nomad / feat: add pico #1

closed · opened on 2024-08-28 by in0rdr
Help 
# add changes to patch request
git format-patch master --stdout | ssh pr.in0rdr.ch pr add 1
# add review to patch request
git format-patch master --stdout | ssh pr.in0rdr.ch pr add --review 1
# remove patchset
ssh pr.in0rdr.ch ps rm ps-x
# checkout all patches
ssh pr.in0rdr.ch pr print 1 | git am -3
# print a diff between the last two patches in a patch request
ssh pr.in0rdr.ch pr diff 1
# accept PR
ssh pr.in0rdr.ch pr accept 1
# close PR
ssh pr.in0rdr.ch pr close 1

Logs

in0rdr created pr with ps-1 on 2024-08-28
in0rdr changed status on 2024-08-28 {"status":"accepted"}
in0rdr changed status on 2024-08-28 {"status":"closed"}

Patchsets

Diff ↕

feat: add pico

Andreas Gruhler <andreas.gruhler@adfinis.com> 
This adds pico, a simplistic git collaboration service:
* https://github.com/picosh/git-pr

I hope that it is useful for other people that would like to contribute
some part of code or documentation, but hesitate to open an account with
any code "forge" or service like Github, Gitlab, etc..
 hcl/default/pico/pico.nomad                 | 135 ++++++++++++++++++++
 hcl/default/pico/templates/.env.tmpl        |  14 ++
 hcl/default/pico/templates/git-pr.toml.tmpl |  15 +++
 hcl/default/pico/templates/nginx.conf.tmpl  |  10 ++
 hcl/default/pico/volume-pico.hcl            |  31 +++++
 5 files changed, 205 insertions(+)
 create mode 100644 hcl/default/pico/pico.nomad
 create mode 100644 hcl/default/pico/templates/.env.tmpl
 create mode 100644 hcl/default/pico/templates/git-pr.toml.tmpl
 create mode 100644 hcl/default/pico/templates/nginx.conf.tmpl
 create mode 100644 hcl/default/pico/volume-pico.hcl
Patch 
  1From 63b7ea59200bc552ec5f618e32027f7b7920ab31 Mon Sep 17 00:00:00 2001
  2From: Andreas Gruhler <andreas.gruhler@adfinis.com>
  3Date: Thu, 29 Aug 2024 00:05:02 +0200
  4Subject: [PATCH] feat: add pico
  5
  6This adds pico, a simplistic git collaboration service:
  7* https://github.com/picosh/git-pr
  8
  9I hope that it is useful for other people that would like to contribute
 10some part of code or documentation, but hesitate to open an account with
 11any code "forge" or service like Github, Gitlab, etc..
 12---
 13 hcl/default/pico/pico.nomad                 | 135 ++++++++++++++++++++
 14 hcl/default/pico/templates/.env.tmpl        |  14 ++
 15 hcl/default/pico/templates/git-pr.toml.tmpl |  15 +++
 16 hcl/default/pico/templates/nginx.conf.tmpl  |  10 ++
 17 hcl/default/pico/volume-pico.hcl            |  31 +++++
 18 5 files changed, 205 insertions(+)
 19 create mode 100644 hcl/default/pico/pico.nomad
 20 create mode 100644 hcl/default/pico/templates/.env.tmpl
 21 create mode 100644 hcl/default/pico/templates/git-pr.toml.tmpl
 22 create mode 100644 hcl/default/pico/templates/nginx.conf.tmpl
 23 create mode 100644 hcl/default/pico/volume-pico.hcl
 24
 25diff --git a/hcl/default/pico/pico.nomad b/hcl/default/pico/pico.nomad
 26new file mode 100644
 27index 0000000..63c05d8
 28--- /dev/null
 29+++ b/hcl/default/pico/pico.nomad
 30@@ -0,0 +1,135 @@
 31+# https://github.com/picosh/git-pr/blob/main/docker-compose.prod.yml
 32+job "pico" {
 33+  datacenters = ["dc1"]
 34+
 35+  priority = 80
 36+
 37+  group "server" {
 38+    count = 1
 39+
 40+    volume "pico" {
 41+      type = "csi"
 42+      source = "pico"
