Updates

Author: djthorpe

_examples/grafana.tf

@@ -13,7 +13,10 @@ module "grafana" {
   hosts       = ["server1"]          // Host constraint for the job. If not specified, the job will be deployed to one node
   docker_tag  = "latest"             // Pull the latest version of the docker image every job restart
   port        = 3000                 // Port to expose
-  data        = "/var/lib/influxdb"  // Data persistence directory. If not set, then data is not persisted
   admin_email = "admin@mutablelogic" // Email address for the admin user
   anonymous   = false                // When true, allow anonymous access as a viewer
+
+  // Data persistence directory. If not set, then data is not persisted. When persistence is enabled,
+  // set user/group to 472 for the container to have write access to the data directory
+  data        = "/var/lib/grafana"   
 }

_examples/openldap.tf

@@ -8,11 +8,14 @@ module "openldap" {
   hosts          = ["server1", "server2"]    // Host constraint for the job
   basedn         = "dc=mutablelogic,dc=com"  // Distinquished name for the LDAP server
   admin_password = local.LDAP_ADMIN_PASSWORD // Password for the LDAP 'admin' user
-  data           = "/var/lib/ldap"           // Data persistence directory
 
   // Optional parameters
   enabled    = true      // If false, no-op
   namespace  = "default" // Nomad namespace for the nomad job
   docker_tag = "latest"  // Pull the latest version of the docker image every job restart
   port       = 389       // plaintext port to expose
+
+  // When persisting data, set uid and gid to 1000 for the container to 
+  // have write access to the data directory
+  data = "/var/lib/ldap"
 }

grafana/input.tf

@@ -22,9 +22,34 @@ variable "docker_tag" {
   default     = "latest"
 }
 
+variable "service_provider" {
+  description = "Service provider, either consul or nomad"
+  type        = string
+  default     = "nomad"
+}
+
+variable "service_name" {
+  description = "Service name"
+  type        = string
+  default     = "openldap-ldap"
+}
+
+variable "service_dns" {
+  description = "Service discovery DNS"
+  type        = list(string)
+  default     = []
+}
+
+variable "service_type" {
+  description = "Run as a service or system"
+  type        = string
+  default     = "service"
+}
+
 variable "hosts" {
   type        = list(string)
-  description = "List of hosts to deploy on (required)"
+  description = "List of hosts to deploy on. If empty, one allocation will be created"
+  default     = []
 }
 
 variable "port" {

grafana/main.tf

@@ -8,16 +8,21 @@ resource "nomad_job" "grafana" {
     vars = {
       dc                 = jsonencode([var.dc])
       namespace          = var.namespace
+      hosts              = jsonencode(var.hosts)
       docker_image       = local.docker_image
       docker_always_pull = jsonencode(local.docker_always_pull)
-      hosts              = jsonencode(var.hosts)
-      port               = var.port
-      data               = var.data
-      admin_password     = var.admin_password
-      admin_email        = var.admin_email
-      anonymous_enabled  = var.anonymous
-      anonymous_org      = ""
-      anonymous_role     = "Viewer"
+      service_provider   = var.service_provider
+      service_name       = var.service_name
+      service_dns        = jsonencode(var.service_dns)
+      service_type       = var.service_type
+
+      port              = var.port
+      data              = var.data
+      admin_password    = var.admin_password
+      admin_email       = var.admin_email
+      anonymous_enabled = var.anonymous
+      anonymous_org     = ""
+      anonymous_role    = "Viewer"
     }
   }
 }

grafana/nomad/grafana.hcl

@@ -6,18 +6,18 @@
 // VARIABLES
 
 variable "dc" {
-  description = "Data centers that the job is eligible to run in"
+  description = "data centers that the job is eligible to run in"
   type        = list(string)
 }
 
 variable "namespace" {
-  description = "Namespace that the job runs in"
+  description = "namespace that the job runs in"
   type        = string
   default     = "default"
 }
 
 variable "hosts" {
-  description = "Host constraint for the job, if empty exactly one allocation will be created"
+  description = "host constraint for the job, defaults to one host"
   type        = list(string)
   default     = []
 }
@@ -28,6 +28,24 @@ variable "service_provider" {
   default     = "nomad"
 }
 
