Minor enhancements

2023-08-25 00:12:42 +02:00 · 2023-08-25 00:12:42 +02:00 · 91fee9f25c
commit 91fee9f25c
parent be39958d66
3 changed files with 25 additions and 8 deletions
--- a/deps/common
+++ b/deps/common
@ -1 +1 @@
-Subproject commit 90a3625ebcff54b6b645c71362a89a1508f9a1cc
+Subproject commit 32a9bacc01c161bd60961fb578675f5c69026537
--- a/rpms-repo.nomad.hcl
+++ b/rpms-repo.nomad.hcl
@ -1,5 +1,6 @@
 job "rpms-repo" {
-  datacenters = [[ .nomad.datacenters | toJSON ]]
+
+[[- template "common/job_start.tpl" . ]]

  group "web" {

@ -31,7 +32,10 @@ job "rpms-repo" {
      tags = [
        "[[ .env.traefik ]].enable=true",
        "[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].rule=Host(`[[ (.repo.nginx.public_url | urlParse).Host ]]`)",
-        "[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].entrypoints=https",
+        "[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].entrypoints=[[ join .repo.nginx.traefik.entrypoints "," ]]",
+        [[- if gt (len .repo.nginx.traefik.middlewares) 0 ]]
+        "[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].middlewares=[[ join .repo.nginx.traefik.middlewares "," ]]",
+        [[- end ]]
        "[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].tls=true",
      ]
    }
@ -96,7 +100,10 @@ _EOF
        "[[ .env.traefik ]].enable=true",
        "[[ .env.traefik ]].tcp.routers.repo-rsync[[ .env.suffix ]].rule=HostSNI(`*`) 
          [[- if gt (len .repo.rsync.allowed_cidr) 0 ]] && ([[ range $idx, $cidr := .repo.rsync.allowed_cidr ]][[ if ne $idx 0 ]] || [[ end ]]ClientIP(`[[ $cidr ]]`)[[ end ]])[[ end ]]",
-        "[[ .env.traefik ]].tcp.routers.repo-rsync[[ .env.suffix ]].entrypoints=[[ join .repo.rsync.traefik_entrypoints "," ]]",
+        "[[ .env.traefik ]].tcp.routers.repo-rsync[[ .env.suffix ]].entrypoints=[[ join .repo.rsync.traefik.entrypoints "," ]]",
+        [[- if gt (len .repo.rsync.traefik.middlewares) 0 ]]
+        "[[ .env.traefik ]].http.routers.repo-rsync[[ .env.suffix ]].middlewares=[[ join .repo.rsync.traefik.middlewares "," ]]",
+        [[- end ]]
        # Traefik doesn't support Consul Connect for TCP services yet
        "[[ .env.traefik ]].consulcatalog.connect=false"
      ]
--- a/variables.yml
+++ b/variables.yml
@ -11,7 +11,7 @@ repo:
    # Resources to allocate
    resources:
      cpu: 20
-      memory: 20
+      memory: 40

    # Public URL of the repo
    public_url: https://rpms.example.org
@ -19,6 +19,13 @@ repo:
    # Driver to use for the task (docker or podman)
    driver: docker

+    traefik:
+      # A list of entrypoints on which the ssh service will be exposed
+      entrypoints:
+        - https
+      # Optional list of middlewares to apply
+      middlewares: []
+
    # Optional, additional env vars
    env: {}

@ -37,9 +44,12 @@ repo:
    # Optional, additional env vars
    env: {}

-    # A list of entrypoints on which the ssh service will be exposed
-    traefik_entrypoints:
-      - repo-rsync
+    traefik:
+      # A list of entrypoints on which the ssh service will be exposed
+      entrypoints:
+        - repo-rsync
+      # Optional list of middlewares to apply
+      middlewares: []

    # A list of IP or CIDR from which connections will be allowed
    # If empty, no restriction will be done and any IP will be accepter