75 lines
1.7 KiB
Text
75 lines
1.7 KiB
Text
|
job "nextcloud" {
|
||
|
|
datacenters = ["columbia"]
|
||
|
|
region = "global"
|
||
|
|
type = "service"
|
||
|
|
|
||
|
|
update {
|
||
|
|
stagger = "30s"
|
||
|
|
max_parallel = 1
|
||
|
|
}
|
||
|
|
|
||
|
|
group "nextcloud" {
|
||
|
|
count = 1
|
||
|
|
|
||
|
|
task "nextcloud" {
|
||
|
|
vault {
|
||
|
|
policies = ["default", "ansible"]
|
||
|
|
change_mode = "restart"
|
||
|
|
}
|
||
|
|
driver = "docker"
|
||
|
|
config {
|
||
|
|
image = "docker.service.masked.name:8082/nextcloud:21.0.0-apache"
|
||
|
|
ports = ["nextcloud"]
|
||
|
|
volumes = [
|
||
|
|
"/mnt/raid/nextcloud/:/var/www/html"
|
||
|
|
]
|
||
|
|
}
|
||
|
|
|
||
|
|
service {
|
||
|
|
name = "nextcloud"
|
||
|
|
port = "nextcloud"
|
||
|
|
|
||
|
|
check {
|
||
|
|
name = "nextcloud"
|
||
|
|
type = "tcp"
|
||
|
|
interval = "10s"
|
||
|
|
timeout = "2s"
|
||
|
|
address_mode = "driver"
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
template {
|
||
|
|
data = <<EOH
|
||
|
|
{{- with secret "pki_int/issue/masked-dot-name" "common_name=nextcloud.service.masked.name" "alt_names=nextcloud.service.columbia.masked.name" -}}
|
||
|
|
{{- .Data.certificate -}}
|
||
|
|
{{- end -}}
|
||
|
|
EOH
|
||
|
|
destination = "${NOMAD_SECRETS_DIR}/nextcloud.crt"
|
||
|
|
change_mode = "restart"
|
||
|
|
}
|
||
|
|
|
||
|
|
template {
|
||
|
|
data = <<EOH
|
||
|
|
{{- with secret "pki_int/issue/masked-dot-name" "common_name=nextcloud.service.masked.name" "alt_names=nextcloud.service.columbia.masked.name" -}}
|
||
|
|
{{- .Data.private_key -}}
|
||
|
|
{{- end -}}
|
||
|
|
EOH
|
||
|
|
destination = "${NOMAD_SECRETS_DIR}/nextcloud.key"
|
||
|
|
change_mode = "restart"
|
||
|
|
}
|
||
|
|
|
||
|
|
resources {
|
||
|
|
cpu = 2000
|
||
|
|
memory = 2560
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
network {
|
||
|
|
port "nextcloud" {
|
||
|
|
to = 80
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
}
|
||
|
|
}
|