--- # this builds and deploys the system on static ip servers kind: pipeline type: docker name: default clone: # skip_verify: true steps: - name: printenv when: branch: - do image: appleboy/drone-ssh environment: LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry SSH_HOST: from_secret: ssh-host SSH_USER: from_secret: ssh-user SSH_PORT: from_secret: ssh-port CERTBOT_EMAIL: from_secret: certbot-email GIT_DOMAIN: from_secret: git-domain settings: envs: - local_docker_registry - ssh_host - ssh_user - ssh_port - certbot_email - git_domain host: from_secret: ssh-host port: from_secret: ssh-port username: from_secret: ssh-user password: from_secret: ssh-password script: - echo SSH_HOST=$SSH_HOST > env - echo SSH_USER=$SSH_USER >> env - echo SSH_PORT=$SSH_PORT >> env - echo LOCAL_DOCKER_REGISTRY=$LOCAL_DOCKER_REGISTRY >> env - echo CERTBOT_EMAIL=$CERTBOT_EMAIL >> env - echo GIT_DOMAIN=$GIT_DOMAIN >> env - name: clear when: branch: - do image: appleboy/drone-ssh settings: host: from_secret: ssh-host username: from_secret: ssh-user password: from_secret: ssh-password #key: # from_secret: ssh-key #passphrase: # from_secret: ssh-passphrase port: from_secret: ssh-port script: - rm -r -f ~/stack-deploy - name: wait when: branch: - do image: docker:dind volumes: - name: dockersock path: /var/run commands: - sleep 20 - name: build-letsencrypt-nginx when: branch: - do image: docker:dind volumes: - name: dockersock path: /var/run environment: LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry commands: - cd letsencrypt-nginx - docker build . -t $${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx - docker push $${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx - name: build-letsencrypt-do when: branch: - do image: docker:dind volumes: - name: dockersock path: /var/run environment: LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry commands: - cd letsencrypt-nginx - sh build.sh do $${LOCAL_DOCKER_REGISTRY} - name: build-postgres when: branch: - do image: docker:dind volumes: - name: dockersock path: /var/run environment: LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry commands: - cd guacamole-postgresql - docker build . -t $${LOCAL_DOCKER_REGISTRY}guacamole-postgresql - docker push $${LOCAL_DOCKER_REGISTRY}guacamole-postgresql - name: build-drone-starlark when: branch: - do image: docker:dind volumes: - name: dockersock path: /var/run environment: LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry commands: - cd drone-starlark - docker build . -t $${LOCAL_DOCKER_REGISTRY}drone-starlark - docker push $${LOCAL_DOCKER_REGISTRY}drone-starlark - name: scp files when: branch: - do image: appleboy/drone-scp settings: host: from_secret: ssh-host username: from_secret: ssh-user password: from_secret: ssh-password #key: # from_secret: ssh-key #passphrase: # from_secret: ssh-passphrase port: from_secret: ssh-port command_timeout: 2m target: ~/stack-deploy source: - . - name: deploy when: branch: - do image: appleboy/drone-ssh environment: DRONE_RPC_SECRET: from_secret: drone-rpc-secret DRONE_GITEA_CLIENT_ID: from_secret: drone-gitea-client-id DRONE_GITEA_CLIENT_SECRET: from_secret: drone-gitea-client-secret DRONE_CONVERT_SECRET: from_secret: drone-convert-secret LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry SSH_USER: from_secret: ssh-user CERTBOT_EMAIL: from_secret: certbot-email GIT_DOMAIN: from_secret: git-domain GUACAMOLE_POSTGRES_USER: from_secret: guacamole-postgres-user GUACAMOLE_POSTGRES_DB: from_secret: guacamole-postgres-db GUACAMOLE_POSTGRES_PASSWORD: from_secret: guacamole-postgres-password settings: envs: - drone_rpc_secret - drone_gitea_client_id - drone_gitea_client_secret - drone_convert_secret - ssh_user - local_docker_registry - certbot_email - git_domain - guacamole_postgres_user - guacamole_postgres_db - guacamole_postgres_password host: from_secret: ssh-host username: from_secret: ssh-user password: from_secret: ssh-password #key: # from_secret: ssh-key #passphrase: # from_secret: ssh-passphrase port: from_secret: ssh-port script: - set -e - export LOCAL_DOCKER_REGISTRY=$LOCAL_DOCKER_REGISTRY - export DRONE_RPC_SECRET=$DRONE_RPC_SECRET - export DRONE_GITEA_CLIENT_ID=$DRONE_GITEA_CLIENT_ID - export DRONE_GITEA_CLIENT_SECRET=$DRONE_GITEA_CLIENT_SECRET - export SSH_USER=$SSH_USER - export CERTBOT_EMAIL=$CERTBOT_EMAIL - export GIT_DOMAIN=$GIT_DOMAIN - export GUACAMOLE_POSTGRES_USER=$GUACAMOLE_POSTGRES_USER - export GUACAMOLE_POSTGRES_DB=$GUACAMOLE_POSTGRES_DB - export GUACAMOLE_POSTGRES_PASSWORD=$GUACAMOLE_POSTGRES_PASSWORD - export DRONE_CONVERT_SECRET=$DRONE_CONVERT_SECRET - docker network prune -f - cd ~/stack-deploy - docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-do - docker pull $${LOCAL_DOCKER_REGISTRY}guacamole-postgresql - docker pull $${LOCAL_DOCKER_REGISTRY}drone-starlark - docker stack rm gitea - sleep 60 - docker stack deploy -c docker-compose-do.yml gitea - docker service scale gitea_chat=1 #- sleep 300 services: - name: docker image: docker:dind privileged: true volumes: - name: dockersock path: /var/run volumes: - name: dockersock temp: {}