2023-05-09 13:20:36 -07:00
2022-07-08 16:24:03 -07:00
# Vars
# name = string*
# image = string*
# service_port = int
# ingress = bool
2022-07-25 10:44:37 -07:00
# sticky_disk = bool
2022-07-08 16:24:03 -07:00
# args = json(list[str])
# resources = dict(cpu = int, mem = int)
2022-08-30 15:16:08 -07:00
# env = json(dict(str: any))
2022-11-03 15:10:51 -07:00
# ingress_middlewares = json(list(str))
2022-07-08 16:24:03 -07:00
# templates = json(list(dict(
# data = str,
# dest = str,
# change_mode = str,
# change_signal = str,
# left_delimiter = str,
# right_delimiter = str,
2022-11-10 10:20:53 -08:00
# mount = bool
2022-07-08 16:24:03 -07:00
# )))
2022-08-30 15:16:08 -07:00
# host_volumes = json(list(dict(
# name = str,
# dest = str,
# read_only = bool,
# )))
2022-07-08 16:24:03 -07:00
# healthcheck = "/"
2022-10-27 14:28:34 -07:00
# upstreams = json(list(dict(
# destination_name = str,
# local_bind_port = int
# )))
2022-07-08 16:24:03 -07:00
# mysql = bool
# redis = bool
2022-07-27 14:41:13 -07:00
# vault = bool
2022-11-10 10:20:53 -08:00
# mysql_bootstrap = json(dict(
# vault_key = str
# db_name = str
# db_name_key = str
# db_user = str
# db_user_key = str
# db_pass = str
# db_pass_key = str
# ))
2022-07-08 16:24:03 -07:00
job "[[.name]]" {
region = "global"
datacenters = ["dc1"]
type = "service"
group "[[.name]]" {
2022-07-27 14:41:42 -07:00
[[ with .count ]]count = [[ . ]][[ end ]]
2022-07-08 16:24:03 -07:00
network {
mode = "bridge"
2022-07-27 14:41:42 -07:00
[[ if not (empty .service_port) -]]
2022-07-08 16:24:03 -07:00
port "main" {
2023-03-24 16:32:37 -07:00
host_network = "wesher"
2022-07-27 14:41:42 -07:00
to = [[ .service_port ]]
2022-07-08 16:24:03 -07:00
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
2022-07-25 10:44:37 -07:00
[[ if default false .sticky_disk ]]
ephemeral_disk {
migrate = true
sticky = true
[[ end ]]
2022-08-30 15:16:08 -07:00
[[ with .host_volumes -]]
[[ range $v := . | parseJSON -]]
volume "[[ $v.name ]]" {
type = "host"
2022-09-04 14:26:19 -07:00
read_only = [[ $v.read_only ]]
2022-08-30 15:16:08 -07:00
source = "[[ $v.name ]]"
[[ end ]]
[[ end -]]
2022-07-08 16:24:03 -07:00
[[ if not (empty .service_port) ]]
service {
name = "[[.name | replace "_" "-"]]"
2022-11-22 14:01:28 -08:00
provider = "nomad"
2022-07-08 16:24:03 -07:00
port = "main"
2022-07-25 15:52:02 -07:00
[[ if not (eq .healthcheck "") -]]
2022-07-08 16:24:03 -07:00
check {
type = "http"
path = "[[ or .healthcheck "/" ]]"
port = "main"
interval = "10s"
timeout = "10s"
2022-07-25 15:52:02 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
tags = [
[[ if default false .ingress -]]
2022-09-06 14:47:06 -07:00
[[ if not (empty .ingress_rule) -]]
[[ end -]]
2022-11-03 15:10:51 -07:00
[[ with .ingress_middlewares -]][[ range $m := . | parseJSON -]]
"traefik.http.routers.[[$.name]].middlewares=[[ $m ]]",
[[ end -]][[ end -]]
2022-07-08 16:24:03 -07:00
[[ end -]]
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
task "[[.name]]" {
driver = "docker"
config {
image = "[[.image]]"
2022-11-10 10:20:53 -08:00
[[ with .service_port -]]
2022-07-08 16:24:03 -07:00
ports = ["main"]
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-11-10 10:20:53 -08:00
[[ with .args -]]
args = [[ . ]]
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
2022-07-27 14:41:42 -07:00
