diff --git a/modules/dummy/jobspec.nomad.hcl b/modules/dummy/jobspec.nomad.hcl index 12dc396..3fa5979 100644 --- a/modules/dummy/jobspec.nomad.hcl +++ b/modules/dummy/jobspec.nomad.hcl @@ -1,8 +1,15 @@ job "hello-world" { - datacenters = ["dc1"] - group "servers" { - count = 1 + + network { + mode = "bridge" + port "www" { + to = 8001 + } + port "envoy_metrics" { + to = 9102 + } + } task "web" { driver = "docker" @@ -25,20 +32,30 @@ job "hello-world" { } } - network { - mode = "bridge" - port "www" { - to = 8001 - } - } - service { - port = "www" + port = 8001 provider = "consul" + connect { + sidecar_service { + proxy { + expose { + path { + path = "/metrics" + protocol = "http" + local_path_port = 9102 + listener_port = "envoy_metrics" + } + } + transparent_proxy {} + } + } + } + tags = [ "traefik.enable=true", "traefik.http.routers.web.rule=Host(`hello-world.brmartin.co.uk`)", + "traefik.consulcatalog.connect=true", ] } } diff --git a/modules/jayne-martin-counselling/jobspec.nomad.hcl b/modules/jayne-martin-counselling/jobspec.nomad.hcl index 78c1d28..e5e683a 100644 --- a/modules/jayne-martin-counselling/jobspec.nomad.hcl +++ b/modules/jayne-martin-counselling/jobspec.nomad.hcl @@ -50,41 +50,14 @@ job "jayne-martin-counselling" { } } } - } - } - group "webserver-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" tags = [ "traefik.enable=true", "traefik.http.routers.jmc.rule=Host(`www.jaynemartincounselling.co.uk`)", - "traefik.http.routers.jmc.entrypoints=websecure" + "traefik.http.routers.jmc.entrypoints=websecure", + "traefik.consulcatalog.connect=true", ] - - connect { - gateway { - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "jayne-martin-counselling-webserver" - hosts = ["*"] - } - } - } - } - } } } } diff --git a/modules/keycloak/jobspec.nomad.hcl b/modules/keycloak/jobspec.nomad.hcl index 3400232..1a9bc70 100644 --- a/modules/keycloak/jobspec.nomad.hcl +++ b/modules/keycloak/jobspec.nomad.hcl @@ -38,6 +38,14 @@ job "keycloak" { } } } + + tags = [ + "traefik.enable=true", + + "traefik.http.routers.keycloak.rule=Host(`sso.brmartin.co.uk`)", + "traefik.http.routers.keycloak.entrypoints=websecure", + "traefik.consulcatalog.connect=true", + ] } task "keycloak" { @@ -85,39 +93,4 @@ job "keycloak" { "service.name" = "keycloak" } } - - group "keycloak-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" - tags = [ - "traefik.enable=true", - - "traefik.http.routers.keycloak.rule=Host(`sso.brmartin.co.uk`)", - "traefik.http.routers.keycloak.entrypoints=websecure", - ] - - connect { - gateway { - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "keycloak-keycloak" - hosts = ["*"] - } - } - } - } - } - } - } } diff --git a/modules/matrix/jobspec.nomad.hcl b/modules/matrix/jobspec.nomad.hcl index c4d664b..e684425 100644 --- a/modules/matrix/jobspec.nomad.hcl +++ b/modules/matrix/jobspec.nomad.hcl @@ -51,6 +51,19 @@ job "matrix" { } } } + + tags = [ + "traefik.enable=true", + + "traefik.http.routers.synapse.rule=Host(`matrix.brmartin.co.uk`)", + "traefik.http.routers.synapse.entrypoints=websecure", + "traefik.http.routers.synapse.middlewares=synapseHeaders,synapseBuffering", + "traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowmethods=GET,POST,PUT,DELETE,OPTIONS", + "traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowheaders=Origin,X-Requested-With,Content-Type,Accept,Authorization", + "traefik.http.middlewares.synapseHeaders.headers.accesscontrolalloworiginlist=*", + "traefik.http.middlewares.synapseBuffering.buffering.maxRequestBodyBytes=1000000000", + "traefik.consulcatalog.connect=true", + ] } task "synapse" { @@ -320,6 +333,14 @@ job "matrix" { } } } + + tags = [ + "traefik.enable=true", + + "traefik.http.routers.mas.rule=Host(`mas.brmartin.co.uk`) || (Host(`matrix.brmartin.co.uk`) && PathRegexp(`^/_matrix/client/(.