diff options
Diffstat (limited to 'cluster/prod/app/core/deploy/diplonat.hcl')
-rw-r--r-- | cluster/prod/app/core/deploy/diplonat.hcl | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/cluster/prod/app/core/deploy/diplonat.hcl b/cluster/prod/app/core/deploy/diplonat.hcl new file mode 100644 index 0000000..bf56fd5 --- /dev/null +++ b/cluster/prod/app/core/deploy/diplonat.hcl @@ -0,0 +1,68 @@ +job "core:diplonat" { + datacenters = ["orion", "neptune", "scorpio"] + type = "system" + priority = 90 + + update { + max_parallel = 2 + stagger = "1m" + } + + group "diplonat" { + task "diplonat" { + driver = "docker" + + config { + image = "lxpz/amd64_diplonat:6" + network_mode = "host" + readonly_rootfs = true + privileged = true + volumes = [ + "secrets:/etc/diplonat", + ] + } + + restart { + interval = "5m" + attempts = 10 + delay = "15s" + mode = "delay" + } + + template { + data = "{{ key \"secrets/consul/consul.crt\" }}" + destination = "secrets/consul.crt" + } + + template { + data = "{{ key \"secrets/consul/consul-client.crt\" }}" + destination = "secrets/consul-client.crt" + } + + template { + data = "{{ key \"secrets/consul/consul-client.key\" }}" + destination = "secrets/consul-client.key" + } + + template { + data = <<EOH +DIPLONAT_REFRESH_TIME=60 +DIPLONAT_EXPIRATION_TIME=300 +DIPLONAT_CONSUL_NODE_NAME={{ env "attr.unique.hostname" }} +DIPLONAT_CONSUL_URL=https://consul.service.prod.consul:8501 +DIPLONAT_CONSUL_TLS_SKIP_VERIFY=true +DIPLONAT_CONSUL_CLIENT_CERT=/etc/diplonat/consul-client.crt +DIPLONAT_CONSUL_CLIENT_KEY=/etc/diplonat/consul-client.key +RUST_LOG=debug +EOH + destination = "secrets/env" + env = true + } + + resources { + memory = 100 + memory_max = 200 + } + } + } +} |