Cleanup
This commit is contained in:
parent
243be9d25d
commit
5ec150221a
|
@ -1,3 +1,3 @@
|
|||
Name = "[[ .repo.instance ]]-web[[ .consul.suffix ]]"
|
||||
Name = "[[ .instance ]]-web[[ .consul.suffix ]]"
|
||||
Kind = "service-defaults"
|
||||
Protocol = "http"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
Kind = "service-intentions"
|
||||
Name = "[[ .repo.instance ]]-rsync[[ .consul.suffix ]]"
|
||||
Name = "[[ .instance ]]-rsync[[ .consul.suffix ]]"
|
||||
Sources = [
|
||||
{
|
||||
Name = [[ (merge .repo.rsync.traefik .traefik).instance | toJSON ]]
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Name = "[[ .repo.instance ]]-web[[ .consul.suffix ]]"
|
||||
Name = "[[ .instance ]]-web[[ .consul.suffix ]]"
|
||||
Kind = "service-intentions"
|
||||
Sources = [
|
||||
{
|
||||
|
|
|
@ -1 +1 @@
|
|||
[[ template "common/mv_conf.sh.tpl" dict "ctx" . "services" (dict "repo-web" (printf "%s%s" .repo.instance "-web") "repo-rsync" (printf "%s%s" .repo.instance "-rsync")) ]]
|
||||
[[ template "common/mv_conf.sh" dict "ctx" . "services" (dict "repo-web" (printf "%s%s" .instance "-web") "repo-rsync" (printf "%s%s" .instance "-rsync")) ]]
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
[[ $c := merge .repo.nginx . -]]
|
||||
|
||||
job [[ .repo.instance | toJSON ]]{
|
||||
job [[ .instance | toJSON ]]{
|
||||
|
||||
[[- template "common/job_start.tpl" $c ]]
|
||||
[[- template "common/job_start" $c ]]
|
||||
|
||||
group "web" {
|
||||
|
||||
|
@ -21,17 +21,17 @@ job [[ .repo.instance | toJSON ]]{
|
|||
}
|
||||
|
||||
service {
|
||||
name = "[[ .repo.instance ]]-web[[ .consul.suffix ]]"
|
||||
name = "[[ .instance ]]-web[[ .consul.suffix ]]"
|
||||
port = 8080
|
||||
|
||||
[[ template "common/connect.tpl" $c ]]
|
||||
[[ template "common/connect" $c ]]
|
||||
|
||||
tags = [
|
||||
"[[ $c.traefik.instance ]].enable=true",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .repo.instance ]]-web[[ .consul.suffix ]].rule=Host(`[[ (.repo.nginx.public_url | urlParse).Hostname ]]`)",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .repo.instance ]]-web[[ .consul.suffix ]].entrypoints=[[ join $c.traefik.entrypoints "," ]]",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .repo.instance ]]-web[[ .consul.suffix ]].middlewares=[[ template "common/traefik_middlewares.tpl" merge $c.traefik ]]",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .repo.instance ]]-web[[ .consul.suffix ]].tls=true",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]]-web[[ .consul.suffix ]].rule=Host(`[[ (.repo.nginx.public_url | urlParse).Hostname ]]`)",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]]-web[[ .consul.suffix ]].entrypoints=[[ join $c.traefik.entrypoints "," ]]",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]]-web[[ .consul.suffix ]].middlewares=[[ template "common/traefik_middlewares" merge $c.traefik ]]",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]]-web[[ .consul.suffix ]].tls=true",
|
||||
]
|
||||
}
|
||||
|
||||
|
@ -47,7 +47,7 @@ job [[ .repo.instance | toJSON ]]{
|
|||
}
|
||||
|
||||
env {
|
||||
[[ template "common/env.tpl" $c.env ]]
|
||||
[[ template "common/env" $c.env ]]
|
||||
}
|
||||
|
||||
template {
|
||||
|
@ -63,7 +63,7 @@ _EOF
|
|||
read_only = true
|
||||
}
|
||||
|
||||
[[ template "common/resources.tpl" .repo.nginx.resources ]]
|
||||
[[ template "common/resources" .repo.nginx.resources ]]
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -91,15 +91,15 @@ _EOF
|
|||
}
|
||||
|
||||
service {
|
||||
name = "[[ .repo.instance ]]-rsync[[ .consul.suffix ]]"
|
||||
name = "[[ .instance ]]-rsync[[ .consul.suffix ]]"
|
||||
port = "ssh"
|
||||
tags = [
|
||||
"[[ $c.traefik.instance ]].enable=true",
|
||||
"[[ $c.traefik.instance ]].tcp.routers.[[ .repo.instance ]]-rsync[[ .consul.suffix ]].rule=HostSNI(`*`)
|
||||
"[[ $c.traefik.instance ]].tcp.routers.[[ .instance ]]-rsync[[ .consul.suffix ]].rule=HostSNI(`*`)
|
||||
[[- if gt (len .repo.rsync.allowed_cidr) 0 ]] && ([[ range $idx, $cidr := .repo.rsync.allowed_cidr ]][[ if ne $idx 0 ]] || [[ end ]]ClientIP(`[[ $cidr ]]`)[[ end ]])[[ end ]]",
|
||||
"[[ $c.traefik.instance ]].tcp.routers.[[ .repo.instance ]]-rsync[[ .consul.suffix ]].entrypoints=[[ join $c.traefik.entrypoints "," ]]",
|
||||
"[[ $c.traefik.instance ]].tcp.routers.[[ .instance ]]-rsync[[ .consul.suffix ]].entrypoints=[[ join $c.traefik.entrypoints "," ]]",
|
||||
[[- if gt (len .repo.rsync.traefik.middlewares) 0 ]]
|
||||
"[[ $c.traefik.instance ]].tcp.routers.[[ .repo.instance ]]-rsync[[ .consul.suffix ]].middlewares=[[ join $c.traefik.middlewares "," ]]",
|
||||
"[[ $c.traefik.instance ]].tcp.routers.[[ .instance ]]-rsync[[ .consul.suffix ]].middlewares=[[ join $c.traefik.middlewares "," ]]",
|
||||
[[- end ]]
|
||||
# No need to tunnel SSH inside the service mesh
|
||||
"[[ $c.traefik.instance ]].consulcatalog.connect=false"
|
||||
|
@ -115,11 +115,11 @@ _EOF
|
|||
|
||||
env {
|
||||
SSHD_PORT = "${NOMAD_PORT_ssh}"
|
||||
[[ template "common/env.tpl" $c.env ]]
|
||||
[[ template "common/env" $c.env ]]
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["[[ .repo.instance ]][[ .consul.suffix ]]"]
|
||||
policies = ["[[ .instance ]][[ .consul.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
@ -145,7 +145,7 @@ _EOF
|
|||
destination = "/config"
|
||||
}
|
||||
|
||||
[[ template "common/resources.tpl" .repo.rsync.resources ]]
|
||||
[[ template "common/resources" .repo.rsync.resources ]]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
---
|
||||
|
||||
# Name of the Noamd job
|
||||
instance: repo
|
||||
|
||||
repo:
|
||||
# Name of the Noamd job
|
||||
instance: repo
|
||||
|
||||
nginx:
|
||||
# Image to use
|
||||
|
@ -33,7 +34,7 @@ repo:
|
|||
|
||||
rsync:
|
||||
# Image to use
|
||||
image: danielberteaud/rsync-ssh:23.12-1
|
||||
image: '[[ .docker.repo ]]rsync-ssh:23.12-1'
|
||||
|
||||
# Resources to allocate
|
||||
resources:
|
||||
|
|
Loading…
Reference in New Issue