diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-10-18 22:09:55 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-10-18 22:09:55 +0200 |
| commit | 859813440c23982c75fd1f27f3469aa9e9794368 (patch) | |
| tree | facb7fad70be8a0f9d586e529b34575b847ba1c5 | |
| parent | 4584b396399efb7b2807ae7f216a51a78cbab66b (diff) | |
| download | nixcfg-859813440c23982c75fd1f27f3469aa9e9794368.tar.gz nixcfg-859813440c23982c75fd1f27f3469aa9e9794368.zip | |
Automatic garage node discover on staging through consul
| -rw-r--r-- | cluster/staging/app/garage/config/garage.toml | 11 | ||||
| -rw-r--r-- | cluster/staging/app/garage/deploy/garage.hcl | 26 | ||||
| -rw-r--r-- | cluster/staging/cluster.nix | 3 |
3 files changed, 38 insertions, 2 deletions
diff --git a/cluster/staging/app/garage/config/garage.toml b/cluster/staging/app/garage/config/garage.toml index 1cb3c6f..3686338 100644 --- a/cluster/staging/app/garage/config/garage.toml +++ b/cluster/staging/app/garage/config/garage.toml @@ -6,7 +6,8 @@ db_engine = "lmdb" replication_mode = "3" -rpc_bind_addr = "0.0.0.0:3991" +rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3991" +rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3991" rpc_secret = "{{ key "secrets/garage-staging/rpc_secret" | trimSpace }}" #consul_host = "localhost:8500" @@ -14,6 +15,14 @@ rpc_secret = "{{ key "secrets/garage-staging/rpc_secret" | trimSpace }}" bootstrap_peers = [] +[consul_discovery] +consul_http_addr = "https://consul.service.staging.consul:8501" +service_name = "garage-staging-discovery" +ca_cert = "/etc/garage/consul-ca.crt" +client_cert = "/etc/garage/consul-client.crt" +client_key = "/etc/garage/consul-client.key" +tls_skip_verify = true + [s3_api] s3_region = "garage-staging" api_bind_addr = "0.0.0.0:3990" diff --git a/cluster/staging/app/garage/deploy/garage.hcl b/cluster/staging/app/garage/deploy/garage.hcl index 55f8d75..77d5092 100644 --- a/cluster/staging/app/garage/deploy/garage.hcl +++ b/cluster/staging/app/garage/deploy/garage.hcl @@ -60,7 +60,7 @@ job "garage-staging" { driver = "docker" config { - image = "dxflrs/amd64_garage:e89f8806949f4b389f8848454e293b7b5ba6d91a" + image = "dxflrs/amd64_garage:8bc5caf7aa9bc0e27b741c68113cb7fdde2d54e6" command = "/garage" args = [ "server" ] network_mode = "host" @@ -68,6 +68,7 @@ job "garage-staging" { "/mnt/storage/garage-staging/data:/data", "/mnt/ssd/garage-staging/meta:/meta", "secrets/garage.toml:/etc/garage.toml", + "secrets:/etc/garage", ] } @@ -76,6 +77,29 @@ job "garage-staging" { destination = "secrets/garage.toml" } + template { + data = "{{ key \"secrets/consul/consul-ca.crt\" }}" + destination = "secrets/consul-ca.crt" + } + + template { + data = "{{ key \"secrets/consul/consul-client.crt\" }}" + destination = "secrets/consul-client.crt" + } + + template { + data = "{{ key \"secrets/consul/consul-client.key\" }}" + destination = "secrets/consul-client.key" + } + + template { + data = <<EOH +RUST_LOG=garage=debug +EOH + destination = "secrets/env" + env = true + } + resources { memory = 2000 memory_max = 3000 diff --git a/cluster/staging/cluster.nix b/cluster/staging/cluster.nix index 8dcff1b..15e0f04 100644 --- a/cluster/staging/cluster.nix +++ b/cluster/staging/cluster.nix @@ -62,4 +62,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFPTsEgcOtb2bij+Ih8eg8ZqO7d3IMiWykv6deMzlSSS kokakiwi@kira" ]; }; + + # For Garage ipv6 communication + networking.firewall.allowedTCPPorts = [ 3991 ]; } |