job "${name}" { region = "global" datacenters = ["dc1"] type = "service" group "${name}" { network { mode = "bridge" %{ if service_port != null ~} port "main" { %{ if ingress ~} host_network = "loopback" %{ endif ~} to = ${service_port} } %{ endif ~} %{ for port in ports ~} port "${port.name}" { %{ if port.host_network != null }host_network = "${port.host_network}"%{ endif ~} %{ if port.to != null }to = ${port.to}%{ endif ~} %{ if port.static != null }static = ${port.static}%{ endif ~} } %{ endfor } } %{ if sticky_disk ~} ephemeral_disk { migrate = true sticky = true } %{ endif ~} %{ for host_volume in host_volumes ~} volume "${host_volume.name}" { type = "host" read_only = ${host_volume.read_only} source = "${host_volume.name}" } %{ endfor ~} %{ if service_port != null ~} service { name = "${replace(name, "_", "-")}" port = "main" %{ if anytrue([ingress, use_mysql, use_redis, use_ldap, length(upstreams) > 0]) } connect { sidecar_service { proxy { local_service_port = ${service_port} %{ if use_mysql } upstreams { destination_name = "mysql-server" local_bind_port = 4040 } %{ endif ~} %{ if use_redis } upstreams { destination_name = "redis" local_bind_port = 6379 } %{ endif ~} %{ if use_ldap } upstreams { destination_name = "ldap" local_bind_port = 3890 } %{ endif ~} %{ for upstream in upstreams ~} upstreams { destination_name = "${upstream.destination_name}" local_bind_port = ${upstream.local_bind_port} } %{ endfor } } } sidecar_task { resources { cpu = 50 memory = 20 memory_max = 50 } } } %{ endif ~} %{ if healthcheck_path != null ~} check { type = "http" path = "${healthcheck_path}" port = "main" interval = "10s" timeout = "10s" } %{ endif ~} %{ if metrics_port_name != null ~} meta { metrics_addr = "$${NOMAD_ADDR_${metrics_port_name}}" } %{ endif ~} tags = [ %{ if ingress ~} "traefik.enable=true", "traefik.http.routers.${name}.entryPoints=websecure", %{ if try(ingress_rule, null) != null ~} "traefik.http.routers.${name}.rule=${ingress_rule}", %{ endif ~} %{ for middleware in ingress_middlewares ~} "traefik.http.routers.${name}.middlewares=${middleware}", %{ endfor ~} %{ for tag in service_tags ~} "${tag}", %{ endfor ~} %{ endif ~} ] } %{ endif ~} task "${name}" { driver = "docker" config { image = "${image}" %{ if service_port != null ~} ports = ["main"] %{ endif ~} %{ if length(try(args, [])) > 0 ~} args = ${jsonencode(args)} %{ endif ~} %{ for template in templates ~} %{ if template.mount && !template.env ~} mount { type = "bind" target = "${template.dest}" source = "${template.dest_prefix}/${template.dest}" } %{ endif ~} %{ endfor ~} } %{ if use_vault ~} vault { policies = [ "access-tables", "nomad-task", ] } %{ endif ~} %{ if length(env) > 0 ~} env = { %{ for k, v in env ~} "${k}" = "${v}" %{ endfor } } %{ endif ~} %{ for volume in host_volumes ~} volume_mount { volume = "${volume.name}" destination = "${volume.dest}" read_only = ${volume.read_only} } %{ endfor ~} %{ for template in templates ~} template { data = <