homelab-nomad/service.nomad

212 lines
4.9 KiB
Plaintext
Raw Normal View History

# Vars
# name = string*
# image = string*
# service_port = int
# ingress = bool
2022-07-25 17:44:37 +00:00
# sticky_disk = bool
# args = json(list[str])
# resources = dict(cpu = int, mem = int)
# env = json(dict(str: any))
# ingress_middlewares = json(list(str))
# templates = json(list(dict(
# data = str,
# dest = str,
# change_mode = str,
# change_signal = str,
# left_delimiter = str,
# right_delimiter = str,
# )))
# host_volumes = json(list(dict(
# name = str,
# dest = str,
# read_only = bool,
# )))
# healthcheck = "/"
# upstreams = json(list(dict(
# destination_name = str,
# local_bind_port = int
# )))
# mysql = bool
# redis = bool
2022-07-27 21:41:13 +00:00
# vault = bool
job "[[.name]]" {
region = "global"
datacenters = ["dc1"]
type = "service"
group "[[.name]]" {
2022-07-27 21:41:42 +00:00
[[ with .count ]]count = [[ . ]][[ end ]]
network {
mode = "bridge"
2022-07-27 21:41:42 +00:00
[[ if not (empty .service_port) -]]
port "main" {
2022-07-27 21:41:42 +00:00
[[ if default false .ingress -]]
host_network = "loopback"
2022-07-27 21:41:42 +00:00
[[ end -]]
to = [[ .service_port ]]
}
2022-07-27 21:41:42 +00:00
[[ end -]]
}
2022-07-25 17:44:37 +00:00
[[ if default false .sticky_disk ]]
ephemeral_disk {
migrate = true
sticky = true
}
[[ end ]]
[[ with .host_volumes -]]
[[ range $v := . | parseJSON -]]
volume "[[ $v.name ]]" {
type = "host"
read_only = [[ $v.read_only ]]
source = "[[ $v.name ]]"
}
[[ end ]]
[[ end -]]
[[ if not (empty .service_port) ]]
service {
name = "[[.name | replace "_" "-"]]"
port = "main"
[[ if default false .ingress ]]
connect {
sidecar_service {
proxy {
2022-07-27 21:41:42 +00:00
local_service_port = [[ .service_port ]]
[[ if default false .mysql -]]
upstreams {
destination_name = "mysql-server"
local_bind_port = 4040
}
[[ end -]]
2022-07-27 21:41:42 +00:00
[[ if default false .redis -]]
upstreams {
destination_name = "redis"
local_bind_port = 6379
}
2022-07-27 21:41:42 +00:00
[[ end -]]
[[ with .upstreams -]]
[[range $u := . | parseJSON -]]
upstreams {
destination_name = "[[ $u.destination_name ]]"
local_bind_port = [[ $u.local_bind_port ]]
}
[[ end ]]
[[ end -]]
}
}
sidecar_task {
resources {
cpu = 50
2022-07-25 23:35:30 +00:00
memory = 20
memory_max = 50
}
}
}
[[ end ]]
2022-07-25 22:52:02 +00:00
[[ if not (eq .healthcheck "") -]]
check {
type = "http"
path = "[[ or .healthcheck "/" ]]"
port = "main"
interval = "10s"
timeout = "10s"
}
2022-07-25 22:52:02 +00:00
[[ end -]]
tags = [
[[ if default false .ingress -]]
"traefik.enable=true",
"traefik.http.routers.[[.name]].entryPoints=websecure",
2022-09-06 21:47:06 +00:00
[[ if not (empty .ingress_rule) -]]
"traefik.http.routers.[[.name]].rule=[[.ingress_rule]]",
[[ end -]]
[[ with .ingress_middlewares -]][[ range $m := . | parseJSON -]]
"traefik.http.routers.[[$.name]].middlewares=[[ $m ]]",
[[ end -]][[ end -]]
[[ end -]]
]
}
2022-07-27 21:41:42 +00:00
[[ end -]]
task "[[.name]]" {
driver = "docker"
config {
image = "[[.image]]"
[[ if not (empty .service_port) -]]
ports = ["main"]
2022-07-27 21:41:42 +00:00
[[ end -]]
[[ if not (empty .args) -]]
args = ["[[ .args | parseJSON | join `", "` ]]"]
2022-07-27 21:41:42 +00:00
[[ end -]]
2022-07-27 21:41:42 +00:00
[[ with .templates -]]
[[ range $t := . | parseJSON -]]
mount {
type = "bind"
target = "[[ $t.dest ]]"
source = "local/[[ $t.dest ]]"
}
[[ end ]]
2022-07-27 21:41:42 +00:00
[[ end -]]
}
2022-07-27 21:41:13 +00:00
[[ if default false .vault -]]
vault {
policies = [
"access-tables",
"nomad-task",
]
}
[[ end -]]
[[ with .env -]]
env = {
[[ range $k, $v := . | parseJSON -]]
"[[$k]]" = "[[$v]]"
2022-07-27 21:41:42 +00:00
[[ end -]]
}
2022-07-27 21:41:42 +00:00
[[ end -]]
[[ with .host_volumes -]]
[[ range $v := . | parseJSON -]]
volume_mount {
volume = "[[ $v.name ]]"
destination = "[[ $v.dest ]]"
read_only = [[ $v.read_only ]]
}
[[ end ]]
[[ end -]]
2022-07-27 21:41:42 +00:00
[[ with .templates -]]
[[ range $t := . | parseJSON -]]
template {
data = <<EOF
[[ $t.data ]]
EOF
destination = "local/[[ $t.dest ]]"
[[ with $t.left_delimiter ]]left_delimiter = "[[ . ]]"[[ end -]]
[[ with $t.right_delimiter ]]right_delimiter = "[[ . ]]"[[ end -]]
[[ with $t.change_mode ]]change_mode = "[[ . ]]"[[ end -]]
[[ with $t.change_signal ]]change_signal = "[[ . ]]"[[ end -]]
[[ with $t.env ]]env = [[ . ]][[ end ]]
}
2022-07-27 21:41:42 +00:00
[[ end -]]
[[ end -]]
2022-07-27 21:41:42 +00:00
[[ with .resources -]]
resources {
cpu = [[ .cpu ]]
memory = [[ .memory ]]
}
2022-07-27 21:41:42 +00:00
[[ end -]]
}
}
}