proxy-starlark
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/push Build was killed
Details
This commit is contained in:
parent
07dfba6090
commit
85af7c17fa
|
@ -1,43 +0,0 @@
|
||||||
version: "3.7"
|
|
||||||
services:
|
|
||||||
letsencrypt-registry:
|
|
||||||
deploy:
|
|
||||||
placement:
|
|
||||||
constraints: [node.labels.com.sigyl.git-stack == yes]
|
|
||||||
replicas: 1
|
|
||||||
restart_policy:
|
|
||||||
condition: any
|
|
||||||
image: ${LOCAL_DOCKER_REGISTRY}letsencrypt-registry
|
|
||||||
environment:
|
|
||||||
- CERTBOT_EMAIL=${CERTBOT_EMAIL}
|
|
||||||
- SERVER_NAME=${GIT_DOMAIN}
|
|
||||||
- REGISTRY_PROXY_PASS=http://registry:5000
|
|
||||||
volumes:
|
|
||||||
- letsencrypt-registry:/etc/letsencrypt
|
|
||||||
networks:
|
|
||||||
- appnet
|
|
||||||
ports:
|
|
||||||
- 5004:5004
|
|
||||||
registry:
|
|
||||||
# internal registry #1 (why?)
|
|
||||||
deploy:
|
|
||||||
placement:
|
|
||||||
constraints: [node.labels.com.sigyl.git-stack == yes]
|
|
||||||
replicas: 1
|
|
||||||
restart_policy:
|
|
||||||
condition: any
|
|
||||||
image: registry:2
|
|
||||||
volumes:
|
|
||||||
- registry-data:/var/lib/registry
|
|
||||||
environment:
|
|
||||||
- REGISTRY_HTTP_ADDR=0.0.0.0:5000
|
|
||||||
networks:
|
|
||||||
- appnet
|
|
||||||
volumes:
|
|
||||||
registry-data:
|
|
||||||
letsencrypt-registry:
|
|
||||||
|
|
||||||
networks:
|
|
||||||
appnet:
|
|
||||||
driver: overlay
|
|
||||||
#external: true
|
|
|
@ -0,0 +1,98 @@
|
||||||
|
load("@this//:from-secret.star", "fromSecret")
|
||||||
|
load("@this//:print-secrets.star", "printSecrets")
|
||||||
|
|
||||||
|
load("@this//:map.star", "map")
|
||||||
|
load("@this//:environment.star", "environment")
|
||||||
|
load("@this//:echo.star", "echo")
|
||||||
|
load("@this//:export.star", "export")
|
||||||
|
load("@this//:echo-secret.star", "echoSecret")
|
||||||
|
load("@this//:wait.star", "wait")
|
||||||
|
load("@this//:build.star", "build")
|
||||||
|
load("@this//:scp.star", "scp")
|
||||||
|
load("@this//proxy:public-secrets.star", "publicSecrets")
|
||||||
|
load("@this//proxy:secret-secrets.star", "secretSecrets")
|
||||||
|
load("@this//:rescale.star", "rescale")
|
||||||
|
load("@this//:pull.star", "pull")
|
||||||
|
load("@this//:deploy.star", "deploy")
|
||||||
|
load("@this//:build-folder.star", "buildFolder")
|
||||||
|
load("@this//:build-docker-folder.star", "buildDockerFolder")
|
||||||
|
load("@this//:pipeline.star", "pipeline")
|
||||||
|
|
||||||
|
def drone(
|
||||||
|
ctx,
|
||||||
|
branch,
|
||||||
|
base,
|
||||||
|
name,
|
||||||
|
commands,
|
||||||
|
):
|
||||||
|
if ctx.build.branch == branch:
|
||||||
|
return [
|
||||||
|
pipeline(
|
||||||
|
branch,
|
||||||
|
[
|
||||||
|
wait(15, "wait"),
|
||||||
|
printSecrets(
|
||||||
|
"env-proxy",
|
||||||
|
publicSecrets,
|
||||||
|
secretSecrets,
|
||||||
|
),
|
||||||
|
build("ngrok-gitea"),
|
||||||
|
build("letsencrypt-nginx"),
|
||||||
|
buildDockerFolder(
|
||||||
|
"Dockerfile.git",
|
||||||
|
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx",
|
||||||
|
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-git",
|
||||||
|
"letsencrypt-nginx",
|
||||||
|
"git",
|
||||||
|
),
|
||||||
|
buildDockerFolder(
|
||||||
|
"Dockerfile.drone",
|
||||||
|
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx",
|
||||||
|
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-drone",
|
||||||
|
"letsencrypt-nginx",
|
||||||
|
"drone",
|
||||||
|
),
|
||||||
|
scp(base),
|
||||||
|
pull(
|
||||||
