Backed by lldap and mysql and deployed on whoami for now as a forward proxy example Would be good to add oidc for Nomad as well as make policies configurable via Nomad variables.
58 lines
1.1 KiB
HCL
58 lines
1.1 KiB
HCL
variable "count" {
|
|
type = number
|
|
default = 2
|
|
}
|
|
|
|
job "whoami" {
|
|
region = "global"
|
|
datacenters = ["dc1"]
|
|
|
|
type = "service"
|
|
|
|
group "whoami" {
|
|
count = var.count
|
|
|
|
network {
|
|
mode = "bridge"
|
|
port "web" {
|
|
host_network = "wesher"
|
|
to = 80
|
|
}
|
|
}
|
|
|
|
service {
|
|
name = "whoami"
|
|
provider = "nomad"
|
|
port = "web"
|
|
|
|
tags = [
|
|
"traefik.enable=true",
|
|
"traefik.http.routers.whoami.entryPoints=websecure",
|
|
# "traefik.http.routers.whoami.middlewares=basic-auth@file",
|
|
"traefik.http.routers.whoami.middlewares=authelia@nomad",
|
|
# "traefik.http.routers.whoami.middlewares=authelia-basic@consulcatalog",
|
|
# "traefik.http.routers.whoami.middlewares=authelia@file",
|
|
]
|
|
}
|
|
|
|
task "whoami" {
|
|
driver = "docker"
|
|
|
|
meta = {
|
|
"diun.enable" = false
|
|
}
|
|
|
|
config {
|
|
image = "containous/whoami:latest"
|
|
ports = ["web"]
|
|
args = ["--port", "${NOMAD_PORT_web}"]
|
|
}
|
|
|
|
resources {
|
|
cpu = 50
|
|
memory = 20
|
|
}
|
|
}
|
|
}
|
|
}
|