diff options
| author | Mathias Magnusson <mathias@magnusson.space> | 2023-12-11 02:19:00 +0100 |
|---|---|---|
| committer | Mathias Magnusson <mathias@magnusson.space> | 2023-12-11 02:19:00 +0100 |
| commit | 2e7a72d17ce137d9d81d75c4cec6278da0bd54ff (patch) | |
| tree | 630b28ef5cd869ed4f91d7d83f1b1e759099b930 /jobs | |
| parent | fdaf85a43f6f2ad98c5004bfeeddfd1a92097fb3 (diff) | |
| download | garm-2e7a72d17ce137d9d81d75c4cec6278da0bd54ff.tar.gz | |
Add vaultwarden
Diffstat (limited to 'jobs')
| -rw-r--r-- | jobs/vaultwarden.nomad.hcl | 60 | ||||
| -rw-r--r-- | jobs/virtual-hosting.nomad.hcl | 8 |
2 files changed, 68 insertions, 0 deletions
diff --git a/jobs/vaultwarden.nomad.hcl b/jobs/vaultwarden.nomad.hcl new file mode 100644 index 0000000..8dcda82 --- /dev/null +++ b/jobs/vaultwarden.nomad.hcl @@ -0,0 +1,60 @@ +job "vaultwarden" { + group "vaultwarden" { + count = 1 + + network { + port "http" { + to = 80 + } + } + + service { + name = "vaultwarden-web" + port = "http" + provider = "nomad" + + tags = [ + "nginx.hostname=vaultwarden.magnusson.space", + "nginx.certname=magnusson.space", + ] + } + + volume "vaultwarden" { + type = "host" + source = "vaultwarden" + } + + task "vaultwarden" { + driver = "docker" + + resources { + cpu = 100 + memory = 150 + } + + volume_mount { + volume = "vaultwarden" + destination = "/data" + } + + config { + image = "vaultwarden/server:alpine" + ports = ["http"] + } + + template { + data = <<EOF +SIGNUPS_ALLOWED=false +DOMAIN=https://vaultwarden.magnusson.space +PUSH_ENABLED=true +{{ with nomadVar "nomad/jobs/vaultwarden" }} +PUSH_INSTALLATION_ID={{ .installation_id }} +PUSH_INSTALLATION_KEY={{ .installation_key }} +{{ end }} +EOF + destination = "local/.env" + env = true + } + } + } +} diff --git a/jobs/virtual-hosting.nomad.hcl b/jobs/virtual-hosting.nomad.hcl index 49000ef..9c0b649 100644 --- a/jobs/virtual-hosting.nomad.hcl +++ b/jobs/virtual-hosting.nomad.hcl @@ -104,6 +104,11 @@ upstream acme-challenge { } {{ end }} +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + {{ range nomadServices -}} {{- $hostname := "" -}} @@ -155,6 +160,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; } } @@ -174,6 +180,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; } } @@ -228,6 +235,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; } } {{ end -}} |