diff --git a/.drone/deploy.sh b/.drone/deploy.sh index 9e20a37..7b16886 100644 --- a/.drone/deploy.sh +++ b/.drone/deploy.sh @@ -2,4 +2,4 @@ export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/ docker stack rm drone \ && echo 'sleeping...zzz' \ && sleep 60 \ -&& docker stack deploy -c docker-compose.yml drone +&& docker stack deploy -c docker-compose.yml drone --with-registry-auth diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index b4e7a76..71cc8d3 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -51,6 +51,8 @@ services: path: /var/run - name: ca path: /etc/docker/certs.d + - name: daemonjson + path: /etc/docker/daemon.json volumes: - name: dockersock @@ -58,6 +60,9 @@ volumes: - name: ca host: path: /etc/docker/certs.d +- name: daemonjson + host: + path: /etc/docker/daemon.json image_pull_secrets: - dockerconfigjson @@ -91,6 +96,7 @@ steps: - registry_port - registry_password - scheme + - scheme - domain - drone_gitea_client_id - drone_gitea_server @@ -107,6 +113,7 @@ steps: - "echo \"export REGISTRY_PORT='$${REGISTRY_PORT}'\" >> env-drone # \"registry-port\"" - "echo \"export REGISTRY_PASSWORD='$${REGISTRY_PASSWORD}'\" >> env-drone # \"registry-password\"" - "echo \"export SCHEME='$${SCHEME}'\" >> env-drone # \"scheme\"" + - "echo \"export SCHEME='$${SCHEME}'\" >> env-drone # \"scheme\"" - "echo \"export DOMAIN='$${DOMAIN}'\" >> env-drone # \"domain\"" - "echo \"export DRONE_GITEA_CLIENT_ID='$${DRONE_GITEA_CLIENT_ID}'\" >> env-drone # \"drone-gitea-client-id\"" - "echo \"export DRONE_GITEA_SERVER='$${DRONE_GITEA_SERVER}'\" >> env-drone # \"drone-gitea-server\"" @@ -190,6 +197,7 @@ steps: - drone_build_number - drone_repo_name - drone_repo_namespace + - scheme - domain - drone_gitea_client_id - drone_gitea_server @@ -208,6 +216,7 @@ steps: - export DRONE_GITEA_CLIENT_SECRET=$${DRONE_GITEA_CLIENT_SECRET} - export DRONE_RPC_SECRET=$${DRONE_RPC_SECRET} - export SSH_KEY=$${SSH_KEY} + - export SCHEME=$${SCHEME} - export DOMAIN=$${DOMAIN} - export DRONE_GITEA_CLIENT_ID=$${DRONE_GITEA_CLIENT_ID} - export DRONE_GITEA_SERVER=$${DRONE_GITEA_SERVER} @@ -263,6 +272,8 @@ services: path: /var/run - name: ca path: /etc/docker/certs.d + - name: daemonjson + path: /etc/docker/daemon.json volumes: - name: dockersock @@ -270,6 +281,9 @@ volumes: - name: ca host: path: /etc/docker/certs.d +- name: daemonjson + host: + path: /etc/docker/daemon.json trigger: event: diff --git a/.drone/lib/public-secrets.libsonnet b/.drone/lib/public-secrets.libsonnet index bb253d7..12b2420 100644 --- a/.drone/lib/public-secrets.libsonnet +++ b/.drone/lib/public-secrets.libsonnet @@ -1,4 +1,5 @@ [ + 'scheme', 'domain', 'drone-gitea-client-id', 'drone-gitea-server', diff --git a/.drone/package.json b/.drone/package.json index ff93383..7e0c3e8 100644 --- a/.drone/package.json +++ b/.drone/package.json @@ -4,6 +4,6 @@ "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream" }, "dependencies": { - "@sigyl/jsonnet-drone": "^0.4.0" + "@sigyl/jsonnet-drone": "0.4.1" } } diff --git a/.drone/scripts/initialise-images.sh b/.drone/scripts/initialise-images.sh index 5cb7acb..40d45dc 100644 --- a/.drone/scripts/initialise-images.sh +++ b/.drone/scripts/initialise-images.sh @@ -1,3 +1,3 @@ sh $(dirname $0)/login.sh $1 "$2" \ -&& sh $(dirname $0)/initialise-image.sh $1 drone/drone:1.9.0 \ -&& sh $(dirname $0)/initialise-image.sh $1 drone/drone-runner-docker:1.5.0 \ No newline at end of file +&& sh $(dirname $0)/initialise-image.sh $1 drone/drone:1.9.1 \ +&& sh $(dirname $0)/initialise-image.sh $1 drone/drone-runner-docker:1.5.3 \ No newline at end of file diff --git a/.drone/yarn.lock b/.drone/yarn.lock index 903f335..3729148 100644 --- a/.drone/yarn.lock +++ b/.drone/yarn.lock @@ -12,10 +12,10 @@ resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== -"@sigyl/jsonnet-drone@^0.4.0": - version "0.4.0" - resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.4.0.tgz#ebf7bc5e076d7252195fee7be2d1eafd24ee0435" - integrity sha512-96Adxqgo4SIU7skhiD0oPRproK4hy+Gvulym0p0bcSod5bv6b94BcYSfMyJye+sy6oRD0gosJY2uet1rgoB8UA== +"@sigyl/jsonnet-drone@0.4.1": + version "0.4.1" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.4.1.tgz#3527edb00f8bb860de1658f4c9fa6f81f932d3b7" + integrity sha512-+TOx51KJG1RxrPRZ2lPpia7a6Ms5UvkyLIuXuumPtenyxJ/pivY1TdcLvSAvFgVZHMjh9CxBCuOu8vNT1fPy2A== dependencies: "@sigyl/jsonnet-compose" "^0.0.2" "@sigyl/jsonnet-drone-environment" "0.0.5" diff --git a/docker-compose.yml b/docker-compose.yml index 3910108..16dacec 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,14 +8,14 @@ services: replicas: 1 restart_policy: condition: any - image: ${LOCAL_DOCKER_REGISTRY}drone/drone:1.9.0 + image: ${LOCAL_DOCKER_REGISTRY}drone/drone:1.9.1 volumes: - - drone:/var/lib/drone - - drone-data:/data + - drone-5:/var/lib/drone + - drone-data-5:/data environment: - DRONE_LOGS_DEBUG=true - DRONE_LOGS_PRETTY=true - - DRONE_GITEA_SERVER=${SCHEME}://${DRONE_GITEA_SERVER} + - DRONE_GITEA_SERVER=${DRONE_GITEA_SERVER} - DRONE_GITEA_CLIENT_ID=${DRONE_GITEA_CLIENT_ID} - DRONE_GITEA_CLIENT_SECRET=${DRONE_GITEA_CLIENT_SECRET} - DRONE_SERVER_HOST=${DRONE_SERVER_HOST} # tunnel hostname @@ -37,7 +37,7 @@ services: replicas: 1 restart_policy: condition: any - image: ${LOCAL_DOCKER_REGISTRY}drone/drone-runner-docker:1.5.0 + image: ${LOCAL_DOCKER_REGISTRY}drone/drone-runner-docker:1.5.3 volumes: - /var/run/docker.sock:/var/run/docker.sock environment: @@ -50,8 +50,8 @@ services: networks: - appnet volumes: - drone: - drone-data: + drone-5: + drone-data-5: networks: appnet: diff --git a/drone-starlark/Dockerfile b/drone-starlark/Dockerfile deleted file mode 100644 index 3e12146..0000000 --- a/drone-starlark/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM drone/drone-convert-starlark:1.1.0-beta.1 -COPY repos /repos -COPY run.sh / -USER root -RUN apk update -RUN apk add gettext # enables envsubst -ENTRYPOINT [] -CMD sh /run.sh \ No newline at end of file diff --git a/drone-starlark/repos/build-docker-folder.star b/drone-starlark/repos/build-docker-folder.star deleted file mode 100644 index 66dd30b..0000000 --- a/drone-starlark/repos/build-docker-folder.star +++ /dev/null @@ -1,33 +0,0 @@ -load("@this//:environment.star", "environment") -def buildDockerFolder( - dockerFile, - image, - tag, - folder, - name, -): - return { - "name": "build-{name}".format( - name = name, - ), - "image": "docker:dind", - "volumes": [ - { - "name": "dockersock", - "path": "/var/run", - }, - ], - "environment": environment([ - "local-docker-registry", - "registry-password", - ]), - "commands": [ - "cd {folder}".format(folder=folder), - 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', - "sh build-docker-folder.sh {dockerFile} {image} {tag}".format( - image = image, - dockerFile = dockerFile, - tag = tag, - ), - ], - } diff --git a/drone-starlark/repos/build-folder.star b/drone-starlark/repos/build-folder.star deleted file mode 100644 index 1a43f1c..0000000 --- a/drone-starlark/repos/build-folder.star +++ /dev/null @@ -1,24 +0,0 @@ -load("@this//:environment.star", "environment") -def buildFolder(name, folder): - return { - "name": "build-{folder} {name}".format( - folder=folder, - name=name, - ), - "image": "docker:dind", - "volumes": [ - { - "name": "dockersock", - "path": "/var/run", - }, - ], - "environment": environment([ - "local-docker-registry", - "registry-password", - ]), - "commands": [ - "cd {folder}".format(folder=folder), - 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', - "sh build.sh {name} $${{LOCAL_DOCKER_REGISTRY}}".format(name = name), - ], - } diff --git a/drone-starlark/repos/build.star b/drone-starlark/repos/build.star deleted file mode 100644 index c095ae9..0000000 --- a/drone-starlark/repos/build.star +++ /dev/null @@ -1,23 +0,0 @@ -load("@this//:environment.star", "environment") - -def build(name): - return { - "name": "build-{name}".format(name=name), - "image": "docker:dind", - "volumes": [ - { - "name": "dockersock", - "path": "/var/run", - }, - ], - "environment": environment([ - "local-docker-registry", - "registry-password" - ]), - "commands": [ - "cd {name}".format(name=name), - 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', - "docker build . -t $${{LOCAL_DOCKER_REGISTRY}}{name}".format(name=name), - "docker push $${{LOCAL_DOCKER_REGISTRY}}{name}".format(name=name), - ], - } diff --git a/drone-starlark/repos/chat/drone.star b/drone-starlark/repos/chat/drone.star deleted file mode 100644 index 297d452..0000000 --- a/drone-starlark/repos/chat/drone.star +++ /dev/null @@ -1,74 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//chat:public-secrets.star", "publicSecrets") -load("@this//chat:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-chat", - publicSecrets, - secretSecrets, - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/chat/public-secrets.star b/drone-starlark/repos/chat/public-secrets.star deleted file mode 100644 index a56f68c..0000000 --- a/drone-starlark/repos/chat/public-secrets.star +++ /dev/null @@ -1,5 +0,0 @@ -publicSecrets = [ - "git-domain", - "chat-admin-name", - "chat-admin-email", -] \ No newline at end of file diff --git a/drone-starlark/repos/chat/secret-secrets.star b/drone-starlark/repos/chat/secret-secrets.star deleted file mode 100644 index 2d1fba3..0000000 --- a/drone-starlark/repos/chat/secret-secrets.star +++ /dev/null @@ -1,3 +0,0 @@ -secretSecrets = [ - "chat-admin-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/chat/stack-name._star b/drone-starlark/repos/chat/stack-name._star deleted file mode 100644 index 005c93d..0000000 --- a/drone-starlark/repos/chat/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='chat' \ No newline at end of file diff --git a/drone-starlark/repos/chat/stack-root._star b/drone-starlark/repos/chat/stack-root._star deleted file mode 100644 index 0237676..0000000 --- a/drone-starlark/repos/chat/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/chat' \ No newline at end of file diff --git a/drone-starlark/repos/clear.star b/drone-starlark/repos/clear.star deleted file mode 100644 index f40bdab..0000000 --- a/drone-starlark/repos/clear.star +++ /dev/null @@ -1,16 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") - -def clear(folder): - return { - "name": "clear", - "image": "appleboy/drone-ssh", - "settings": { - "host": fromSecret("ssh-host"), - "port": fromSecret("ssh-port"), - "username": fromSecret("ssh-user"), - "password": fromSecret("ssh-password"), - "script": [ - "rm -r -f {folder}".format(folder = folder), - ] - } - } diff --git a/drone-starlark/repos/commento/drone.star b/drone-starlark/repos/commento/drone.star deleted file mode 100644 index 18f5328..0000000 --- a/drone-starlark/repos/commento/drone.star +++ /dev/null @@ -1,74 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//commento:public-secrets.star", "publicSecrets") -load("@this//commento:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-commento", - publicSecrets, - secretSecrets, - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/commento/public-secrets.star b/drone-starlark/repos/commento/public-secrets.star deleted file mode 100644 index 876adda..0000000 --- a/drone-starlark/repos/commento/public-secrets.star +++ /dev/null @@ -1,11 +0,0 @@ -publicSecrets = [ - "commento-origin", - "commento-smtp-host", - "commento-smtp-port", - "commento-smtp-username", - "commento-smtp-from-address", - "commento-forbid-new-owners", - "commento-postgres-db", - "commento-postgres-user", - "commento-github-key", -] \ No newline at end of file diff --git a/drone-starlark/repos/commento/secret-secrets.star b/drone-starlark/repos/commento/secret-secrets.star deleted file mode 100644 index 89a50fb..0000000 --- a/drone-starlark/repos/commento/secret-secrets.star +++ /dev/null @@ -1,6 +0,0 @@ -secretSecrets = [ - "commento-smtp-password", - "commento-askimet-key", - "commento-postgres-password", - "commento-github-secret", -] \ No newline at end of file diff --git a/drone-starlark/repos/commento/stack-name._star b/drone-starlark/repos/commento/stack-name._star deleted file mode 100644 index 995c204..0000000 --- a/drone-starlark/repos/commento/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='commento' \ No newline at end of file diff --git a/drone-starlark/repos/commento/stack-root._star b/drone-starlark/repos/commento/stack-root._star deleted file mode 100644 index 2e36bc6..0000000 --- a/drone-starlark/repos/commento/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/commento' \ No newline at end of file diff --git a/drone-starlark/repos/deploy-from-registry.star b/drone-starlark/repos/deploy-from-registry.star deleted file mode 100644 index 9e59892..0000000 --- a/drone-starlark/repos/deploy-from-registry.star +++ /dev/null @@ -1,39 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:export.star", "export") - -def deploy( - filename, - name, - folder, - secrets, - commands, - ctx -): - return { - "name": "deploy {name}".format(name = name), - "image": "appleboy/drone-ssh", - "environment": environment(secrets), - "settings": { - "envs": [x.replace("-", "_") for x in secrets ], - "host": fromSecret("ssh-host"), - "port": fromSecret("ssh-port"), - "username": fromSecret("ssh-root-user"), - "password": fromSecret("ssh-root-password"), - "script": [ - "set -e" - ] + - map(export, secrets) + - [ - "export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/{namespace}/{name}".format(name=ctx.repo.name, namespace=ctx.repo.namespace), - "export DRONE_COMMIT={commit}".format(commit=ctx.build.commit), - "docker network prune -f", - "cd {folder}".format(folder=folder), - 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', - "docker stack rm {name}".format(name = name), - "sleep 30", - "docker stack deploy -c {filename} {name}".format(name= name, filename = filename), - ] + commands - } - } diff --git a/drone-starlark/repos/deploy.star b/drone-starlark/repos/deploy.star deleted file mode 100644 index 0f9dda1..0000000 --- a/drone-starlark/repos/deploy.star +++ /dev/null @@ -1,38 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:export.star", "export") - -def deploy( - filename, - name, - folder, - secrets, - commands, - ctx -): - return { - "name": "deploy {name}".format(name = name), - "image": "appleboy/drone-ssh", - "environment": environment(secrets), - "settings": { - "envs": [x.replace("-", "_") for x in secrets ], - "host": fromSecret("ssh-host"), - "port": fromSecret("ssh-port"), - "username": fromSecret("ssh-root-user"), - "password": fromSecret("ssh-root-password"), - "script": [ - "set -e" - ] + - map(export, secrets) + - [ - "export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/{namespace}/{name}".format(name=ctx.repo.name, namespace=ctx.repo.namespace), - "export DRONE_COMMIT={commit}".format(commit=ctx.build.commit), - "docker network prune -f", - "cd {folder}".format(folder=folder), - "docker stack rm {name}".format(name = name), - "sleep 30", - "docker stack deploy -c {filename} {name}".format(name= name, filename = filename), - ] + commands - } - } diff --git a/drone-starlark/repos/drone/drone.star b/drone-starlark/repos/drone/drone.star deleted file mode 100644 index 56290c8..0000000 --- a/drone-starlark/repos/drone/drone.star +++ /dev/null @@ -1,81 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//drone:public-secrets.star", "publicSecrets") -load("@this//drone:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy-from-registry.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - build("drone-starlark"), - printSecrets( - "env-drone", - publicSecrets, - secretSecrets, - ), - pull( - "pull images", - [ - "drone-starlark", - ], - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/drone/public-secrets.star b/drone-starlark/repos/drone/public-secrets.star deleted file mode 100644 index 76d0b11..0000000 --- a/drone-starlark/repos/drone/public-secrets.star +++ /dev/null @@ -1,7 +0,0 @@ -publicSecrets = [ - "drone-domain", - "drone-gitea-client-id", - "drone-gitea-server", - "drone-server-host", - "local-docker-registry", -] \ No newline at end of file diff --git a/drone-starlark/repos/drone/secret-secrets.star b/drone-starlark/repos/drone/secret-secrets.star deleted file mode 100644 index 0b52e58..0000000 --- a/drone-starlark/repos/drone/secret-secrets.star +++ /dev/null @@ -1,6 +0,0 @@ -secretSecrets = [ - "drone-convert-secret", - "drone-gitea-client-secret", - "drone-rpc-secret", - "registry-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/drone/stack-name._star b/drone-starlark/repos/drone/stack-name._star deleted file mode 100644 index d16bfc5..0000000 --- a/drone-starlark/repos/drone/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='drone' \ No newline at end of file diff --git a/drone-starlark/repos/drone/stack-root._star b/drone-starlark/repos/drone/stack-root._star deleted file mode 100644 index e7c1112..0000000 --- a/drone-starlark/repos/drone/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/drone' \ No newline at end of file diff --git a/drone-starlark/repos/echo-secret.star b/drone-starlark/repos/echo-secret.star deleted file mode 100644 index f7cbc1a..0000000 --- a/drone-starlark/repos/echo-secret.star +++ /dev/null @@ -1,7 +0,0 @@ -load("@this//:secret-to-environment.star", "secretToEnvironment") - -def echoSecret(secret): - return 'echo "export {environment}=???? ${environment}" >> ***filename*** # {secret}'.format( - secret = secret, - environment = secretToEnvironment(secret), - ) diff --git a/drone-starlark/repos/echo.star b/drone-starlark/repos/echo.star deleted file mode 100644 index 9eb517a..0000000 --- a/drone-starlark/repos/echo.star +++ /dev/null @@ -1,7 +0,0 @@ -load("@this//:secret-to-environment.star", "secretToEnvironment") - -def echo(secret): - return 'echo "export {environment}=\'${environment}\'" >> ***filename*** # {secret}'.format( - secret = secret, - environment = secretToEnvironment(secret), - ) diff --git a/drone-starlark/repos/environment.star b/drone-starlark/repos/environment.star deleted file mode 100644 index 12a70b2..0000000 --- a/drone-starlark/repos/environment.star +++ /dev/null @@ -1,5 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -def environment(env): - return dict( - [(x.replace("-", "_").upper(), fromSecret(x)) for x in env] - ) diff --git a/drone-starlark/repos/export.star b/drone-starlark/repos/export.star deleted file mode 100644 index 77d0a19..0000000 --- a/drone-starlark/repos/export.star +++ /dev/null @@ -1,6 +0,0 @@ -load("@this//:secret-to-environment.star", "secretToEnvironment") - -def export(secret): - return "export {toCaps}=${toCaps}".format( - toCaps = secretToEnvironment(secret), - ) diff --git a/drone-starlark/repos/from-secret.star b/drone-starlark/repos/from-secret.star deleted file mode 100644 index 79140f9..0000000 --- a/drone-starlark/repos/from-secret.star +++ /dev/null @@ -1,4 +0,0 @@ -def fromSecret(name): - return { - "from_secret": name - } \ No newline at end of file diff --git a/drone-starlark/repos/ghost/drone.star b/drone-starlark/repos/ghost/drone.star deleted file mode 100644 index 15fda2b..0000000 --- a/drone-starlark/repos/ghost/drone.star +++ /dev/null @@ -1,81 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//ghost:public-secrets.star", "publicSecrets") -load("@this//ghost:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy-from-registry.