# Deploy Gitea with dependancies encapsulated in the nomad job spec. This spec # will not persist data between restarts. Good for getting started. # WARNING: Set a secure password for the postgres user. Line 38 # WARNING: Update the domain gitea should be deployed to on traefik. Line 90 job "gitea-standalone" { datacenters = ["dc1"] group "database" { count = 1 network { mode = "bridge" } service { name = "gitea-postgres-standalone" port = "5432" tags = ["traefik.enable=false"] # Hide postgres from traefik connect { sidecar_service { tags = ["traefik.enable=false"] # Hide postgres envoy from traefik } } } task "postgres" { driver = "docker" config { image = "postgres:16.1-alpine3.19" } env = { "POSTGRES_USER"="gitea", "POSTGRES_PASSWORD"="not-a-secure-password", "POSTGRES_DB"="gitea" } } } group "frontend" { count = 1 network { mode = "bridge" port "ingress" { to = 3000 } } # Attach to Postgres Instance service { name = "postgres-gitea-standalone-envoy" port = "ingress" tags = ["traefik.enable=false"] # Hide envoy from traefik connect { sidecar_service { proxy { upstreams { destination_name = "gitea-postgres-standalone" local_bind_address = "127.0.0.1" local_bind_port = 5432 } } tags = ["traefik.enable=false"] # Hide envoy from traefik } } check { type = "http" path = "/" interval = "10s" timeout = "2s" } } # Expose to Traefik as a service service { name = "gitea-standalone" port = "ingress" tags = [ "traefik.enable=true", "traefik.http.routers.gitea-standalone.tls=true", "traefik.http.routers.gitea-standalone.entrypoints=websecure", "traefik.http.routers.gitea-standalone.rule=Host(`git.example.local`)" ] check { type = "http" path = "/" interval = "10s" timeout = "2s" } } task "gitea-standalone" { driver = "docker" config { image = "gitea/gitea:1.21.1" ports = ["ingress"] } } } }