NomadBackup/nomad_backup/20251115_142246/calendar-proxy.json

{
  "Format": "hcl2",
  "JobID": "calendar-proxy",
  "JobModifyIndex": 13940997,
  "Namespace": "default",
  "Source": "job \"calendar-proxy\" {\n  datacenters = [\"dc1\"]\n  type = \"service\"\n  \n  group \"web\" {\n    count = 1\n    \n    network {\n      port \"http\" {\n        to = 80\n      }\n    }\n    \n    service {\n      name = \"calendar-proxy\"\n      port = \"http\"\n      \n      tags = [\n        \"traefik.enable=true\",\n        \"traefik.http.routers.calendar-proxy.rule=Host(`mail.fbleagh.duckdns.org`)\",\n        \"traefik.http.routers.calendar-proxy.entrypoints=web\",\n      ]\n      \n      check {\n        type = \"http\"\n        path = \"/health\"\n        interval = \"10s\"\n        timeout = \"3s\"\n      }\n    }\n    \n    # Nginx container\n    task \"nginx\" {\n      driver = \"docker\"\n            lifecycle {\n        hook    = \"prestart\"\n        sidecar = true\n      }\n\n      config {\n        image = \"nginx:alpine\"\n        ports = [\"http\"]\n        \n        volumes = [\n          \"local/nginx.conf:/etc/nginx/nginx.conf\",\n          \"local/app:/var/www/html\",\n        ]\n      }\n      \n  template {\n        data = <<EOF\nevents {\n    worker_connections 1024;\n}\n\nhttp {\n    include       /etc/nginx/mime.types;\n    default_type  application/octet-stream;\n    \n    sendfile on;\n    keepalive_timeout 65;\n    \n    upstream php-fpm {\n        server 127.0.0.1:9000;\n    }\n    \n    server {\n        listen 80;\n        server_name mail.fbleagh.duckdns.org;\n        root /var/www/html;\n        index ics.php;\n        \n        location /health {\n            access_log off;\n            return 200 \"healthy\\n\";\n            add_header Content-Type text/plain;\n        }\n        \n        location / {\n            try_files $uri $uri/ /ics.php?$query_string;\n        }\n        \n        location ~ \\.php$ {\n            fastcgi_pass php-fpm;\n            fastcgi_index index.php;\n            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\n            include fastcgi_params;\n        }\n        \n        # Security headers\n        add_header X-Frame-Options \"SAMEORIGIN\" always;\n        add_header X-XSS-Protection \"1; mode=block\" always;\n        add_header X-Content-Type-Options \"nosniff\" always;\n        \n        # Hide nginx version\n        server_tokens off;\n    }\n}\nEOF\n        destination = \"local/nginx.conf\"\n      }\n                  template {\n        data = <<EOF\n<?php\n$url = $_GET['url'];\n// Accept ICS calendar links only\n$url_arr = explode('/', $url);\nif ($url_arr[2] !== 'outlook.office365.com'\n        || $url_arr[3] !== 'owa'\n        || $url_arr[4] !== 'calendar'\n        || end($url_arr) !== 'calendar.ics'\n        ) {\n        http_response_code(500);\n        print \"Error\";\n        exit;\n}\n$context = stream_context_create([\n        \"http\" => [\n                \"header\" => \"User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36\",\n        ]\n]);\nif (($data = @file_get_contents($url, false, $context)) === false) {\n        $error = error_get_last();\n        http_response_code(500);\n        print \"HTTP request failed: \" . $error['message'];\n        exit;\n}\nheader('Content-Type: text/calendar; charset=utf-8');\nprint $data;\n?>\nEOF\n        destination = \"local/app/ics.php\"\n      }\n\n      \n      resources {\n        cpu = 100\n        memory = 128\n      }\n    }\n    \n    # PHP-FPM container\n    task \"php-fpm\" {\n      driver = \"docker\"\n      \n      config {\n        image = \"php:8.2-fpm-alpine\"\n        network_mode = \"container:nginx-${NOMAD_ALLOC_ID}\"\n        \n        volumes = [\n          \"local/app:/var/www/html\",\n          \"local/php-fpm.conf:/usr/local/etc/php-fpm.d/www.conf\",\n        ]\n      }\n      \n      template {\n        data = <<EOF\n[www]\nuser = www-data\ngroup = www-data\nlisten = 127.0.0.1:9000\nlisten.owner = www-data\nlisten.group = www-data\npm = dynamic\npm.max_children = 5\npm.start_servers = 2\npm.min_spare_servers = 1\npm.max_spare_servers = 3\nEOF\n        destination = \"local/php-fpm.conf\"\n      }\n      \n            template {\n        data = <<EOF\n<?php\n$url = $_GET['url'];\n# // Accept ICS calendar links only\n# $url_arr = explode('/', $url);\n# if ($url_arr[2] !== 'outlook.office365.com'\n#         || $url_arr[3] !== 'owa'\n#         || $url_arr[4] !== 'calendar'\n#         || end($url_arr) !== 'calendar.ics'\n#         ) {\n#         http_response_code(500);\n#         print \"Error\";\n#         exit;\n# }\n$context = stream_context_create([\n        \"http\" => [\n                \"header\" => \"User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36\",\n        ]\n]);\nif (($data = @file_get_contents($url, false, $context)) === false) {\n        $error = error_get_last();\n        http_response_code(500);\n        print \"HTTP request failed: \" . $error['message'];\n        exit;\n}\nheader('Content-Type: text/calendar; charset=utf-8');\nprint $data;\n?>\nEOF\n        destination = \"local/app/ics.php\"\n      }\n\n      resources {\n        cpu = 200\n        memory = 256\n      }\n    }\n    \n    # Restart policy\n    restart {\n      attempts = 3\n      interval = \"5m\"\n      delay = \"25s\"\n      mode = \"fail\"\n    }\n    \n    # Update strategy\n    update {\n      max_parallel = 1\n      min_healthy_time = \"10s\"\n      healthy_deadline = \"3m\"\n      auto_revert = true\n    }\n  }\n}",
  "VariableFlags": null,
  "Variables": "",
  "Version": 7
}