 43+      access_mode = "multi-node-multi-writer"
 44+      attachment_mode = "file-system"
 45+    }
 46+    volume "tls" {
 47+      type = "csi"
 48+      source = "certbot"
 49+      access_mode = "multi-node-multi-writer"
 50+      attachment_mode = "file-system"
 51+    }
 52+
 53+    network {
 54+      port "web" {
 55+        to = 3000
 56+      }
 57+      port "ssh" {
 58+        to = 2222
 59+        static = 44405
 60+      }
 61+      port "https" {
 62+        static = 44406
 63+      }
 64+    }
 65+
 66+    task "web" {
 67+      driver = "podman"
 68+
 69+      config {
 70+        image = "ghcr.io/picosh/pico/git-web:latest"
 71+        ports = ["web"]
 72+        volumes = [
 73+          # mount the templated config from the task directory to the container
 74+          "local/git-pr.toml:/app/git-pr.toml",
 75+        ]
 76+      }
 77+
 78+      template {
 79+        destination = "${NOMAD_TASK_DIR}/.env"
 80+        data = file("./templates/.env.tmpl")
 81+        env = true
 82+      }
 83+
 84+      template {
 85+        destination = "${NOMAD_TASK_DIR}/git-pr.toml"
 86+        data = file("./templates/git-pr.toml.tmpl")
 87+      }
 88+
 89+      volume_mount {
 90+        volume = "pico"
 91+        destination = "/app/data"
 92+      }
 93+
 94+      resources {
 95+        memory = 256
 96+        memory_max = 512
 97+        cpu    = 250
 98+      }
 99+    }
100+
101+    task "ssh" {
102+      driver = "podman"
103+
104+      config {
105+        image = "ghcr.io/picosh/pico/git-ssh:latest"
106+        ports = ["ssh"]
107+        volumes = [
108+          # mount the templated config from the task directory to the container
109+          "local/git-pr.toml:/app/git-pr.toml",
110+        ]
111+      }
112+
113+      template {
114+        destination = "${NOMAD_TASK_DIR}/.env"
115+        data = file("./templates/.env.tmpl")
116+        env = true
117+      }
118+
119+      template {
120+        destination = "${NOMAD_TASK_DIR}/git-pr.toml"
121+        data = file("./templates/git-pr.toml.tmpl")
122+      }
123+
124+      volume_mount {
125+        volume = "pico"
126+        destination = "/app/data"
127+      }
128+
129+      resources {
130+        memory = 256
131+        memory_max = 512
132+        cpu    = 250
133+      }
134+    }
135+
136+    task "nginx" {
137+      driver = "podman"
138+
139+      config {
140+        image = "docker.io/library/nginx:stable-alpine"
141+        ports = ["https"]
142+        volumes = [
143+          # mount the templated config from the task directory to the container
144+          "local/pico.conf:/etc/nginx/conf.d/pico.conf",
145+        ]
146+      }
147+
148+      volume_mount {
149+        volume = "tls"
150+        destination = "/etc/letsencrypt"
151+      }
152+
153+      template {
154+        destination = "${NOMAD_TASK_DIR}/pico.conf"
155+        data = file("./templates/nginx.conf.tmpl")
156+      }
157+
158+      resources {
159+        memory = 50
160+        memory_max = 128
161+        cpu    = 200
162+      }
163+    }
164+  }
165+}
166diff --git a/hcl/default/pico/templates/.env.tmpl b/hcl/default/pico/templates/.env.tmpl
167new file mode 100644
168index 0000000..79e46f0
169--- /dev/null
170+++ b/hcl/default/pico/templates/.env.tmpl
171@@ -0,0 +1,14 @@
172+# https://github.com/picosh/git-pr/blob/main/.env.example
