ansible/nuc.yaml

@@ -6,6 +6,7 @@
       tags:
         - setup
         - nomad
+        - proxy
         - volumes
       ansible.builtin.include_role:
         name: local-server-head

ansible/proxy.yaml

@@ -1,7 +0,0 @@
----
-- hosts: nigel.local
-  remote_user: nigel
-  tasks:
-    - name: Apply reverse proxy role
-      ansible.builtin.include_role:
-        name: proxy

ansible/roles/local-server-head/files/nomad.hcl

@@ -1,18 +0,0 @@
-data_dir  = "/opt/nomad/data"
-bind_addr = "0.0.0.0"
-
-server {
-  enabled          = true
-  bootstrap_expect = 1
-}
-
-
-client {
-  enabled = true
-  servers = ["127.0.0.1"]
-}
-
-host_volume "registry" {
-    path = "/opt/volumes/registry"
-    read_only = false
-}

ansible/roles/local-server-head/tasks/main.yaml

@@ -23,6 +23,14 @@
       become: true
       tags:
         - nomad
+- name: Setup the reverse proxy outside of nomad
+  tags: proxy
+  ansible.builtin.include_tasks:
+    file: reverse_proxy.yaml
+    apply:
+      become: true
+      tags:
+        - proxy
 - name: Setup data directory for the nomad host volumes
   tags: volumes
   ansible.builtin.include_tasks:

ansible/roles/local-server-head/tasks/reverse_proxy.yaml

@@ -0,0 +1,31 @@
+- name: Keep /etc/hosts up to date
+  ansible.builtin.copy:
+    dest: /etc/hosts
+    src: host-file
+    mode: "0644"
+- name: Ensure nginx is setup as latest
+  ansible.builtin.apt:
+    name: nginx
+- name: Copy the nomad.conf to available configurations
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "/etc/nginx/sites-available/{{ item }}"
+    mode: "0644"
+  loop:
+    - nomad.conf
+    - sanity.conf
+    - ncr.conf
+- name: Link the nomad.conf to sites-enabled
+  ansible.builtin.file:
+    path: "/etc/nginx/sites-enabled/{{ item }}"
+    state: link
+    src: "/etc/nginx/sites-available/{{ item }}"
+    mode: "0644"
+  loop:
+    - nomad.conf
+    - sanity.conf
+    - ncr.conf
+- name: Restart nginx
+  ansible.builtin.systemd_service:
+    name: nginx
+    state: restarted

ansible/roles/proxy/tasks/main.yaml

@@ -1,32 +0,0 @@
-- name: Reverse proxy role configuration
-  become: true
-  vars:
-    nginx_configs:
-      - nomad.conf
-      - ncr.conf
-  block:
-    - name: Ensure /etc/hosts are up to date
-      ansible.builtin.copy:
-        dest: /etc/hosts
-        src: host-file
-        mode: "0644"
-    - name: Ensure nginx is setup as latest
-      ansible.builtin.apt:
-        name: nginx
-    - name: Copy the nomad.conf to available configurations
-      ansible.builtin.copy:
-        src: "{{ item }}"
-        dest: "/etc/nginx/sites-available/{{ item }}"
-        mode: "0644"
-      loop: "{{ nginx_configs }}"
-    - name: Link the nomad.conf to sites-enabled
-      ansible.builtin.file:
-        path: "/etc/nginx/sites-enabled/{{ item }}"
-        state: link
-        src: "/etc/nginx/sites-available/{{ item }}"
-        mode: "0644"
-      loop: "{{ nginx_configs }}"
-    - name: Restart nginx
-      ansible.builtin.systemd_service:
-        name: nginx
-        state: restarted

infra/nigel-nomad/registry.hcl

@@ -1,46 +0,0 @@
-# Nigel's Container Registry
-job "ncr" {
-    type = "service"
-
-    group "ncr" {
-        count = 1
-        network {
-            port "docker" {
-                static = 5000
-            }
-        }
-
-        service {
-            name = "ncr"
-            port = "docker"
-            provider = "nomad"
-        }
-
-        volume "container_images" {
-            type = "host"
-            read_only = false
-            source = "registry"
-        }
-
-        restart {
-            attempts = 10
-            interval = "5m"
-            delay    = "30s"
-            mode     = "delay"
-        }
-
-        task "ncr" {
-            driver = "docker"
-
-            volume_mount {
-                volume      = "container_images"
-                destination = "/registry/data"
-                read_only   = false
-            }
-            config {
-                image = "registry:latest"
-                ports = [ "docker" ]
-            }
-        }
-    }
-}