sstent/NomadBackup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: backup infrastructure configurations [skip ci]

Browse Source
This commit is contained in:
github-actions[bot]
2025-11-24 15:25:01 +00:00
parent a5e11de6ed
commit 26a7d1eee1
31 changed files with 1016 additions and 306 deletions
Download Patch File Download Diff File Expand all files Collapse all files

201
nomad_backup/qbittorrent.hcl
View File

@@ -3,21 +3,28 @@
datacenters = ["dc1"]
type = "service"
# priority = 50
constraint {
attribute = "${attr.unique.hostname}"
operator = "regexp"
value = "odroid.*"
// weight = 100
}
affinity {
attribute = "${attr.unique.hostname}"
value = "odroid3"
weight = 100
}
constraint {
attribute = "${attr.kernel.name}"
value = "linux"
}
constraint {
attribute = "${attr.cpu.arch}"
operator = "regexp"
value = "amd64"
}
update {
# Stagger updates every 60 seconds
stagger = "90s"
max_parallel = 1
healthy_deadline = "2m"
healthy_deadline = "4m"
health_check = "task_states"
}
@@ -65,7 +72,6 @@ constraint {
volumes = [
"/etc/localtime:/etc/localtime",
"/mnt/syncthing/mullvad:/vpn",
"local/gluetun.toml:/gluetun/config.toml"
]
devices = [
@@ -74,37 +80,21 @@ constraint {
container_path = "/dev/net/tun"
},
]
}
template {
data = <<EOH
[[roles]]
name = "qbittorrent"
# Define a list of routes with the syntax "Http-Method /path"
routes = ["GET /v1/openvpn/status", "PUT /v1/openvpn/status", "PUT /v1/openvpn/status", "GET /v1/openvpn/portforwarded", "GET /v1/openvpn/settings", "GET /v1/dns/status", "PUT /v1/dns/status", "PUT /v1/dns/status", "GET /v1/updater/status", "PUT /v1/updater/status", "PUT /v1/updater/status", "GET /v1/publicip/ip", "GET /v1/version", "GET /v1/vpn/status", "PUT /v1/vpn/status", "GET /v1/vpn/settings", "PUT /v1/vpn/settings"]
auth = "none"
EOH
destination = "custom/auth.toml"
}
env {
VPN_SERVICE_PROVIDER="airvpn"
VPN_TYPE="wireguard"
WIREGUARD_PRIVATE_KEY="EIos1A9eGCIoCHr02aOsEu8S4C0gqhNLIYF/vMykEV0="
WIREGUARD_PRESHARED_KEY="RzPcraPA24hLFxGiB7z5JMWrtI+JBbEzvmeiEX36XWo="
WIREGUARD_ADDRESSES="10.161.31.240/32"
WIREGUARD_PRIVATE_KEY="EF39fCd2/ycBG88qrk0Wgzak4wDLwq9kxLpzNM2se0s="
WIREGUARD_PRESHARED_KEY="utk1Fqp8N1T20qwof6xGxIDPnrOO49tM6+nQBCBC9OY="
WIREGUARD_ADDRESSES="10.152.125.142/32"
SERVER_COUNTRIES="Canada"
SERVER_CITIES="Vancouver,Montreal,Toronto"
FIREWALL_VPN_INPUT_PORTS = "61944,53304"
SERVER_CITIES="Montreal"
FIREWALL_VPN_INPUT_PORTS = "54547"
FIREWALL_INPUT_PORTS="8080,1080"
FIREWALL_DEBUG="on"
HEALTH_TARGET_ADDRESS="1.1.1.1"
HEALTH_SUCCESS_WAIT_DURATION="30s"
HEALTH_VPN_DURATION_INITIAL="3600s"
HEALTH_VPN_DURATION_ADDITION="600s"
HTTP_CONTROL_SERVER_AUTH_CONFIG_FILEPATH="/custom/auth.toml"
// HEALTH_TARGET_ADDRESS="cloudflare.com:443"
@@ -121,7 +111,7 @@ auth = "none"
SHADOWSOCKS = "on"
DOT_PROVIDERS = "cloudflare,google,quad9,quadrant"
DOT = "off"
WEBUI_PORT=8080
WEBUI_PORT=8081
}
service {
@@ -168,7 +158,7 @@ auth = "none"
},
]
}
env {REQUIRE_AUTH="false"}
resources {
cpu = 64 # 500 MHz
memory = 128 # 128MB
@@ -176,80 +166,80 @@ auth = "none"
} #end dante
# task "init" {
# driver = "docker"
# lifecycle {
# hook = "prestart"
# sidecar = false
# }
# config {
# memory_hard_limit = "2048"
task "init" {
driver = "docker"
lifecycle {
hook = "prestart"
sidecar = false
}
config {
memory_hard_limit = "2048"