+variable "service_name" {
+  description = "Service name"
+  type        = string
+  default     = "grafana-http"
+}
+
+variable "service_dns" {
+  description = "Service discovery DNS"
+  type        = list(string)
+  default     = []
+}
+
+variable "service_type" {
+  description = "Run as a service or system"
+  type        = string
+  default     = "service"
+}
+
 variable "docker_image" {
   description = "Docker image"
   type        = string
@@ -39,6 +57,8 @@ variable "docker_always_pull" {
   default     = false
 }
 
+///////////////////////////////////////////////////////////////////////////////
+
 variable "port" {
   description = "Port for plaintext connections"
   type        = number
@@ -84,17 +104,17 @@ variable "anonymous_role" {
 // LOCALS
 
 locals {
-  logs_path =  "${NOMAD_ALLOC_DIR}/logs"
-  db_path = var.data == "" ? "${NOMAD_ALLOC_DIR}/data/db" : "/var/lib/grafana/data"
-  plugins_path = var.data == "" ? "${NOMAD_ALLOC_DIR}/data/plugins" : "/var/lib/grafana/plugins"
+  logs_path         = "${NOMAD_ALLOC_DIR}/logs"
+  db_path           = var.data == "" ? "${NOMAD_ALLOC_DIR}/data/db" : "/var/lib/grafana/data"
+  plugins_path      = var.data == "" ? "${NOMAD_ALLOC_DIR}/data/plugins" : "/var/lib/grafana/plugins"
   provisioning_path = var.data == "" ? "${NOMAD_ALLOC_DIR}/data/provisioning" : "/var/lib/grafana/provisioning"
 }
 
 ///////////////////////////////////////////////////////////////////////////////
 // JOB
 
 job "grafana" {
-  type        = "service"
+  type        = var.service_type
   datacenters = var.dc
   namespace   = var.namespace
 
@@ -107,10 +127,10 @@ job "grafana" {
   /////////////////////////////////////////////////////////////////////////////////
 
   group "grafana" {
-    count = length(var.hosts) == 0 ? 1 : length(var.hosts)
+    count = (length(var.hosts) == 0 || var.service_type == "system") ? 1 : length(var.hosts)
 
     dynamic "constraint" {
-      for_each = length(var.hosts) == 0 ? [] : [ join(",", var.hosts) ]
+      for_each = length(var.hosts) == 0 ? [] : [join(",", var.hosts)]
       content {
         attribute = node.unique.name
         operator  = "set_contains_any"
@@ -154,16 +174,15 @@ job "grafana" {
       }
 
       config {
-        image      = var.docker_image
-        force_pull = var.docker_always_pull
-        ports      = ["http"]
+        image       = var.docker_image
+        force_pull  = var.docker_always_pull
+        ports       = ["http"]
+        dns_servers = var.service_dns
         volumes = compact([
           var.data == "" ? "" : format("%s:/var/lib/grafana", var.data)
         ])
       }
 
     } // task "daemon"
-
   } // group "grafana"
-
 } // job "grafana"

nginx/input.tf

@@ -22,9 +22,28 @@ variable "docker_tag" {
   default     = "latest"
 }
 
+variable "service_provider" {
+  description = "Service provider, either consul or nomad"
+  type        = string
+  default     = "nomad"
+}
+
+variable "service_dns" {
+  description = "Service discovery DNS"
+  type        = list(string)
+  default     = []
+}
+
+variable "service_type" {
+  description = "Run as a service or system"
+  type        = string
+  default     = "service"
+}
+
 variable "hosts" {
   type        = list(string)
-  description = "List of hosts to deploy on, deploys on a single host if empty"
+  description = "List of hosts to deploy on. If empty, one allocation will be created"
+  default     = []
 }
 