[[ with .templates -]]
[[ range $t := . | parseJSON -]]
2022-11-10 10:20:53 -08:00
[[ if and (default true $t.mount) (not (default false $t.env)) -]]
2022-07-08 16:24:03 -07:00
mount {
type = "bind"
target = "[[ $t.dest ]]"
2022-11-10 10:20:53 -08:00
source = "[[ default "local/" $t.dest_prefix ]][[ $t.dest ]]"
2022-07-08 16:24:03 -07:00
2022-11-10 10:20:53 -08:00
[[ end -]]
2022-07-08 16:24:03 -07:00
[[ end ]]
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
[[ with .env -]]
env = {
2022-08-30 15:16:08 -07:00
[[ range $k, $v := . | parseJSON -]]
2022-07-08 16:24:03 -07:00
"[[$k]]" = "[[$v]]"
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
2022-08-30 15:16:08 -07:00
[[ with .host_volumes -]]
[[ range $v := . | parseJSON -]]
volume_mount {
volume = "[[ $v.name ]]"
destination = "[[ $v.dest ]]"
2022-09-04 14:26:19 -07:00
read_only = [[ $v.read_only ]]
2022-08-30 15:16:08 -07:00
[[ end ]]
[[ end -]]
2022-07-27 14:41:42 -07:00
[[ with .templates -]]
[[ range $t := . | parseJSON -]]
2022-07-08 16:24:03 -07:00
template {
data = <<EOF
[[ $t.data ]]
2022-11-10 10:20:53 -08:00
destination = "[[ default "local/" $t.dest_prefix ]][[ $t.dest ]]"
2022-07-08 16:24:03 -07:00
[[ with $t.left_delimiter ]]left_delimiter = "[[ . ]]"[[ end -]]
[[ with $t.right_delimiter ]]right_delimiter = "[[ . ]]"[[ end -]]
[[ with $t.change_mode ]]change_mode = "[[ . ]]"[[ end -]]
[[ with $t.change_signal ]]change_signal = "[[ . ]]"[[ end -]]
[[ with $t.env ]]env = [[ . ]][[ end ]]
2022-07-27 14:41:42 -07:00
[[ end -]]
[[ end -]]
2022-07-08 16:24:03 -07:00
2022-07-27 14:41:42 -07:00
[[ with .resources -]]
2022-07-08 16:24:03 -07:00
resources {
cpu = [[ .cpu ]]
memory = [[ .memory ]]
2022-07-27 14:41:42 -07:00
[[ end -]]
2022-07-08 16:24:03 -07:00
2022-11-11 13:24:28 -08:00
[[ with .mysql_bootstrap ]][[ with . | parseJSON ]]
2022-11-10 10:20:53 -08:00
task "[[$.name]]-bootstrap" {
driver = "docker"
lifecycle {
hook = "prestart"
sidecar = false
config {
2022-11-10 11:15:58 -08:00
image = "mariadb:10"
2022-11-10 10:20:53 -08:00
args = [
"/usr/bin/mysql --defaults-extra-file=${NOMAD_SECRETS_DIR}/my.cnf < ${NOMAD_SECRETS_DIR}/bootstrap.sql",
vault {
policies = [
template {
data = <<EOF
2023-03-24 11:24:36 -07:00
{{ range nomadService 1 (env "NOMAD_ALLOC_ID") "mysql-server" -}}
host={{ .Address }}
port={{ .Port }}
{{ end -}}
2022-11-10 10:20:53 -08:00
2023-03-24 11:24:36 -07:00
# TODO: Use via lesser scoped access
{{ with nomadVar "nomad/jobs" -}}
password={{ .mysql_root_password }}
2022-11-10 10:20:53 -08:00
{{ end -}}
destination = "${NOMAD_SECRETS_DIR}/my.cnf"
template {
data = <<EOF
2023-03-24 11:24:36 -07:00
{{ with nomadVar "[[.vault_key]]" -}}
CREATE DATABASE IF NOT EXISTS `{{ .[[ default "db_name" .db_name_key ]] }}`
2022-11-10 10:20:53 -08:00
CHARACTER SET = 'utf8mb4'
COLLATE = 'utf8mb4_unicode_ci';
2023-03-24 11:24:36 -07:00
CREATE USER IF NOT EXISTS '{{ .[[ default "db_user" .db_user_key ]] }}'@'%'
IDENTIFIED BY '{{ .[[ default "db_pass" .db_pass_key ]] }}';
GRANT ALL ON `{{ .[[ default "db_name" .db_name_key ]] }}`.* to '{{ .[[ default "db_user" .db_user_key ]] }}'@'%';
2022-11-10 10:20:53 -08:00
{{ end -}}
{{ end -}}
destination = "${NOMAD_SECRETS_DIR}/bootstrap.sql"
resources {
cpu = 50
memory = 50
[[ end -]][[ end -]]
2022-07-08 16:24:03 -07:00