173+CF_API_TOKEN=
174+
175+GITPR_V4=
176+GITPR_V6=
177+GITPR_HTTP_V4=$GIT_V4:80
178+GITPR_HTTP_V6=[$GIT_V6]:80
179+GITPR_HTTPS_V4=$GIT_V4:443
180+GITPR_HTTPS_V6=[$GIT_V6]:443
181+GITPR_SSH_V4=$GIT_V4:22
182+GITPR_SSH_V6=[$GIT_V6]:22
183+GITPR_HOST=
184+GITPR_SSH_PORT=2222
185+GITPR_WEB_PORT=3000
186diff --git a/hcl/default/pico/templates/git-pr.toml.tmpl b/hcl/default/pico/templates/git-pr.toml.tmpl
187new file mode 100644
188index 0000000..9e84843
189--- /dev/null
190+++ b/hcl/default/pico/templates/git-pr.toml.tmpl
191@@ -0,0 +1,15 @@
192+# url is used for help commands, exclude protocol
193+url = "-p 2222 pr.in0rdr.ch"
194+# where we store the sqlite db, this toml file, git repos, and ssh host keys
195+data_dir = "./data"
196+# this gives users the ability to submit reviews and other admin permissions
197+admins = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2SnNAxEnre9hcPD74wNAouuXMgfIzwsB7qr88xSb8WS8CKqZGXzaQgebc0YExfV7PGyV6KUfu4KUvS1xDboRbU6ZLU4HdGlAi+hdv8dVVzdzCgFmdv5BEGam0SMhlzReWRiDvae0pObAPvAFg5ab6B/t1LjOosBOpPo2JfEkR6zfjDrMCYdEjWB5To1p5AX0BJneTiIeiEqR/05mZUk5L8hMFmwvm8QThd+SzpLY3zgWlWG7TlUQwx78xvell9KC0GChhwlkeEAwE3q1tq/LbgzvtY140Fg0bbBGcYQI4UvG85xfTfpbHeQ1RkSB8Rb8pMkaN7mT+3qhe08cHT9v3"]
198+# set datetime format for our clients
199+time_format = "2006-01-02"
200+
201+# add as many repos as you want
202+[[repo]]
203+id = "nomad"
204+default_branch = "master"
205+clone_addr = "https://git.in0rdr.ch/nomad.git"
206+desc = "HCL and Docker files for Nomad deployments"
207diff --git a/hcl/default/pico/templates/nginx.conf.tmpl b/hcl/default/pico/templates/nginx.conf.tmpl
208new file mode 100644
209index 0000000..35c123b
210--- /dev/null
211+++ b/hcl/default/pico/templates/nginx.conf.tmpl
212@@ -0,0 +1,10 @@
213+server {
214+    listen               {{ env "NOMAD_PORT_https" }} ssl;
215+
216+    ssl_certificate      /etc/letsencrypt/live/pr.in0rdr.ch/fullchain.pem;
217+    ssl_certificate_key  /etc/letsencrypt/live/pr.in0rdr.ch/privkey.pem;
218+
219+    location / {
220+        proxy_pass       http://{{ env "NOMAD_ADDR_web" }};
221+    }
222+}
223diff --git a/hcl/default/pico/volume-pico.hcl b/hcl/default/pico/volume-pico.hcl
224new file mode 100644
225index 0000000..9e42145
226--- /dev/null
227+++ b/hcl/default/pico/volume-pico.hcl
228@@ -0,0 +1,31 @@
229+# Register external nfs volume with Nomad CSI
230+# https://www.nomadproject.io/docs/commands/volume/register
231+type = "csi"
232+# Unique ID of the volume, volume.source field in a job
233+id = "pico"
234+# Display name of the volume.
235+name = "pico"
236+# ID of the physical volume from the storage provider
237+external_id = "csi-pico"
238+plugin_id = "nfs"
239+
240+# You must provide at least one capability block
241+# You must provide a block for each capability
242+# youintend to use in a job's volume block
243+# https://www.nomadproject.io/docs/commands/volume/register
244+capability {
245+  access_mode = "multi-node-multi-writer"
246+  attachment_mode = "file-system"
247+}
248+
249+# https://github.com/kubernetes-csi/csi-driver-nfs/blob/master/docs/driver-parameters.md
250+context {
251+  server = "turris"
252+  share = "csi-pico"
253+}
254+
255+mount_options {
256+  # mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
257+  mount_flags = ["nolock"]
258+}
259+
260-- 
2612.44.1
262
ps-1 by in0rdr on 2024-08-28T22:12:55Z

