This repository has been archived on 2020-08-11. You can view files and clone it, but cannot push or open issues or pull requests.
stack/.drone.remote.yml

321 lines
7.7 KiB
YAML

---
kind: pipeline
type: docker
name: default
when:
branch:
- remote
clone:
# skip_verify: true
steps:
- name: printenv
image: appleboy/drone-ssh
environment:
CERTBOT_EMAIL:
from_secret: certbot-email
DRONE_DOMAIN:
from_secret: drone-domain
DRONE_GITEA_CLIENT_ID:
from_secret: drone-gitea-client-id
GIT_DOMAIN:
from_secret: git-domain
REMOTE_DOMAIN:
from_secret: remote-domain
SSH_HOST:
from_secret: ssh-host
SSH_PORT:
from_secret: ssh-port
SSH_USER:
from_secret: ssh-user
SSH_ROOT_USER:
from_secret: ssh-root-user
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
settings:
envs:
- certbot_email
- drone_domain
- drone_gitea_client_id
- git_domain
- remote_domain
- ssh_host
- ssh_port
- ssh_root_user
- ssh_user
- local_docker_registry
host:
from_secret: ssh-host
port:
from_secret: ssh-port
username:
from_secret: ssh-user
password:
from_secret: ssh-password
script:
- echo certbot-email=$CERTBOT_EMAIL > env-stack
- echo drone-domain=$DRONE_DOMAIN >> env-stack
- echo drone-gitea-client-id=$DRONE_GITEA_CLIENT_ID >> env-stack
- echo git-domain=$GIT_DOMAIN >> env-stack
- echo remote-domain=$REMOTE_DOMAIN >> env-stack
- echo ssh-host=$SSH_HOST >> env-stack
- echo ssh-port=$SSH_PORT >> env-stack
- echo ssh-root-user=$SSH_ROOT_USER >> env-stack
- echo ssh-user=$SSH_USER >> env-stack
- echo local-docker-registry=$LOCAL_DOCKER_REGISTRY >> env-stack
- name: test-ssh
when:
branch:
- remote
image: appleboy/drone-ssh
environment:
DRONE_RPC_SECRET:
from_secret: drone-rpc-secret
DRONE_GITEA_CLIENT_ID:
from_secret: drone-gitea-client-id
DRONE_GITEA_CLIENT_SECRET:
from_secret: drone-gitea-client-secret
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
SSH_USER:
from_secret: ssh-user
CERTBOT_EMAIL:
from_secret: certbot-email
GIT_DOMAIN:
from_secret: git-domain
DRONE_DOMAIN:
from_secret: drone-domain
REMOTE_DOMAIN:
from_secret: remote-domain
settings:
envs:
- drone_rpc_secret
- drone_gitea_client_id
- drone_gitea_client_secret
- ssh_user
- local_docker_registry
- certbot_email
- git_domain
- drone_domain
- remote_domain
host:
from_secret: ssh-host
username:
from_secret: ssh-root-user
password:
from_secret: ssh-root-password
port:
from_secret: ssh-port
script:
- echo 'ssh ok'
- name: wait
when:
branch:
- remote
image: docker:dind
volumes:
- name: dockersock
path: /var/run
commands:
- sleep 15
- name: build-drone-starlark
when:
branch:
- remote
image: docker:dind
volumes:
- name: dockersock
path: /var/run
environment:
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
commands:
- cd drone-starlark
- docker build . -t $${LOCAL_DOCKER_REGISTRY}drone-starlark
- docker push $${LOCAL_DOCKER_REGISTRY}drone-starlark
- name: build-postgres
when:
branch:
- remote-skip
image: docker:dind
volumes:
- name: dockersock
path: /var/run
environment:
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
commands:
- cd guacamole-postgresql
- docker build . -t $${LOCAL_DOCKER_REGISTRY}guacamole-postgresql
- docker push $${LOCAL_DOCKER_REGISTRY}guacamole-postgresql
- name: build-ngrok
when:
branch:
- remote-skip
image: docker:dind
volumes:
- name: dockersock
path: /var/run
environment:
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
commands:
- cd ngrok-gitea
- docker build . -t $${LOCAL_DOCKER_REGISTRY}ngrok-gitea
- docker push $${LOCAL_DOCKER_REGISTRY}ngrok-gitea
- name: build-letsencrypt-nginx
when:
branch:
- remote-skip
image: docker:dind
volumes:
- name: dockersock
path: /var/run
environment:
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
commands:
- cd letsencrypt-nginx
- docker build . -t $${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx
- docker push $${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx
- name: build-letsencrypt-drone
when:
branch:
- remote-skip
image: docker:dind
volumes:
- name: dockersock
path: /var/run
environment:
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
commands:
- cd letsencrypt-nginx
- sh build.sh drone $${LOCAL_DOCKER_REGISTRY}
- name: build-letsencrypt-remote
when:
branch:
- remote-skip
image: docker:dind
volumes:
- name: dockersock
path: /var/run
environment:
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
commands:
- cd letsencrypt-nginx
- sh build.sh remote $${LOCAL_DOCKER_REGISTRY}
- name: scp files
when:
branch:
- remote
image: appleboy/drone-scp
settings:
host:
from_secret: ssh-host
username:
from_secret: ssh-user
password:
from_secret: ssh-password
port:
from_secret: ssh-port
command_timeout: 2m
target: ~/gitea-drone-stack
source:
- .
