Add scheduled job to update UniFi Traffic Routes

Because I use a custom DNS server, Domain based routing rules don't work. This instead resolves the domains and then adds the IP addresses to the rules.
2023-11-20 10:37:03 -08:00 · 2023-11-20 10:37:03 -08:00 · b218633c2c
parent e21ec11eb5
commit b218633c2c
3 changed files with 42 additions and 0 deletions
--- a/ansible_playbooks/vars/nomad_vars.sample.yml
+++ b/ansible_playbooks/vars/nomad_vars.sample.yml
@ -132,6 +132,9 @@ nomad/jobs/traefik:
  acme_email: VALUE
  domain_lego_dns: VALUE
  usersfile: VALUE
+nomad/jobs/unifi-traffic-route-ips:
+  unifi_password: VALUE
+  unifi_username: VALUE
 nomad/oidc:
  secret: VALUE
 secrets/mysql:
--- a/services/unifi-traffic-route-ips.nomad
+++ b/services/unifi-traffic-route-ips.nomad
@ -0,0 +1,36 @@
+job "unifi-traffic-route-ips" {
+
+  type = "batch"
+
+  periodic {
+    cron = "*/15 * * * * *"
+    prohibit_overlap = true
+  }
+
+  group "main" {
+
+    task "main" {
+      driver = "docker"
+
+      config {
+        image = "iamthefij/unifi-traffic-routes:0.0.1"
+      }
+
+      env = {
+        UNIFI_HOST = "192.168.2.1",
+        UNIFI_PORT = "443",
+      }
+
+      template {
+      data        = <<EOF
+{{ with nomadVar "nomad/jobs/unifi-traffic-route-ips" -}}
+UNIFI_USER={{ .unifi_username }}
+UNIFI_PASS={{ .unifi_password }}
+{{ end -}}
+      EOF
+      destination = "$${NOMAD_SECRETS_DIR}/env"
+      env         = true
+      }
+    }
+  }
+}
--- a/services/unifi-traffic-route-ips.tf
+++ b/services/unifi-traffic-route-ips.tf
@ -0,0 +1,3 @@
+resource "nomad_job" "unifi-traffic-route-ips" {
+  jobspec = file("${path.module}/unifi-traffic-route-ips.nomad")
+}