55 lines
1.3 KiB
HCL
55 lines
1.3 KiB
HCL
module "diun" {
|
|
source = "./service"
|
|
|
|
name = "diun"
|
|
image = "crazymax/diun:4.27"
|
|
args = ["serve", "--log-level=debug"]
|
|
|
|
sticky_disk = true
|
|
|
|
env = {
|
|
DIUN_DB_PATH = "$${NOMAD_ALLOC_DIR}/data/diun.db"
|
|
DIUN_WATCH_SCHEDULE = "0 */6 * * *"
|
|
DIUN_PROVIDERS_NOMAD_WATCHBYDEFAULT = true
|
|
DIUN_DEFAULTS_WATCHREPO = true
|
|
DIUN_DEFAULTS_SORTTAGS = "semver"
|
|
DIUN_DEFAULTS_INCLUDETAGS = "^\\d+(\\.\\d+){0,2}$"
|
|
|
|
# Nomad API
|
|
NOMAD_ADDR = "unix:///secrets/api.sock"
|
|
DIUN_PROVIDERS_NOMAD = true
|
|
DIUN_PROVIDERS_NOMAD_SECRETID = "$${NOMAD_TOKEN}"
|
|
}
|
|
|
|
task_identity = {
|
|
env = true
|
|
}
|
|
|
|
templates = [
|
|
{
|
|
data = <<EOF
|
|
{{ with nomadVar "nomad/jobs/diun" -}}
|
|
DIUN_NOTIF_SLACK_WEBHOOKURL={{ .slack_hook_url }}
|
|
{{- end }}
|
|
EOF
|
|
dest_prefix = "$${NOMAD_SECRETS_DIR}"
|
|
dest = "env"
|
|
env = true
|
|
mount = false
|
|
},
|
|
]
|
|
}
|
|
|
|
resource "nomad_acl_policy" "diun_query_jobs" {
|
|
name = "diun-query-jobs"
|
|
description = "Allow diun to query jobs"
|
|
rules_hcl = <<EOH
|
|
namespace "default" {
|
|
capabilities = ["list-jobs", "read-job"]
|
|
}
|
|
EOH
|
|
job_acl {
|
|
job_id = module.diun.job_id
|
|
}
|
|
}
|