*)/(login|logout|refresh)`))", + "traefik.http.routers.mas.entrypoints=websecure", + "traefik.consulcatalog.connect=true", + ] } task "mas" { @@ -387,6 +408,17 @@ job "matrix" { } } } + + tags = [ + "traefik.enable=true", + + "traefik.http.routers.matrixWellKnown.rule=PathPrefix(`/.well-known/matrix`)", + "traefik.http.routers.matrixWellKnown.entrypoints=websecure", + "traefik.http.routers.matrixWellKnown.middlewares=matrixWellKnown", + "traefik.http.middlewares.matrixWellKnown.headers.accesscontrolalloworiginlist=*", + "traefik.consulcatalog.connect=true", + ] + } task "nginx" { @@ -463,123 +495,6 @@ job "matrix" { } } - group "synapse-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" - tags = [ - "traefik.enable=true", - - "traefik.http.routers.synapse.rule=Host(`matrix.brmartin.co.uk`)", - "traefik.http.routers.synapse.entrypoints=websecure", - "traefik.http.routers.synapse.middlewares=synapseHeaders,synapseBuffering", - "traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowmethods=GET,POST,PUT,DELETE,OPTIONS", - "traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowheaders=Origin,X-Requested-With,Content-Type,Accept,Authorization", - "traefik.http.middlewares.synapseHeaders.headers.accesscontrolalloworiginlist=*", - "traefik.http.middlewares.synapseBuffering.buffering.maxRequestBodyBytes=1000000000", - ] - - connect { - gateway { - proxy { - config { - local_idle_timeout_ms = 120000 - } - } - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "matrix-synapse" - hosts = ["*"] - } - } - } - } - } - } - } - - group "mas-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" - tags = [ - "traefik.enable=true", - - "traefik.http.routers.mas.rule=Host(`mas.brmartin.co.uk`) || (Host(`matrix.brmartin.co.uk`) && PathRegexp(`^/_matrix/client/(.*)/(login|logout|refresh)`))", - "traefik.http.routers.mas.entrypoints=websecure", - ] - - connect { - gateway { - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "matrix-mas" - hosts = ["*"] - } - } - } - } - } - } - } - - group "wellknown-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" - tags = [ - "traefik.enable=true", - - "traefik.http.routers.matrixWellKnown.rule=PathPrefix(`/.well-known/matrix`)", - "traefik.http.routers.matrixWellKnown.entrypoints=websecure", - "traefik.http.routers.matrixWellKnown.middlewares=matrixWellKnown", - "traefik.http.middlewares.matrixWellKnown.headers.accesscontrolalloworiginlist=*", - ] - - connect { - gateway { - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "matrix-nginx" - hosts = ["*"] - } - } - } - } - } - } - } - group "element" { network { diff --git a/modules/media-centre/jobspec.nomad.hcl b/modules/media-centre/jobspec.nomad.hcl index 3810e8f..4faa3e9 100644 --- a/modules/media-centre/jobspec.nomad.hcl +++ b/modules/media-centre/jobspec.nomad.hcl @@ -97,6 +97,14 @@ job "media-centre" { } } } + + tags = [ + "traefik.enable=true", + + "traefik.http.routers.plex.entrypoints=websecure", + "traefik.http.routers.plex.rule=Host(`plex.brmartin.co.uk`)", + "traefik.consulcatalog.connect=true", + ] } network { @@ -152,39 +160,4 @@ job "media-centre" { } } } - - group "plex-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" - tags = [ - "traefik.enable=true", - - "traefik.http.routers.plex.entrypoints=websecure", - "traefik.http.routers.plex.rule=Host(`plex.brmartin.co.uk`)" - ] - - connect { - gateway { - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "media-centre-plex" - hosts = ["*"] - } - } - } - } - } - } - } } diff --git a/modules/ollama/jobspec.nomad.hcl b/modules/ollama/jobspec.nomad.hcl index 09c0e27..ed72940 100644 --- a/modules/ollama/jobspec.nomad.hcl +++ b/modules/ollama/jobspec.nomad.hcl @@ -133,41 +133,14 @@ job "ollama" { } } } - } - } - group "open-webui-ingress-group" { - - network { - mode = "bridge" - port "inbound" { - to = 8080 - } - } - - service { - port = "inbound" tags = [ "traefik.enable=true", "traefik.http.routers.openwebui.rule=Host(`eos.brmartin.co.uk`)", - "traefik.http.routers.openwebui.entrypoints=websecure" + "traefik.http.routers.openwebui.entrypoints=websecure", + "traefik.consulcatalog.connect=true", ] - - connect { - gateway { - ingress { - listener { - port = 8080 - protocol = "http" - service { - name = "ollama-open-webui" - hosts = ["*"] - } - } - } - } - } } } }