def fromSecret(name): return { "from_secret": name } def environment(env): return dict( [(x.replace("-", "_").upper(), fromSecret(x)) for x in env] ) def map(fn, l): return [fn(x) for x in l] def echo(secret): return "echo {secret}=${environment} >> env-stack".format(secret = secret, environment = secret.replace("-", "_").upper()) def export(secret): return "echo {toCaps}=${toCaps} >> env-stack".format(toCaps = secret.replace("-", "_").upper()) def printSecrets(env): return { "name": "print secrets", "image": "appleboy/drone-ssh", "environment": environment(env), "settings": { "envs": [x.replace("-", "_") for x in env ], "host": fromSecret("ssh-host"), "port": fromSecret("ssh-port"), "username": fromSecret("ssh-user"), "password": fromSecret("ssh-password"), "script": [ "rm -f env-stack", ] + map(echo, env) } } def wait(delay, name): return { "name": name, "image": "alpine", "commands": [ "sleep {delay}".format(delay = delay), ], } def build(name): return { "name": "build-{name}".format(name=name), "image": "docker:dind", "volumes": [ { "name": "dockersock", "path": "/var/run", }, ], "environment": environment([ "local-docker-registry", ]), "commands": [ "cd {name}".format(name=name), "docker build . -t $${{LOCAL_DOCKER_REGISTRY}}{name}".format(name=name), "docker push $${{LOCAL_DOCKER_REGISTRY}}{name}".format(name=name), ], } def buildHome(): return { "name": "build-nginx-home", "image": "docker:dind", "volumes": [ { "name": "dockersock", "path": "/var/run", }, ], "environment": environment([ "local-docker-registry", ]), "commands": [ "cd letsencrypt-nginx", "sh build.home.sh $${{LOCAL_DOCKER_REGISTRY}}".format(), ], } def buildNginx(name): return { "name": "build-nginx-{name}".format(name=name), "image": "docker:dind", "volumes": [ { "name": "dockersock", "path": "/var/run", }, ], "environment": environment([ "local-docker-registry", ]), "commands": [ "cd letsencrypt-nginx", "sh build.sh {name} $${{LOCAL_DOCKER_REGISTRY}}".format(name = name), ], } def scp(target): return { "name": "scp files", "image": "appleboy/drone-scp", "settings": { "host": { "from_secret": "ssh-host", }, "username": { "from_secret": "ssh-user", }, "password": { "from_secret": "ssh-password", }, "port": { "from_secret": "ssh-port", }, "command_timeout": "2m", "target": target, "source": [ ".", ], }, } def deploy(): secrets = [ "drone-rpc-secret", "drone-gitea-client-id", "drone-gitea-client-secret", "drone-gitea-server", "drone-convert-secret", "ssh-user", "local-docker-registry", "certbot-email", "git-domain", "drone-domain", "chat-domain", "remote-domain", "blog-domain", ] return { "name": "deploy", "image": "appleboy/drone-ssh", "environment": environment(secrets), "settings": { "envs": [x.replace("-", "_") for x in secrets ], "host": fromSecret("ssh-host"), "port": fromSecret("ssh-port"), "username": fromSecret("ssh-root-user"), "password": fromSecret("ssh-root-password"), "script": [ "set -e" ] + map(export, secrets) + [ "docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-git", "docker pull $${LOCAL_DOCKER_REGISTRY}nginx-home1", "docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-chat", "docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-remote", "docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-blog", "docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-drone", "docker network prune -f", "cd /home/$SSH_USER/gitea-drone-stack", #"docker stack rm gitea", "sleep 60", #"docker stack deploy -c docker-compose-home.yml gitea", ] } } def steps(name, dependsOn): return { "kind": "pipeline", "name": name, "depends_on": dependsOn, "steps": [ printSecrets([ "local-docker-registry", "ssh-host", "ssh-user", "ssh-port", ]), #wait(15, "wait"), #build("guacamole-postgresql"), #build("ngrok-gitea"), #build("letsencrypt-nginx"), #buildHome(), #buildNginx("blog"), #buildNginx("drone"), #buildNginx("git"), #buildNginx("remote"), #buildNginx("chat"), #scp("~/gitea-drone-stack"), deploy(), ], "services": [ { "name": "docker", "image": "docker:dind", "privileged": True, "volumes": [ { "name": "dockersock", "path": "/var/run", }, { "name": "ca", "path": "/etc/docker/certs.d", }, ], } ], "volumes": [ { "name": "dockersock", "temp": {}, }, { "name": "ca", "host": { "path": "/home/giles/gitea-drone-stack/.ca", }, }, ], } def main(ctx): return [ steps('first', []), ]