orchestration-tests/nomad/services.tf

# Configure Consul provider
variable "consul_address" {
  type    = string
  default = "http://nomad0.thefij:8500"
}

variable "base_hostname" {
  type = string
  description = "Base hostname to serve content from"
  default = "dev.homelab"
}

provider "consul" {
  address = var.consul_address
}

# Get Nomad client from Consul
data "consul_service" "read-nomad-cluster" {
  name = "nomad-client"
}

locals {
  nomad_node = data.consul_service.read-nomad-cluster.service[0]
  nomad_node_address = "http://${local.nomad_node.node_address}:${local.nomad_node.port}"
}

# Configure the Nomad provider
provider "nomad" {
  address = local.nomad_node_address
  region  = "global"
}

# Define services as modules

module "mysql-server" {
  source = "./mysql"
}

module "redis" {
  source = "./redis"
}

module "blocky" {
  source = "./blocky"

  base_hostname = var.base_hostname
  depends_on = [module.mysql-server, module.redis]
}

module "traefik" {
  source = "./traefik"

  consul_address = var.consul_address
  base_hostname = var.base_hostname
}

module "metrics" {
  source = "./metrics"

  consul_address = var.consul_address
}

module "nextcloud" {
  source = "./nextcloud"

  depends_on = [module.mysql-server]
}

resource "nomad_job" "whoami" {
  hcl2 {
    enabled = true
    vars = {
      "count" = "${2 * length(data.consul_service.read-nomad-cluster.service)}",
    }
  }

  jobspec = file("${path.module}/whoami.nomad")
}

resource "consul_config_entry" "global_access" {
  name = "*"
  kind = "service-intentions"

  config_json = jsonencode({
    Sources = [
      {
        Action     = "allow"
        Name       = "traefik"
        Precedence = 6
        Type       = "consul"
      },
      {
        Action     = "deny"
        Name       = "*"
        Precedence = 5
        Type       = "consul"
      },
    ]
  })
}