homelab-nomad/traefik/traefik.nomad

192 lines
4.2 KiB
Plaintext
Raw Normal View History

2022-02-16 09:56:18 -08:00
variable "consul_address" {
type = string
description = "Full address of Consul instance to get catalog from"
default = "http://127.0.0.1:5400"
}
variable "base_hostname" {
type = string
description = "Base hostname to serve content from"
default = "dev.homelab"
}
job "traefik" {
datacenters = ["dc1"]
type = "system"
2022-06-23 09:51:42 -07:00
priority = 100
2022-02-16 09:56:18 -08:00
constraint {
attribute = "${node.class}"
value = "ingress"
}
update {
max_parallel = 1
auto_revert = true
}
2022-02-16 09:56:18 -08:00
group "traefik" {
network {
port "web" {
static = 80
}
port "websecure" {
static = 443
}
}
service {
name = "traefik"
port = "web"
check {
type = "http"
path = "/ping"
port = "web"
interval = "10s"
timeout = "2s"
}
connect {
native = true
}
tags = [
"traefik.enable=true",
"traefik.http.routers.traefik_dashboard.entryPoints=websecure",
2022-02-16 09:56:18 -08:00
"traefik.http.routers.traefik_dashboard.rule=Host(`traefik.${var.base_hostname}`)",
"traefik.http.routers.traefik_dashboard.service=api@internal",
"traefik.http.routers.traefik_dashboard.tls=true",
]
}
task "traefik" {
driver = "docker"
config {
image = "traefik:2.6"
ports = ["web", "websecure"]
network_mode = "host"
2022-03-14 15:58:03 -07:00
mount {
type = "bind"
target = "/etc/traefik"
source = "config"
}
}
template {
# Avoid conflict with TOML lists [[ ]] and Go templates {{ }}
left_delimiter = "<<"
right_delimiter = ">>"
data = <<EOH
[log]
level = "DEBUG"
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http]
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entrypoint]
to = "websecure"
scheme = "https"
[entryPoints.websecure]
address = ":443"
[entryPoints.websecure.http.tls]
# certResolver = "letsEncrypt"
[entryPoints.metrics]
address = ":8989"
[api]
dashboard = true
[ping]
entrypoint = "web"
[metrics]
[metrics.prometheus]
entrypoint = "metrics"
# manualRouting = true
[providers.file]
directory = "/etc/traefik/conf"
watch = true
[providers.consulCatalog]
connectAware = true
connectByDefault = true
exposedByDefault = false
defaultRule = "Host(`{{normalize .Name}}.${var.base_hostname}`)"
[providers.consulCatalog.endpoint]
address = "http://<< env "CONSUL_HTTP_ADDR" >>"
EOH
destination = "/config/traefik.toml"
}
template {
# Avoid conflict with TOML lists [[ ]] and Go templates {{ }}
left_delimiter = "<<"
right_delimiter = ">>"
data = <<EOH
[http]
[http.routers]
[http.routers.nomad]
2022-03-15 11:57:00 -07:00
entryPoints = ["websecure"]
2022-03-14 15:58:03 -07:00
# middlewares = []
service = "nomad"
rule = "Host(`nomad.${var.base_hostname}`)"
[http.routers.consul]
2022-03-15 11:57:00 -07:00
entryPoints = ["websecure"]
2022-03-14 15:58:03 -07:00
# middlewares = []
service = "consul"
rule = "Host(`consul.${var.base_hostname}`)"
2022-03-15 11:57:00 -07:00
[http.routers.vault]
entryPoints = ["websecure"]
# middlewares = []
service = "vault"
rule = "Host(`vault.${var.base_hostname}`)"
2022-03-14 15:58:03 -07:00
[http.services]
<< with service "nomad-client" ->>
2022-03-14 15:58:03 -07:00
[http.services.nomad]
[http.services.nomad.loadBalancer]
<< range . ->>
2022-03-14 15:58:03 -07:00
[[http.services.nomad.loadBalancer.servers]]
2022-03-15 11:57:00 -07:00
url = "http://<< .Address >>:<< .Port >>"
<< end >>
<<- end >>
<< with service "consul" ->>
2022-03-14 15:58:03 -07:00
[http.services.consul]
[http.services.consul.loadBalancer]
<< range . ->>
2022-03-14 15:58:03 -07:00
[[http.services.consul.loadBalancer.servers]]
2022-04-15 12:25:15 -07:00
# Not using .Port because that's an RPC port
url = "http://<< .Address >>:8500"
2022-03-15 11:57:00 -07:00
<< end >>
<<- end >>
<< with service "vault" ->>
2022-03-15 11:57:00 -07:00
[http.services.vault]
[http.services.vault.loadBalancer]
<< range . ->>
2022-03-15 11:57:00 -07:00
[[http.services.vault.loadBalancer.servers]]
url = "http://<< .Address >>:<< .Port >>"
<< end >>
<<- end >>
2022-03-14 15:58:03 -07:00
EOH
destination = "/config/conf/route-hashi.toml"
change_mode = "noop"
2022-02-16 09:56:18 -08:00
}
resources {
2022-02-17 14:03:42 -08:00
cpu = 50
memory = 50
2022-02-16 09:56:18 -08:00
}
}
}
}