diff options
author | Quentin Dufour <quentin@deuxfleurs.fr> | 2020-09-21 16:29:49 +0200 |
---|---|---|
committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2020-09-21 16:29:49 +0200 |
commit | 9e4e2f7b99ab8816afcf51e9575d75ccf73fb23f (patch) | |
tree | 7219b5a11bec1ce2aa439aa463f414b2f4408184 /app | |
parent | 09fc30214da3febbf9c06a81bd52701f370be67e (diff) | |
download | infrastructure-9e4e2f7b99ab8816afcf51e9575d75ccf73fb23f.tar.gz infrastructure-9e4e2f7b99ab8816afcf51e9575d75ccf73fb23f.zip |
Add plume
Diffstat (limited to 'app')
-rwxr-xr-x | app/config/restore_configuration.sh | 2 | ||||
-rw-r--r-- | app/config/secrets/.gitignore | 1 | ||||
-rwxr-xr-x | app/config/secrets/plume/pgsql_pw.sh | 2 | ||||
-rwxr-xr-x | app/config/secrets/plume/secret_key.sh | 2 | ||||
-rw-r--r-- | app/deployment/plume.hcl | 71 |
5 files changed, 77 insertions, 1 deletions
diff --git a/app/config/restore_configuration.sh b/app/config/restore_configuration.sh index 33742e5..63d71a1 100755 --- a/app/config/restore_configuration.sh +++ b/app/config/restore_configuration.sh @@ -1,7 +1,7 @@ #!/bin/bash find {configuration,secrets}/$1 -type f \ - | grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \ + | grep --perl-regexp --invert-match "\.sample$|\.gen$|\.gitignore|\.sh$" \ | while read filename; do consul kv put "${filename}" "@${filename}" done diff --git a/app/config/secrets/.gitignore b/app/config/secrets/.gitignore index 1d7b40b..2ff3cd5 100644 --- a/app/config/secrets/.gitignore +++ b/app/config/secrets/.gitignore @@ -5,6 +5,7 @@ # Whitelist some patterns !*.sample !*.gen +!*.sh !.gitignore # Whitelist specific files diff --git a/app/config/secrets/plume/pgsql_pw.sh b/app/config/secrets/plume/pgsql_pw.sh new file mode 100755 index 0000000..519a30a --- /dev/null +++ b/app/config/secrets/plume/pgsql_pw.sh @@ -0,0 +1,2 @@ +#!/bin/bash +openssl rand -base64 32 > pgsql_pw diff --git a/app/config/secrets/plume/secret_key.sh b/app/config/secrets/plume/secret_key.sh new file mode 100755 index 0000000..f4bbee5 --- /dev/null +++ b/app/config/secrets/plume/secret_key.sh @@ -0,0 +1,2 @@ +#!/bin/bash +openssl rand -base64 32 > secret_key diff --git a/app/deployment/plume.hcl b/app/deployment/plume.hcl new file mode 100644 index 0000000..89afcf5 --- /dev/null +++ b/app/deployment/plume.hcl @@ -0,0 +1,71 @@ +job "plume" { + datacenters = ["dc1"] + type = "service" + + constraint { + attribute = "${attr.cpu.arch}" + value = "amd64" + } + + group "plume" { + count = 1 + task "plume" { + driver = "docker" + config { + image = "plumeorg/plume:v0.5.0" + port_map { + web_port = 7878 + } + #command = "cat" + #args = [ "/dev/stdout" ] + volumes = [ + "/mnt/glusterfs/plume/media:/app/static/media", + "/mnt/glusterfs/plume/search:/app/search_index" + ] + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/plume/app.env?raw" + destination = "secrets/app.env.tpl" + mode = "file" + } + template { + source = "secrets/app.env.tpl" + destination = "secrets/app.env" + env = true + } + + resources { + memory = 100 + cpu = 100 + network { + port "web_port" {} + } + } + + service { + name = "plume" + tags = [ + "plume", + "traefik.enable=true", + "traefik.frontend.entryPoints=https,http", + "traefik.frontend.rule=Host:plume.deuxfleurs.fr", + ] + port = "web_port" + address_mode = "host" + check { + type = "tcp" + port = "web_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "600s" + ignore_warnings = false + } + } + } + } + } +} + |