cluster/infrastructure/syncthing/nomad.hcl

112 lines
1.9 KiB
HCL
Raw Normal View History

variable "flake_ref" {
type = string
}
variable "flake_sha" {
type = string
}
job "syncthing" {
datacenters = [ "homelab-1" ]
type = "service"
group "syncthing" {
count = 1
volume "syncthing-data" {
type = "csi"
source = "syncthing-data"
read_only = false
attachment_mode = "file-system"
access_mode = "single-node-writer"
}
volume "syncthing-config" {
type = "csi"
source = "syncthing-config"
read_only = false
attachment_mode = "file-system"
access_mode = "single-node-writer"
}
volume "syncthing-storage" {
type = "csi"
source = "syncthing-storage"
read_only = false
attachment_mode = "file-system"
access_mode = "single-node-writer"
}
network {
mode = "bridge"
}
service {
name = "syncthing"
port = "8384"
## Syncthing with auth returns 402: Unauthorized and Nomad interprets it as
## service failure.
# check {
# type = "http"
# address_mode = "alloc"
# path = "/"
# port = "8384"
# interval = "10s"
# timeout = "10s"
# }
connect {
sidecar_service {}
sidecar_task {
resources {
cpu = 75
memory = 48
}
config {
memory_hard_limit = 96
}
}
}
}
task "syncthing" {
driver = "containerd-driver"
config {
flake_ref = "${var.flake_ref}#nixngSystems.syncthing.config.system.build.toplevel"
flake_sha = var.flake_sha
entrypoint = [ "init" ]
}
resources {
cpu = 128
memory = 128
}
volume_mount {
volume = "syncthing-data"
destination = "/var/syncthing/data"
read_only = false
}
volume_mount {
volume = "syncthing-config"
destination = "/var/syncthing/config"
read_only = false
}
volume_mount {
volume = "syncthing-storage"
destination = "/var/syncthing/storage"
read_only = false
}
}
}
}