177 lines
3.8 KiB
HCL
177 lines
3.8 KiB
HCL
job "forgejo" {
|
|
group "forgejo" {
|
|
|
|
network {
|
|
mode = "bridge"
|
|
port "forgejo" {
|
|
to = 3000
|
|
}
|
|
port "websocket" {
|
|
to = 2375
|
|
}
|
|
port "cache_server" {}
|
|
}
|
|
|
|
task "forgejo" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "codeberg.org/forgejo/forgejo:11.0.2-rootless"
|
|
|
|
ports = ["forgejo"]
|
|
|
|
volumes = [
|
|
"/etc/timezone:/etc/timezone:ro",
|
|
"/etc/localtime:/etc/localtime:ro"
|
|
]
|
|
}
|
|
|
|
user = "1000:1000"
|
|
|
|
volume_mount {
|
|
volume = "gitea"
|
|
destination = "/etc/gitea"
|
|
}
|
|
|
|
volume_mount {
|
|
volume = "git"
|
|
destination = "/var/lib/gitea"
|
|
}
|
|
|
|
resources {
|
|
cpu = 500
|
|
memory = 512
|
|
}
|
|
|
|
service {
|
|
port = "forgejo"
|
|
provider = "consul"
|
|
tags = [
|
|
"traefik.enable=true",
|
|
|
|
"traefik.http.routers.forgejo.entrypoints=websecure",
|
|
"traefik.http.routers.forgejo.rule=Host(`git.brmartin.co.uk`)"
|
|
]
|
|
}
|
|
}
|
|
|
|
task "runner" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "data.forgejo.org/forgejo/runner:6.3.1"
|
|
|
|
command = "sh"
|
|
args = ["-c", "sleep 5; forgejo-runner daemon --config=${NOMAD_TASK_DIR}/config.yml"]
|
|
}
|
|
|
|
volume_mount {
|
|
volume = "runner_data"
|
|
destination = "/data"
|
|
}
|
|
|
|
resources {
|
|
cpu = 150
|
|
memory = 128
|
|
memory_max = 1024
|
|
}
|
|
|
|
template {
|
|
data = <<-EOF
|
|
log:
|
|
level: info
|
|
runner:
|
|
file: .runner
|
|
capacity: 1
|
|
timeout: 3h
|
|
shutdown_timeout: 3h
|
|
insecure: false
|
|
fetch_timeout: 5s
|
|
fetch_interval: 2s
|
|
report_interval: 1s
|
|
labels: []
|
|
cache:
|
|
enabled: true
|
|
dir: "{{ env "NOMAD_TASK_DIR" }}/local"
|
|
host: "127.0.0.1"
|
|
port: {{ env "NOMAD_PORT_cache_server" }}
|
|
container:
|
|
network: "host"
|
|
enable_ipv6: false
|
|
privileged: true
|
|
options: "-v /var/run/docker.sock:/var/run/docker.sock"
|
|
workdir_parent:
|
|
valid_volumes: ["/var/run/docker.sock"]
|
|
docker_host: ""
|
|
force_pull: false
|
|
host:
|
|
workdir_parent:
|
|
EOF
|
|
|
|
destination = "local/config.yml"
|
|
}
|
|
|
|
env {
|
|
DOCKER_HOST = "tcp://127.0.0.1:2375"
|
|
}
|
|
|
|
service {
|
|
port = "cache_server"
|
|
provider = "consul"
|
|
}
|
|
}
|
|
|
|
task "docker-in-docker" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "docker:dind"
|
|
privileged = true
|
|
|
|
command = "dockerd"
|
|
args = ["-H=tcp://0.0.0.0:2375", "-H=unix:///var/run/docker.sock", "--tls=false", "--default-address-pool=base=10.255.0.0/24,size=29"]
|
|
|
|
mount {
|
|
type = "bind"
|
|
source = "local"
|
|
target = "/var/lib/docker"
|
|
}
|
|
}
|
|
|
|
resources {
|
|
cpu = 500
|
|
memory = 512
|
|
memory_max = 4096
|
|
}
|
|
|
|
service {
|
|
port = "websocket"
|
|
provider = "consul"
|
|
}
|
|
}
|
|
|
|
volume "gitea" {
|
|
type = "csi"
|
|
read_only = false
|
|
source = "martinibar_prod_forgejo_gitea"
|
|
attachment_mode = "file-system"
|
|
access_mode = "single-node-writer"
|
|
}
|
|
|
|
volume "git" {
|
|
type = "csi"
|
|
read_only = false
|
|
source = "martinibar_prod_forgejo_git"
|
|
attachment_mode = "file-system"
|
|
access_mode = "single-node-writer"
|
|
}
|
|
|
|
volume "runner_data" {
|
|
type = "csi"
|
|
read_only = false
|
|
source = "martinibar_prod_forgejo-runner_data"
|
|
attachment_mode = "file-system"
|
|
access_mode = "single-node-writer"
|
|
}
|
|
}
|
|
}
|