ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: ppetru:5e25d5f858c31e985da5a314eab50c5a795764fe
Branches Tags
ppetru:master
...
compare: ppetru:2b8222765054d42eecde3794a03f2ff0dd6f1b69
Branches Tags
ppetru:master

10 Commits
5e25d5f858 ... 2b82227650

Author SHA1 Message Date
Petru Paler
2b82227650 weewx configuration 2024-01-16 16:13:01 +00:00
Petru Paler
5b34927ffd Ping pushgateway after successful backup. 2024-01-15 13:25:04 +00:00
Petru Paler
ea79ff2e52 Get Postgres password from a Nomad var, and decomission old backup. 2024-01-15 13:10:23 +00:00
Petru Paler
72f9319138 Postgres backup cronjob. 2024-01-15 13:05:53 +00:00
Petru Paler
bbf395ac5f No longer map backups dir to mysqld job. 2024-01-15 12:58:47 +00:00
Petru Paler
9e6e95d1e9 Update nomad var location. 2024-01-15 10:15:28 +00:00
Petru Paler
7dbd5652ed mysql backup cron 2024-01-15 10:14:03 +00:00
Petru Paler
30c88ea579 Enable raw_exec driver. 2024-01-15 07:22:11 +00:00
Petru Paler
70fb543fa3 Update deps. 2024-01-15 06:49:56 +00:00
Petru Paler
093c91151a Store mysql root password in a Nomad variable. 2024-01-15 06:34:04 +00:00
10 changed files with 170 additions and 45 deletions
Expand all files Collapse all files

2
common/nomad.nix
View File

@@ -67,6 +67,8 @@ in
"node_name" "node_name"
]; ];
}; };
plugin.raw_exec.config.enabled = true;
}; };
environment.persistence."/persist".directories = [ environment.persistence."/persist".directories = [

18
flake.lock generated
View File

@@ -9,11 +9,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1703087360, "lastModified": 1704875591,
"narHash": "sha256-0VUbWBW8VyiDRuimMuLsEO4elGuUw/nc2WDeuO1eN1M=", "narHash": "sha256-eWRLbqRcrILgztU/m/k7CYLzETKNbv0OsT2GjkaNm8A=",
"owner": "serokell", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"rev": "b709d63debafce9f5645a5ba550c9e0983b3d1f7", "rev": "1776009f1f3fb2b5d236b84d9815f2edee463a9b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -55,11 +55,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1703992652, "lastModified": 1705183652,
"narHash": "sha256-C0o8AUyu8xYgJ36kOxJfXIroy9if/G6aJbNOpA5W0+M=", "narHash": "sha256-rnfkyUH0x72oHfiSDhuCHDHg3gFgF+lF8zkkg5Zihsw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "32f63574c85fbc80e4ba1fbb932cde9619bad25e", "rev": "428544ae95eec077c7f823b422afae5f174dee4b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -71,11 +71,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1703961334, "lastModified": 1705133751,
"narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=", "narHash": "sha256-rCIsyE80jgiOU78gCWN3A0wE0tR2GI5nH6MlS+HaaSQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9", "rev": "9b19f5e77dd906cb52dade0b7bd280339d2a1f3d",
"type": "github" "type": "github"
}, },
"original": { "original": {

1
secrets/mysql_root_password Normal file
View File

@@ -0,0 +1 @@
wiochohv8foR9eDo5ol5

1
secrets/postgres_password Normal file
View File

@@ -0,0 +1 @@
Faelaishewohlees4nei

39
services/mysql-backup.hcl Normal file
View File

@@ -0,0 +1,39 @@
job "mysql-backup" {
datacenters = ["alo"]
type = "batch"
periodic {
cron = "23 23 * * * *"
prohibit_overlap = true
}
group "db" {
task "backup" {
driver = "raw_exec"
config {
command = "/bin/sh"
args = [ "local/script.sh" ]
}
template {
destination = "local/script.sh"
data = <<EOH
set -e
/run/current-system/sw/bin/nomad alloc exec -job -task=mysqld mysql \
mysqldump -u root --password="$MYSQL_ROOT_PASS" --all-databases > /data/compute/appdata/db-backups/mysql/backup.sql && \
echo "last_success $(date +%s)" | \
/run/current-system/sw/bin/curl --data-binary @- http://pushgateway.service.consul:9091/metrics/job/mysql_backup
EOH
}
template {
destination = "secrets/file.env"
env = true
data = <<EOH
{{- with nomadVar "secrets/mysql" -}}MYSQL_ROOT_PASS="{{ .root_password }}"{{- end -}}
EOH
}
}
}
}

13
services/mysql.hcl
View File

@@ -14,13 +14,15 @@ job "mysql" {
driver = "docker" driver = "docker"
config { config {
image = "mysql:8.1" image = "mysql:8.2"
ports = ["db"] ports = ["db"]
volumes = [ "/data/compute/appdata/mysql:/var/lib/mysql" ] volumes = [
"/data/compute/appdata/mysql:/var/lib/mysql",
]
} }
env { env {
MYSQL_ROOT_PASSWORD = "${var.mysql_root_password}" MYSQL_ROOT_PASSWORD = "{{ with nomadVar \"secrets/mysql\" }}{{ .root_password }}{{ end }}"
} }
service { service {
@@ -61,8 +63,3 @@ job "mysql" {
} }
} }
} }
variable "mysql_root_password" {
type = string
default = "wiochohv8foR9eDo5ol5"
}

