sbrl
/
cluster-deployment
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: sbrl:8220c622333a2ce7af60f0ba4703e6aed4fefbb6
Branches Tags
sbrl:main
...
compare: sbrl:512c3d6dd94889fb72d8c6b9c8c755a63a9e48d2
Branches Tags
sbrl:main

2 Commits
8220c62233 ... 512c3d6dd9

Author SHA1 Message Date
Starbeamrainbowlabs 512c3d6dd9
consul: add comment
continuous-integration/laminar-eldarion Build failed with exit code 123 after 2 seconds Details
2022-04-30 15:10:22 +01:00
Starbeamrainbowlabs f8a3ba9eb1
Delete old job files 2022-04-30 15:10:16 +01:00
5 changed files with 2 additions and 79 deletions
Show Stats Expand all files Collapse all files

25
jobs/consul-client/consul-client.job
View File

@ -1,25 +0,0 @@
#!/usr/bin/env bash
SCRIPT "jobs/consul-server/common.sh";
COPY "../consul/client.hcl" "/tmp/client.hcl"
RUN "sudo mv /tmp/client.hcl /etc/consul/client.hcl";
RUN "sudo chown root:root /etc/consul/client.hcl";
RUN "sudo apt-get update";
RUN "sudo apt-get install --yes hashicorp-consul-systemd-client";
# Do we need these as a client? I'm guessing not....?
# If we run into issues, we'll unblock them.
# RUN "sudo ufw allow 8301 comment consul-serf-lan";
# # RUN "sudo ufw allow 8300/tcp comment consul-rpc";
# RUN "sudo ufw allow 8600 comment consul-dns";
# Commented out since we're now running over wgoverlay & allowing all traffic on that interface because dynamic ports
# Delete old ufw rules
RUN "sudo ufw delete allow 8301 comment consul-serf-lan";
RUN "sudo ufw delete allow 8300/tcp comment consul-rpc";
RUN "sudo ufw delete allow 8600 comment consul-dns";
RUN "sudo systemctl enable consul.service";
RUN "sudo systemctl restart consul.service";

25
jobs/consul-server/common.sh
View File

@ -1,25 +0,0 @@
#!/usr/bin/env bash
log_msg() {
echo -e "[ ${HOSTNAME} ] [ $(date -u +"%Y-%m-%dT%H:%M:%SZ") ] $@" >&2;
}
log_msg "Installing consul";
sudo apt-get update;
sudo apt-get install --yes hashicorp-consul;
log_msg "consul installed successfully. Version:";
consul --version;
log_msg "Creating directories";
if [[ ! -d "/etc/consul" ]]; then
sudo mkdir /etc/consul;
sudo chown root:root /etc/consul;
fi
if [[ ! -d "/srv/consul" ]]; then
sudo mkdir /srv/consul;
sudo chown root:root /srv/consul;
sudo chmod 0750 /srv/consul;
fi

25
jobs/consul-server/consul-server.job
View File

@ -1,25 +0,0 @@
#!/usr/bin/env bash
SCRIPT "${JOBFILE_DIR}/common.sh";
COPY "../consul/server.hcl" "/tmp/server.hcl"
RUN "sudo mv /tmp/server.hcl /etc/consul/server.hcl";
RUN "sudo chown root:root /etc/consul/server.hcl";
RUN "sudo apt-get update";
RUN "sudo apt-get install --yes hashicorp-consul-systemd-server";
# TODO: Restrict these to the wesher subnet, and add 8500/tcp (the HTTP API)
# TODO: Do that for Nomad too
# RUN "sudo ufw allow 8301 comment consul-serf-lan";
# RUN "sudo ufw allow 8300/tcp comment consul-rpc";
# RUN "sudo ufw allow 8600 comment consul-dns";
# Commented out since we're now running over wgoverlay & allowing all traffic on that interface because dynamic ports
# Delete old ufw rules
RUN "sudo ufw delete allow 8301 comment consul-serf-lan";
RUN "sudo ufw delete allow 8300/tcp comment consul-rpc";
RUN "sudo ufw delete allow 8600 comment consul-dns";
RUN "sudo systemctl enable consul.service";
RUN "sudo systemctl restart consul.service";

3
jobs/dns/dns.job
View File

@ -1,3 +0,0 @@
#!/usr/bin/env bash
SCRIPT "${JOBFILE_DIR}/dns.sh";

3
src/steps-postinstall/75-consul.sh
View File

@ -9,9 +9,10 @@ cp "configs/consul-client.hcl" "/etc/consul/client.hcl";
cp "configs/consul-server.hcl" "/etc/consul/server.hcl";
subtask_end "$?";
# No UFW rules required, as we're now using wesher/wireguard, and allowing all inbound traffic on that interface
subtask_begin "Starting Consul and enabling on boot";
systemctl consul;
subtask_end "$?";
task_end "$?";