Cleanup

2024-01-27 01:09:28 +01:00 · 2024-01-27 01:09:28 +01:00 · aace334643
parent e2be22dd3c
commit aace334643
3 changed files with 26 additions and 11 deletions
--- a/example/images/squid/Dockerfile
+++ b/example/images/squid/Dockerfile
@ -1,4 +1,4 @@
-FROM danielberteaud/alpine:24.1-2
+FROM danielberteaud/alpine:24.1-8
 MAINTAINER Daniel Berteaud <dbd@ehtrace.com>

 ENV SQUID_CONFDIR=/etc/squid \
--- a/example/squid.nomad.hcl
+++ b/example/squid.nomad.hcl
@ -17,6 +17,18 @@ job "squid" {
          disable_default_tcp_check = true
        }
        sidecar_task {
+          config {
+            args = [
+              "-c",
+              "${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
+              "-l",
+              "${meta.connect.log_level}",
+              "--concurrency",
+              "${meta.connect.proxy_concurrency}",
+              "--disable-hot-restart"
+            ]
+          }
+
          resources {
            cpu    = 50
            memory = 64
@ -205,6 +217,7 @@ _EOT
        destination = "local/lists/white/windows.list"
        mode        = "file"
      }
+
      # Use a template block instead of env {} so we can fetch values from vault
      template {
        data        = <<_EOT
@ -220,6 +233,8 @@ _EOT
        perms       = 400
        env         = true
      }
+
+
      resources {
        cpu    = 100
        memory = 256
--- a/squid.nomad.hcl
+++ b/squid.nomad.hcl
@ -1,6 +1,6 @@
 [[- $c := merge .squid . -]]

-job [[ .instance | toJSON ]] {
+job "[[ .instance ]]" {

 [[ template "common/job_start" $c ]]

@ -16,10 +16,10 @@ job [[ .instance | toJSON ]] {
    }

    task "squid" {
-      driver = [[ $c.nomad.driver | toJSON ]]
+      driver = "[[ $c.nomad.driver ]]"
  
      config {
-        image           = [[ .squid.image | toJSON ]]
+        image           = "[[ .squid.image ]]"
        readonly_rootfs = true
        pids_limit      = 100
        volumes         = [
@ -36,7 +36,7 @@ job [[ .instance | toJSON ]] {

      template {
        data =<<_EOT
-[[ template "squid/filter_acl.sh.tpl" . ]]
+[[ template "squid/filter_acl.sh.tpl" $c ]]
 _EOT
        destination = "local/filter-acl.sh"
        uid = 100000
@ -46,7 +46,7 @@ _EOT

      template {
        data =<<_EOT
-[[ template "squid/reload.sh.tpl" . ]]
+[[ template "squid/reload.sh.tpl" $c ]]
 _EOT
        destination = "local/reload.sh"
        uid = 100000
@ -56,7 +56,7 @@ _EOT

      template {
        data =<<_EOT
-[[ template "squid/auth.tpl" . ]]
+[[ template "squid/auth.tpl" $c ]]
 _EOT
        destination = "secrets/auth"
        uid = 100000
@ -67,7 +67,7 @@ _EOT

      template {
        data =<<_EOT
-[[ template "squid/acl.conf.tpl" . ]]
+[[ template "squid/acl.conf.tpl" $c ]]
 _EOT
        destination = "secrets/acl.conf"
        uid = 100000
@ -83,7 +83,7 @@ _EOT
  [[- if has $v "url" ]]

      artifact {
-        source      = [[ $v.url | toJSON ]]
+        source      = "[[ $v.url ]]"
        destination = "local/lists/[[ $v.category ]]/[[ $k ]].list"
        mode        = "file"
      }
@ -102,8 +102,8 @@ _EOT
  [[- end ]]
 [[- end ]]
  
-[[- template "common/file_env" $c.env ]]
-[[- template "common/resources" .squid.resources ]]
+[[ template "common/file_env" $c ]]
+[[ template "common/resources" $c ]]
    }
  }
 }