- name: deploy
when:
branch:
- remote
image: appleboy/drone-ssh
environment:
DRONE_RPC_SECRET:
from_secret: drone-rpc-secret
DRONE_GITEA_CLIENT_ID:
from_secret: drone-gitea-client-id
DRONE_GITEA_CLIENT_SECRET:
from_secret: drone-gitea-client-secret
DRONE_CONVERT_SECRET:
from_secret: drone-convert-secret
LOCAL_DOCKER_REGISTRY:
from_secret: local-docker-registry
SSH_USER:
from_secret: ssh-user
CERTBOT_EMAIL:
from_secret: certbot-email
GIT_DOMAIN:
from_secret: git-domain
DRONE_DOMAIN:
from_secret: drone-domain
REMOTE_DOMAIN:
from_secret: remote-domain
settings:
envs:
- drone_rpc_secret
- drone_gitea_client_id
- drone_gitea_client_secret
- drone_convert_secret
- ssh_user
- local_docker_registry
- certbot_email
- git_domain
- drone_domain
- remote_domain
host:
from_secret: ssh-host
username:
from_secret: ssh-root-user
password:
from_secret: ssh-root-password
port:
from_secret: ssh-port
script:
- set -e
- export LOCAL_DOCKER_REGISTRY=$LOCAL_DOCKER_REGISTRY
- export DRONE_RPC_SECRET=$DRONE_RPC_SECRET
- export DRONE_GITEA_CLIENT_ID=$DRONE_GITEA_CLIENT_ID
- export DRONE_GITEA_CLIENT_SECRET=$DRONE_GITEA_CLIENT_SECRET
- export DRONE_CONVERT_SECRET=$DRONE_CONVERT_SECRET
- export SSH_USER=$SSH_USER
- export CERTBOT_EMAIL=$CERTBOT_EMAIL
- export GIT_DOMAIN=$GIT_DOMAIN
- export DRONE_DOMAIN=$DRONE_DOMAIN
- export REMOTE_DOMAIN=$REMOTE_DOMAIN
- docker network prune -f
- cd /home/$SSH_USER/gitea-drone-stack
- docker pull $${LOCAL_DOCKER_REGISTRY}guacamole-postgresql
- docker pull $${LOCAL_DOCKER_REGISTRY}ngrok-gitea
- docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx
- docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-drone
- docker pull $${LOCAL_DOCKER_REGISTRY}letsencrypt-remote
- docker pull $${LOCAL_DOCKER_REGISTRY}drone-starlark
- docker network prune -f
- docker stack rm remote-drone
- sleep 60
- docker stack deploy -c docker-compose-remote.yml remote-drone
#- sleep 300
services:
- name: docker
image: docker:dind
privileged: true
volumes:
- name: dockersock
path: /var/run
- name: ca
path: /etc/docker/certs.d
volumes:
- name: dockersock
temp: {}
- name: ca
host:
path: /home/giles/gitea-drone-stack/.ca