diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-12-01 16:04:47 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-12-01 16:04:47 +0100 |
| commit | 9d0a2d89143b7055ebddb240f1dfa73388589b90 (patch) | |
| tree | 1f31f2915526f82ae0a2050a774ce1cac44cd3de | |
| parent | e4684ae169fe5d57ce6460d8c836c8714ae1a25a (diff) | |
| download | nixcfg-9d0a2d89143b7055ebddb240f1dfa73388589b90.tar.gz nixcfg-9d0a2d89143b7055ebddb240f1dfa73388589b90.zip | |
Run Tricot as Nix flake instead of Docker image
| -rw-r--r-- | cluster/staging/app/frontend/deploy/frontend-tricot.hcl | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/cluster/staging/app/frontend/deploy/frontend-tricot.hcl b/cluster/staging/app/frontend/deploy/frontend-tricot.hcl index 745e77c..30ee599 100644 --- a/cluster/staging/app/frontend/deploy/frontend-tricot.hcl +++ b/cluster/staging/app/frontend/deploy/frontend-tricot.hcl @@ -15,17 +15,16 @@ job "frontend" { } task "server" { - driver = "docker" + driver = "nix2" config { - image = "lxpz/amd64_tricot:41" - network_mode = "host" - readonly_rootfs = true - ports = [ "http_port", "https_port" ] - volumes = [ - "secrets:/etc/tricot", + packages = [ + "git+https://git.deuxfleurs.fr/Deuxfleurs/tricot.git?ref=main&rev=0ae7f5fbd924a293dcd3f1b6b61fc3cc46bd3876" ] + command = "tricot" + # cap_add = [ "net_bind_service" ] # this doesn't work for whatever reason, so we need to put user = "root" instead } + user = "root" resources { cpu = 2000 @@ -41,17 +40,17 @@ job "frontend" { template { data = "{{ key \"secrets/consul/consul-ca.crt\" }}" - destination = "secrets/consul-ca.crt" + destination = "etc/tricot/consul-ca.crt" } template { data = "{{ key \"secrets/consul/consul-client.crt\" }}" - destination = "secrets/consul-client.crt" + destination = "etc/tricot/consul-client.crt" } template { data = "{{ key \"secrets/consul/consul-client.key\" }}" - destination = "secrets/consul-client.key" + destination = "etc/tricot/consul-client.key" } template { |