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-ghost", - publicSecrets, - secretSecrets, - ), - build("ghost"), - pull( - "pull images", - [ - "ghost", - ], - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/ghost/public-secrets.star b/drone-starlark/repos/ghost/public-secrets.star deleted file mode 100644 index 7c6c36a..0000000 --- a/drone-starlark/repos/ghost/public-secrets.star +++ /dev/null @@ -1,7 +0,0 @@ -publicSecrets = [ - "git-domain", - "local-docker-registry", - "ghost-mail-service", - "ghost-mail-user", - "commento-origin", -] \ No newline at end of file diff --git a/drone-starlark/repos/ghost/secret-secrets.star b/drone-starlark/repos/ghost/secret-secrets.star deleted file mode 100644 index 45a9b6c..0000000 --- a/drone-starlark/repos/ghost/secret-secrets.star +++ /dev/null @@ -1,4 +0,0 @@ -secretSecrets = [ - "ghost-mysql-root-password", - "registry-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/ghost/stack-name._star b/drone-starlark/repos/ghost/stack-name._star deleted file mode 100644 index 6392a38..0000000 --- a/drone-starlark/repos/ghost/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='ghost' \ No newline at end of file diff --git a/drone-starlark/repos/ghost/stack-root._star b/drone-starlark/repos/ghost/stack-root._star deleted file mode 100644 index 04b8fe2..0000000 --- a/drone-starlark/repos/ghost/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/ghost' \ No newline at end of file diff --git a/drone-starlark/repos/gitea/drone.star b/drone-starlark/repos/gitea/drone.star deleted file mode 100644 index c6b8244..0000000 --- a/drone-starlark/repos/gitea/drone.star +++ /dev/null @@ -1,81 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//gitea:public-secrets.star", "publicSecrets") -load("@this//gitea:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy-from-registry.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-gitea", - publicSecrets, - secretSecrets, - ), - build("gitea"), - pull( - "pull images", - [ - "gitea", - ], - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/gitea/public-secrets.star b/drone-starlark/repos/gitea/public-secrets.star deleted file mode 100644 index 993e8f8..0000000 --- a/drone-starlark/repos/gitea/public-secrets.star +++ /dev/null @@ -1,8 +0,0 @@ -publicSecrets = [ - "git-domain", - "local-docker-registry", - "gitea-mailer-host", - "gitea-mailer-from", - "gitea-mailer-user", - "gitea-app-name", -] \ No newline at end of file diff --git a/drone-starlark/repos/gitea/secret-secrets.star b/drone-starlark/repos/gitea/secret-secrets.star deleted file mode 100644 index 907fd0a..0000000 --- a/drone-starlark/repos/gitea/secret-secrets.star +++ /dev/null @@ -1,8 +0,0 @@ -secretSecrets = [ - "gitea-server-lfs-jwt-secret", - "gitea-security-secret-key", - "gitea-security-internal-token", - "gitea-oauth2-jwt-secret", - "gitea-mailer-passwd", - "registry-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/gitea/stack-name._star b/drone-starlark/repos/gitea/stack-name._star deleted file mode 100644 index 921461d..0000000 --- a/drone-starlark/repos/gitea/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='gitea' \ No newline at end of file diff --git a/drone-starlark/repos/gitea/stack-root._star b/drone-starlark/repos/gitea/stack-root._star deleted file mode 100644 index aba232f..0000000 --- a/drone-starlark/repos/gitea/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/gitea' \ No newline at end of file diff --git a/drone-starlark/repos/guacamole/drone.star b/drone-starlark/repos/guacamole/drone.star deleted file mode 100644 index 0205155..0000000 --- a/drone-starlark/repos/guacamole/drone.star +++ /dev/null @@ -1,81 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//guacamole:public-secrets.star", "publicSecrets") -load("@this//guacamole:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy-from-registry.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-guacamole", - publicSecrets, - secretSecrets, - ), - build("guacamole-postgresql"), - pull( - "pull images", - [ - "guacamole-postgresql", - ], - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/guacamole/public-secrets.star b/drone-starlark/repos/guacamole/public-secrets.star deleted file mode 100644 index 29f27c2..0000000 --- a/drone-starlark/repos/guacamole/public-secrets.star +++ /dev/null @@ -1,5 +0,0 @@ -publicSecrets = [ - "local-docker-registry", - "guacamole-postgres-db", - "guacamole-postgres-user", -] \ No newline at end of file diff --git a/drone-starlark/repos/guacamole/secret-secrets.star b/drone-starlark/repos/guacamole/secret-secrets.star deleted file mode 100644 index ef0c167..0000000 --- a/drone-starlark/repos/guacamole/secret-secrets.star +++ /dev/null @@ -1,4 +0,0 @@ -secretSecrets = [ - "guacamole-postgres-password", - "registry-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/guacamole/stack-name._star b/drone-starlark/repos/guacamole/stack-name._star deleted file mode 100644 index 85e1ddd..0000000 --- a/drone-starlark/repos/guacamole/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='guacamole' \ No newline at end of file diff --git a/drone-starlark/repos/guacamole/stack-root._star b/drone-starlark/repos/guacamole/stack-root._star deleted file mode 100644 index 11c3266..0000000 --- a/drone-starlark/repos/guacamole/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/guacamole' \ No newline at end of file diff --git a/drone-starlark/repos/huginn/drone.star b/drone-starlark/repos/huginn/drone.star deleted file mode 100644 index df825ad..0000000 --- a/drone-starlark/repos/huginn/drone.star +++ /dev/null @@ -1,74 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//huginn:public-secrets.star", "publicSecrets") -load("@this//huginn:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-huginn", - publicSecrets, - secretSecrets, - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/huginn/public-secrets.star b/drone-starlark/repos/huginn/public-secrets.star deleted file mode 100644 index f2f23bc..0000000 --- a/drone-starlark/repos/huginn/public-secrets.star +++ /dev/null @@ -1,7 +0,0 @@ -publicSecrets = [ - "smtp-domain", - "smtp-user-name", - "smtp-server", - "email-from-address", - "smtp-port", -] \ No newline at end of file diff --git a/drone-starlark/repos/huginn/secret-secrets.star b/drone-starlark/repos/huginn/secret-secrets.star deleted file mode 100644 index 2233f55..0000000 --- a/drone-starlark/repos/huginn/secret-secrets.star +++ /dev/null @@ -1,5 +0,0 @@ -secretSecrets = [ - "smtp-password", - "invitation-code", - "database-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/huginn/stack-name._star b/drone-starlark/repos/huginn/stack-name._star deleted file mode 100644 index ff2c406..0000000 --- a/drone-starlark/repos/huginn/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='huginn' \ No newline at end of file diff --git a/drone-starlark/repos/huginn/stack-root._star b/drone-starlark/repos/huginn/stack-root._star deleted file mode 100644 index e4fbb05..0000000 --- a/drone-starlark/repos/huginn/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/huginn' \ No newline at end of file diff --git a/drone-starlark/repos/map.star b/drone-starlark/repos/map.star deleted file mode 100644 index d7828a0..0000000 --- a/drone-starlark/repos/map.star +++ /dev/null @@ -1,2 +0,0 @@ -def map(fn, l): - return [fn(x) for x in l] diff --git a/drone-starlark/repos/matomo/drone.star b/drone-starlark/repos/matomo/drone.star deleted file mode 100644 index 8bfa3ce..0000000 --- a/drone-starlark/repos/matomo/drone.star +++ /dev/null @@ -1,74 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//matomo:public-secrets.star", "publicSecrets") -load("@this//matomo:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-matomo", - publicSecrets, - secretSecrets, - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/matomo/public-secrets.star b/drone-starlark/repos/matomo/public-secrets.star deleted file mode 100644 index f20c2aa..0000000 --- a/drone-starlark/repos/matomo/public-secrets.star +++ /dev/null @@ -1 +0,0 @@ -publicSecrets = [] diff --git a/drone-starlark/repos/matomo/secret-secrets.star b/drone-starlark/repos/matomo/secret-secrets.star deleted file mode 100644 index 373c06d..0000000 --- a/drone-starlark/repos/matomo/secret-secrets.star +++ /dev/null @@ -1,4 +0,0 @@ -secretSecrets = [ - "matomo-mysql-root-password", - "matomo-mysql-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/matomo/stack-name._star b/drone-starlark/repos/matomo/stack-name._star deleted file mode 100644 index 1a97eda..0000000 --- a/drone-starlark/repos/matomo/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='matomo' \ No newline at end of file diff --git