131 lines
2.7 KiB
HCL
131 lines
2.7 KiB
HCL
[[ $c := merge .matrix.synapse . -]]
|
|
job [[ .instance | toJSON ]] {
|
|
|
|
[[ template "common/job_start" $c ]]
|
|
|
|
group "matrix" {
|
|
|
|
network {
|
|
mode = "bridge"
|
|
}
|
|
|
|
[[ template "common/volumes" .matrix.volumes ]]
|
|
|
|
service {
|
|
name = "[[ .instance ]][[ .consul.suffix ]]"
|
|
port = 8008
|
|
|
|
check {
|
|
type = "http"
|
|
path = "/health"
|
|
expose = true
|
|
interval = "10s"
|
|
timeout = "5s"
|
|
task = "synapse"
|
|
|
|
check_restart {
|
|
limit = 12
|
|
grace = "10m"
|
|
}
|
|
}
|
|
|
|
[[ template "common/connect" merge .matrix . ]]
|
|
}
|
|
|
|
[[ template "common/task.wait_for" $c ]]
|
|
|
|
task "synapse" {
|
|
driver = [[ $c.nomad.driver | toJSON ]]
|
|
leader = true
|
|
|
|
config {
|
|
image = [[ $c.image | toJSON ]]
|
|
pids_limit = 200
|
|
readonly_rootfs = true
|
|
}
|
|
|
|
vault {
|
|
policies = ["[[ .instance ]]-synapse[[ .consul.suffix ]]"]
|
|
env = false
|
|
disable_file = true
|
|
}
|
|
|
|
env {
|
|
SYNAPSE_CONFIG = "/secrets/homeserver.yml"
|
|
[[ template "common/proxy_env" $c ]]
|
|
}
|
|
|
|
[[ template "common/file_env" $c.env ]]
|
|
|
|
template {
|
|
data =<<_EOT
|
|
[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" .) | yaml)) | toYAML ]]
|
|
_EOT
|
|
destination = "secrets/homeserver.yml"
|
|
uid = 100000
|
|
gid = 108008
|
|
perms = 0640
|
|
}
|
|
|
|
volume_mount {
|
|
volume = "data"
|
|
destination = "/data"
|
|
}
|
|
|
|
[[ template "common/resources" $c.resources ]]
|
|
}
|
|
|
|
[[ $c = merge .matrix.element . ]]
|
|
task "element" {
|
|
driver = [[ $c.nomad.driver | toJSON ]]
|
|
|
|
lifecycle {
|
|
hook = "prestart"
|
|
sidecar = true
|
|
}
|
|
|
|
config {
|
|
image = [[ $c.image | toJSON ]]
|
|
readonly_rootfs = true
|
|
pids_limit = 100
|
|
[[ template "common/tmpfs" dict "size" "5000000" "target" "/tmp" ]]
|
|
}
|
|
|
|
env {
|
|
ELEMENT_BIND_ADDR = "127.0.0.1"
|
|
ELEMENT_NGINX_BIND_PORT = "8710"
|
|
}
|
|
|
|
[[ template "common/resources" $c.resources ]]
|
|
}
|
|
|
|
[[ $c = merge .matrix.nginx . ]]
|
|
task "nginx" {
|
|
driver = [[ $c.nomad.driver | toJSON ]]
|
|
|
|
lifecycle {
|
|
hook = "prestart"
|
|
sidecar = true
|
|
}
|
|
|
|
config {
|
|
image = [[ $c.image | toJSON ]]
|
|
readonly_rootfs = true
|
|
pids_limit = 100
|
|
volumes = [
|
|
"local/nginx.conf:/etc/nginx/conf.d/default.conf"
|
|
]
|
|
[[ template "common/tmpfs" dict "size" "5000000" "target" "/tmp" ]]
|
|
}
|
|
|
|
template {
|
|
data =<<_EOT
|
|
[[ template "matrix/nginx.conf.tpl" ]]
|
|
_EOT
|
|
destination = "local/nginx.conf"
|
|
}
|
|
[[ template "common/resources" $c.resources ]]
|
|
}
|
|
}
|
|
}
|