diff options
author | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
commit | 2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch) | |
tree | 0ad148f75f7b54dfed2dbac8f43f6df9badc502a /app/im/deploy/im.hcl | |
parent | 9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff) | |
download | nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip |
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'app/im/deploy/im.hcl')
-rw-r--r-- | app/im/deploy/im.hcl | 165 |
1 files changed, 0 insertions, 165 deletions
diff --git a/app/im/deploy/im.hcl b/app/im/deploy/im.hcl deleted file mode 100644 index c60b095..0000000 --- a/app/im/deploy/im.hcl +++ /dev/null @@ -1,165 +0,0 @@ -job "im" { - datacenters = ["neptune"] - type = "service" - - group "synapse" { - count = 1 - - network { - port "http" { - to = 8008 - } - } - - ephemeral_disk { - size = 10000 - } - - restart { - attempts = 10 - delay = "30s" - } - - task "restore-db" { - lifecycle { - hook = "prestart" - sidecar = false - } - - driver = "docker" - config { - image = "litestream/litestream:0.3.7" - args = [ - "restore", "-config", "/etc/litestream.yml", "/ephemeral/homeserver.db" - ] - volumes = [ - "../alloc/data:/ephemeral", - "secrets/litestream.yml:/etc/litestream.yml" - ] - } - - template { - data = file("../config/litestream.yml") - destination = "secrets/litestream.yml" - } - - resources { - memory = 200 - cpu = 1000 - } - } - - task "synapse" { - driver = "docker" - config { - image = "lxpz/amd64_synapse:1.49.2-4" - ports = [ "http" ] - - command = "python" - args = [ - "-m", "synapse.app.homeserver", - "-n", - "-c", "/etc/matrix-synapse/homeserver.yaml" - ] - - volumes = [ - "secrets:/etc/matrix-synapse", - "../alloc/data:/ephemeral", - ] - } - - template { - data = file("../config/homeserver.yaml") - destination = "secrets/homeserver.yaml" - } - - template { - data = file("../config/synapse.log.config.yaml") - destination = "secrets/synapse.log.config.yaml" - } - - template { - data = "{{ key \"secrets/synapse/signing_key\" }}" - destination = "secrets/signing_key" - } - - resources { - memory = 2000 - cpu = 1000 - } - - service { - port = "http" - tags = [ - "tricot matrix.home.adnab.me 100", - "tricot matrix.home.adnab.me:443 100", - "tricot-add-header Access-Control-Allow-Origin *", - ] - check { - type = "http" - path = "/" - interval = "10s" - timeout = "2s" - } - } - } - - task "media-async-upload" { - driver = "docker" - - config { - image = "lxpz/amd64_synapse:1.49.2-4" - readonly_rootfs = true - command = "/usr/local/bin/matrix-s3-async-sqlite" - work_dir = "/ephemeral" - volumes = [ - "../alloc/data:/ephemeral", - ] - } - - resources { - cpu = 100 - memory = 100 - } - - template { - data = <<EOH -SYNAPSE_SQLITE_DB=/ephemeral/homeserver.db -SYNAPSE_MEDIA_STORE=/ephemeral/media_store -SYNAPSE_MEDIA_S3_BUCKET=synapse-data -AWS_ACCESS_KEY_ID={{ key "secrets/synapse/s3_access_key" | trimSpace }} -AWS_SECRET_ACCESS_KEY={{ key "secrets/synapse/s3_secret_key" | trimSpace }} -AWS_DEFAULT_REGION=garage-staging -S3_ENDPOINT=http://{{ env "attr.unique.network.ip-address" }}:3990 - -EOH - destination = "secrets/env" - env = true - } - } - - task "replicate-db" { - driver = "docker" - config { - image = "litestream/litestream:0.3.7" - args = [ - "replicate", "-config", "/etc/litestream.yml" - ] - volumes = [ - "../alloc/data:/ephemeral", - "secrets/litestream.yml:/etc/litestream.yml" - ] - } - - template { - data = file("../config/litestream.yml") - destination = "secrets/litestream.yml" - } - - resources { - memory = 250 - cpu = 100 - } - } - } -} |