feat: add pico

Andreas Gruhler <andreas.gruhler@adfinis.com> 2024-08-28 
This adds pico, a simplistic git collaboration service:
* https://github.com/picosh/git-pr

I hope that it is useful for other people that would like to contribute
some part of code or documentation, but hesitate to open an account with
any code "forge" or service like Github, Gitlab, etc..
 hcl/default/pico/pico.nomad                 | 135 ++++++++++++++++++++
 hcl/default/pico/templates/.env.tmpl        |  14 ++
 hcl/default/pico/templates/git-pr.toml.tmpl |  15 +++
 hcl/default/pico/templates/nginx.conf.tmpl  |  10 ++
 hcl/default/pico/volume-pico.hcl            |  31 +++++
 5 files changed, 205 insertions(+)
 create mode 100644 hcl/default/pico/pico.nomad
 create mode 100644 hcl/default/pico/templates/.env.tmpl
 create mode 100644 hcl/default/pico/templates/git-pr.toml.tmpl
 create mode 100644 hcl/default/pico/templates/nginx.conf.tmpl
 create mode 100644 hcl/default/pico/volume-pico.hcl
Patch 
  1From 63b7ea59200bc552ec5f618e32027f7b7920ab31 Mon Sep 17 00:00:00 2001
  2From: Andreas Gruhler <andreas.gruhler@adfinis.com>
  3Date: Thu, 29 Aug 2024 00:05:02 +0200
  4Subject: [PATCH] feat: add pico
  5
  6This adds pico, a simplistic git collaboration service:
  7* https://github.com/picosh/git-pr
  8
  9I hope that it is useful for other people that would like to contribute
 10some part of code or documentation, but hesitate to open an account with
 11any code "forge" or service like Github, Gitlab, etc..
 12---
 13 hcl/default/pico/pico.nomad                 | 135 ++++++++++++++++++++
 14 hcl/default/pico/templates/.env.tmpl        |  14 ++
 15 hcl/default/pico/templates/git-pr.toml.tmpl |  15 +++
 16 hcl/default/pico/templates/nginx.conf.tmpl  |  10 ++
 17 hcl/default/pico/volume-pico.hcl            |  31 +++++
 18 5 files changed, 205 insertions(+)
 19 create mode 100644 hcl/default/pico/pico.nomad
 20 create mode 100644 hcl/default/pico/templates/.env.tmpl
 21 create mode 100644 hcl/default/pico/templates/git-pr.toml.tmpl
 22 create mode 100644 hcl/default/pico/templates/nginx.conf.tmpl
 23 create mode 100644 hcl/default/pico/volume-pico.hcl
 24
 25diff --git a/hcl/default/pico/pico.nomad b/hcl/default/pico/pico.nomad
 26new file mode 100644
 27index 0000000..63c05d8
 28--- /dev/null
 29+++ b/hcl/default/pico/pico.nomad
 30@@ -0,0 +1,135 @@
 31+# https://github.com/picosh/git-pr/blob/main/docker-compose.prod.yml
 32+job "pico" {
 33+  datacenters = ["dc1"]
 34+
 35+  priority = 80
 36+
 37+  group "server" {
 38+    count = 1
 39+
 40+    volume "pico" {
 41+      type = "csi"
 42+      source = "pico"
 43+      access_mode = "multi-node-multi-writer"
 44+      attachment_mode = "file-system"
 45+    }
 46+    volume "tls" {
 47+      type = "csi"
 48+      source = "certbot"
 49+      access_mode = "multi-node-multi-writer"
 50+      attachment_mode = "file-system"
 51+    }
 52+
 53+    network {
 54+      port "web" {
 55+        to = 3000
 56+      }
 57+      port "ssh" {
 58+        to = 2222
 59+        static = 44405
 60+      }
 61+      port "https" {