a/drone-starlark/repos/matomo/stack-root._star b/drone-starlark/repos/matomo/stack-root._star deleted file mode 100644 index 38ddfbd..0000000 --- a/drone-starlark/repos/matomo/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/matomo' \ No newline at end of file diff --git a/drone-starlark/repos/pipeline.star b/drone-starlark/repos/pipeline.star deleted file mode 100644 index 4b348db..0000000 --- a/drone-starlark/repos/pipeline.star +++ /dev/null @@ -1,32 +0,0 @@ -def pipeline( - name, - steps, - dependsOn, - volumes, - dockerVolumes -): - return { - "kind": "pipeline", - "name": name, - "depends_on": dependsOn, - "steps": steps, - "services": [ - { - "name": "docker", - "image": "docker:dind", - "privileged": True, - "volumes": [ - { - "name": "dockersock", - "path": "/var/run", - }, - ] + dockerVolumes, - } - ], - "volumes": [ - { - "name": "dockersock", - "temp": {}, - }, - ] + volumes, - } diff --git a/drone-starlark/repos/portainer/drone.star b/drone-starlark/repos/portainer/drone.star deleted file mode 100644 index cb2e040..0000000 --- a/drone-starlark/repos/portainer/drone.star +++ /dev/null @@ -1,74 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//portainer:public-secrets.star", "publicSecrets") -load("@this//portainer:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-portainer", - publicSecrets, - secretSecrets, - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/portainer/public-secrets.star b/drone-starlark/repos/portainer/public-secrets.star deleted file mode 100644 index f20c2aa..0000000 --- a/drone-starlark/repos/portainer/public-secrets.star +++ /dev/null @@ -1 +0,0 @@ -publicSecrets = [] diff --git a/drone-starlark/repos/portainer/secret-secrets.star b/drone-starlark/repos/portainer/secret-secrets.star deleted file mode 100644 index 301110f..0000000 --- a/drone-starlark/repos/portainer/secret-secrets.star +++ /dev/null @@ -1 +0,0 @@ -secretSecrets = [] diff --git a/drone-starlark/repos/portainer/stack-name._star b/drone-starlark/repos/portainer/stack-name._star deleted file mode 100644 index eecc2fa..0000000 --- a/drone-starlark/repos/portainer/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='portainer' \ No newline at end of file diff --git a/drone-starlark/repos/portainer/stack-root._star b/drone-starlark/repos/portainer/stack-root._star deleted file mode 100644 index 28b3336..0000000 --- a/drone-starlark/repos/portainer/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/portainer' \ No newline at end of file diff --git a/drone-starlark/repos/print-secrets.star b/drone-starlark/repos/print-secrets.star deleted file mode 100644 index f777a14..0000000 --- a/drone-starlark/repos/print-secrets.star +++ /dev/null @@ -1,24 +0,0 @@ -load("@this//:map.star", "map") -load("@this//:from-secret.star", "fromSecret") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") - -def printSecrets(filename, env, secretEnv): - return { - "name": "print secrets", - "image": "appleboy/drone-ssh", - "environment": environment(env + secretEnv), - "settings": { - "envs": [x.replace("-", "_") for x in env + secretEnv ], - "host": fromSecret("ssh-host"), - "port": fromSecret("ssh-port"), - "username": fromSecret("ssh-user"), - "password": fromSecret("ssh-password"), - "script": [x.replace("***filename***", filename) for x in [ - "rm -f ***filename***", - ] + map(echo, env) - + map(echo, secretEnv)] - } - } diff --git a/drone-starlark/repos/proxy/drone.star b/drone-starlark/repos/proxy/drone.star deleted file mode 100644 index 821be5c..0000000 --- a/drone-starlark/repos/proxy/drone.star +++ /dev/null @@ -1,108 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//proxy:public-secrets.star", "publicSecrets") -load("@this//proxy:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy-from-registry.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-proxy", - publicSecrets, - secretSecrets, - ), - build("ngrok-gitea"), - build("registry"), - build("letsencrypt-nginx"), - buildDockerFolder( - "Dockerfile.git", - "$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx", - "$${LOCAL_DOCKER_REGISTRY}letsencrypt-git", - "letsencrypt-nginx", - "git", - ), - buildDockerFolder( - "Dockerfile.huginn", - "$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx", - "$${LOCAL_DOCKER_REGISTRY}letsencrypt-huginn", - "letsencrypt-nginx", - "huginn", - ), - buildDockerFolder( - "Dockerfile.drone", - "$${LOCAL_DOCKER_REGISTRY}letsencrypt-nginx", - "$${LOCAL_DOCKER_REGISTRY}letsencrypt-drone", - "letsencrypt-nginx", - "drone", - ), - pull( - "pull images", - [ - "ngrok-gitea", - "registry", - "letsencrypt-git", - "letsencrypt-drone", - "letsencrypt-huginn", - ], - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/proxy/public-secrets.star