diff options
| -rw-r--r-- | jobs/vaultwarden.nomad.hcl | 60 | ||||
| -rw-r--r-- | jobs/virtual-hosting.nomad.hcl | 8 | ||||
| -rw-r--r-- | nomad.tmpl.hcl | 4 |
3 files changed, 72 insertions, 0 deletions
diff --git a/jobs/vaultwarden.nomad.hcl b/jobs/vaultwarden.nomad.hcl new file mode 100644 index 0000000..8dcda82 --- /dev/null +++ b/jobs/vaultwarden.nomad.hcl @@ -0,0 +1,60 @@ +job "vaultwarden" { + group "vaultwarden" { + count = 1 + + network { + port "http" { + to = 80 + } + } + + service { + name = "vaultwarden-web" + port = "http" + provider = "nomad" + + tags = [ + "nginx.hostname=vaultwarden.magnusson.space", + "nginx.certname=magnusson.space", + ] + } + + volume "vaultwarden" { + type = "host" + source = "vaultwarden" + } + + task "vaultwarden" { + driver = "docker" + + resources { + cpu = 100 + memory = 150 + } + + volume_mount { + volume = "vaultwarden" + destination = "/data" + } + + config { + image = "vaultwarden/server:alpine" + ports = ["http"] + } + + template { + data = <<EOF +SIGNUPS_ALLOWED=false +DOMAIN=https://vaultwarden.magnusson.space +PUSH_ENABLED=true +{{ with nomadVar "nomad/jobs/vaultwarden" }} +PUSH_INSTALLATION_ID={{ .installation_id }} +PUSH_INSTALLATION_KEY={{ .installation_key }} +{{ end }} +EOF + destination = "local/.env" + env = true + } + } + } +} diff --git a/jobs/virtual-hosting.nomad.hcl b/jobs/virtual-hosting.nomad.hcl index 49000ef..9c0b649 100644 --- a/jobs/virtual-hosting.nomad.hcl +++ b/jobs/virtual-hosting.nomad.hcl @@ -104,6 +104,11 @@ upstream acme-challenge { } {{ end }} +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + {{ range nomadServices -}} {{- $hostname := "" -}} @@ -155,6 +160,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; } } @@ -174,6 +180,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; } } @@ -228,6 +235,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; } } {{ end -}} diff --git a/nomad.tmpl.hcl b/nomad.tmpl.hcl index 138eb57..e597b36 100644 --- a/nomad.tmpl.hcl +++ b/nomad.tmpl.hcl @@ -37,6 +37,10 @@ client { host_volume "ctftajm-postgres" { path = "/var/local/ctftajm-postgres" } + + host_volume "vaultwarden" { + path = "/var/local/vaultwarden" + } } acl { |