 62+        static = 44406
 63+      }
 64+    }
 65+
 66+    task "web" {
 67+      driver = "podman"
 68+
 69+      config {
 70+        image = "ghcr.io/picosh/pico/git-web:latest"
 71+        ports = ["web"]
 72+        volumes = [
 73+          # mount the templated config from the task directory to the container
 74+          "local/git-pr.toml:/app/git-pr.toml",
 75+        ]
 76+      }
 77+
 78+      template {
 79+        destination = "${NOMAD_TASK_DIR}/.env"
 80+        data = file("./templates/.env.tmpl")
 81+        env = true
 82+      }
 83+
 84+      template {
 85+        destination = "${NOMAD_TASK_DIR}/git-pr.toml"
 86+        data = file("./templates/git-pr.toml.tmpl")
 87+      }
 88+
 89+      volume_mount {
 90+        volume = "pico"
 91+        destination = "/app/data"
 92+      }
 93+
 94+      resources {
 95+        memory = 256
 96+        memory_max = 512
 97+        cpu    = 250
 98+      }
 99+    }
100+
101+    task "ssh" {
102+      driver = "podman"
103+
104+      config {
105+        image = "ghcr.io/picosh/pico/git-ssh:latest"
106+        ports = ["ssh"]
107+        volumes = [
108+          # mount the templated config from the task directory to the container
109+          "local/git-pr.toml:/app/git-pr.toml",
110+        ]
111+      }
112+
113+      template {
114+        destination = "${NOMAD_TASK_DIR}/.env"
115+        data = file("./templates/.env.tmpl")
116+        env = true
117+      }
118+
119+      template {
120+        destination = "${NOMAD_TASK_DIR}/git-pr.toml"
121+        data = file("./templates/git-pr.toml.tmpl")
122+      }
123+
124+      volume_mount {
125+        volume = "pico"
126+        destination = "/app/data"
127+      }
128+
129+      resources {
130+        memory = 256
131+        memory_max = 512
132+        cpu    = 250
133+      }
134+    }
135+
136+    task "nginx" {
137+      driver = "podman"
138+
139+      config {
140+        image = "docker.io/library/nginx:stable-alpine"
141+        ports = ["https"]
142+        volumes = [
143+          # mount the templated config from the task directory to the container
144+          "local/pico.conf:/etc/nginx/conf.d/pico.conf",
145+        ]
146+      }
147+
148+      volume_mount {
149+        volume = "tls"
150+        destination = "/etc/letsencrypt"
151+      }
152+
153+      template {
154+        destination = "${NOMAD_TASK_DIR}/pico.conf"
155+        data = file("./templates/nginx.conf.tmpl")
156+      }
157+
158+      resources {
159+        memory = 50
160+        memory_max = 128
161+        cpu    = 200
162+      }
163+    }
164+  }
165+}
166diff --git a/hcl/default/pico/templates/.env.tmpl b/hcl/default/pico/templates/.env.tmpl
167new file mode 100644
168index 0000000..79e46f0
169--- /dev/null
170+++ b/hcl/default/pico/templates/.env.tmpl
171@@ -0,0 +1,14 @@
172+# https://github.com/picosh/git-pr/blob/main/.env.example
173+CF_API_TOKEN=
174+
175+GITPR_V4=
176+GITPR_V6=
177+GITPR_HTTP_V4=$GIT_V4:80
178+GITPR_HTTP_V6=[$GIT_V6]:80
179+GITPR_HTTPS_V4=$GIT_V4:443
180+GITPR_HTTPS_V6=[$GIT_V6]:443
181+GITPR_SSH_V4=$GIT_V4:22
