{ tflib, elib, vars, ... }: let inherit (elib) nfsVolume nomadJob; inherit (tflib) tf; in { resource."nomad_volume"."gitea-db" = nfsVolume { volume_name = "gitea-db"; access_mode = "single-node-writer"; server = "blowhole.hosts.in.redalder.org"; share = "/var/nfs/gitea-db"; mount_flags = [ "nfsvers=3" "nolock" "async" ]; }; resource."nomad_volume"."gitea-data" = nfsVolume { volume_name = "gitea-data"; access_mode = "single-node-writer"; server = "blowhole.hosts.in.redalder.org"; share = "/var/nfs/gitea-data"; mount_flags = [ "nfsvers=3" "nolock" "async" ]; }; resource."vault_policy"."gitea-policy" = { name = "gitea-policy"; policy = '' path "kv/data/gitea" { capabilities = ["read"] } ''; }; resource."nomad_job"."gitea" = nomadJob { count = tf "var.dont_deploy_containers ? 0 : 1"; jobspec = ./job.hcl; vars = { flake_ref = "${vars.flake_host}?rev=${vars.flake_rev}&ref=${vars.flake_ref}"; flake_sha = vars.flake_sha; }; }; }