|
3 years ago | |
---|---|---|
certificates | 3 years ago | |
drone-starlark | 3 years ago | |
ghost | 3 years ago | |
gitea | 3 years ago | |
guacamole-postgresql | 3 years ago | |
letsencrypt-nginx | 3 years ago | |
matomo | 3 years ago | |
ngrok-gitea | 3 years ago | |
.drone-do.star | 3 years ago | |
.drone-home.star | 3 years ago | |
.gitignore | 3 years ago | |
README.md | 3 years ago | |
add-secret.png | 3 years ago | |
build.sh | 3 years ago | |
docker-compose-registry.yml | 3 years ago | |
docker-compose.yml | 3 years ago | |
init-mongo-chat.sh | 3 years ago | |
init-postgresql.sh | 3 years ago | |
init-scale.sh | 3 years ago |
In a docker stack.
(very slow if home internet)
Once installed and running the system can redeploy itself.
However initially you need to do this yourself.
(if it’s a fresh install of linux there shouldn’t be any)
sudo apt-get remove docker docker-engine docker.io
sudo apt install docker.io
logout and back in afterwards
sudo usermod -aG docker $USER
sudo systemctl start docker
sudo systemctl enable docker
sudo vi /etc/ssh/sshd_config
change Port 2022
sudo vi /etc/ssh/sshd_config
sudo passwd root
change PermitRootLogin yes
reboot
start a stack running gitea to host repository.
get nodes with
docker node ls
add label with
docker node update --label-add com.sigyl.git-stack=yes [node id]
the following environment variables need to be defined (define your own values)
echo 'export SIGYL_STACK_ROOT=/stack/deploy' | sudo tee -a /etc/profile.d/sigyl-stack.sh
echo 'export SIGYL_STACK_NAME=stack' | sudo tee -a /etc/profile.d/sigyl-stack.sh
sh /etc/profile.d/sigyl-stack.sh
sudo mkdir -p $SIGYL_STACK_ROOT
cd /stack
sudo chown -R $USER:$USER $SIGYL_STACK_ROOT
cd /stack
git clone https://sigyl.com/git/giles/stack.git $SIGYL_STACK_ROOT
cd $SIGYL_STACK_ROOT
git checkout home-deploy
these certificates will be in .ca and .certificates where $REGISTRY_DOMAIN is the host where the stack will run it should be on the local subnet ie trafic should not have to go over the internet.
eg git.local-domain
cd $SIGYL_STACK_ROOT/certificates
sh ca.sh $REGISTRY_DOMAIN:5003
sh make-cert.sh $REGISTRY_DOMAIN registry
copy the directory .ca/$REGISTRY_DOMAIN:5003 to /etc/docker/certs.d
sudo mkdir -p /etc/docker/certs.d/
sudo cp -r .ca/$REGISTRY_DOMAIN:5003 /etc/docker/certs.d/
export TITLE="SiGyl Ltd!"
export DESCRIPTION="Software Development"
export CERTBOT_EMAIL=giles.bradshaw@sigyl.com
export DRONE_DOMAIN=drone.sigyl.com
export DRONE_GITEA_SERVER=https://sigyl.com/git
export DRONE_SERVER_HOST=sigyl.com:5000
export GIT_DOMAIN=sigyl.com
export LOCAL_DOCKER_REGISTRY=sigyl.com:5001/
export SSH_HOST=10.106.0.2
export GUACAMOLE_POSTGRES_DB=guacamole_db
export GUACAMOLE_POSTGRES_USER=guacamole_user
export SIGYL_STACK_ROOT=/root/stack-deploy
export SIGYL_STACK_NAME=gitea
export DRONE_GITEA_CLIENT_ID=???
export DRONE_CONVERT_SECRET=???
export DRONE_GITEA_CLIENT_SECRET=???
export DRONE_RPC_SECRET=???
export GUACAMOLE_POSTGRES_PASSWORD=???
export NGROK_AUTH_TOKEN=???
sh build.sh $SIGYL_STACK_ROOT
cd $SIGYL_STACK_ROOT
docker stack deploy -c docker-compose.yml $SIGYL_STACK_NAME
find postgres id as $ID
docker ps | grep stack_guacamole-postgresql.1
sh init-postgresql.sh $ID
get mongo id as $ID
docker ps | grep stack_chat-mongo.1
sh init-mongo-chat.sh $ID
if ngrok required $NGROK=1 else $NGROK=0
sh init-scale.sh stack $NGROK
This might be on your local gitea or some other one.
set environment variables for it as follows (example values):
export DRONE_GITEA_SERVER=https://sigyl.com/git
export DRONE_GITEA_CLIENT_ID=38218ed5-cf18-47e7-1234-710173dae499
export DRONE_GITEA_CLIENT_SECRET=ytsgdyXI_6zUrqwsI1wsssBAaUcsp27EyecT4nk5fA=
if ngrok required $NGROK=1 else $NGROK=0
docker stack deploy -c docker-compose.yml $SIGYL_STACK_NAME
sh init-scale.sh stack $NGROK
Where these end up in environment variables they will be capitalised and underscored.
Secrets are revealed in a file named ~/env-stack during deployment. (keys etc are hidden)
Email for lets encrypt certbot
Name for chat admin user.
Password for chat admin user.
Email for chat admin user.
Description of the application.
Random secret for starlark conversion container.
The domain the drone server is tunneled to.
The id of the gitea drone application.
The secret of the gitea drone application.
URL of the gitea server.
Random secret for drone server + runners.
host name (and port) for drone server.
SMTP Password for ghost mail service
mail service for ghost eg Mailgun
SMTP user for ghost mail service
This is the domain where the application will be served (via ngrok if applicable).
Name of the db.
Password for the db (no spaces).
User for the db.
Registry where images will be pushed. (with trailing slash)
Authentication token for ngrok.
The name of the stack.
The file path where stack deployed to.
Host for the stack (must be a leader).
Not used atm.
Not used atm.
Password for ssh.
Port for ssh.
Password for root user.
Ssh root user.
Ssh user.
Application title.
You should do these asap and preferably before anyone else!!!
Register then set up initial user and email settings.
Vist domain/ghost and set up admin user.
Admin user is automatically created according to configured secrets. Change the password!
Use admin user name and password you supplied when you set up the database.
These instructions are not very good...
https://exec-runner.docs.drone.io/installation/windows/
download and unpack on linux with
curl -L https://github.com/drone-runners/drone-runner-exec/releases/latest/download/drone_runner_exec_windows_amd64.tar.gz | tar zx
rename drone-runner-exec to drone-runner-exec.exe
make directory c:\Drone\drone-runner-exec on windows
copy drone-runner-exec.exe to directory
make config file with
DRONE_RPC_PROTO=https
DRONE_RPC_HOST=drone.sigyl.com:443
DRONE_RPC_SECRET=[rpc secret]
DRONE_LOG_FILE=C:\Drone\drone-runner-exec\log.txt
DRONE_RUNNER_LABELS=web:true
install and start service with
drone-runner-exec service install
drone-runner-exec service start