nomad
/
mariadb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
mariadb/manage.nomad.hcl

125 lines
2.8 KiB
HCL
Raw Normal View History

Cleanup
2023-12-21 22:47:19 +01:00
job "[[ .instance ]]-manage" {
Start working on MariaDB
2023-10-25 23:00:31 +02:00
type = "batch"
Cleanup
2024-01-31 14:06:09 +01:00
[[- $c := merge .mariadb.manage . ]]
[[ template "common/job_start" $c ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
meta {
# Force job to run each time
run = "${uuidv4()}"
}
group "manage" {
network {
mode = "bridge"
}
service {
Cleanup
2024-01-31 14:06:09 +01:00
name = "[[ .instance ]]-manage[[ .consul.suffix ]]"
[[ template "common/connect" $c ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
}
Cleanup
2024-01-31 14:06:09 +01:00
[[ template "common/task.wait_for" $c ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
task "manage" {
Cleanup
2024-01-31 14:06:09 +01:00
driver = "[[ $c.nomad.driver ]]"
Start working on MariaDB
2023-10-25 23:00:31 +02:00
config {
Cleanup
2024-01-31 14:06:09 +01:00
image = "[[ .mariadb.manage.image ]]"
Start working on MariaDB
2023-10-25 23:00:31 +02:00
pids_limit = 50
readonly_rootfs = true
command = "/local/manage.sh"
volumes = [
"secrets/my.cnf:/root/.my.cnf:ro"
]
}
Cleanup
2024-01-31 14:06:09 +01:00
[[ template "common/vault.policies" merge .mariadb . ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
env {
Cleanup
2024-01-31 14:06:09 +01:00
[[ template "common/env" $c.env ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
}
template {
data = <<_EOT
More work on mariadb
2023-10-27 14:15:16 +02:00
# Databases
[[- $idx := 0 ]]
[[- range $name, $db := .mariadb.manage.databases ]]
MY_DB_[[ $idx ]]=[[ $name ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
[[- if has $db "charset" ]]
MY_DB_[[ $idx ]]_CHARSET=[[ $db.charset ]]
[[- end ]]
[[- if has $db "collate" ]]
MY_DB_[[ $idx ]]_COLLATE=[[ $db.collate ]]
[[- end ]]
More work on mariadb
2023-10-27 14:15:16 +02:00
[[- $idx = add $idx 1 ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
[[- end ]]
More work on mariadb
2023-10-27 14:15:16 +02:00
# Users
More work, including cron based backups
2023-10-27 00:03:31 +02:00
[[- $idx := 0 ]]
[[- range $name, $user := .mariadb.manage.users ]]
MY_USER_[[ $idx ]]=[[ $name ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
[[- if has $user "host" ]]
MY_USER_[[ $idx ]]_HOST=[[ $user.host ]]
[[- else ]]
MY_USER_[[ $idx ]]_HOST=%
[[- end ]]
[[- if has $user "password" ]]
MY_USER_[[ $idx ]]_PASSWORD=[[ $user.password ]]
[[- end ]]
[[- if has $user "grants" ]]
[[- range $gidx, $grant := $user.grants ]]
MY_USER_[[ $idx ]]_GRANT_[[ $gidx ]]=[[ $grant ]]
[[- end ]]
[[- end ]]
More work, including cron based backups
2023-10-27 00:03:31 +02:00
[[ $idx = add $idx 1 ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
[[- end ]]
_EOT
destination = "secrets/userdb.env"
uid = 100000
gid = 100000
perms = 0400
env = true
}
template {
data = <<_EOT
[[ template "mariadb/manage.sh.tpl" $c ]]
_EOT
destination = "local/manage.sh"
uid = 100000
gid = 100000
perms = 755
}
template {
data = <<_EOT
[client]
host = 127.0.0.1
user = root
Cleanup
2024-01-31 14:06:09 +01:00
password = {{ with secret "[[ .vault.root ]]kv/service/[[ .instance ]]" }}{{ .Data.data.root_pwd }}{{ end }}
Start working on MariaDB
2023-10-25 23:00:31 +02:00
_EOT
destination = "secrets/my.cnf"
uid = 100100
gid = 100101
perms = 640
}
template {
data = <<_EOT
Cleanup
2024-01-31 14:06:09 +01:00
{{ with secret "[[ .vault.root ]]kv/service/[[ .instance ]]" }}
More work, including cron based backups
2023-10-27 00:03:31 +02:00
VAULT_INITIAL_PASSWORD={{ .Data.data.vault_initial_pwd }}
BACKUP_PASSWORD={{ .Data.data.backup_pwd }}
{{ end }}
Start working on MariaDB
2023-10-25 23:00:31 +02:00
_EOT
destination = "secrets/manage.env"
uid = 100000
gid = 100000
perms = 400
env = true
}
Cleanup
2024-01-31 14:06:09 +01:00
[[ template "common/resources" $c ]]
Start working on MariaDB
2023-10-25 23:00:31 +02:00
}
}
}