nomad
/
onlyoffice-docserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support postgres pooler

This commit is contained in:
Daniel Berteaud 2024-01-11 23:09:41 +01:00
parent 7c2c6bfd2f
commit 1b2462c4ae
3 changed files with 55 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
example/onlyoffice-docserver.nomad.hcl
View File

@ -89,12 +89,14 @@ job "onlyoffice" {
]
}
vault {
policies = ["onlyoffice"]
disable_file = true
env = false
disable_file = true
}
env {
NGINX_LISTEN_IP = "127.0.0.1"
APPLICATION_NAME = "onlyoffice"
@ -108,11 +110,6 @@ job "onlyoffice" {
template {
data = <<_EOT
LANG=fr_FR.utf8
OO_DB_HOST=127.0.0.1
OO_DB_NAME=onlyoffice
OO_DB_PASS={{ with secret "database/creds/onlyoffice" }}{{ .Data.password }}{{ end }}
OO_DB_PORT=5432
OO_DB_USER={{ with secret "database/creds/onlyoffice" }}{{ .Data.username }}{{ end }}
OO_JWT_TOKEN={{ with secret "kv/service/onlyoffice" }}{{ .Data.data.jwt_token }}{{ end }}
OO_STORAGE_SECRET={{ with secret "kv/service/onlyoffice" }}{{ .Data.data.storage_secret }}{{ end }}
TZ=Europe/Paris
@ -123,6 +120,22 @@ _EOT
}
# Database settings
template {
data = <<_EOT
OO_DB_NAME='onlyoffice'
OO_DB_HOST=127.0.0.1
OO_DB_PORT=5432
OO_DB_USER={{ with secret "database/creds/onlyoffice" }}{{ .Data.username }}{{ end }}
OO_DB_PASS={{ with secret "database/creds/onlyoffice" }}{{ .Data.password }}{{ end }}
_EOT
destination = "secrets/.db.env"
uid = 100000
gid = 100000
perms = 400
env = true
}
template {
data = <<_EOT
{
@ -180,6 +193,8 @@ _EOT
task "redis" {
driver = "docker"
user = 2967

30
onlyoffice-docserver.nomad.hcl
View File

@ -67,11 +67,7 @@ job [[ .instance | toJSON ]] {
]
}
vault {
policies = ["[[ .instance ]][[ $c.consul.suffix ]]"]
disable_file = true
env = false
}
[[ template "common/vault.policies" $c ]]
env {
NGINX_LISTEN_IP = "127.0.0.1"
@ -82,6 +78,29 @@ job [[ .instance | toJSON ]] {
[[ template "common/file_env" $c.env ]]
# Database settings
template {
data =<<_EOT
OO_DB_NAME='[[ $c.postgres.database ]]'
[[- if ne $c.postgres.pooler.engine "none" ]]
OO_DB_HOST=127.0.0.1
OO_DB_PORT=6432
OO_DB_USER=[[ .instance ]]
OO_DB_PASS={{ env "NOMAD_ALLOC_ID" }}
[[- else ]]
OO_DB_HOST=[[ $c.postgres.host ]]
OO_DB_PORT=[[ $c.postgres.port ]]
OO_DB_USER={{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}
OO_DB_PASS={{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}
[[- end ]]
_EOT
destination = "secrets/.db.env"
uid = 100000
gid = 100000
perms = 400
env = true
}
template {
data =<<_EOT
[[ template "onlyoffice-docserver/metrics.js.tpl" . ]]
@ -99,6 +118,7 @@ _EOT
}
[[ template "common/task.wait_for" $c ]]
[[ template "common/postgres_pooler" $c ]]
task "redis" {
driver = [[ $c.nomad.driver | toJSON ]]

14
variables.yml
View File

@ -19,15 +19,19 @@ oo:
# The URL where OnlyOffice is available
public_url: https://oods.example.org
vault:
policies:
- '[[ .instance ]][[ .consul.suffix ]]'
postgres:
database: '[[ .instance ]]'
user: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
password: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'
# Additional env vars to set in the container
env:
OO_STORAGE_SECRET: '{{ with secret "[[ .vault.prefix ]]kv/service/[[ .instance ]]" }}{{ .Data.data.storage_secret }}{{ end }}'
OO_JWT_TOKEN: '{{ with secret "[[ .vault.prefix ]]kv/service/[[ .instance ]]" }}{{ .Data.data.jwt_token }}{{ end }}'
OO_DB_HOST: 127.0.0.1
OO_DB_PORT: 5432
OO_DB_NAME: '[[ .instance ]]'
OO_DB_USER: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
OO_DB_PASS: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'
# Controls how the service will be exposed with Traefik
traefik: