Commit Graph

49 Commits

Author SHA1 Message Date
c248edfc52 Spit out log message when retrying db connection on bootstrap 2024-10-02 11:24:58 -07:00
8866434590 Increase db bootstrap timeouts
Prevents service flapping while database is trying to recover
2024-08-30 11:30:02 -07:00
79648879ab Use new oidc module for setting up oidc with Authelia 2024-08-29 14:07:49 -07:00
c5743a2578 Add ability to set docker user for services 2024-06-26 13:30:50 -07:00
bd67c60575 Make more things auto-revert if they are broken 2024-06-26 13:29:55 -07:00
9ee660cb6d Pin stunnel image to speed deployments
This will prevent redownload
2024-06-26 13:27:41 -07:00
b9c35bf18f Add ability to set task identities for service module 2024-05-01 10:18:24 -07:00
3dcd4c44b3 Tune memory after reviewing grafana 2024-03-26 09:48:31 -07:00
64a085ef80 Reatart failing services
Restart services that fail checks
2024-02-18 07:49:16 -08:00
37ee67b2e6 fix: Add job_id output to services
This should be earlier in history
2024-01-23 12:09:29 -08:00
35dfeb3093 Add service healthchecks 2024-01-23 12:08:47 -08:00
9ba74ce698 Use return vars for service acl 2024-01-16 14:16:21 -08:00
cda2842f8f Switch to image containing stunnel
Rather than installing on container startup, using an image with
stunnel pre-installed. This avoids issues with DNS breaking
the container on startup.
2024-01-03 13:50:49 -08:00
cdd4e9b5d5 Fix custom ports for services 2023-11-30 13:22:53 -08:00
df1ae60936 Add change_script to service module 2023-11-06 14:41:13 -08:00
ad439d48f3 Add waiting for loki and prom dependencies in core 2023-09-27 21:30:22 -07:00
8dd00c1249 authelia and grafana to shared smtp secrets 2023-08-29 15:11:40 -07:00
edeb6cf444 lldap: access shared smtp secrets 2023-08-29 14:56:06 -07:00
f5898b0283 Add workload ACL management for mysql and postgres access
Allows required jobs to access shared secrets and auto generates psks
for stunnel.

Currently supporting MySQL, Postgres, and LDAP.
2023-08-29 12:48:48 -07:00
2efc7f8c2f Add ability to set job meta for services 2023-08-24 15:41:18 -07:00
7aa5b800ba Clean up finally rendered templates for services 2023-08-24 15:37:42 -07:00
d5078b24da Refactor use of wesher to be behind a variable toggle
Occasionally I run into issues with Wesher. This makes it easier to
disable use of Wesher by setting TF_VAR_use_wesher to false.
2023-08-24 12:51:32 -07:00
41c9d3d6f6 Adjust down default service stunnel sidecar resources
Keep photoprism and lidarr, database heavy tools, at the same level
2023-08-07 11:31:35 -07:00
0ea9da3a53 Update postgres bootstrap allowing multiple databases 2023-07-25 16:57:33 -07:00
ac29343d96 Add postgres stunnel and service bootstrap 2023-07-25 10:59:33 -07:00
f8478ae6c9 Service Template: Make sure stunnel is there for ldap 2023-07-25 10:30:28 -07:00
f0d31ff13c Move stunnel psks to a more restrictive path 2023-07-25 10:16:30 -07:00
c33f877af8 Allow specifying port from value for local host binding 2023-07-24 15:23:40 -07:00
b9fb2d4b07 Add ability to specify custom services for service module 2023-07-24 15:23:31 -07:00
d0641f8edf Enable setting static ports for service template 2023-07-07 16:33:36 -07:00
2b91b6dc8f Add instance count to service template 2023-07-07 15:51:19 -07:00
0a7ad7a9dc Enable redis for authelia
This also splits redis instances by service
2023-07-07 15:50:23 -07:00
88e91e5e5d Deploy authelia
Backed by lldap and mysql and deployed on whoami for now as a forward
proxy example

Would be good to add oidc for Nomad as well as make policies configurable
via Nomad variables.
2023-07-06 18:00:06 -07:00
a90b3bbdbe Make it easier to enable bootstrap now that key isn't included 2023-07-06 17:25:13 -07:00
cdbd6a9cb3 Add ability to set priority for service templates 2023-07-06 17:25:13 -07:00
8650ab973a Add stunnel for ldap as part of service template 2023-07-06 17:25:13 -07:00
f11fad30a5 Use stunnel for mysql
Doesn't remove wesher or normal mysql service
2023-05-09 13:20:36 -07:00
27fd60d84d Add missing service to Wesher
Promtail, Backups, service module
2023-05-02 21:14:36 -07:00
f75d149f32 Add constraints and docker devices to service template 2023-04-20 16:47:07 -07:00
08d0e93638 Clean up and remove some consul and vault stuff 2023-03-24 22:58:44 -07:00
98ea2a1ca0 A whole lot of incremental fixes for nomad variables and such
Also adds stunnel between redis and clients
2023-03-24 16:32:37 -07:00
d8307935f5 Refactor everything for nomad vars 2023-03-24 11:24:36 -07:00
5228e7c7fb Export envoy metrics for services 2023-03-02 11:00:30 -08:00
882fe7e29c Some cleanup of service template whitespace 2023-03-02 10:42:33 -08:00
208f90e7bf Increase memory and max memory for connect proxy for services 2023-02-28 15:57:45 -08:00
9fe63d03d9 Add image_pull_timeout to service template 2023-02-27 11:54:33 -08:00
0a798aa5a7 Add meta tags to service template 2023-01-11 15:40:42 -08:00
17ab7f637f Add metrics support to service template 2022-11-15 09:04:18 -08:00
a30749f357 Switch services to module based Terraform template from levant
This ends up with a better experience in dealing with tfstate for some
services. Not sure why.
2022-11-11 13:47:26 -08:00