tpl" $c ]]
_EOT
destination = "local/init.ini"
}
# A small script to handle initialization (create tables, indexes, load initial config in the DB)
template {
data = <<_EOT
[[ template "lemonldap-ng/init.sh.tpl" . ]]
_EOT
destination = "local/init-db.sh"
perms = 755
}
# Custom file based config, which will be migrated to the database
template {
data = <<_EOT
[[ template "lemonldap-ng/lmConf-1.json.tpl" . ]]
_EOT
destination = "local/lmConf-1.json"
}
# caretakerd is the init system used to run LL::NG, nginx and cron tasks
template {
data =<<_EOT
[[ template "lemonldap-ng/caretakerd.yaml.tpl" . ]]
_EOT
destination = "local/caretakerd.yaml"
}
[[ template "common/resources" $c.resources ]]
}
}
}
Reference in New Issue View Git Blame Copy Permalink