proxy-starlark
continuous-integration/drone/push Build was killed Details

This commit is contained in:
Giles Bradshaw 2020-05-10 08:21:12 +01:00
parent 07dfba6090
commit 85af7c17fa
7 changed files with 158 additions and 50 deletions

View File

@ -1,43 +0,0 @@
version: "3.7"
services:
letsencrypt-registry:
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1
restart_policy:
condition: any
image: ${LOCAL_DOCKER_REGISTRY}letsencrypt-registry
environment:
- CERTBOT_EMAIL=${CERTBOT_EMAIL}
- SERVER_NAME=${GIT_DOMAIN}
- REGISTRY_PROXY_PASS=http://registry:5000
volumes:
- letsencrypt-registry:/etc/letsencrypt
networks:
- appnet
ports:
- 5004:5004
registry:
# internal registry #1 (why?)
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1
restart_policy:
condition: any
image: registry:2
volumes:
- registry-data:/var/lib/registry
environment:
- REGISTRY_HTTP_ADDR=0.0.0.0:5000
networks:
- appnet
volumes:
registry-data:
letsencrypt-registry:
networks:
appnet:
driver: overlay
#external: true

View File

@ -0,0 +1,98 @@
load("@this//:from-secret.star", "fromSecret")
load("@this//:print-secrets.star", "printSecrets")
load("@this//:map.star", "map")
load("@this//:environment.star", "environment")
load("@this//:echo.star", "echo")
load("@this//:export.star", "export")
load("@this//:echo-secret.star", "echoSecret")
load("@this//:wait.star", "wait")
load("@this//:build.star", "build")
load("@this//:scp.star", "scp")
load("@this//proxy:public-secrets.star", "publicSecrets")
load("@this//proxy:secret-secrets.star", "secretSecrets")
load("@this//:rescale.star", "rescale")
load("@this//:pull.star", "pull")
load("@this//:deploy.star", "deploy")
load("@this//:build-folder.star", "buildFolder")
load("@this//:build-docker-folder.star", "buildDockerFolder")
load("@this//:pipeline.star", "pipeline")
def drone(
ctx,
branch,
base,
name,
commands,
):
if ctx.build.branch == branch:
return [
pipeline(
branch,
[
wait(15, "wait"),
printSecrets(
"env-proxy",
publicSecrets,
secretSecrets,
),
build("ngrok-gitea"),
build("letsencrypt-nginx"),
buildDockerFolder(
"Dockerfile.git",
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx",
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-git",
"letsencrypt-nginx",
"git",
),
buildDockerFolder(
"Dockerfile.drone",
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx",
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-drone",
"letsencrypt-nginx",
"drone",
),
scp(base),
pull(
"pull images",
[
"ngrok-gitea",
"letsencrypt-git",
"letsencrypt-drone",
],
),
deploy(
"docker-compose.yml",
name,
base,
publicSecrets + secretSecrets,
commands,
ctx
),
],
[],
[
{
"name": "ca",
"host": {
"path": "/etc/docker/certs.d",
},
}
],
[
{
"name": "ca",
"path": "/etc/docker/certs.d",
},
]
),
]
else:
return pipeline(
ctx.build.branch,
[],
[],
[],
[],
)

View File

@ -0,0 +1,34 @@
publicSecrets = [
"title",
"description",
"certbot-email",
"drone-domain",
"drone-gitea-client-id",
"drone-gitea-server",
"drone-server-host",
"git-domain",
"local-docker-registry",
"ssh-host",
"guacamole-postgres-db",
"guacamole-postgres-user",
"sigyl-stack-root",
"sigyl-stack-name",
"ghost-mail-service",
"ghost-mail-user",
"chat-admin-name",
"chat-admin-email",
"gitea-mailer-host",
"gitea-mailer-from",
"gitea-mailer-user",
"gitea-app-name",
"commento-origin",
"commento-smtp-host",
"commento-smtp-port",
"commento-smtp-username",
"commento-smtp-from-address",
"commento-forbid-new-owners",
"commento-postgres-db",
"commento-postgres-user",
"commento-github-key",
"nagios-admin-user",
]

View File

@ -0,0 +1,24 @@
secretSecrets = [
"drone-convert-secret",
"drone-gitea-client-secret",
"drone-rpc-secret",
"guacamole-postgres-password",
"ngrok-auth-token",
"ghost-mail-password",
"ghost-mysql-root-password",
"chat-admin-password",
"gitea-server-lfs-jwt-secret",
"gitea-security-secret-key",
"gitea-security-internal-token",
"gitea-oauth2-jwt-secret",
"gitea-mailer-passwd",
"commento-smtp-password",
"commento-askimet-key",
"commento-postgres-password",
"commento-github-secret",
"matomo-mysql-root-password",
"matomo-mysql-password",
"nagios-admin-password",
"zabbix-mysql-root-password",
"zabbix-mysql-password",
]

View File

@ -0,0 +1 @@
stackName='${SIGYL_STACK_NAME}'

View File

@ -0,0 +1 @@
stackRoot='${SIGYL_STACK_ROOT}'

View File

@ -56,13 +56,6 @@ def drone(
"letsencrypt-nginx", "letsencrypt-nginx",
"drone", "drone",
), ),
buildDockerFolder(
"Dockerfile.registry",
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx",
"$${LOCAL_DOCKER_REGISTRY}letsencrypt-registry",
"letsencrypt-nginx",
"registry",
),
scp(base), scp(base),
pull( pull(
"pull images", "pull images",