dotfiles/terranix/main/containers/matrix/matrix-prometheus.hcl
magic_rb 4a29b6d8d3
Move terranix config into terranix/main
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-04-07 10:45:07 +02:00

82 lines
1.6 KiB
HCL

variable "flake_ref" {
type = string
}
variable "flake_sha" {
type = string
}
job "matrix-prometheus" {
datacenters = [ "homelab-1" ]
type = "service"
group "matrix-prometheus" {
count = 1
restart {
attempts = 5
delay = "5s"
}
network {
mode = "bridge"
}
service {
name = "matrix-prometheus"
port = "0"
}
task "matrix-prometheus" {
driver = "docker"
config {
nix_flake_ref = "${var.flake_ref}#nixngConfigurations.matrixPrometheus.config.system.build.toplevel"
nix_flake_sha = var.flake_sha
entrypoint = [ "init" ]
}
}
task "matrix-prometheus-connect-nginx" {
driver = "docker"
config {
nix_flake_ref = "${var.flake_ref}#nixngConfigurations.matrixPrometheusConnectNginx.config.system.build.toplevel"
nix_flake_sha = var.flake_sha
entrypoint = [ "init" ]
template {
data = <<EOF
upstream matrix-synapse-metrics {
{{- range connect "matrix-synapse-metrics" }}
proxy_pass {{ .Address }}:{{ .Port }}
{{- end -}}
}
EOF
destination = "/local/upsteams.conf"
}
template {
data = <<EOF
{{ range caRoots }}{{ .RootCertPEM }}{{ end }}
EOF
destination = "/secrets/ca.pem"
}
template {
data = <<EOF
{{ with caLeaf "nginx" }}{{ .CertPEM }}{{ end }}
EOF
destination = "/secrets/crt.pem"
}
template {
data = <<EOF
{{ with caLeaf "nginx" }}{{.PrivateKeyPEM }}{{ end }}
EOF
destination = "/secrets/key.pem"
}
}
}
}
}