This repository has been archived on 2020-08-11. You can view files and clone it, but cannot push or open issues or pull requests.
stack/README.md

4.5 KiB

gitea in a stack with drone and guacamole

Remote system support.

Consisting of

  • gitea repository - github like self hoisted git and web application
  • drone ci system
  • guacamole - rdp, vnc and ssh over the internet in the browser

Build Status

(nb when self deploying with drone it will will stick on started and have to be cancelled. This is because the deployment tears down the previous running drone).

NB each time you deploy this using drone it will leave an orphaned network for example:

drone-yoZbiXiqssFcSsG0dP5d

eventually this will start to cause an error with message: Docker “ERROR: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network”

installing docker

Start with a fresh install of Ubuntu server 19.04 connected to the internet

update packages

sudo apt-get update
sudo apt-get upgrade

remove old versions of docker

(if it's a fresh install of linux there shouldn't be any)

sudo apt-get remove docker docker-engine docker.io

install docker

sudo apt install docker.io

add current user to docker group

logout and back in afterwards

sudo usermod -aG docker $USER

start and enable docker

sudo systemctl start docker
sudo systemctl enable docker

change ssh port to 2022

sudo vi /etc/ssh/sshd_config

change Port 2022

allow root to ssh

sudo vi /etc/ssh/sshd_config

set the root password

sudo passwd root

change PermitRootLogin yes

reboot

start a stack running gitea to host repository.

stack

labels

get nodes with

docker node ls

add label with

docker node update --label-add com.sigyl.git-stack=yes [node id]

generate certificates

where [registry-domain] is the domain on which the registry will be served

sh ca.sh [registry-domain]:5000


sh make-cert.sh [registry-domain] registry

ngrok auth

obtain ngrok auth token and place in .secrets in form

authtoken: [token]

initial deploy

export LOCAL_DOCKER_REGISTRY=registry.local-domain:5000
export CERTBOT_EMAIL=giles.bradshaw@sigyl.com
export GIT_DOMAIN=git.sigyl.com
export REMOTE_DOMAIN=remote.sigyl.com
export DRONE_DOMAIN=drone.sigyl.com
export BLOG_DOMAIN=blog.sigyl.com

export DRONE_RPC_SECRET=$(openssl rand -base64 48)
docker stack deploy -c docker-compose.yml gitea

create gitea drone app with client id and secret

add secrets to repository in drone

add secret

  • blog-domain
  • certbot-email
  • drone-domain
  • drone-gitea-client-id
  • drone-gitea-client-secret
  • drone-rpc-secret
  • git-domain
  • local-docker-registry
  • remote-domain
  • ssh-password
  • ssh-port
  • ssh-root-password
  • ssh-root-user
  • ssh-user
  • ssh-host

kill orphan docker:dind containers

Wen the system is deployed by pushing to repository the docker:dind container will be orphaned and will run forever unless killed..

guacamole

np no spaces in postgres password

docker stack for guacamole

adapted from https://digitalmccullough.com/posts/setting-up-apache-guacamole-with-docker-stack.html

initialising

find id

docker ps

execute initdb.sql

docker exec -it [id] psql -U postgres -d guacamole_db -f /initdb.sql
docker exec -it [id] psql -U postgres -d guacamole_db -f /init-user.sql -v password='somepassword'

initial admin is guacadmin:guacadmin

create a new admin and delete guacadmin

docker-exec-runner on windows

These instructions are not very good...

https://exec-runner.docs.drone.io/installation/windows/

download and unpack on linux with

curl -L https://github.com/drone-runners/drone-runner-exec/releases/latest/download/drone_runner_exec_windows_amd64.tar.gz | tar zx

rename drone-runner-exec to drone-runner-exec.exe

make directory c:\Drone\drone-runner-exec on windows

copy drone-runner-exec.exe to directory

make config file with


DRONE_RPC_PROTO=https
DRONE_RPC_HOST=drone.sigyl.com:443
DRONE_RPC_SECRET=[rpc secret]
DRONE_LOG_FILE=C:\Drone\drone-runner-exec\log.txt
DRONE_RUNNER_LABELS=web:true

install and start service with

drone-runner-exec service install
drone-runner-exec service start

chat

Once the chat-mongo container is up you need to get its id and do

docker exec -it [id] mongo --eval "printjson(rs.initiate({_id: 'rs0', members: [ { _id: 0, host: 'localhost:27017' } ]}))"

then scale up chat

docker service scale gitea_chat=1