|
"pull images",
|
||||||
|
[
|
||||||
|
"ngrok-gitea",
|
||||||
|
"letsencrypt-git",
|
||||||
|
"letsencrypt-drone",
|
||||||
|
],
|
||||||
|
),
|
||||||
|
deploy(
|
||||||
|
"docker-compose.yml",
|
||||||
|
name,
|
||||||
|
base,
|
||||||
|
publicSecrets + secretSecrets,
|
||||||
|
commands,
|
||||||
|
ctx
|
||||||
|
),
|
||||||
|
],
|
||||||
|
[],
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"name": "ca",
|
||||||
|
"host": {
|
||||||
|
"path": "/etc/docker/certs.d",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
],
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"name": "ca",
|
||||||
|
"path": "/etc/docker/certs.d",
|
||||||
|
},
|
||||||
|
]
|
||||||
|
),
|
||||||
|
]
|
||||||
|
else:
|
||||||
|
return pipeline(
|
||||||
|
ctx.build.branch,
|
||||||
|
[],
|
||||||
|
[],
|
||||||
|
[],
|
||||||
|
[],
|
||||||
|
)
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
publicSecrets = [
|
||||||
|
"title",
|
||||||
|
"description",
|
||||||
|
"certbot-email",
|
||||||
|
"drone-domain",
|
||||||
|
"drone-gitea-client-id",
|
||||||
|
"drone-gitea-server",
|
||||||
|
"drone-server-host",
|
||||||
|
"git-domain",
|
||||||
|
"local-docker-registry",
|
||||||
|
"ssh-host",
|
||||||
|
"guacamole-postgres-db",
|
||||||
|
"guacamole-postgres-user",
|
||||||
|
"sigyl-stack-root",
|
||||||
|
"sigyl-stack-name",
|
||||||
|
"ghost-mail-service",
|
||||||
|
"ghost-mail-user",
|
||||||
|
"chat-admin-name",
|
||||||
|
"chat-admin-email",
|
||||||
|
"gitea-mailer-host",
|
||||||
|
"gitea-mailer-from",
|
||||||
|
"gitea-mailer-user",
|
||||||
|
"gitea-app-name",
|
||||||
|
"commento-origin",
|
||||||
|
"commento-smtp-host",
|
||||||
|
"commento-smtp-port",
|
||||||
|
"commento-smtp-username",
|
||||||
|
"commento-smtp-from-address",
|
||||||
|
"commento-forbid-new-owners",
|
||||||
|
"commento-postgres-db",
|
||||||
|
"commento-postgres-user",
|
||||||
|
"commento-github-key",
|
||||||
|
"nagios-admin-user",
|
||||||
|
]
|
|
@ -0,0 +1,24 @@
|
||||||
|
secretSecrets = [
|
||||||
|
"drone-convert-secret",
|
||||||
|
"drone-gitea-client-secret",
|
||||||
|
"drone-rpc-secret",
|
||||||
|
"guacamole-postgres-password",
|
||||||
|
"ngrok-auth-token",
|
||||||
|
"ghost-mail-password",
|
||||||
|
"ghost-mysql-root-password",
|
||||||
|
"chat-admin-password",
|
||||||
|
"gitea-server-lfs-jwt-secret",
|
||||||
|
"gitea-security-secret-key",
|
||||||
|
"gitea-security-internal-token",
|
||||||
|
"gitea-oauth2-jwt-secret",
|
||||||
|
"gitea-mailer-passwd",
|
||||||
|
"commento-smtp-password",
|
||||||
|
"commento-askimet-key",
|
||||||
|
"commento-postgres-password",
|
||||||
|
"commento-github-secret",
|
||||||
|
"matomo-mysql-root-password",
|
||||||
|
"matomo-mysql-password",
|
||||||
|
"nagios-admin-password",
|
||||||
|
"zabbix-mysql-root-password",
|
||||||
|
"zabbix-mysql-password",
|
||||||
|
]
|
|
@ -0,0 +1 @@
|
||||||
|
stackName='${SIGYL_STACK_NAME}'
|
|
@ -0,0 +1 @@
|
||||||
|
stackRoot='${SIGYL_STACK_ROOT}'
|
|
@ -56,13 +56,6 @@ def drone(
|
||||||
"letsencrypt-nginx",
|
"letsencrypt-nginx",
|
||||||
"drone",
|
"drone",
|
||||||
),
|
),
|
||||||
buildDockerFolder(
|
|
||||||
"Dockerfile.registry",
|
|
||||||
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx",
|
|
||||||
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-registry",
|
|
||||||
"letsencrypt-nginx",
|
|
||||||
"registry",
|
|
||||||
),
|
|
||||||
scp(base),
|
scp(base),
|
||||||
pull(
|
pull(
|
||||||
"pull images",
|
"pull images",
|
||||||
|
|
Reference in New Issue