99 lines
1.6 KiB
Plaintext
99 lines
1.6 KiB
Plaintext
|
job "postgres" {
|
||
|
datacenters = ["dc1"]
|
||
|
type = "service"
|
||
|
priority = 80
|
||
|
|
||
|
group "postgres" {
|
||
|
count = 1
|
||
|
|
||
|
restart {
|
||
|
attempts = 10
|
||
|
interval = "5m"
|
||
|
delay = "25s"
|
||
|
mode = "delay"
|
||
|
}
|
||
|
|
||
|
network {
|
||
|
mode = "bridge"
|
||
|
port "db" {
|
||
|
host_network = "loopback"
|
||
|
to = 5432
|
||
|
}
|
||
|
}
|
||
|
|
||
|
volume "postgres-data" {
|
||
|
type = "host"
|
||
|
read_only = false
|
||
|
source = "postgres-data"
|
||
|
}
|
||
|
|
||
|
service {
|
||
|
name = "postgres"
|
||
|
port = "db"
|
||
|
|
||
|
connect {
|
||
|
sidecar_service {
|
||
|
proxy {
|
||
|
local_service_port = 5432
|
||
|
}
|
||
|
}
|
||
|
|
||
|
sidecar_task {
|
||
|
resources {
|
||
|
cpu = 50
|
||
|
memory = 50
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
# Can't use a tcp check with bridge network or proxy
|
||
|
# check {
|
||
|
# type = "tcp"
|
||
|
# interval = "10s"
|
||
|
# timeout = "2s"
|
||
|
# }
|
||
|
}
|
||
|
|
||
|
task "postgres" {
|
||
|
driver = "docker"
|
||
|
|
||
|
config {
|
||
|
image = "postgres:14"
|
||
|
ports = ["db"]
|
||
|
}
|
||
|
|
||
|
vault {
|
||
|
policies = [
|
||
|
"access-tables",
|
||
|
"nomad-task",
|
||
|
]
|
||
|
}
|
||
|
|
||
|
volume_mount {
|
||
|
volume = "postgres-data"
|
||
|
destination = "/var/lib/postgresql/data"
|
||
|
read_only = false
|
||
|
}
|
||
|
|
||
|
env = {
|
||
|
PGDATA = "/var/lib/postgresql/data/pgdata"
|
||
|
}
|
||
|
|
||
|
template {
|
||
|
data = <<EOH
|
||
|
{{ with secret "kv/data/postgres" }}
|
||
|
POSTGRES_PASSWORD={{ .Data.data.superuser_password }}
|
||
|
{{ end }}
|
||
|
EOH
|
||
|
destination = "secrets/db.env"
|
||
|
env = true
|
||
|
}
|
||
|
|
||
|
resources {
|
||
|
cpu = 300
|
||
|
memory = 1024
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|