Adrian Cowan
837cfdae68
it was orignally only working over tailscale, but it turned out it was just being blocked by the host firewall, that tailscale was bypassing. This was fixed back in the initial commit using nix by setting networking.firewall.allowedTCPPorts to include 4646.
82 lines
1.5 KiB
HCL
82 lines
1.5 KiB
HCL
provider "nomad" {
|
|
address = "http://jaglan-beta-m01:4646"
|
|
}
|
|
|
|
terraform {
|
|
backend "local" {
|
|
path = "./.tfstate/terraform.tfstate"
|
|
}
|
|
}
|
|
|
|
terraform {
|
|
required_providers {
|
|
sops = {
|
|
source = "carlpett/sops"
|
|
version = "~> 0.5"
|
|
}
|
|
}
|
|
}
|
|
|
|
data "sops_file" "secrets" {
|
|
source_file = "secrets.enc.json"
|
|
}
|
|
|
|
// Networking
|
|
|
|
resource "nomad_job" "traefik" {
|
|
jobspec = file("traefik.nomad.hcl")
|
|
}
|
|
|
|
// Authentication
|
|
|
|
resource "nomad_job" "authelia" {
|
|
jobspec = file("authelia.nomad.hcl")
|
|
}
|
|
|
|
// Data
|
|
|
|
resource "nomad_job" "csi-smb" {
|
|
jobspec = file("csi-smb.nomad.hcl")
|
|
}
|
|
|
|
data "nomad_plugin" "smb" {
|
|
plugin_id = "smb"
|
|
wait_for_healthy = true
|
|
}
|
|
|
|
resource "nomad_job" "postgres" {
|
|
jobspec = file("postgres.nomad.hcl")
|
|
}
|
|
|
|
resource "nomad_job" "pgadmin" {
|
|
jobspec = file("pgadmin.nomad.hcl")
|
|
}
|
|
|
|
resource "nomad_job" "pgbackup" {
|
|
jobspec = file("pgbackup.nomad.hcl")
|
|
}
|
|
|
|
resource "nomad_csi_volume_registration" "unraid_database_dump" {
|
|
#Note: Before chaning the definition of this volume you need to stop the jobs that are using it
|
|
depends_on = [data.nomad_plugin.smb]
|
|
plugin_id = "smb"
|
|
|
|
volume_id = "unraid_database_dump"
|
|
name = "unraid_database_dump"
|
|
|
|
external_id = "unraid_database_dump"
|
|
|
|
capability {
|
|
access_mode = "single-node-writer"
|
|
attachment_mode = "file-system"
|
|
}
|
|
|
|
context = {
|
|
source = "//192.168.1.192/database-dump"
|
|
}
|
|
|
|
secrets = {
|
|
"username" = "nomad"
|
|
"password" = data.sops_file.secrets.data["unraid.nomad"]
|
|
}
|
|
} |