diff --git a/2-nomad-config/traefik.nomad.hcl b/2-nomad-config/traefik.nomad.hcl index b9ef628..a37e8ff 100644 --- a/2-nomad-config/traefik.nomad.hcl +++ b/2-nomad-config/traefik.nomad.hcl @@ -1,5 +1,7 @@ job "traefik" { group "traefik" { + count = 2 + network { mode = "bridge" port "http" { @@ -40,12 +42,6 @@ job "traefik" { } } - volume "traefik" { - type = "host" - read_only = false - source = "traefik" - } - task "traefik" { driver = "docker" @@ -60,7 +56,7 @@ job "traefik" { } volume_mount { - volume = "traefik" + volume = "unraid_appdata_traefik" destination = "/opt/traefik" read_only = false } @@ -221,6 +217,18 @@ EOF } } + volume "unraid_appdata_traefik" { + type = "csi" + read_only = false + source = "unraid_appdata_traefik" + access_mode = "multi-node-multi-writer" + attachment_mode = "file-system" + + mount_options { + mount_flags = ["uid=1000", "gid=1000"] + } + } + task "cloudflared" { driver = "docker" diff --git a/2-nomad-config/traefik.tf b/2-nomad-config/traefik.tf index 5c2566e..66d4a57 100644 --- a/2-nomad-config/traefik.tf +++ b/2-nomad-config/traefik.tf @@ -31,3 +31,29 @@ resource "nomad_job" "traefik" { hass_magic_token = nonsensitive(data.sops_file.secrets.data["hass.magic-token"]) }) } + +resource "nomad_csi_volume_registration" "unraid_appdata_traefik" { + #Note: Before chaning the definition of this volume you need to stop the jobs that are using it + depends_on = [data.nomad_plugin.smb] + plugin_id = "smb" + + volume_id = "unraid_appdata_traefik" + name = "unraid_appdata_traefik" + + external_id = "unraid_appdata_traefik" + + capability { + access_mode = "multi-node-multi-writer" + attachment_mode = "file-system" + } + + context = { + source = "//192.168.1.192/appdata" + subDir = "traefik" # Note: Needs to be manually created on the share + } + + secrets = { + "username" = "nomad" + "password" = data.sops_file.secrets.data["unraid.nomad"] + } +}