this is my waypoint.hcl
project = "imgserver"
app "imgserver" {
build {
use "docker" {
buildkit = true
platform = "linux/amd64"
disable_entrypoint = true
}
registry {
use "docker" {
image = "xxx/imgserver"
tag = "latest"
local = false
}
}
}
deploy {
use "nomad-jobspec" {
jobspec = templatefile("${path.app}/imgserver.nomad.hcl", {
hostname = var.hostname
datacenter = var.datacenter
host_network = var.host_network
})
}
}
release {}
url {
auto_hostname = false
}
}
variable "hostname" {
type = string
default = "localhost"
}
variable "datacenter" {
type = string
default = "dc1"
}
variable "host_network" {
type = string
default = "default"
}
and my nomad template:
job "imgserver" {
datacenters = ["${datacenter}"]
group "imgserver" {
network {
port "http" {
host_network = "${host_network}"
to = 8080
}
}
service {
provider = "nomad"
name = "imgserver"
port = "http"
check {
type = "http"
path = "/health"
interval = "10s"
timeout = "1m"
}
tags = [
"traefik.enable=true",
"traefik.http.routers.imgserver.rule=Host(`${hostname}`)",
"traefik.http.routers.imgserver.tls=true",
"traefik.http.routers.imgserver.entrypoints=imgserver",
"traefik.http.routers.imgserver.tls.certresolver=letsencrypt",
]
}
vault {
policies = ["nomad-imgserver"]
}
task "imgserver" {
driver = "docker"
config {
image = "xxx/imgserver:latest"
ports = ["http"]
force_pull = true
}
env {
WAYPOINT_CEB_DISABLE_EXEC = "1"
}
template {
data = <<EOH
REDIS_HOST="{{ env "NOMAD_IP_http" }}:6379"
{{ with secret "keydb/creds/imgserver" }}REDIS_USERNAME={{ .Data.username }}
REDIS_PASSWORD={{ .Data.password }}{{ end }}
EOH
destination = "$${NOMAD_SECRETS_DIR}/imgserver.env"
change_mode = "restart"
env = true
perms = "0400"
}
}
}
}