This repository has been archived on 2020-08-11. You can view files and clone it, but cannot push or open issues or pull requests.
stack/.drone.star

224 lines
5.3 KiB
Plaintext
Raw Normal View History

2020-04-24 10:29:25 +00:00
def fromSecret(name):
return {
"from_secret": name
}
2020-04-24 11:53:10 +00:00
def environment(env):
2020-04-24 11:52:21 +00:00
return dict(
[(x.replace("-", "_").upper(), fromSecret(x)) for x in env]
)
2020-04-24 13:37:38 +00:00
def map(fn, l):
2020-04-24 13:41:26 +00:00
return [fn(x) for x in l]
2020-04-25 21:24:24 +00:00
def echo(secret):
return "echo {secret}=${environment} >> env-stack".format(secret = secret, environment = secret.replace("-", "_").upper())
def export(secret):
return "echo {toCaps}=${toCaps} >> env-stack".format(toCaps = secret.replace("-", "_").upper())
2020-04-24 11:42:31 +00:00
def printSecrets(env):
2020-04-24 13:30:51 +00:00
2020-04-24 10:29:25 +00:00
return {
2020-04-24 11:56:35 +00:00
"name": "print secrets",
2020-04-24 10:29:25 +00:00
"image": "appleboy/drone-ssh",
2020-04-24 11:50:26 +00:00
"environment": environment(env),
2020-04-24 10:29:25 +00:00
"settings": {
2020-04-25 21:24:24 +00:00
"envs": [x.replace("-", "_") for x in env ],
2020-04-24 10:29:25 +00:00
"host": fromSecret("ssh-host"),
"port": fromSecret("ssh-port"),
"username": fromSecret("ssh-user"),
"password": fromSecret("ssh-password"),
2020-04-24 13:31:41 +00:00
"script": [
2020-04-24 13:47:19 +00:00
"rm -f env.stack",
] + map(echo, env)
2020-04-24 10:29:25 +00:00
}
}
2020-04-25 18:57:07 +00:00
def wait(delay, name):
return {
2020-04-25 18:59:22 +00:00
"name": name,
2020-04-25 18:57:07 +00:00
"image": "alpine",
2020-04-25 19:42:47 +00:00
"commands": [
"sleep {delay}".format(delay = delay),
],
2020-04-25 18:57:07 +00:00
}
2020-04-25 20:14:33 +00:00
def build(name):
2020-04-24 10:07:57 +00:00
return {
2020-04-25 20:44:43 +00:00
"name": "build-{name}".format(name=name),
"image": "docker:dind",
"volumes": [
{
"name": "dockersock",
"path": "/var/run",
},
],
"environment": environment([
"local-docker-registry",
]),
"commands": [
"cd {name}".format(name=name),
"docker build . -t $${{LOCAL_DOCKER_REGISTRY}}{name}".format(name=name),
"docker push $${{LOCAL_DOCKER_REGISTRY}}{name}".format(name=name),
],
}
2020-04-25 20:49:57 +00:00
def buildHome():
return {
"name": "build-nginx-home",
"image": "docker:dind",
"volumes": [
{
"name": "dockersock",
"path": "/var/run",
},
],
"environment": environment([
"local-docker-registry",
]),
"commands": [
2020-04-25 21:24:24 +00:00
"cd letsencrypt-nginx",
2020-04-25 21:37:21 +00:00
"sh build.home.sh $${{LOCAL_DOCKER_REGISTRY}}".format(),
2020-04-25 20:49:57 +00:00
],
}
2020-04-25 20:44:43 +00:00
def buildNginx(name):
return {
"name": "build-nginx-{name}".format(name=name),
"image": "docker:dind",
"volumes": [
{
"name": "dockersock",
"path": "/var/run",
},
],
"environment": environment([
"local-docker-registry",
]),
"commands": [
2020-04-25 21:34:03 +00:00
"cd letsencrypt-nginx",
2020-04-25 20:46:58 +00:00
"sh build.sh {name} $${{LOCAL_DOCKER_REGISTRY}}".format(name = name),
2020-04-25 20:44:43 +00:00
],
}
2020-04-25 20:59:14 +00:00
def scp(target):
return {
"name": "scp files",
"image": "appleboy/drone-scp",
"settings": {
"host": {
"from_secret": "ssh-host",
},
"username": {
"from_secret": "ssh-user",
},
"password": {
"from_secret": "ssh-password",
},
"port": {
"from_secret": "ssh-port",
},
2020-04-25 21:40:32 +00:00
"command_timeout": "2m",
"target": target,
"source": [
".",
],
2020-04-25 20:59:14 +00:00
},
}
2020-04-25 21:24:24 +00:00
def deploy():
secrets = [
"drone-rpc-secret",
"drone-gitea-client-id",
"drone-gitea-client-secret",
"drone-gitea-server",
"drone-convert-secret",
"ssh-user",
"local-docker-registry",
"certbot-email",
"git-domain",
"drone-domain",
"chat-domain",
"remote-domain",
"blog-domain",
]
return {
"name": "deploy",
"image": "appleboy/drone-ssh",
"environment": environment(secrets),
"settings": {
"envs": [x.replace("-", "_") for x in secrets ],
"host": fromSecret("ssh-host"),
"port": fromSecret("ssh-port"),
"username": fromSecret("ssh-root-user"),
"password": fromSecret("ssh-root-password"),
"script": [
"set -e"
] + map(export, secrets) + [
2020-04-25 21:42:26 +00:00
"docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-git",
"docker pull $${LOCAL_DOCKER_REGISTRY}nginx-home1",
"docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-chat",
"docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-remote",
"docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-blog",
"docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-drone",
2020-04-25 21:24:24 +00:00
"docker network prune -f",
"cd /home/$SSH_USER/gitea-drone-stack",
"docker stack rm gitea",
"sleep 60",
"docker stack deploy -c docker-compose-home.yml gitea",
]
}
}
2020-04-25 20:14:33 +00:00
def steps(name, dependsOn):
return {
"kind": "pipeline",
"name": name,
"depends_on": dependsOn,
"steps": [
printSecrets([
"local-docker-registry",
"ssh-host",
"ssh-user",
"ssh-port",
]),
2020-04-25 21:42:26 +00:00
#wait(15, "wait"),
#build("guacamole-postgresql"),
#build("ngrok-gitea"),
#build("letsencrypt-nginx"),
2020-04-25 21:40:32 +00:00
#buildHome(),
#buildNginx("blog"),
#buildNginx("drone"),
#buildNginx("git"),
#buildNginx("remote"),
#buildNginx("chat"),
2020-04-25 20:59:14 +00:00
scp("~/gitea-drone-stack"),
2020-04-25 21:24:24 +00:00
deploy(),
2020-04-24 10:07:57 +00:00
],
2020-04-25 20:07:36 +00:00
"services": [
{
"name": "docker",
"image": "docker:dind",
"privileged": True,
"volumes": [
{
"name": "dockersock",
"path": "/var/run",
},
{
"name": "ca",
"path": "/etc/docker/certs.d",
},
],
}
],
"volumes": [
{
"name": "dockersock",
"temp": {},
},
{
"name": "ca",
"host": {
"path": "/home/giles/gitea-drone-stack/.ca",
},
},
],
2020-04-24 10:07:57 +00:00
}
2020-04-24 06:58:20 +00:00
2020-04-24 06:32:20 +00:00
def main(ctx):
2020-04-24 10:10:50 +00:00
return [
2020-04-24 12:06:53 +00:00
steps('first', []),
2020-04-24 10:10:50 +00:00
]
2020-04-24 09:56:09 +00:00