39
services/postgres-backup.hcl Normal file
View File

@@ -0,0 +1,39 @@
job "postgres-backup" {
datacenters = ["alo"]
type = "batch"
periodic {
cron = "22 22 * * * *"
prohibit_overlap = true
}
group "db" {
task "backup" {
driver = "raw_exec"
config {
command = "/bin/sh"
args = [ "local/script.sh" ]
}
template {
destination = "local/script.sh"
data = <<EOH
set -e
/run/current-system/sw/bin/nomad alloc exec -job -task=postgres postgres \
pg_dumpall -U postgres > /data/compute/appdata/db-backups/postgresql/backup.sql && \
echo "last_success $(date +%s)" | \
/run/current-system/sw/bin/curl --data-binary @- http://pushgateway.service.consul:9091/metrics/job/postgres_backup
EOH
}
template {
destination = "secrets/file.env"
env = true
data = <<EOH
{{- with nomadVar "secrets/postgresql" -}}PGPASSWORD="{{ .postgres_password }}"{{- end -}}
EOH
}
}
}
}

30
services/postgres.hcl
View File

@@ -10,7 +10,6 @@ job "postgres" {
to = 9187 to = 9187
} }
port "admin" { } port "admin" { }
port "backup_healthckeck" { }
} }
task "postgres" { task "postgres" {
@@ -23,7 +22,7 @@ job "postgres" {
} }
env { env {
POSTGRES_PASSWORD = "${var.pg_password}" POSTGRES_PASSWORD = "{{ with nomadVar \"secrets/postgresql\" }}{{ .postgres_password }}{{ end }}"
} }
service { service {
@@ -52,7 +51,7 @@ job "postgres" {
} }
env { env {
DATA_SOURCE_NAME = "postgresql://postgres:${var.pg_password}@${NOMAD_ADDR_db}/postgres?sslmode=disable" DATA_SOURCE_NAME = "postgresql://postgres:{{ with nomadVar \"secrets/postgresql\" }}{{ .postgres_password }}{{ end }}@${NOMAD_ADDR_db}/postgres?sslmode=disable"
} }
service { service {
@@ -106,34 +105,9 @@ EOH
] ]
} }
} }
task "backup" {
driver = "docker"
config {
image = "prodrigestivill/postgres-backup-local"
ports = [ "backup_healthckeck" ]
volumes = [ "/data/compute/appdata/pgbackup:/backups" ]
}
env {
POSTGRES_DB = "postgres"
POSTGRES_HOST = "${NOMAD_IP_db}"
POSTGRES_USER = "postgres"
POSTGRES_PASSWORD = "${var.pg_password}"
POSTGRES_CLUSTER = "TRUE"
POSTGRES_EXTRA_OPTS = ""
HEALTHCHECK_PORT = "${NOMAD_PORT_backup_healthckeck}"
}
}
} }
} }
variable "pg_password" {
type = string
default = "Faelaishewohlees4nei"
}
variable "default_email" { variable "default_email" {
type = string type = string
default = "petru@paler.net" default = "petru@paler.net"

66
services/weewx.hcl Normal file
View File

@@ -0,0 +1,66 @@
job "weewx" {
datacenters = ["alo"]
meta {
uuid = uuidv4()
}
group "weather" {
network {
port "http" {
}
}
task "backend" {
driver = "docker"
config {
image = "gitea.v.paler.net/ppetru/weewx:latest"
volumes = [
"/data/compute/appdata/weewx/etc:/etc/weewx",
"/data/compute/appdata/weewx/html:/var/www/html",
]
}
resources {
# needed for running weectl report run inside the container
#memory = 1024
}
}
task "frontend" {
driver = "docker"
config {
image = "pierrezemb/gostatic"
ports = [ "http" ]
args = [
"-port=${NOMAD_PORT_http}",
"-enable-health",
]
volumes = [ "/data/compute/appdata/weewx/html:/srv/http" ]
}
}
service {
name = "weather"
port = "http"
tags = [
"traefik.enable=true",
"traefik.http.routers.weather.entryPoints=websecure",
"traefik.http.routers.weather.rule=Host(`weewx.v.paler.net`) || (Host(`alo.land`) && PathPrefix(`/weather/`))",
]
check {
type = "http"
path = "/health"
interval = "10s"
timeout = "2s"
}
}
}
}

6
stateful-commands.txt
View File

@@ -22,3 +22,9 @@ glusterfs tweaking for wordpress performance:
* gluster volume set compute server.event-threads 8 * gluster volume set compute server.event-threads 8
* gluster volume set compute cluster.readdir-optimize on * gluster volume set compute cluster.readdir-optimize on
* gluster volume set compute server.outstanding-rpc-limit 256 * gluster volume set compute server.outstanding-rpc-limit 256
mysql credentials
* Put secrets/mysql_root_password into a Nomad var named secrets/mysql.root_password
postgres credentials
* Put secrets/postgres_password into a Nomad var named secrets/postgresql.postgres_password