2023-10-20 13:34:03 +05:30
|
|
|
{pkgs, ...}: {
|
|
|
|
services = {
|
|
|
|
nomad = {
|
|
|
|
enable = true;
|
2023-10-20 14:42:35 +05:30
|
|
|
dropPrivileges = false;
|
2023-10-20 13:34:03 +05:30
|
|
|
enableDocker = true;
|
2023-11-25 01:30:10 +05:30
|
|
|
extraPackages = with pkgs; [cni-plugins] ++ stdenv.initialPath;
|
2023-10-20 13:34:03 +05:30
|
|
|
package = pkgs.nomad_1_6;
|
|
|
|
settings = {
|
|
|
|
datacenter = "trench";
|
|
|
|
bind_addr = "{{ GetInterfaceIP \"enp6s0\" }}";
|
|
|
|
|
|
|
|
advertise = {
|
|
|
|
http = "{{ GetInterfaceIP \"enp6s0\" }}";
|
|
|
|
rpc = "{{ GetInterfaceIP \"enp6s0\" }}";
|
|
|
|
serf = "{{ GetInterfaceIP \"enp6s0\" }}";
|
|
|
|
};
|
|
|
|
|
|
|
|
acl = {
|
|
|
|
enabled = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
consul = {
|
|
|
|
auto_advertise = false;
|
|
|
|
server_auto_join = false;
|
|
|
|
client_auto_join = false;
|
|
|
|
};
|
|
|
|
|
|
|
|
telemetry = {
|
|
|
|
collection_interval = "15s";
|
|
|
|
disable_hostname = true;
|
|
|
|
prometheus_metrics = true;
|
|
|
|
publish_allocation_metrics = true;
|
|
|
|
publish_node_metrics = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
server = {
|
|
|
|
enabled = true;
|
|
|
|
bootstrap_expect = 1;
|
|
|
|
encrypt = "I5aj2gi4NYNvaUWuuaEDQVMtiu6G8PogWw3Oo2TplnI=";
|
|
|
|
};
|
|
|
|
|
|
|
|
client = {
|
|
|
|
enabled = true;
|
2023-10-20 14:33:00 +05:30
|
|
|
cni_path = "${pkgs.cni-plugins}/bin";
|
2023-10-20 16:06:17 +05:30
|
|
|
artifact = {
|
|
|
|
disable_filesystem_isolation = true;
|
|
|
|
};
|
2023-11-25 01:30:10 +05:30
|
|
|
# Required for `exec` driver deployments
|
|
|
|
# bind-mounts the nix store to resolve symlinks
|
|
|
|
host_volume = {
|
|
|
|
"nix" = {
|
|
|
|
path = "/nix";
|
|
|
|
read_only = true;
|
|
|
|
};
|
|
|
|
};
|
2023-10-20 13:34:03 +05:30
|
|
|
};
|
|
|
|
|
|
|
|
plugin."docker".config = {
|
|
|
|
allow_privileged = true;
|
|
|
|
volumes = {
|
|
|
|
enabled = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|