itamae/cookbooks/nomad/setup.rb

138 lines
2.5 KiB
Ruby
Raw Normal View History

2021-04-30 05:50:09 +00:00
# Kernel parameters:
execute 'modprobe br_netfilter'
execute 'modprobe bridge'
2021-04-30 05:50:09 +00:00
remote_file '/etc/sysctl.d/90-nomad.conf' do
owner 'root'
group 'root'
mode '0644'
end
# nomad configuration files:
file '/etc/nomad.d/nomad.hcl' do
action :delete
end
if node['nomad']['manager']
2021-06-19 10:53:38 +00:00
%w( server.hcl acl.hcl ).each do |conf|
remote_file "/etc/nomad.d/#{conf}" do
owner 'nomad'
group 'nomad'
mode '664'
2021-04-30 05:50:09 +00:00
2021-06-19 10:53:38 +00:00
notifies :restart, 'service[nomad]'
end
2021-04-30 05:50:09 +00:00
end
directory '/etc/nomad.d/policies' do
owner 'nomad'
group 'nomad'
mode '755'
end
remote_file '/etc/nomad.d/policies/anonymous.hcl' do
owner 'nomad'
group 'nomad'
mode '644'
end
2021-04-30 05:50:09 +00:00
end
if node['nomad']['client']
2022-01-14 14:25:02 +00:00
%w( /etc/nomad.d/client.hcl ).each do |conf|
2024-04-06 07:40:01 +00:00
template conf do
2021-04-30 05:50:09 +00:00
owner 'nomad'
group 'nomad'
mode '664'
2024-04-06 07:38:09 +00:00
variables(consul_token: node['nomad']['consul_token'])
2024-04-06 07:40:01 +00:00
2021-04-30 05:50:09 +00:00
notifies :restart, 'service[nomad]'
end
end
2022-03-14 14:06:37 +00:00
2024-04-06 07:44:55 +00:00
remote_file "/etc/nomad.d/options.hcl" do
mode "0644"
owner "nomad"
group "nomad"
notifies :restart, 'service[nomad]'
end
2022-03-14 14:06:37 +00:00
directory '/etc/nomad.d/jobs' do
owner 'nomad'
group 'nomad'
mode '755'
end
2022-03-14 14:06:41 +00:00
%w( countdash.hcl countdash-intention.hcl ).each do |f|
remote_file "/etc/nomad.d/jobs/#{f}" do
owner 'nomad'
group 'nomad'
mode '644'
end
end
2021-04-30 05:50:09 +00:00
end
# Create directory:
directory '/opt/nomad/data/' do
owner 'nomad'
group 'nomad'
mode '0755'
end
# iptables settings here:
%w( 80/tcp 4646/tcp 4647/tcp 4648/tcp 8081/tcp 20000:32000/tcp ).each do |port|
execute "ufw allow #{port}" do
user 'root'
not_if "LANG=c ufw status | grep #{port}"
notifies :run, 'execute[ufw reload-or-enable]'
end
end
# Enable and start nomad:
service 'nomad' do
action [:enable, :start]
end
2024-04-06 07:24:47 +00:00
# Deploy `vector` config:
remote_file '/etc/vector/nomad.toml' do
2022-01-10 06:09:59 +00:00
owner 'root'
group 'root'
mode '644'
2024-04-06 07:24:47 +00:00
notifies :restart, 'service[vector-nomad]'
2022-01-10 06:09:59 +00:00
end
# Deploy the `systemd` configuration:
2024-04-06 07:24:47 +00:00
remote_file '/lib/systemd/system/vector-nomad.service' do
owner 'root'
group 'root'
mode '644'
end
# Service setting:
2024-04-06 07:24:47 +00:00
service 'vector-nomad' do
action [ :enable, :restart ]
end
2022-01-10 06:27:03 +00:00
remote_file '/etc/rsyslog.d/30-nomad.conf' do
owner 'root'
group 'root'
mode '644'
notifies :restart, 'service[rsyslog]'
end
service 'rsyslog' do
action [ :nothing ]
end
# Deploy the `logrotated` configuration:
remote_file '/etc/logrotate.d/nomad' do
owner 'root'
group 'root'
mode '644'
end