aboutsummaryrefslogtreecommitdiff
path: root/app/frontend/deploy
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
committerAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
commit2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch)
tree0ad148f75f7b54dfed2dbac8f43f6df9badc502a /app/frontend/deploy
parent9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff)
downloadnixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz
nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'app/frontend/deploy')
-rw-r--r--app/frontend/deploy/frontend-tricot-prod.hcl90
-rw-r--r--app/frontend/deploy/frontend-tricot.hcl89
2 files changed, 0 insertions, 179 deletions
diff --git a/app/frontend/deploy/frontend-tricot-prod.hcl b/app/frontend/deploy/frontend-tricot-prod.hcl
deleted file mode 100644
index 804345b..0000000
--- a/app/frontend/deploy/frontend-tricot-prod.hcl
+++ /dev/null
@@ -1,90 +0,0 @@
-job "frontend" {
- datacenters = ["neptune"]
- type = "service"
- priority = 90
-
- group "tricot" {
- # Temporarily pin to single machine, remove this later
- constraint {
- attribute = "${attr.unique.hostname}"
- value = "courgette"
- }
-
- network {
- port "http_port" { static = 80 }
- port "https_port" { static = 443 }
- }
-
- task "server" {
- driver = "docker"
-
- config {
- image = "lxpz/amd64_tricot:41"
- network_mode = "host"
- readonly_rootfs = true
- ports = [ "http_port", "https_port" ]
- volumes = [
- "secrets:/etc/tricot",
- ]
- }
-
- resources {
- cpu = 2000
- memory = 200
- }
-
- restart {
- interval = "30m"
- attempts = 2
- delay = "15s"
- mode = "delay"
- }
-
- template {
- data = "{{ key \"secrets/consul/consul-ca.crt\" }}"
- destination = "secrets/consul-ca.crt"
- }
-
- template {
- data = "{{ key \"secrets/consul/consul-client.crt\" }}"
- destination = "secrets/consul-client.crt"
- }
-
- template {
- data = "{{ key \"secrets/consul/consul-client.key\" }}"
- destination = "secrets/consul-client.key"
- }
-
- template {
- data = <<EOH
-TRICOT_NODE_NAME={{ env "attr.unique.consul.name" }}
-TRICOT_LETSENCRYPT_EMAIL=alex@adnab.me
-TRICOT_ENABLE_COMPRESSION=true
-TRICOT_CONSUL_HOST=https://localhost:8501
-TRICOT_CONSUL_CA_CERT=/etc/tricot/consul-ca.crt
-TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt
-TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key
-TRICOT_HTTP_BIND_ADDR=[::]:80
-TRICOT_HTTPS_BIND_ADDR=[::]:443
-RUST_LOG=tricot=debug
-EOH
- destination = "secrets/env"
- env = true
- }
-
- service {
- name = "tricot-http"
- port = "http_port"
- tags = [ "(diplonat (tcp_port 80))" ]
- address_mode = "host"
- }
-
- service {
- name = "tricot-https"
- port = "https_port"
- tags = [ "(diplonat (tcp_port 443))" ]
- address_mode = "host"
- }
- }
- }
-}
diff --git a/app/frontend/deploy/frontend-tricot.hcl b/app/frontend/deploy/frontend-tricot.hcl
deleted file mode 100644
index 745e77c..0000000
--- a/app/frontend/deploy/frontend-tricot.hcl
+++ /dev/null
@@ -1,89 +0,0 @@
-job "frontend" {
- datacenters = ["neptune"]
- type = "service"
- priority = 90
-
- group "tricot" {
- constraint {
- attribute = "${attr.unique.hostname}"
- value = "caribou"
- }
-
- network {
- port "http_port" { static = 80 }
- port "https_port" { static = 443 }
- }
-
- task "server" {
- driver = "docker"
-
- config {
- image = "lxpz/amd64_tricot:41"
- network_mode = "host"
- readonly_rootfs = true
- ports = [ "http_port", "https_port" ]
- volumes = [
- "secrets:/etc/tricot",
- ]
- }
-
- resources {
- cpu = 2000
- memory = 200
- }
-
- restart {
- interval = "30m"
- attempts = 2
- delay = "15s"
- mode = "delay"
- }
-
- template {
- data = "{{ key \"secrets/consul/consul-ca.crt\" }}"
- destination = "secrets/consul-ca.crt"
- }
-
- template {
- data = "{{ key \"secrets/consul/consul-client.crt\" }}"
- destination = "secrets/consul-client.crt"
- }
-
- template {
- data = "{{ key \"secrets/consul/consul-client.key\" }}"
- destination = "secrets/consul-client.key"
- }
-
- template {
- data = <<EOH
-TRICOT_NODE_NAME={{ env "attr.unique.consul.name" }}
-TRICOT_LETSENCRYPT_EMAIL=alex@adnab.me
-TRICOT_ENABLE_COMPRESSION=true
-TRICOT_CONSUL_HOST=https://localhost:8501
-TRICOT_CONSUL_CA_CERT=/etc/tricot/consul-ca.crt
-TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt
-TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key
-TRICOT_HTTP_BIND_ADDR=[::]:80
-TRICOT_HTTPS_BIND_ADDR=[::]:443
-RUST_LOG=tricot=debug
-EOH
- destination = "secrets/env"
- env = true
- }
-
- service {
- name = "tricot-http"
- port = "http_port"
- /* tags = [ "(diplonat (tcp_port 80))" ] */
- address_mode = "host"
- }
-
- service {
- name = "tricot-https"
- port = "https_port"
- /* tags = [ "(diplonat (tcp_port 443))" ] */
- address_mode = "host"
- }
- }
- }
-}