aboutsummaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-09-21 16:29:49 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-09-21 16:29:49 +0200
commit9e4e2f7b99ab8816afcf51e9575d75ccf73fb23f (patch)
tree7219b5a11bec1ce2aa439aa463f414b2f4408184 /app
parent09fc30214da3febbf9c06a81bd52701f370be67e (diff)
downloadinfrastructure-9e4e2f7b99ab8816afcf51e9575d75ccf73fb23f.tar.gz
infrastructure-9e4e2f7b99ab8816afcf51e9575d75ccf73fb23f.zip
Add plume
Diffstat (limited to 'app')
-rwxr-xr-xapp/config/restore_configuration.sh2
-rw-r--r--app/config/secrets/.gitignore1
-rwxr-xr-xapp/config/secrets/plume/pgsql_pw.sh2
-rwxr-xr-xapp/config/secrets/plume/secret_key.sh2
-rw-r--r--app/deployment/plume.hcl71
5 files changed, 77 insertions, 1 deletions
diff --git a/app/config/restore_configuration.sh b/app/config/restore_configuration.sh
index 33742e5..63d71a1 100755
--- a/app/config/restore_configuration.sh
+++ b/app/config/restore_configuration.sh
@@ -1,7 +1,7 @@
#!/bin/bash
find {configuration,secrets}/$1 -type f \
- | grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \
+ | grep --perl-regexp --invert-match "\.sample$|\.gen$|\.gitignore|\.sh$" \
| while read filename; do
consul kv put "${filename}" "@${filename}"
done
diff --git a/app/config/secrets/.gitignore b/app/config/secrets/.gitignore
index 1d7b40b..2ff3cd5 100644
--- a/app/config/secrets/.gitignore
+++ b/app/config/secrets/.gitignore
@@ -5,6 +5,7 @@
# Whitelist some patterns
!*.sample
!*.gen
+!*.sh
!.gitignore
# Whitelist specific files
diff --git a/app/config/secrets/plume/pgsql_pw.sh b/app/config/secrets/plume/pgsql_pw.sh
new file mode 100755
index 0000000..519a30a
--- /dev/null
+++ b/app/config/secrets/plume/pgsql_pw.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+openssl rand -base64 32 > pgsql_pw
diff --git a/app/config/secrets/plume/secret_key.sh b/app/config/secrets/plume/secret_key.sh
new file mode 100755
index 0000000..f4bbee5
--- /dev/null
+++ b/app/config/secrets/plume/secret_key.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+openssl rand -base64 32 > secret_key
diff --git a/app/deployment/plume.hcl b/app/deployment/plume.hcl
new file mode 100644
index 0000000..89afcf5
--- /dev/null
+++ b/app/deployment/plume.hcl
@@ -0,0 +1,71 @@
+job "plume" {
+ datacenters = ["dc1"]
+ type = "service"
+
+ constraint {
+ attribute = "${attr.cpu.arch}"
+ value = "amd64"
+ }
+
+ group "plume" {
+ count = 1
+ task "plume" {
+ driver = "docker"
+ config {
+ image = "plumeorg/plume:v0.5.0"
+ port_map {
+ web_port = 7878
+ }
+ #command = "cat"
+ #args = [ "/dev/stdout" ]
+ volumes = [
+ "/mnt/glusterfs/plume/media:/app/static/media",
+ "/mnt/glusterfs/plume/search:/app/search_index"
+ ]
+ }
+
+ artifact {
+ source = "http://127.0.0.1:8500/v1/kv/configuration/plume/app.env?raw"
+ destination = "secrets/app.env.tpl"
+ mode = "file"
+ }
+ template {
+ source = "secrets/app.env.tpl"
+ destination = "secrets/app.env"
+ env = true
+ }
+
+ resources {
+ memory = 100
+ cpu = 100
+ network {
+ port "web_port" {}
+ }
+ }
+
+ service {
+ name = "plume"
+ tags = [
+ "plume",
+ "traefik.enable=true",
+ "traefik.frontend.entryPoints=https,http",
+ "traefik.frontend.rule=Host:plume.deuxfleurs.fr",
+ ]
+ port = "web_port"
+ address_mode = "host"
+ check {
+ type = "tcp"
+ port = "web_port"
+ interval = "60s"
+ timeout = "5s"
+ check_restart {
+ limit = 3
+ grace = "600s"
+ ignore_warnings = false
+ }
+ }
+ }
+ }
+ }
+}
+