Logs
Patchset ps-3
feat: add silverbullet
Andreas Gruhler
feat: add silverbullet
hcl/default/silverbullet/data-volume.hcl
link
+31
-0
+31
-0
1diff --git a/hcl/default/silverbullet/data-volume.hcl b/hcl/default/silverbullet/data-volume.hcl
2new file mode 100644
3index 0000000..63180a5
4--- /dev/null
5+++ b/hcl/default/silverbullet/data-volume.hcl
6@@ -0,0 +1,31 @@
7+# Register external nfs volume with Nomad CSI
8+# https://www.nomadproject.io/docs/commands/volume/register
9+type = "csi"
10+# Unique ID of the volume, volume.source field in a job
11+id = "silverbullet"
12+# Display name of the volume.
13+name = "silverbullet"
14+# ID of the physical volume from the storage provider
15+external_id = "csi-silverbullet"
16+plugin_id = "nfs"
17+
18+# You must provide at least one capability block
19+# You must provide a block for each capability
20+# youintend to use in a job's volume block
21+# https://www.nomadproject.io/docs/commands/volume/register
22+capability {
23+ access_mode = "multi-node-multi-writer"
24+ attachment_mode = "file-system"
25+}
26+
27+# https://github.com/kubernetes-csi/csi-driver-nfs/blob/master/docs/driver-parameters.md
28+context {
29+ server = "turris"
30+ share = "csi-silverbullet"
31+}
32+
33+mount_options {
34+ # mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
35+ mount_flags = ["nolock"]
36+}
37+
hcl/default/silverbullet/silverbullet.nomad
link
+89
-0
+89
-0
1diff --git a/hcl/default/silverbullet/silverbullet.nomad b/hcl/default/silverbullet/silverbullet.nomad
2new file mode 100644
3index 0000000..c6077ec
4--- /dev/null
5+++ b/hcl/default/silverbullet/silverbullet.nomad
6@@ -0,0 +1,89 @@
7+# https://silverbullet.md/Install/Docker
8+job "silverbullet" {
9+ datacenters = ["dc1"]
10+
11+ vault {}
12+
13+ group "server" {
14+ count = 1
15+
16+ volume "silverbullet" {
17+ type = "csi"
18+ source = "silverbullet"
19+ access_mode = "multi-node-multi-writer"
20+ attachment_mode = "file-system"
21+ }
22+ volume "tls" {
23+ type = "csi"
24+ source = "certbot"
25+ access_mode = "multi-node-multi-writer"
26+ attachment_mode = "file-system"
27+ }
28+
29+ network {
30+ port "http" {
31+ to = 3000
32+ }
33+ port "https" {
34+ static = 44407
35+ }
36+ }
37+
38+ task "silverbullet" {
39+ driver = "podman"
40+
41+ config {
42+ image = "docker.io/zefhemel/silverbullet:latest"
43+ ports = ["http"]
44+ }
45+
46+ template {
47+ destination = "${NOMAD_SECRETS_DIR}/silverbullet.env"
48+ env = true
49+ data = <<EOT
50+SB_USER = "{{with secret "kv/silverbullet"}}{{index .Data.data.sb_user}}{{end}}"
51+EOT
52+ }
53+
54+ volume_mount {
55+ volume = "silverbullet"
56+ destination = "/space"
57+ }
58+
59+ resources {
60+ memory = 256
61+ memory_max = 512
62+ cpu = 250
63+ }
64+ }
65+
66+ task "nginx" {
67+ driver = "podman"
68+
69+ config {
70+ image = "docker.io/library/nginx:stable-alpine"
71+ ports = ["https"]
72+ volumes = [
73+ # mount the templated config from the task directory to the container
74+ "local/silverbullet.conf:/etc/nginx/conf.d/silverbullet.conf",
75+ ]
76+ }
77+
78+ volume_mount {
79+ volume = "tls"
80+ destination = "/etc/letsencrypt"
81+ }
82+
83+ template {
84+ destination = "${NOMAD_TASK_DIR}/silverbullet.conf"
85+ data = file("./templates/nginx.conf.tmpl")
86+ }
87+
88+ resources {
89+ memory = 50
90+ memory_max = 128
91+ cpu = 200
92+ }
93+ }
94+ }
95+}
hcl/default/silverbullet/templates/nginx.conf.tmpl
link
+10
-0
+10
-0
1diff --git a/hcl/default/silverbullet/templates/nginx.conf.tmpl b/hcl/default/silverbullet/templates/nginx.conf.tmpl
2new file mode 100644
3index 0000000..746b0c0
4--- /dev/null
5+++ b/hcl/default/silverbullet/templates/nginx.conf.tmpl
6@@ -0,0 +1,10 @@
7+server {
8+ listen {{ env "NOMAD_PORT_https" }} ssl;
9+
10+ ssl_certificate /etc/letsencrypt/live/notes.in0rdr.ch/fullchain.pem;
11+ ssl_certificate_key /etc/letsencrypt/live/notes.in0rdr.ch/privkey.pem;
12+
13+ location / {
14+ proxy_pass http://{{ env "NOMAD_ADDR_http" }};
15+ }
16+}