Asara/infra
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
infra/nomad/gitea.nomad

101 lines
2.5 KiB
HCL
Raw Blame History

job "gitea" {
datacenters = ["columbia"]
region = "global"
type = "service"
constraint {
attribute = "${meta.storage_optimized}"
value = "true"
}
update {
stagger = "30s"
max_parallel = 1
}
group "gitea" {
count = 1
task "gitea" {
vault {
policies = ["default", "ansible"]
change_mode = "restart"
}
driver = "docker"
config {
image = "docker.service.masked.name:8082/gitea:latest"
ports = ["http"]
volumes = [
"/mnt/raid/gitea:/data"
]
}
service {
name = "gitea"
port = "http"
check {
name = "gitea"
type = "tcp"
interval = "10s"
timeout = "2s"
address_mode = "driver"
}
}
template {
data = <<EOH
{{- with secret "pki_int/issue/masked-dot-name" "common_name=gitea.service.masked.name" "alt_names=gitea.service.columbia.masked.name" -}}
{{- .Data.certificate -}}
{{- end -}}
EOH
destination = "${NOMAD_SECRETS_DIR}/gitea.crt"
change_mode = "restart"
}
template {
data = <<EOH
{{- with secret "pki_int/issue/masked-dot-name" "common_name=gitea.service.masked.name" "alt_names=gitea.service.columbia.masked.name" -}}
{{- .Data.private_key -}}
{{- end -}}
EOH
destination = "${NOMAD_SECRETS_DIR}/gitea.key"
change_mode = "restart"
}
template {
data = <<EOH
APP_NAME = "gitea"
ROOT_URL = "https://git.minhas.io"
LOCAL_ROOT_URL = "http://localhost:3000/"
DOMAIN = "git.minhas.io"
DB_TYPE = postgres
DB_HOST = ivyking.node.masked.name
DB_NAME = gogs
DB_USER = gogs
DB_PASSWD = "{{ with secret "kv/data/gitea" }}{{ .Data.data.db_pw }}{{ end }}"
DISABLE_SSH = true
USER_UID = 1008
USER_GID = 1010
INSTALL_LOCK = true
SECRET_KEY = "{{ with secret "kv/data/gitea" }}{{ .Data.data.secret_key }}{{ end }}"
EOH
destination = "secrets/gitea.env"
env = true
}
resources {
cpu = 2000
memory = 2560
}
}
network {
port "http" {
to = 3000
}
}
}
}
Reference in a new issue View git blame Copy permalink