variable "nextcloud_backup" { type = string description = "HCL config for Restic Scheduler jobs" } job "backup" { datacenters = ["dc1"] type = "service" group "nomad0" { count = 1 network { mode = "bridge" port "metrics" { to = 8080 } } volume "nextcloud-data" { type = "host" read_only = true source = "nextcloud-data" } volume "gitea-data" { type = "host" read_only = true source = "gitea-data" } volume "authentik-data" { type = "host" read_only = true source = "authentik-data" } service { port = "metrics" # Add connect to mysql connect { sidecar_service { proxy { local_service_port = 8080 upstreams { destination_name = "mysql-server" local_bind_port = 6060 } config { protocol = "tcp" } } } sidecar_task { resources { cpu = 50 memory = 50 } } } meta { metrics_addr = "${NOMAD_ADDR_metrics}" } } task "backup" { driver = "docker" volume_mount { volume = "nextcloud-data" destination = "/data/nextcloud" read_only = true } volume_mount { volume = "gitea-data" destination = "/data/gitea" read_only = true } volume_mount { volume = "authentik-data" destination = "/data/authentik" read_only = true } config { image = "iamthefij/resticscheduler" ports = ["metrics"] args = [ "/jobs/nextcloud.hcl", ] mount { type = "bind" target = "/jobs" source = "jobs" } } env = { "MYSQL_HOST" = "${NOMAD_UPSTREAM_IP_mysql_server}" "MYSQL_PORT" = "${NOMAD_UPSTREAM_PORT_mysql_server}" # TODO: Add user with access to all databases or variables for each user "MYSQL_DATABASE" = "nextcloud" "MYSQL_USER" = "nextcloud" "MYSQL_PASSWORD" = "nextcloud" # TODO: Something from vault "BACKUP_PASSPHRASE" = "secretpass" } template { data = var.nextcloud_backup destination = "jobs/nextcloud.hcl" } resources { cpu = 50 memory = 256 } } } }