aboutsummaryrefslogtreecommitdiff
path: root/app/garage/deploy/garage.hcl
blob: ab03e70ea4f8de28b037f1c8904286985da8c180 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
job "garage" {
  datacenters = ["dc1", "belair", "saturne"]
  type = "system"
  priority = 80

  constraint {
    attribute = "${attr.cpu.arch}"
    value     = "amd64"
  }

  group "garage" {
    network {
      port "s3" { static = 3900 }
      port "rpc" { static = 3901 }
      port "web" { static = 3902 }
    }

	update {
		max_parallel = 1
		min_healthy_time = "30s"
		healthy_deadline = "5m"
	}

    task "server" {
      driver = "docker"
      config {
        advertise_ipv6_address = true
        image = "lxpz/garage_amd64:v0.3.0.2"
        network_mode = "host"
        volumes = [
          "/mnt/storage/garage/data:/garage/data",
          "/mnt/ssd/garage/meta:/garage/meta",
          "secrets/garage.toml:/garage/config.toml",
          "secrets/garage-ca.crt:/garage/garage-ca.crt",
          "secrets/garage.crt:/garage/garage.crt",
          "secrets/garage.key:/garage/garage.key",
        ]
        logging {
          type = "journald"
        }
      }

      template {
        data = file("../config/garage.toml")
        destination = "secrets/garage.toml"
      }

      # --- secrets ---
      template {
        data = "{{ key \"secrets/garage/garage-ca.crt\" }}" 
        destination = "secrets/garage-ca.crt"
      }
      template {
        data = "{{ key \"secrets/garage/garage.crt\" }}" 
        destination = "secrets/garage.crt"
      }
      template {
        data = "{{ key \"secrets/garage/garage.key\" }}" 
        destination = "secrets/garage.key"
      }

      resources {
        memory = 800
        cpu = 1000
      }

      kill_signal = "SIGINT"
      kill_timeout = "20s"

      service {
        tags = [
          "garage_api",
          "traefik.enable=true",
          "traefik.frontend.entryPoints=https,http",
          "traefik.frontend.rule=Host:garage.deuxfleurs.fr"
        ]
        port = 3900
        address_mode = "driver"
        name = "garage-api"
        check {
          type = "tcp"
          port = 3900
          address_mode = "driver"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }

      service {
        tags = ["garage-rpc"]
        port = 3901
        address_mode = "driver"
        name = "garage-rpc"
        check {
          type = "tcp"
          port = 3901
          address_mode = "driver"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }

      restart { 
        interval = "30m"  
        attempts = 10  
        delay    = "15s"  
        mode     = "delay"
      }
    }
  }
}