# image = "ghcr.io/sstent/rsync"
# volumes = [
# "/mnt/configs/${NOMAD_GROUP_NAME}:/config",
# "/mnt/Public/config/${NOMAD_GROUP_NAME}:/configbackup",
# "/mnt/Public/config/locks:/locks"
# ]
image = "ghcr.io/sstent/rsync"
volumes = [
"/mnt/configs/${NOMAD_GROUP_NAME}:/config",
"/mnt/Public/config/${NOMAD_GROUP_NAME}:/configbackup",
"/mnt/Public/config/locks:/locks"
]
# args = ["flock", "-x", "/locks/${NOMAD_GROUP_NAME}_rsync.lock", "rsync", "-av", "/configbackup/", "/config/", "--delete-before"]
# }
# resources {
# cpu = 20 # 500 MHz
# memory = 20 # 128MB
# }
# }
args = ["flock", "-x", "/locks/${NOMAD_GROUP_NAME}_rsync.lock", "rsync", "-av", "/configbackup/", "/config/", "--delete-before"]
}
resources {
cpu = 20 # 500 MHz
memory = 20 # 128MB
}
}
# task "finalsync" {
# driver = "docker"
# lifecycle {
# hook = "poststop"
# }
# config {
# memory_hard_limit = "2048"
task "finalsync" {
driver = "docker"
lifecycle {
hook = "poststop"
}
config {
memory_hard_limit = "2048"
# image = "ghcr.io/sstent/rsync"
# volumes = [
# "/mnt/configs/${NOMAD_GROUP_NAME}:/config",
# "/mnt/Public/config/${NOMAD_GROUP_NAME}:/configbackup",
# "/mnt/Public/config/locks:/locks"
# ]
image = "ghcr.io/sstent/rsync"
volumes = [
"/mnt/configs/${NOMAD_GROUP_NAME}:/config",
"/mnt/Public/config/${NOMAD_GROUP_NAME}:/configbackup",
"/mnt/Public/config/locks:/locks"
]
# args = ["flock", "-x", "/locks/${NOMAD_GROUP_NAME}_rsync.lock", "rsync", "-av", "--delete", "/config/", "/configbackup/"]
# }
# resources {
# cpu = 20 # 500 MHz
# memory = 128 # 128MB
# }
# }
args = ["flock", "-x", "/locks/${NOMAD_GROUP_NAME}_rsync.lock", "rsync", "-av", "--delete", "/config/", "/configbackup/"]
}
resources {
cpu = 20 # 500 MHz
memory = 128 # 128MB
}
}
# task "sync" {
# driver = "docker"
# lifecycle {
# hook = "poststart"
# sidecar = true
# }
# config {
# memory_hard_limit = "2048"
task "sync" {
driver = "docker"
lifecycle {
hook = "poststart"
sidecar = true
}
config {
memory_hard_limit = "2048"
# image = "ghcr.io/sstent/rsync"
# volumes = [
# "/mnt/configs/:/configs",
# "/mnt/Public/config/${NOMAD_GROUP_NAME}:/configbackup",
# ]
# args = ["client"]
# }
# env {
# CRON_TASK_1 = "25 8-20 * * * chmod a-w /configs/${NOMAD_GROUP_NAME}/ ; rsync -avz --delete /configs/${NOMAD_GROUP_NAME}/ /configbackup/; chmod a+w /configs/${NOMAD_GROUP_NAME}/;"
image = "ghcr.io/sstent/rsync"
volumes = [
"/mnt/configs/:/configs",
"/mnt/Public/config/${NOMAD_GROUP_NAME}:/configbackup",
]
args = ["client"]
}
env {
CRON_TASK_1 = "25 8-20 * * * chmod a-w /configs/${NOMAD_GROUP_NAME}/ ; rsync -avz --delete /configs/${NOMAD_GROUP_NAME}/ /configbackup/; chmod a+w /configs/${NOMAD_GROUP_NAME}/;"
# }
# resources {
# cpu = 20 # 500 MHz
# memory = 20 # 128MB
# }
# } #end sync
}
resources {
cpu = 20 # 500 MHz
memory = 20 # 128MB
}
} #end sync
task "qbittorrent" {
@@ -257,7 +247,8 @@ auth = "none"
// "/mnt/Public/config/qbittorrent:/config",
config {
image = "linuxserver/qbittorrent:5.1.0"
// image = "lscr.io/linuxserver/qbittorrent:latest"
image = "linuxserver/qbittorrent:4.6.5"
network_mode = "container:qbittorrent-vpn-${NOMAD_ALLOC_ID}"
memory_hard_limit = 2048
@@ -293,6 +284,20 @@ auth = "none"
]
port = "qbittorrent_80"
check {
type = "script"
name = "check_up"
command = "/bin/bash"
args = ["/local/qbithealth.sh"]
interval = "120s"
timeout = "10s"
check_restart {
limit = 10
grace = "120s"
ignore_warnings = false
}
}
}
template {