From fd8efa01b20b266737f5e2106c9aa388fa385a36 Mon Sep 17 00:00:00 2001 From: Marc Cataford Date: Sat, 6 Jul 2024 21:11:11 -0400 Subject: [PATCH] feat: initial service definition --- README.md | 38 ++++++++++++++++++++++++++++++++++++++ service.yml | 25 +++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 README.md create mode 100644 service.yml diff --git a/README.md b/README.md new file mode 100644 index 0000000..2aa60ef --- /dev/null +++ b/README.md @@ -0,0 +1,38 @@ +# vault + +## Configuration + +Three dotenv files are expected under `/etc/opt/...`: + +```bash +# vault-exporter.env + +DATA_SOURCE_URI=:?sslmode=disable +DATA_SOURCE_USER= +DATA_SOURCE_PASS= +``` + +```bash +# vault-db-init.env + +POSTGRES_PASSWORD= +``` + +```bash +# vault-db.env + +DATABASE_URL= +``` + +## Volumes + +The service will set up two volumes: + +- `vault_db` - Postgres data volume used for persistent storage; +- `vault_data` - Persistent storage for the application itself. + +## Ports + +The application is accessible via `:8082`. + +Other ports are exposed (i.e. `:8083`) to allow telemetry polling. diff --git a/service.yml b/service.yml new file mode 100644 index 0000000..fd00ea9 --- /dev/null +++ b/service.yml @@ -0,0 +1,25 @@ +name: vault +ports: + - host: 8082 + container: 80 + - host: 8083 + container: 9187 +volumes: + - name: db + - name: data +containers: + - name: db + image: postgres:16.2 #Updated: 6/7/2024 + env-file: /etc/opt/spadinastan/vault-db-init.env + volumes: + - name: db + container: /var/lib/postgresql/data + - name: app + image: vaultwarden/server:1.30.5-alpine #Updated: 6/7/2024 + env-file: /etc/opt/spadinastan/vault-db.env + volumes: + - name: data + container: /data + - name: pg-exporter + image: quay.io/prometheuscommunity/postgres-exporter + env-file: /etc/opt/spadinastan/vault-exporter.env