From 469f88431437be70bf5606df1cc794ad26284602 Mon Sep 17 00:00:00 2001
From: Giles Bradshaw <giles.bradshaw@sigyl.com>
Date: Sun, 10 May 2020 17:01:50 +0100
Subject: [PATCH] drone-star

---
 drone-starlark/repos/drone/drone.star         | 81 +++++++++++++++++++
 .../repos/drone/public-secrets.star           | 34 ++++++++
 .../repos/drone/secret-secrets.star           | 24 ++++++
 drone-starlark/repos/drone/stack-name._star   |  1 +
 drone-starlark/repos/drone/stack-root._star   |  1 +
 5 files changed, 141 insertions(+)
 create mode 100644 drone-starlark/repos/drone/drone.star
 create mode 100644 drone-starlark/repos/drone/public-secrets.star
 create mode 100644 drone-starlark/repos/drone/secret-secrets.star
 create mode 100644 drone-starlark/repos/drone/stack-name._star
 create mode 100644 drone-starlark/repos/drone/stack-root._star

diff --git a/drone-starlark/repos/drone/drone.star b/drone-starlark/repos/drone/drone.star
new file mode 100644
index 0000000..3212a0f
--- /dev/null
+++ b/drone-starlark/repos/drone/drone.star
@@ -0,0 +1,81 @@
+load("@this//:from-secret.star", "fromSecret")
+load("@this//:print-secrets.star", "printSecrets")
+
+load("@this//:map.star", "map")
+load("@this//:environment.star", "environment")
+load("@this//:echo.star", "echo")
+load("@this//:export.star", "export")
+load("@this//:echo-secret.star", "echoSecret")
+load("@this//:wait.star", "wait")
+load("@this//:build.star", "build")
+load("@this//:scp.star", "scp")
+load("@this//drone:public-secrets.star", "publicSecrets")
+load("@this//drone:secret-secrets.star", "secretSecrets")
+load("@this//:rescale.star", "rescale")
+load("@this//:pull.star", "pull")
+load("@this//:deploy.star", "deploy")
+load("@this//:build-folder.star", "buildFolder")
+load("@this//:build-docker-folder.star", "buildDockerFolder")
+load("@this//:pipeline.star", "pipeline")
+
+def drone(
+  ctx,
+  branch,
+  base,
+  name,
+  commands,
+):
+  if ctx.build.branch == branch:
+    return [
+      pipeline(
+        branch,
+        [
+          wait(15, "wait"),
+          build("drone-starlark"),
+          printSecrets(
+            "env-drone",
+            publicSecrets,
+            secretSecrets,
+          ),
+          scp(base),
+          pull(
+            "pull images",
+            [
+              "drone-starlark",
+            ],
+          ),
+          deploy(
+            "docker-compose.yml",
+            name,
+            base,
+            publicSecrets + secretSecrets,
+            commands,
+            ctx
+          ),
+        ],
+        [],
+        [
+          {
+            "name": "ca",
+            "host": {
+              "path": "/etc/docker/certs.d",
+            },
+          }
+        ],
+        [
+          {
+            "name": "ca",
+            "path": "/etc/docker/certs.d",
+          },
+        ]
+      ),
+    ]
+  else:
+    return pipeline(
+      ctx.build.branch,
+      [],
+      [],
+      [],
+      [],
+    )
+      
\ No newline at end of file
diff --git a/drone-starlark/repos/drone/public-secrets.star b/drone-starlark/repos/drone/public-secrets.star
new file mode 100644
index 0000000..f229e64
--- /dev/null
+++ b/drone-starlark/repos/drone/public-secrets.star
@@ -0,0 +1,34 @@
+publicSecrets = [
+  "title",
+  "description",
+  "certbot-email",
+  "drone-domain",
+  "drone-gitea-client-id",
+  "drone-gitea-server",
+  "drone-server-host",
+  "git-domain",
+  "local-docker-registry",
+  "ssh-host",
+  "guacamole-postgres-db",
+  "guacamole-postgres-user",
+  "sigyl-stack-root",
+  "sigyl-stack-name",
+  "ghost-mail-service",
+  "ghost-mail-user",
+  "chat-admin-name",
+  "chat-admin-email",
+  "gitea-mailer-host",
+  "gitea-mailer-from",
+  "gitea-mailer-user",
+  "gitea-app-name",
+  "commento-origin",
+  "commento-smtp-host",
+  "commento-smtp-port",
+  "commento-smtp-username",
+  "commento-smtp-from-address",
+  "commento-forbid-new-owners",
+  "commento-postgres-db",
+  "commento-postgres-user",
+  "commento-github-key", 
+  "nagios-admin-user",
+]
\ No newline at end of file
diff --git a/drone-starlark/repos/drone/secret-secrets.star b/drone-starlark/repos/drone/secret-secrets.star
new file mode 100644
index 0000000..6b38263
--- /dev/null
+++ b/drone-starlark/repos/drone/secret-secrets.star
@@ -0,0 +1,24 @@
+secretSecrets = [
+  "drone-convert-secret",
+  "drone-gitea-client-secret",
+  "drone-rpc-secret",
+  "guacamole-postgres-password",
+  "ngrok-auth-token",
+  "ghost-mail-password",
+  "ghost-mysql-root-password",
+  "chat-admin-password",
+  "gitea-server-lfs-jwt-secret",
+  "gitea-security-secret-key",
+  "gitea-security-internal-token",
+  "gitea-oauth2-jwt-secret",
+  "gitea-mailer-passwd",
+  "commento-smtp-password",
+  "commento-askimet-key",
+  "commento-postgres-password",
+  "commento-github-secret",
+  "matomo-mysql-root-password",
+  "matomo-mysql-password",
+  "nagios-admin-password",
+  "zabbix-mysql-root-password",
+  "zabbix-mysql-password",
+]
\ No newline at end of file
diff --git a/drone-starlark/repos/drone/stack-name._star b/drone-starlark/repos/drone/stack-name._star
new file mode 100644
index 0000000..d16bfc5
--- /dev/null
+++ b/drone-starlark/repos/drone/stack-name._star
@@ -0,0 +1 @@
+stackName='drone'
\ No newline at end of file
diff --git a/drone-starlark/repos/drone/stack-root._star b/drone-starlark/repos/drone/stack-root._star
new file mode 100644
index 0000000..e7c1112
--- /dev/null
+++ b/drone-starlark/repos/drone/stack-root._star
@@ -0,0 +1 @@
+stackRoot='/stack/drone'
\ No newline at end of file