6.4 KiB
Python Template Project - What's New
Updated: 2025-11-28
🎯 Overview
Your Python template project has been completely updated to match your i80.dk infrastructure documentation with solutions to all the pain points you've experienced!
📦 New Files
Core Application Files
-
app_example.py⭐️ NEW- Complete Flask example with proper health endpoint
- Graceful shutdown handling (SIGTERM)
- Environment variable configuration
- Ready-to-use health, ready, and metrics endpoints
-
Dockerfile.complete⭐️ NEW- Multi-stage build for smaller images
- Non-root user (uid 1000) for security
- Docker-level health check
- Production-ready best practices
Nomad Configuration
.gitea/workflows/nomad-job-complete.hcl.tmpl⭐️ NEW- Complete Nomad job with ALL features
- Proper health checks with grace period
- Host volume configuration examples
- Vault integration (commented, ready for when it works)
- Vault workarounds for current use
- Auto-revert on failed deployments
- Comprehensive comments explaining everything
Documentation
-
NOMAD_DEPLOYMENT_GUIDE.md⭐️ NEW (50+ pages!)- Complete deployment guide
- Health checks deep-dive (your #1 pain point)
- Host volumes setup guide (your #2 pain point)
- Vault workarounds (3 different approaches)
- Comprehensive troubleshooting section
- Quick reference commands
-
DEPLOYMENT_CHECKLIST.md⭐️ NEW- Step-by-step deployment checklist
- Pre-deployment verification
- Post-deployment checks
- Rollback planning
- Common issues quick reference
-
WHATS_NEW.md⭐️ NEW- This file - summary of updates
-
README.md✏️ UPDATED- Simplified with links to detailed guides
- Quick start section
- Clear structure
Utilities
setup-nomad-volumes.sh⭐️ NEW- Automated script to setup volumes on Autobox
- Creates data and secrets directories
- Configures Nomad client
- Sets proper permissions
- Restarts Nomad and verifies
🎯 Pain Points Solved
1. Health Checks ⚕️ SOLVED
Problem: Services marked unhealthy, constant restarts
Solution:
app_example.pyshows proper implementationNOMAD_DEPLOYMENT_GUIDE.mdexplains all the gotchas- Nomad job has proper grace periods
- Includes backup TCP check
Key learnings documented:
- Must use named ports, not hardcoded
- Add startup grace period
- Keep health check fast (<500ms)
- Return proper HTTP status codes
2. Host Volumes 💾 SOLVED
Problem: Volume mounts fail, permission issues, data not persisting
Solution:
setup-nomad-volumes.shautomates entire setup- Nomad job shows proper volume declaration
- Documentation covers all permission issues
- Examples for both data and secrets volumes
Key learnings documented:
- Configure on Autobox FIRST
- Match uid (1000) between container and host
- Test with
nomad agent-info - Backup volumes regularly
3. Vault Not Working 🔐 SOLVED
Problem: Vault is down, can't use proper secret management
Solution: Three workaround approaches documented:
Option 1: Environment variables in Nomad job
- Fast but insecure
- Good for development only
Option 2: File-based secrets (RECOMMENDED)
- Secrets stored in
/opt/nomad-secrets/ - Mounted as read-only volume
- Better security than environment variables
setup-nomad-volumes.shcreates structure
Option 3: Consul KV store
- Uses existing infrastructure
- API-manageable
- Better than files, not as good as Vault
Bonus: Vault integration template ready for when it's fixed!
📚 How to Use
For New Projects
-
Copy entire template directory:
cp -r PythonTemplateProject MyNewApp -
Follow Quick Start in
README.md -
Use
DEPLOYMENT_CHECKLIST.mdfor each deployment -
Refer to
NOMAD_DEPLOYMENT_GUIDE.mdwhen issues arise
For Existing Projects
-
Copy
app_example.pyhealth endpoint to your app -
Update your Dockerfile based on
Dockerfile.complete -
Update your Nomad job from
nomad-job-complete.hcl.tmpl -
Run
setup-nomad-volumes.shif you need volumes
🎓 Key Concepts Explained
Health Checks
The guide explains:
- Why they fail
- How to implement correctly
- Testing strategies
- Grace periods
- Backup checks
Volumes
The guide covers:
- Host volume vs Docker volume
- Configuration on client
- Permission management
- Backup strategies
- Troubleshooting mounts
Secrets Without Vault
The guide provides:
- Comparison of approaches
- Security implications
- Implementation examples
- Migration path to Vault
🔗 Integration with Infrastructure
This template integrates with your infrastructure documentation:
- References
~/Projects/i80_network.mdfor infrastructure details - Uses same conventions (port ranges, naming, etc.)
- Follows same patterns (Consul tags, service registration)
- Compatible with existing Gitea CI/CD
- Works with consul-template configurations
📊 Statistics
New Files: 8 files
Updated Files: 1 file
New Documentation: ~100 pages
Pain Points Solved: 3 major issues
Examples Included: 20+ code examples
Troubleshooting Scenarios: 15+ common issues
🚀 Next Steps
-
Try the template - Deploy
app_example.pyto test everything works -
Update existing apps - Add health endpoints to running services
-
Setup volumes - Run
setup-nomad-volumes.shfor apps that need storage -
Document your apps - Use templates as examples
-
Share knowledge - Others on your team can use this too!
💡 Tips
Start with app_example.py:
- It's a working, complete example
- Shows all the patterns correctly
- Copy-paste friendly
Use the checklist:
- Don't skip steps
- Check off as you go
- Add project-specific items
Read the troubleshooting section:
- Before you have problems
- Understand common issues
- Know where to look for solutions
🎉 Benefits
Time Savings:
- No more debugging health checks for hours
- No more fighting with volume permissions
- No more wondering how to handle secrets
Quality:
- Production-ready examples
- Security best practices
- Comprehensive error handling
Documentation:
- Everything explained
- Examples for every scenario
- Quick reference commands
Your infrastructure is complex but powerful. This template makes it easier to use! 🚀