Giles Bradshaw
491e044f68
continuous-integration/drone/push Build is passing
Details
|
||
---|---|---|
certificates | ||
drone-starlark | ||
ghost | ||
guacamole-postgresql | ||
letsencrypt-nginx | ||
ngrok-gitea | ||
.drone-do.star | ||
.drone-home.star | ||
.drone-remote.star | ||
.gitignore | ||
README.md | ||
add-secret.png | ||
build.sh | ||
docker-compose-do.yml | ||
docker-compose-drone.yml | ||
docker-compose-home.yml | ||
docker-compose-remote.yml | ||
init-mongo-chat.sh | ||
init-postgresql.sh | ||
init-scale.sh | ||
install.md |
README.md
stack
In a docker stack.
static ip
- home - https://sigyl.com/
- git - https://sigyl.com/git/
- drone - https://sigyl.com:5000/
- ghost - https://sigyl.com/blog/
- guacamole - https://sigyl.com/remote/
- chat - https://sigyl.com/chat/
drone.do.yml - docker-compose-do.yml
tunnelled with ngrok
(very slow if home internet)
- home - https://git.sigyl.com
- git - https://git.sigyl.com/git
- blog - https://git.sigyl.com/blog
- chat - https://git.sigyl.com/chat
- drone - https://drone.git.sigyl.com/
- guacamole - https://git.sigyl.com/remote
installation
Once installed and running the system can redeploy itself.
However initially you need to do this yourself.
docker
you need a docker swarm set up with nodes with the following labels
- com.sigyl.git-stack=yes
- com.sigyl.git-stack-data=yes
global environment
the following environment variables need to be defined (define your own values)
echo 'export SIGYL_STACK_ROOT=/stack/deploy' | sudo tee -a /etc/profile.d/sigyl-stack.sh
echo 'export SIGYL_STACK_NAME=stack' | sudo tee -a /etc/profile.d/sigyl-stack.sh
sh /etc/profile.d/sigyl-stack.sh
make a folder and give yourself access
sudo mkdir -p $SIGYL_STACK_ROOT
cd /stack
sudo chown -R $USER:$USER $SIGYL_STACK_ROOT
clone the repository
cd /stack
git clone https://sigyl.com/git/giles/stack.git $SIGYL_STACK_ROOT
cd $SIGYL_STACK_ROOT
git checkout home-deploy
make certificates for the registry
these certificates will be in .ca and .certificates where $REGISTRY_DOMAIN is the host where the stack will run it should be on the local subnet ie trafic should not have to go over the internet.
eg git.local-domain
cd $SIGYL_STACK_ROOT/certificates
sh ca.sh $REGISTRY_DOMAIN:5003
sh make-cert.sh $REGISTRY_DOMAIN registry
make environment variables
export TITLE=SiGyl Ltd
export DESCRIPTION=Software Development
export CERTBOT_EMAIL=giles.bradshaw@sigyl.com
export DRONE_DOMAIN=drone.sigyl.com
export DRONE_GITEA_SERVER=https://sigyl.com/git
export DRONE_SERVER_HOST=sigyl.com:5000
export GIT_DOMAIN=sigyl.com
export LOCAL_DOCKER_REGISTRY=sigyl.com:5001/
export SSH_HOST=10.106.0.2
export GUACAMOLE_POSTGRES_DB=guacamole_db
export GUACAMOLE_POSTGRES_USER=guacamole_user
export SIGYL_STACK_ROOT=/root/stack-deploy
export SIGYL_STACK_NAME=gitea
export DRONE_GITEA_CLIENT_ID=???
export DRONE_CONVERT_SECRET=???
export DRONE_GITEA_CLIENT_SECRET=???
export DRONE_RPC_SECRET=???
export GUACAMOLE_POSTGRES_PASSWORD=???
export NGROK_AUTH_TOKEN=???
build images
sh build.sh $SIGYL_STACK_ROOT
initial deploy of stack
cd $SIGYL_STACK_ROOT
docker stack deploy -c docker-compose-home.yml $SIGYL_STACK_NAME
initialise postgres database
find postgres id as $ID
docker ps | grep stack_guacamole-postgresql.1
sh init-postgresql.sh $ID
initialise mongo
get mongo id as $ID
docker ps | grep stack_chat-mongo.1
sh init-mongo-chat.sh $ID
scale chat and ngrok and nginx
sh init-scale.sh stack
create a gitea drone application
This might be on your local gitea or some other one.
set environment variables for it as follows (example values):
export DRONE_GITEA_SERVER=https://sigyl.com/git
export DRONE_GITEA_CLIENT_ID=38218ed5-cf18-47e7-1234-710173dae499
export DRONE_GITEA_CLIENT_SECRET=ytsgdyXI_6zUrqwsI1wsssBAaUcsp27EyecT4nk5fA=
redeploy
docker stack deploy -c docker-compose-home.yml $SIGYL_STACK_NAME
sh init-scale.sh stack
drone secrets
Where these end up in environment variables they will be capitalised and underscored.
Secrets are revealed in a file named ~/env-stack during deployment. (keys etc are hidden)
certbot-email
Email for lets encrypt certbot
description
Description of the application.
drone-convert-secret
Random secret for starlark conversion container.
drone-domain
The domain the drone server is tunneled to.
drone-gitea-client-id
The id of the gitea drone application.
drone-gitea-client-secret
The secret of the gitea drone application.
drone-gitea-server
URL of the gitea server.
drone-rpc-secret
Random secret for drone server + runners.
drone-server-host
host name (and port) for drone server.
git-domain
This is the domain where the application will be served (via ngrok if applicable).
guacamole-postgres-db
Name of the db.
guacamole-postgres-password
Password for the db (no spaces).
guacamole-postgres-user
User for the db.
local-docker-registry
Registry where images will be pushed. (with trailing slash)
ngrok-auth-token
Authentication token for ngrok.
sigyl-stack-name
The name of the stack.
sigyl-stack-root
The file path where stack deployed to.
ssh-host
Host for the stack (must be a leader).
ssh-key
Not used atm.
ssh-passphrase
Not used atm.
ssh-password
Password for ssh.
ssh-port
Port for ssh.
ssh-root-password
Password for root user.
ssh-root-user
Ssh root user.
ssh-user
Ssh user.
title
Application title.