job "passbolt" { datacenters = ["dc1"] type = "service" constraint { attribute = "${node.unique.name}" value = "mercury-nomad" } group "ingress-group" { count = 1 network { mode = "bridge" port "inbound" { to = 8080 } } service { name = "passbolt-ingress" port = "inbound" tags = [ "traefikcontabo.enable=true", "traefikcontabo.http.middlewares.passbolt-redirectscheme.redirectscheme.scheme=https", "traefikcontabo.http.middlewares.passbolt-redirectscheme.redirectscheme.permanent=true", "traefikcontabo.http.routers.passbolt-http.rule=Host(`passbolt.neogenia.com.mx`)", "traefikcontabo.http.routers.passbolt-http.entrypoints=http", "traefikcontabo.http.routers.passbolt-http.middlewares=passbolt-redirectscheme", "traefikcontabo.http.routers.passbolt-https.rule=Host(`passbolt.neogenia.com.mx`)", "traefikcontabo.http.routers.passbolt-https.entrypoints=https", "traefikcontabo.http.routers.passbolt-https.tls=true", "traefikcontabo.http.routers.passbolt-https.tls.certresolver=myresolver", ] connect { gateway { ingress { listener { port = 8080 protocol = "http" service { name = "passbolt-app" hosts = ["passbolt.neogenia.com.mx"] } } } } } } } group "database" { count = 1 update { max_parallel = 1 min_healthy_time = "30s" healthy_deadline = "5m" progress_deadline = "10m" auto_revert = true } restart { attempts = 3 interval = "5m" delay = "30s" mode = "delay" } network { mode = "bridge" } task "mariadb" { driver = "docker" config { image = "mariadb:10.11" volumes = [ "/root/nomadvolumes/passbolt/data/mysql:/var/lib/mysql" ] } env { MYSQL_RANDOM_ROOT_PASSWORD = "true" MYSQL_DATABASE = "passbolt" MYSQL_USER = "passbolt" MYSQL_PASSWORD = "akjsdhfkrTThasgh5qw7" } resources { cpu = 500 memory = 512 } } service { name = "passbolt-db" port = 3306 connect { sidecar_service {} } } } group "passbolt" { count = 1 update { max_parallel = 1 min_healthy_time = "30s" healthy_deadline = "10m" progress_deadline = "15m" auto_revert = true } restart { attempts = 5 interval = "5m" delay = "30s" mode = "delay" } reschedule { attempts = 10 interval = "1h" delay = "30s" delay_function = "exponential" max_delay = "120s" unlimited = false } network { mode = "bridge" port "expose" { to = -1 } } task "passbolt-app" { driver = "docker" config { image = "passbolt/passbolt:latest-ce" volumes = [ "/root/nomadvolumes/passbolt/data/gpg:/etc/passbolt/gpg", "/root/nomadvolumes/passbolt/data/jwt:/etc/passbolt/jwt" ] command = "/usr/bin/wait-for.sh" args = [ "-t", "0", "127.0.0.1:3306", "--", "/docker-entrypoint.sh" ] } env { APP_FULL_BASE_URL = "https://passbolt.neogenia.com.mx" DATASOURCES_DEFAULT_HOST = "127.0.0.1" DATASOURCES_DEFAULT_PORT = "3306" DATASOURCES_DEFAULT_USERNAME = "passbolt" DATASOURCES_DEFAULT_PASSWORD = "akjsdhfkrTThasgh5qw7" DATASOURCES_DEFAULT_DATABASE = "passbolt" } resources { cpu = 500 memory = 512 } } service { name = "passbolt-app" port = 80 connect { sidecar_service { proxy { upstreams { destination_name = "passbolt-db" local_bind_port = 3306 } expose { path { path = "/healthcheck/status.json" protocol = "http" local_path_port = 80 listener_port = "expose" } } } } } check { expose = true type = "http" path = "/healthcheck/status.json" interval = "30s" timeout = "5s" } } } }