Giles Bradshaw 6 months ago
parent
commit
b017ca8b2e
14 changed files with 118 additions and 19 deletions
  1. +5
    -3
      .drone-home.star
  2. +87
    -0
      README.md
  3. +12
    -0
      build.sh
  4. +2
    -2
      docker-compose-home.yml
  5. +3
    -3
      guacamole-postgresql/init-user.sql
  6. +1
    -0
      init-mongo-chat.sh
  7. +2
    -0
      init-postgresql.sh
  8. +4
    -0
      init-scale.sh
  9. +1
    -1
      letsencrypt-nginx/build-docker-folder.sh
  10. +0
    -3
      letsencrypt-nginx/build.home.sh
  11. +1
    -3
      letsencrypt-nginx/build.sh
  12. +0
    -0
      n
  13. +0
    -2
      ngrok-build.sh
  14. +0
    -2
      postgres-build.sh

+ 5
- 3
.drone-home.star View File

@@ -6,10 +6,12 @@ def main(ctx):
ctx,
"home-deploy",
"/stack/deploy",
"gitea",
"stack",
[
"docker service scale gitea_ngrok=1",
"docker service scale gitea_chat=1",
"docker service scale stack_ngrok=1",
"docker service scale stack_chat=1",
"docker service scale stack_letsencrypt-drone=1",
"docker service scale stack_letsencrypt-git=1",
]
)

+ 87
- 0
README.md View File

@@ -60,3 +60,90 @@ git checkout home-deploy

```

### make certificates for the registry

these certificates will be in .ca and .certificates
where $REGISTRY_DOMAIN is the host where the stack will run.

```
cd certificates
sh ca.sh $REGISTRY_DOMAIN:5003
sh make-cert.sh $REGISTRY_DOMAIN registry
```

### make environment variables

```
export CERTBOT_EMAIL=giles.bradshaw@sigyl.com
export DRONE_DOMAIN=drone.git.sigyl.com
export DRONE_GITEA_CLIENT_ID=
export DRONE_GITEA_SERVER=
export DRONE_SERVER_HOST=drone.git.sigyl.com
export GIT_DOMAIN=git.sigyl.com
export LOCAL_DOCKER_REGISTRY=git.local-domain:5003/
export SSH_USER=giles
export GUACAMOLE_POSTGRES_DB=guacamole_db
export GUACAMOLE_POSTGRES_USER=guacamole_user
export DRONE_CONVERT_SECRET=topsecret
export DRONE_GITEA_CLIENT_SECRET=
export DRONE_RPC_SECRET=topsecret2
export GUACAMOLE_POSTGRES_PASSWORD=[passwordnospaces]
export NGROK_AUTH_TOKEN=[secret token from ngrok]
```

### build images

where $STACK_HOME = /stack/deploy

```
sh build.sh $STACK_HOME
```

### initial deploy of stack

```
cd /stack/deploy
docker stack deploy -c docker-compose-home.yml stack
```

### initialise postgres database

find postgres id as $ID

```
docker ps | grep stack_guacamole-postgresql.1
```

```
sh init-postgresql.sh $ID
```

## initialise mongo

get mongo id as $ID

```
docker ps | grep stack_chat-mongo.1
```

```
sh init-mongo-chat.sh $ID
```


### scale chat and ngrok and nginx

```
sh init-scale.sh stack
```

### create a gitea drone application

set environment variables as follows (example values):

