variable "flake_ref" { type = string } variable "flake_sha" { type = string } variable "store_path" { type = object({ hydra = string postgresql = string }) } job "hydra" { datacenters = [ "homelab-1" ] type = "service" constraint { attribute = "${attr.unique.hostname}" value = "blowhole" } group "svc" { count = 1 volume "hydra-data" { type = "csi" source = "hydra-data" read_only = false attachment_mode = "file-system" access_mode = "single-node-writer" } volume "hydra-nix" { type = "csi" source = "hydra-nix" read_only = false attachment_mode = "file-system" access_mode = "single-node-writer" } volume "hydra-db" { type = "csi" source = "hydra-db" read_only = false attachment_mode = "file-system" access_mode = "single-node-writer" } restart { attempts = 5 delay = "5s" } network { mode = "bridge" } service { name = "hydra" port = "3000" check { type = "http" address_mode = "alloc" path = "/" port = "3000" interval = "2s" timeout = "2s" } connect { sidecar_service {} } } task "hydra" { driver = "docker" volume_mount { volume = "hydra-data" destination = "/var/lib/hydra" read_only = false } # volume_mount { # volume = "hydra-nix" # destination = "/nix-persist" # read_only = false # } config { nix_flake_ref = "${var.flake_ref}#nixngConfigurations.hydra.config.system.build.toplevel" nix_flake_sha = var.flake_sha nix_flake_store_path = var.store_path.hydra entrypoint = [ "init" ] devices = [ { host_path = "/dev/fuse" container_path = "/dev/fuse" } ] volumes = [ "/var/nfs/hydra-nix:/nix-persist" ] privileged = true } vault { policies = ["hydra-policy"] } resources { cpu = 4000 memory = 4096 memory_max = 8096 } template { data = <