182+GITPR_SSH_V6=[$GIT_V6]:22
183+GITPR_HOST=
184+GITPR_SSH_PORT=2222
185+GITPR_WEB_PORT=3000
186diff --git a/hcl/default/pico/templates/git-pr.toml.tmpl b/hcl/default/pico/templates/git-pr.toml.tmpl
187new file mode 100644
188index 0000000..9e84843
189--- /dev/null
190+++ b/hcl/default/pico/templates/git-pr.toml.tmpl
191@@ -0,0 +1,15 @@
192+# url is used for help commands, exclude protocol
193+url = "-p 2222 pr.in0rdr.ch"
194+# where we store the sqlite db, this toml file, git repos, and ssh host keys
195+data_dir = "./data"
196+# this gives users the ability to submit reviews and other admin permissions
197+admins = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2SnNAxEnre9hcPD74wNAouuXMgfIzwsB7qr88xSb8WS8CKqZGXzaQgebc0YExfV7PGyV6KUfu4KUvS1xDboRbU6ZLU4HdGlAi+hdv8dVVzdzCgFmdv5BEGam0SMhlzReWRiDvae0pObAPvAFg5ab6B/t1LjOosBOpPo2JfEkR6zfjDrMCYdEjWB5To1p5AX0BJneTiIeiEqR/05mZUk5L8hMFmwvm8QThd+SzpLY3zgWlWG7TlUQwx78xvell9KC0GChhwlkeEAwE3q1tq/LbgzvtY140Fg0bbBGcYQI4UvG85xfTfpbHeQ1RkSB8Rb8pMkaN7mT+3qhe08cHT9v3"]
198+# set datetime format for our clients
199+time_format = "2006-01-02"
200+
201+# add as many repos as you want
202+[[repo]]
203+id = "nomad"
204+default_branch = "master"
205+clone_addr = "https://git.in0rdr.ch/nomad.git"
206+desc = "HCL and Docker files for Nomad deployments"
207diff --git a/hcl/default/pico/templates/nginx.conf.tmpl b/hcl/default/pico/templates/nginx.conf.tmpl
208new file mode 100644
209index 0000000..35c123b
210--- /dev/null
211+++ b/hcl/default/pico/templates/nginx.conf.tmpl
212@@ -0,0 +1,10 @@
213+server {
214+    listen               {{ env "NOMAD_PORT_https" }} ssl;
215+
216+    ssl_certificate      /etc/letsencrypt/live/pr.in0rdr.ch/fullchain.pem;
217+    ssl_certificate_key  /etc/letsencrypt/live/pr.in0rdr.ch/privkey.pem;
218+
219+    location / {
220+        proxy_pass       http://{{ env "NOMAD_ADDR_web" }};
221+    }
222+}
223diff --git a/hcl/default/pico/volume-pico.hcl b/hcl/default/pico/volume-pico.hcl
224new file mode 100644
225index 0000000..9e42145
226--- /dev/null
227+++ b/hcl/default/pico/volume-pico.hcl
228@@ -0,0 +1,31 @@
229+# Register external nfs volume with Nomad CSI
230+# https://www.nomadproject.io/docs/commands/volume/register
231+type = "csi"
232+# Unique ID of the volume, volume.source field in a job
233+id = "pico"
234+# Display name of the volume.
235+name = "pico"
236+# ID of the physical volume from the storage provider
237+external_id = "csi-pico"
238+plugin_id = "nfs"
239+
240+# You must provide at least one capability block
241+# You must provide a block for each capability
242+# youintend to use in a job's volume block
243+# https://www.nomadproject.io/docs/commands/volume/register
244+capability {
245+  access_mode = "multi-node-multi-writer"
246+  attachment_mode = "file-system"
247+}
248+
249+# https://github.com/kubernetes-csi/csi-driver-nfs/blob/master/docs/driver-parameters.md
250+context {
251+  server = "turris"
252+  share = "csi-pico"
253+}
254+
255+mount_options {
256+  # mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
257+  mount_flags = ["nolock"]
258+}
259+
260-- 
2612.44.1
262