update ci and setup nomad

2026-01-16 16:09:54 +11:00
parent b358d84f4d
commit e15c6af515
2 changed files with 96 additions and 26 deletions
--- a/infra/portfolio.nomad.hcl
+++ b/infra/portfolio.nomad.hcl
@@ -0,0 +1,70 @@
+variable "deployment_version" {
+  type        = string
+  description = "The deployment version from CI/CD"
+  default     = "unknown"
+}
+
+job "portfolio_v2" {
+  datacenters = ["dc1"]
+  type = "service"
+  
+  meta {
+    version = var.deployment_version
+  }
+  
+  group "portfolio.v2" {
+    count = 1
+
+    network {
+      port "web" {
+        to = 3000
+      }
+    }
+
+    service {
+      name = "portfolio_v2"
+      port = "web"
+      # tags = [
+      #   "traefik.enable=true",
+      #   "traefik.http.routers.portfolio-v2.rule=Host(`liampietralla.com`)",
+      #   "traefik.http.routers.portfolio-v2.entrypoints=websecure",
+      #   "traefik.http.routers.portfolio-v2.tls.certresolver=letsencrypt"
+      # ]
+
+      check {
+        type     = "http"
+        path     = "/api/health"
+        interval = "10s"
+        timeout  = "3s"
+      }
+    }
+
+    task "portfolio_v2" {
+      driver = "docker"
+
+      config {
+        image      = "liamsgit.dev/liampietralla/liam-portfolio:latest"
+        force_pull = true
+        ports      = ["web"]
+      }
+
+      template {
+        data = <<EOF
+        {{- range service "postgres" }}
+        DATABASE_URL=postgres://portfolio-user:{{ with nomadVar "nomad/jobs/portfolio_v2/portfolio_v2/portfolio_v2" }}{{ .DATABASE_URL_PASSWORD }}{{ end }}@{{ .Address }}:{{ .Port }}/portfolio
+        {{- end }}
+        PAYLOAD_SECRET={{ with nomadVar "nomad/jobs/portfolio_v2/portfolio_v2/portfolio_v2" }}{{ .PAYLOAD_SECRET }}{{ end }}
+        S3_BUCKET="portfolio"
+        S3_REGION="us-east-1"
+        {{- range service "s3-api" }}
+        S3_ENDPOINT=http://{{ .Address }}:{{ .Port }}
+        {{- end }}
+        S3_ACCESS_KEY_ID={{ with nomadVar "nomad/jobs/portfolio_v2/portfolio_v2/portfolio_v2" }}{{ .S3_ACCESS_KEY_ID }}{{ end }}
+        S3_SECRET_ACCESS_KEY={{ with nomadVar "nomad/jobs/portfolio_v2/portfolio_v2/portfolio_v2" }}{{ .S3_SECRET_ACCESS_KEY }}{{ end }}
+        EOF
+        destination = "secrets/env"
+        env         = true
+      }
+    }
+  }
+}