```
export DRONE_GITEA_SERVER=https://sigyl.com/git
export DRONE_GITEA_CLIENT_ID=38218ed5-cf18-47e7-1234-710173dae499
export DRONE_GITEA_CLIENT_SECRET=ytsgdyXI_6zUrqwsI1wsssBAaUcsp27EyecT4nk5fA=
```


+ 12
- 0
build.sh View File

@@ -0,0 +1,12 @@
set -e
cd $1/ngrok-gitea
docker build . -t ${LOCAL_DOCKER_REGISTRY}ngrok-gitea
cd $1/guacamole-postgresql
docker build . -t ${LOCAL_DOCKER_REGISTRY}guacamole-postgresql
cd $1/letsencrypt-nginx
docker build . -t ${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx
cd $1/drone-starlark
docker build . -t ${LOCAL_DOCKER_REGISTRY}drone-starlark
cd $1/letsencrypt-nginx
sh build.sh Dockerfile.git ${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx ${LOCAL_DOCKER_REGISTRY}letsencrypt-git
sh build.sh Dockerfile.drone ${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx ${LOCAL_DOCKER_REGISTRY}letsencrypt-drone

+ 2
- 2
docker-compose-home.yml View File

@@ -4,7 +4,7 @@ services:
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1
replicas: 0
restart_policy:
condition: any
image: ${LOCAL_DOCKER_REGISTRY}letsencrypt-git
@@ -36,7 +36,7 @@ services:
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1
replicas: 0
restart_policy:
condition: any
image: ${LOCAL_DOCKER_REGISTRY}letsencrypt-drone


+ 3
- 3
guacamole-postgresql/init-user.sql View File

@@ -1,3 +1,3 @@
CREATE USER :'user' WITH PASSWORD :'password';
GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA public TO :'user';
GRANT SELECT,USAGE ON ALL SEQUENCES IN SCHEMA public TO :'user';
CREATE USER :user WITH PASSWORD :'password';
GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA public TO :user;
GRANT SELECT,USAGE ON ALL SEQUENCES IN SCHEMA public TO :user;

+ 1
- 0
init-mongo-chat.sh View File

@@ -0,0 +1 @@
docker exec -it $1 mongo --eval "printjson(rs.initiate({_id: 'rs0', members: [ { _id: 0, host: 'localhost:27017' } ]}))"

+ 2
- 0
init-postgresql.sh View File

@@ -0,0 +1,2 @@
docker exec -it $1 psql -U postgres -d $GUACAMOLE_POSTGRES_DB -f /initdb.sql
docker exec -it $1 psql -U postgres -d $GUACAMOLE_POSTGRES_DB -f /init-user.sql -v password=$GUACAMOLE_POSTGRES_PASSWORD -v user=$GUACAMOLE_POSTGRES_USER

+ 4
- 0
init-scale.sh View File

@@ -0,0 +1,4 @@
docker service scale $1_chat=1
docker service scale $1_ngrok=1
docker service scale $1_letsencrypt-drone=1
docker service scale $1_letsencrypt-git=1

+ 1
- 1
letsencrypt-nginx/build-docker-folder.sh View File

@@ -1,3 +1,3 @@
set -e
docker build . -f $1 --build-arg image=$2 -t $3
sh build.sh $1 $2 $3
docker push $3

+ 0
- 3
letsencrypt-nginx/build.home.sh View File

@@ -1,3 +0,0 @@
set -e
docker build . -f Dockerfile.home --build-arg image=nginx:latest -t $1nginx-home1
docker push $1nginx-home1

+ 1
- 3
letsencrypt-nginx/build.sh View File

@@ -1,3 +1 @@
set -e
docker build . -f Dockerfile.$1 --build-arg image=$2letsencrypt-nginx -t $2letsencrypt-$1
docker push $2letsencrypt-$1
docker build . -f $1 --build-arg image=$2 -t $3

+ 0
- 0
n View File


+ 0
- 2
ngrok-build.sh View File

@@ -1,2 +0,0 @@
docker build ngrok-gitea -t ${LOCAL_DOCKER_REGISTRY}/ngrok-gitea
docker push ${LOCAL_DOCKER_REGISTRY}/ngrok-gitea

+ 0
- 2
postgres-build.sh View File

@@ -1,2 +0,0 @@
docker build guacamole-postgresql -t ${LOCAL_DOCKER_REGISTRY}/guacamole-postgresql
docker push ${LOCAL_DOCKER_REGISTRY}/guacamole-postgresql