magic_rb/cluster
1
0
Fork 0
mirror of https://git.sr.ht/~magic_rb/cluster synced 2024-11-29 11:36:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
cluster/infrastructure/ingress/nomad.hcl
Magic_RB 2de30a1e88
A lot of stuff, ingress, nextcloud, hydra 
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2021-05-12 17:31:15 +02:00

129 lines
2.4 KiB
HCL
Raw Blame History

job "ingress" {
datacenters = [ "homelab-1" ]
type = "service"
constraint {
attribute = "${attr.unique.hostname}"
value = "blowhole"
}
group "ingress" {
count = 1
network {
port "http" {
static = "8080"
to = "80"
}
}
service {
name = "ingress"
port = "http"
}
task "nginx" {
driver = "docker"
config {
image = "nixng-ingress:local"
ports = ["http"]
}
template {
data = <<EOF
upstream gitea {
{{ range service "gitea" }}
server {{ .Address }}:{{ .Port }};
{{ else }}server 127.0.0.1:65535; # force a 502
{{ end }}
}
upstream hydra {
{{ range service "hydra" }}
server {{ .Address }}:{{ .Port }};
{{ else }}server 127.0.0.1:65535; # force a 502
{{ end }}
}
upstream nextcloud {
{{ range service "nextcloud" }}
server {{ .Address }}:{{ .Port }};
{{ else }}server 127.0.0.1:65535; # force a 502
{{ end }}
}
upstream website {
{{ range service "website" }}
server {{ .Address }}:{{ .Port }};
{{ else }}server 127.0.0.1:65535; # force a 502
{{ end }}
}
server {
listen 80;
server_name _;
return 404;
}
server {
listen 80;
server_name gitea.redalder.org;
add_header X-Frame-Options "SAMEORIGIN";
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitea;
}
}
server {
listen 80;
server_name hydra.redalder.org;
add_header X-Frame-Options "SAMEORIGIN";
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://hydra;
}
}
server {
listen 80;
server_name redalder.org;
add_header X-Frame-Options "SAMEORIGIN";
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
location /nextcloud/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://nextcloud/;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://website;
}
}
EOF
destination = "local/upstreams.conf"
change_mode = "signal"
change_signal = "SIGHUP"
}
}
}
}
Reference in a new issue View git blame Copy permalink