From f427bcf5645d92604be3994496bf44bd93f5c7e3 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Wed, 1 Jul 2020 18:44:27 +0200 Subject: Rename chat to im because of a nomad bug --- nomad/chat.hcl | 361 --------------------------------------------------------- nomad/im.hcl | 361 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 361 insertions(+), 361 deletions(-) delete mode 100644 nomad/chat.hcl create mode 100644 nomad/im.hcl diff --git a/nomad/chat.hcl b/nomad/chat.hcl deleted file mode 100644 index 3d9434d..0000000 --- a/nomad/chat.hcl +++ /dev/null @@ -1,361 +0,0 @@ -job "chat" { - datacenters = ["dc1"] - type = "service" - - group "matrix" { - count = 1 - task "synapse" { - driver = "docker" - - config { - image = "superboum/amd64_synapse:v29" - readonly_rootfs = true - port_map { - client_port = 8008 - federation_port = 8448 - } - command = "python" - args = [ - "-m", "synapse.app.homeserver", - "-n", - "-c", "/etc/matrix-synapse/homeserver.yaml" - ] - volumes = [ - "secrets/conf:/etc/matrix-synapse", - "/mnt/glusterfs/chat/matrix/synapse/media:/var/lib/matrix-synapse/media", - "/mnt/glusterfs/chat/matrix/synapse/uploads:/var/lib/matrix-synapse/uploads", - "/tmp/synapse-logs:/var/log/matrix-synapse", - "/tmp/synapse:/tmp" - ] - } - - artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw" - destination = "secrets/tpl/homeserver.yaml.tpl" - mode = "file" - } - template { - source = "secrets/tpl/homeserver.yaml.tpl" - destination = "secrets/conf/homeserver.yaml" - } - - artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/easybridge/registration.yaml.tpl?raw" - destination = "secrets/tpl/easybridge_registration.yaml.tpl" - mode = "file" - } - template { - source = "secrets/tpl/easybridge_registration.yaml.tpl" - destination = "secrets/conf/easybridge_registration.yaml" - } - - artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/registration.yaml?raw" - destination = "secrets/tpl/fb2mx_registration.yaml.tpl" - mode = "file" - } - template { - source = "secrets/tpl/fb2mx_registration.yaml.tpl" - destination = "secrets/conf/fb2mx_registration.yaml" - } - - template { - data = "{{ key \"configuration/chat/synapse/log.yaml\" }}" - destination = "secrets/conf/log.yaml" - } - template { - data = "{{ key \"configuration/chat/synapse/conf.d/server_name.yaml\" }}" - destination = "secrets/conf/server_name.yaml" - } - template { - data = "{{ key \"configuration/chat/synapse/conf.d/report_stats.yaml\" }}" - destination = "secrets/conf/report_stats.yaml" - } - template { - data = "{{ key \"secrets/chat/synapse/homeserver.tls.crt\" }}" - destination = "secrets/conf/homeserver.tls.crt" - } - template { - data = "{{ key \"secrets/chat/synapse/homeserver.tls.dh\" }}" - destination = "secrets/conf/homeserver.tls.dh" - } - template { - data = "{{ key \"secrets/chat/synapse/homeserver.tls.key\" }}" - destination = "secrets/conf/homeserver.tls.key" - } - template { - data = "{{ key \"secrets/chat/synapse/homeserver.signing.key\" }}" - destination = "secrets/conf/homeserver.signing.key" - } - - env { - SYNAPSE_CACHE_FACTOR = 1 - } - - resources { - cpu = 1000 - memory = 4000 - network { - port "client_port" { } - port "federation_port" { } - } - } - - service { - name = "synapse-client" - port = "client_port" - address_mode = "host" - tags = [ - "matrix", - "traefik.enable=true", - "traefik.frontend.entryPoints=https", - "traefik.frontend.rule=Host:im.deuxfleurs.fr;PathPrefix:/_matrix", - "traefik.frontend.headers.customResponseHeaders=Access-Control-Allow-Origin: *", - "traefik.frontend.priority=100" - ] - check { - type = "tcp" - port = "client_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - - service { - name = "synapse-federation" - port = "federation_port" - address_mode = "host" - tags = [ - "matrix", - "traefik.enable=true", - "traefik.frontend.entryPoints=https", - "traefik.frontend.rule=Host:deuxfleurs.fr;PathPrefix:/_matrix", - "traefik.frontend.priority=100" - ] - } - - } - } - - group "easybridge" { - count = 1 - task "easybridge" { - driver = "docker" - config { - image = "lxpz/easybridge_amd64:27" - port_map { - api_port = 8321 - web_port = 8281 - } - volumes = [ - "secrets/conf:/data" - ] - args = [ "./easybridge", "-config", "/data/config.json" ] - } - - artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/easybridge/registration.yaml.tpl?raw" - destination = "secrets/tpl/registration.yaml.tpl" - mode = "file" - } - template { - source = "secrets/tpl/registration.yaml.tpl" - destination = "secrets/conf/registration.yaml" - } - - artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/easybridge/config.json.tpl?raw" - destination = "secrets/tpl/config.json.tpl" - mode = "file" - } - template { - source = "secrets/tpl/config.json.tpl" - destination = "secrets/conf/config.json" - } - - resources { - memory = 500 - cpu = 1000 - network { - port "api_port" { - static = "8321" - } - port "web_port" {} - } - } - - service { - name = "easybridge-api" - tags = ["easybridge-api"] - port = "api_port" - address_mode = "host" - check { - type = "tcp" - port = "api_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - - service { - name = "easybridge-web" - tags = [ - "easybridge-web", - "traefik.enable=true", - "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:easybridge.deuxfleurs.fr", - ] - port = "web_port" - address_mode = "host" - check { - type = "tcp" - port = "web_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - } - } - - - group "riotweb" { - count = 1 - - task "server" { - driver = "docker" - config { - image = "superboum/amd64_riotweb:v11" - port_map { - web_port = 8043 - } - volumes = [ - "secrets/config.json:/srv/http/config.json" - ] - } - - template { - data = "{{ key \"configuration/chat/riot_web/config.json\" }}" - destination = "secrets/config.json" - } - - resources { - memory = 21 - network { - port "web_port" {} - } - } - - service { - tags = [ - "webstatic", - "traefik.enable=true", - "traefik.frontend.entryPoints=https", - "traefik.frontend.rule=Host:im.deuxfleurs.fr,riot.deuxfleurs.fr;PathPrefix:/", - "traefik.frontend.priority=10" - ] - port = "web_port" - address_mode = "host" - name = "webstatic" - check { - type = "tcp" - port = "web_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - } - } - -/* - group "turn_stun" { - count=1 - task "coturn" { - driver = "docker" - config { - image = "registry.gitlab.com/superboum/ankh-morpork/amd64_coturn:v1" - port_map { - main_port = 3478 - alt_port = 3479 - } - command = "/usr/bin/turnserver" - args = [ - "-X", "82.253.205.190", - "-v", - "-f", - "-a" - ] - volumes = [ - "secrets/turnserver.conf:/etc/turnserver.conf" - ] - } - - artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/coturn/turnserver.conf.tpl?raw" - destination = "secrets/turnserver.conf.tpl" - mode = "file" - } - - template { - source = "secrets/turnserver.conf.tpl" - destination = "secrets/turnserver.conf" - } - - resources { - memory = 50 - network { - port "main_port" { - static = "3478" - } - port "alt_port" { - static = "3479" - } - } - } - - service { - tags = [ - "coturn", - "matrix" - ] - port = "main_port" - address_mode = "host" - name = "coturn" - check { - type = "tcp" - port = "main_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - - } - } -*/ - -} - diff --git a/nomad/im.hcl b/nomad/im.hcl new file mode 100644 index 0000000..f738edb --- /dev/null +++ b/nomad/im.hcl @@ -0,0 +1,361 @@ +job "im" { + datacenters = ["dc1"] + type = "service" + + group "matrix" { + count = 1 + task "synapse" { + driver = "docker" + + config { + image = "superboum/amd64_synapse:v29" + readonly_rootfs = true + port_map { + client_port = 8008 + federation_port = 8448 + } + command = "python" + args = [ + "-m", "synapse.app.homeserver", + "-n", + "-c", "/etc/matrix-synapse/homeserver.yaml" + ] + volumes = [ + "secrets/conf:/etc/matrix-synapse", + "/mnt/glusterfs/chat/matrix/synapse/media:/var/lib/matrix-synapse/media", + "/mnt/glusterfs/chat/matrix/synapse/uploads:/var/lib/matrix-synapse/uploads", + "/tmp/synapse-logs:/var/log/matrix-synapse", + "/tmp/synapse:/tmp" + ] + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw" + destination = "secrets/tpl/homeserver.yaml.tpl" + mode = "file" + } + template { + source = "secrets/tpl/homeserver.yaml.tpl" + destination = "secrets/conf/homeserver.yaml" + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/easybridge/registration.yaml.tpl?raw" + destination = "secrets/tpl/easybridge_registration.yaml.tpl" + mode = "file" + } + template { + source = "secrets/tpl/easybridge_registration.yaml.tpl" + destination = "secrets/conf/easybridge_registration.yaml" + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/registration.yaml?raw" + destination = "secrets/tpl/fb2mx_registration.yaml.tpl" + mode = "file" + } + template { + source = "secrets/tpl/fb2mx_registration.yaml.tpl" + destination = "secrets/conf/fb2mx_registration.yaml" + } + + template { + data = "{{ key \"configuration/chat/synapse/log.yaml\" }}" + destination = "secrets/conf/log.yaml" + } + template { + data = "{{ key \"configuration/chat/synapse/conf.d/server_name.yaml\" }}" + destination = "secrets/conf/server_name.yaml" + } + template { + data = "{{ key \"configuration/chat/synapse/conf.d/report_stats.yaml\" }}" + destination = "secrets/conf/report_stats.yaml" + } + template { + data = "{{ key \"secrets/chat/synapse/homeserver.tls.crt\" }}" + destination = "secrets/conf/homeserver.tls.crt" + } + template { + data = "{{ key \"secrets/chat/synapse/homeserver.tls.dh\" }}" + destination = "secrets/conf/homeserver.tls.dh" + } + template { + data = "{{ key \"secrets/chat/synapse/homeserver.tls.key\" }}" + destination = "secrets/conf/homeserver.tls.key" + } + template { + data = "{{ key \"secrets/chat/synapse/homeserver.signing.key\" }}" + destination = "secrets/conf/homeserver.signing.key" + } + + env { + SYNAPSE_CACHE_FACTOR = 1 + } + + resources { + cpu = 1000 + memory = 4000 + network { + port "client_port" { } + port "federation_port" { } + } + } + + service { + name = "synapse-client" + port = "client_port" + address_mode = "host" + tags = [ + "matrix", + "traefik.enable=true", + "traefik.frontend.entryPoints=https", + "traefik.frontend.rule=Host:im.deuxfleurs.fr;PathPrefix:/_matrix", + "traefik.frontend.headers.customResponseHeaders=Access-Control-Allow-Origin: *", + "traefik.frontend.priority=100" + ] + check { + type = "tcp" + port = "client_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + + service { + name = "synapse-federation" + port = "federation_port" + address_mode = "host" + tags = [ + "matrix", + "traefik.enable=true", + "traefik.frontend.entryPoints=https", + "traefik.frontend.rule=Host:deuxfleurs.fr;PathPrefix:/_matrix", + "traefik.frontend.priority=100" + ] + } + + } + } + + group "easybridge" { + count = 1 + task "easybridge" { + driver = "docker" + config { + image = "lxpz/easybridge_amd64:27" + port_map { + api_port = 8321 + web_port = 8281 + } + volumes = [ + "secrets/conf:/data" + ] + args = [ "./easybridge", "-config", "/data/config.json" ] + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/easybridge/registration.yaml.tpl?raw" + destination = "secrets/tpl/registration.yaml.tpl" + mode = "file" + } + template { + source = "secrets/tpl/registration.yaml.tpl" + destination = "secrets/conf/registration.yaml" + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/easybridge/config.json.tpl?raw" + destination = "secrets/tpl/config.json.tpl" + mode = "file" + } + template { + source = "secrets/tpl/config.json.tpl" + destination = "secrets/conf/config.json" + } + + resources { + memory = 500 + cpu = 1000 + network { + port "api_port" { + static = "8321" + } + port "web_port" {} + } + } + + service { + name = "easybridge-api" + tags = ["easybridge-api"] + port = "api_port" + address_mode = "host" + check { + type = "tcp" + port = "api_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + + service { + name = "easybridge-web" + tags = [ + "easybridge-web", + "traefik.enable=true", + "traefik.frontend.entryPoints=https,http", + "traefik.frontend.rule=Host:easybridge.deuxfleurs.fr", + ] + port = "web_port" + address_mode = "host" + check { + type = "tcp" + port = "web_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + } + + + group "riotweb" { + count = 1 + + task "server" { + driver = "docker" + config { + image = "superboum/amd64_riotweb:v11" + port_map { + web_port = 8043 + } + volumes = [ + "secrets/config.json:/srv/http/config.json" + ] + } + + template { + data = "{{ key \"configuration/chat/riot_web/config.json\" }}" + destination = "secrets/config.json" + } + + resources { + memory = 21 + network { + port "web_port" {} + } + } + + service { + tags = [ + "webstatic", + "traefik.enable=true", + "traefik.frontend.entryPoints=https", + "traefik.frontend.rule=Host:im.deuxfleurs.fr,riot.deuxfleurs.fr;PathPrefix:/", + "traefik.frontend.priority=10" + ] + port = "web_port" + address_mode = "host" + name = "webstatic" + check { + type = "tcp" + port = "web_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + } + +/* + group "turn_stun" { + count=1 + task "coturn" { + driver = "docker" + config { + image = "registry.gitlab.com/superboum/ankh-morpork/amd64_coturn:v1" + port_map { + main_port = 3478 + alt_port = 3479 + } + command = "/usr/bin/turnserver" + args = [ + "-X", "82.253.205.190", + "-v", + "-f", + "-a" + ] + volumes = [ + "secrets/turnserver.conf:/etc/turnserver.conf" + ] + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/coturn/turnserver.conf.tpl?raw" + destination = "secrets/turnserver.conf.tpl" + mode = "file" + } + + template { + source = "secrets/turnserver.conf.tpl" + destination = "secrets/turnserver.conf" + } + + resources { + memory = 50 + network { + port "main_port" { + static = "3478" + } + port "alt_port" { + static = "3479" + } + } + } + + service { + tags = [ + "coturn", + "matrix" + ] + port = "main_port" + address_mode = "host" + name = "coturn" + check { + type = "tcp" + port = "main_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + + } + } +*/ + +} + -- cgit v1.2.3