 variable "ports" {

nginx/main.tf

@@ -6,10 +6,15 @@ resource "nomad_job" "nginx" {
   hcl2 {
     allow_fs = true
     vars = {
-      dc                 = jsonencode([var.dc])
+    dc                 = jsonencode([var.dc])
       namespace          = var.namespace
+      hosts              = jsonencode(var.hosts)
       docker_image       = local.docker_image
       docker_always_pull = jsonencode(local.docker_always_pull)
+      service_provider   = var.service_provider
+      service_dns        = jsonencode(var.service_dns)
+      service_type       = var.service_type
+
       hosts              = jsonencode(var.hosts)
       ports              = jsonencode(var.ports)
       config             = chomp(file("${path.module}/config/nginx.conf"))

nginx/nomad/nginx.hcl

@@ -1,23 +1,23 @@
 
 // nginx web server
-// Docker Image: grafana/grafana
+// Docker Image: nginx
 
 ///////////////////////////////////////////////////////////////////////////////
 // VARIABLES
 
 variable "dc" {
-  description = "Data centers that the job is eligible to run in"
+  description = "data centers that the job is eligible to run in"
   type        = list(string)
 }
 
 variable "namespace" {
-  description = "Namespace that the job runs in"
+  description = "namespace that the job runs in"
   type        = string
   default     = "default"
 }
 
 variable "hosts" {
-  description = "Host constraint for the job, if empty exactly one allocation will be created"
+  description = "List of hosts to deploy on. If empty, one allocation will be created"
   type        = list(string)
   default     = []
 }
@@ -28,10 +28,27 @@ variable "service_provider" {
   default     = "nomad"
 }
 
+variable "service_name" {
+  description = "Service name"
+  type        = string
+  default     = "grafana-http"
+}
+
+variable "service_dns" {
+  description = "Service discovery DNS"
+  type        = list(string)
+  default     = []
+}
+
+variable "service_type" {
+  description = "Run as a service or system"
+  type        = string
+  default     = "service"
+}
+
 variable "docker_image" {
   description = "Docker image"
   type        = string
-  default     = "nginx"
 }
 
 variable "docker_always_pull" {
@@ -40,6 +57,8 @@ variable "docker_always_pull" {
   default     = false
 }
 
+///////////////////////////////////////////////////////////////////////////////
+
 variable "ports" {
   description = "Ports to expose"
   type        = map(number)
@@ -67,7 +86,7 @@ variable "servers" {
 // JOB
 
 job "nginx" {
-  type        = "service"
+  type        = var.service_type
   datacenters = var.dc
   namespace   = var.namespace
 
@@ -80,7 +99,7 @@ job "nginx" {
   /////////////////////////////////////////////////////////////////////////////////
 
   group "nginx" {
-    count = length(var.hosts) == 0 ? 1 : length(var.hosts)
+    count = (length(var.hosts) == 0 || var.service_type == "system") ? 1 : length(var.hosts)
 
     dynamic "constraint" {
       for_each = length(var.hosts) == 0 ? [] : [join(",", var.hosts)]
@@ -144,14 +163,13 @@ job "nginx" {
       }
 
       config {
-        image      = var.docker_image
-        force_pull = var.docker_always_pull
-        ports      = keys(var.ports)
-        args       = ["nginx", "-c", "${NOMAD_TASK_DIR}/config/nginx.conf", "-g", "daemon off;"]
+        image       = var.docker_image
+        force_pull  = var.docker_always_pull
+        ports       = keys(var.ports)
+        dns_servers = var.service_dns
+        args        = ["nginx", "-c", "${NOMAD_TASK_DIR}/config/nginx.conf", "-g", "daemon off;"]
       }
 
     } // task "server"
-
   } // group "nginx"
-
 } // job "nginx"

openldap/nomad/openldap.hcl

@@ -191,7 +191,7 @@ job "openldap" {
         LDAP_EXTRA_SCHEMAS      = var.extra_schemas
         LDAP_SKIP_DEFAULT_TREE  = "yes"
         LDAP_CUSTOM_LDIF_DIR    = local.ldif_path
-        LDAP_CUSTOM_SCHEMA_DIR  = local.schema_path
+        //LDAP_CUSTOM_SCHEMA_DIR  = local.schema_path
         LDAP_CONFIGURE_PPOLICY  = "yes"
         LDAP_ALLOW_ANON_BINDING = "no"
         BITNAMI_DEBUG           = "true"