Add support for pgbouncer
This commit is contained in:
parent
5d62b78de4
commit
038f04c886
|
@ -92,6 +92,8 @@ job "miniflux" {
|
|||
|
||||
|
||||
|
||||
|
||||
|
||||
task "miniflux" {
|
||||
driver = "docker"
|
||||
|
||||
|
@ -101,12 +103,14 @@ job "miniflux" {
|
|||
readonly_rootfs = true
|
||||
}
|
||||
|
||||
|
||||
vault {
|
||||
policies = ["miniflux"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
|
||||
env {
|
||||
LISTEN_ADDR = "127.0.0.1:8085"
|
||||
BASE_URL = "https://flux.example.org"
|
||||
|
@ -114,11 +118,19 @@ job "miniflux" {
|
|||
|
||||
}
|
||||
|
||||
template {
|
||||
data = <<_EOT
|
||||
DATABASE_URL=postgresql://{{ with secret "database/creds/miniflux" }}{{ .Data.username }}{{ end }}:{{ with secret "database/creds/miniflux" }}{{ .Data.password }}{{ end }}@127.0.0.1:5432/miniflux?sslmode=disable
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
perms = 400
|
||||
env = true
|
||||
}
|
||||
|
||||
|
||||
# Use a template block instead of env {} so we can fetch values from vault
|
||||
template {
|
||||
data = <<_EOT
|
||||
DATABASE_URL=postgresql://{{ with secret "database/creds/miniflux" }}{{ .Data.username }}:{{ urlquery .Data.password }}{{ end }}@localhost:5432/miniflux?sslmode=disable
|
||||
LANG=fr_FR.utf8
|
||||
TZ=Europe/Paris
|
||||
_EOT
|
||||
|
|
|
@ -60,6 +60,8 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
[[ template "common/task.wait_for" $c ]]
|
||||
|
||||
[[ template "common/task.pgbouncer" $c ]]
|
||||
|
||||
task "miniflux" {
|
||||
driver = [[ $c.nomad.driver | toJSON ]]
|
||||
|
||||
|
@ -68,12 +70,8 @@ job [[ .instance | toJSON ]] {
|
|||
pids_limit = 100
|
||||
readonly_rootfs = true
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["[[ .instance ]][[ .consul.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
[[ template "common/vault.policies" $c ]]
|
||||
|
||||
env {
|
||||
LISTEN_ADDR = "127.0.0.1:8085"
|
||||
|
@ -84,6 +82,20 @@ job [[ .instance | toJSON ]] {
|
|||
[[ template "common/proxy_env" $c ]]
|
||||
}
|
||||
|
||||
template {
|
||||
data =<<_EOT
|
||||
DATABASE_URL=postgresql://
|
||||
[[- if eq $c.postgres.pooler.engine "pgbouncer" -]]
|
||||
[[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:6432/[[ $c.postgres.database ]]?sslmode=disable
|
||||
[[- else -]]
|
||||
[[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]]?sslmode=disable
|
||||
[[- end ]]
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
perms = 400
|
||||
env = true
|
||||
}
|
||||
|
||||
[[ template "common/file_env" $c.env ]]
|
||||
|
||||
[[ template "common/resources" .miniflux.resources ]]
|
||||
|
|
|
@ -16,11 +16,25 @@ miniflux:
|
|||
memory: 192
|
||||
|
||||
wait_for:
|
||||
- service: master.postgres
|
||||
- service: master.postgres[[ .consul.suffix ]]
|
||||
|
||||
consul:
|
||||
connect:
|
||||
upstreams:
|
||||
- destination_name: 'postgres[[ .consul.suffix ]]'
|
||||
local_bind_port: 5432
|
||||
|
||||
postgres:
|
||||
database: '[[ .instance ]]'
|
||||
user: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
|
||||
password: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'
|
||||
|
||||
vault:
|
||||
policies:
|
||||
- '[[ .instance ]][[ .consul.suffix ]]'
|
||||
|
||||
# Additional env var to pass to the container
|
||||
env:
|
||||
DATABASE_URL: postgresql://{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}:{{ urlquery .Data.password }}{{ end }}@localhost:5432/[[ .instance ]]?sslmode=disable
|
||||
env: {}
|
||||
|
||||
# Public URL of the service
|
||||
public_url: https://flux.example.org
|
||||
|
@ -29,10 +43,3 @@ miniflux:
|
|||
prometheus:
|
||||
metrics_url: http://localhost:8085/metrics
|
||||
|
||||
# Default to try to connect to a postgres service from the service mesh
|
||||
consul:
|
||||
connect:
|
||||
upstreams:
|
||||
- destination_name: 'postgres[[ .consul.suffix ]]'
|
||||
local_bind_port: 5432
|
||||
|
||||
|
|
Loading…
Reference in New Issue