b/drone-starlark/repos/proxy/public-secrets.star deleted file mode 100644 index 8af7771..0000000 --- a/drone-starlark/repos/proxy/public-secrets.star +++ /dev/null @@ -1,7 +0,0 @@ -publicSecrets = [ - "certbot-email", - "drone-domain", - "huginn-domain", - "git-domain", - "local-docker-registry", -] \ No newline at end of file diff --git a/drone-starlark/repos/proxy/secret-secrets.star b/drone-starlark/repos/proxy/secret-secrets.star deleted file mode 100644 index a401da8..0000000 --- a/drone-starlark/repos/proxy/secret-secrets.star +++ /dev/null @@ -1,5 +0,0 @@ -secretSecrets = [ - "ngrok-auth-token", - "registry-password", - "new-registry-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/proxy/stack-name._star b/drone-starlark/repos/proxy/stack-name._star deleted file mode 100644 index a8bb8d9..0000000 --- a/drone-starlark/repos/proxy/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='proxy' \ No newline at end of file diff --git a/drone-starlark/repos/proxy/stack-root._star b/drone-starlark/repos/proxy/stack-root._star deleted file mode 100644 index fc38939..0000000 --- a/drone-starlark/repos/proxy/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/proxy' \ No newline at end of file diff --git a/drone-starlark/repos/pull.star b/drone-starlark/repos/pull.star deleted file mode 100644 index c24c577..0000000 --- a/drone-starlark/repos/pull.star +++ /dev/null @@ -1,31 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:export.star", "export") - -def pull( - name, - images, -): - secrets = [ - "local-docker-registry", - "registry-password", - ] - return { - "name": name, - "image": "appleboy/drone-ssh", - "environment": environment(secrets), - "settings": { - "envs": [x.replace("-", "_") for x in secrets ], - "host": fromSecret("ssh-host"), - "port": fromSecret("ssh-port"), - "username": fromSecret("ssh-root-user"), - "password": fromSecret("ssh-root-password"), - "script": [ - "set -e" - ] + - map(export, secrets) + - ['docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"'] + - ["docker pull $${{LOCAL_DOCKER_REGISTRY}}{image}".format(image=image) for image in images ] - } - } diff --git a/drone-starlark/repos/rescale.star b/drone-starlark/repos/rescale.star deleted file mode 100644 index 53a1a17..0000000 --- a/drone-starlark/repos/rescale.star +++ /dev/null @@ -1,21 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") - -def rescale( - service, - scaleTo -): - return { - "name": "rescale {service}".format(service=service), - "image": "appleboy/drone-ssh", - "settings": { - "host": fromSecret("ssh-host"), - "port": fromSecret("ssh-port"), - "username": fromSecret("ssh-root-user"), - "password": fromSecret("ssh-root-password"), - "script": [ - "set -e", - "docker service scale {service}=0".format(service=service), - "docker service scale {service}={scaleTo}".format(service=service, scaleTo=scaleTo), - ] - } - } diff --git a/drone-starlark/repos/scp.star b/drone-starlark/repos/scp.star deleted file mode 100644 index f0b4c6f..0000000 --- a/drone-starlark/repos/scp.star +++ /dev/null @@ -1,25 +0,0 @@ -def scp(target): - return { - "name": "scp files", - "image": "appleboy/drone-scp", - "settings": { - "host": { - "from_secret": "ssh-host", - }, - "username": { - "from_secret": "ssh-user", - }, - "password": { - "from_secret": "ssh-password", - }, - "port": { - "from_secret": "ssh-port", - }, - "command_timeout": "2m", - "target": target, - "source": [ - ".", - ], - }, - } - \ No newline at end of file diff --git a/drone-starlark/repos/secret-to-environment.star b/drone-starlark/repos/secret-to-environment.star deleted file mode 100644 index 8dd501e..0000000 --- a/drone-starlark/repos/secret-to-environment.star +++ /dev/null @@ -1,2 +0,0 @@ -def secretToEnvironment(secret): - return secret.replace("-", "_").upper() diff --git a/drone-starlark/repos/wait.star b/drone-starlark/repos/wait.star deleted file mode 100644 index 021bc8c..0000000 --- a/drone-starlark/repos/wait.star +++ /dev/null @@ -1,8 +0,0 @@ -def wait(delay, name): - return { - "name": name, - "image": "alpine", - "commands": [ - "sleep {delay}".format(delay = delay), - ], - } diff --git a/drone-starlark/repos/zabbix/drone.star b/drone-starlark/repos/zabbix/drone.star deleted file mode 100644 index 86dda91..0000000 --- a/drone-starlark/repos/zabbix/drone.star +++ /dev/null @@ -1,74 +0,0 @@ -load("@this//:from-secret.star", "fromSecret") -load("@this//:print-secrets.star", "printSecrets") - -load("@this//:map.star", "map") -load("@this//:environment.star", "environment") -load("@this//:echo.star", "echo") -load("@this//:export.star", "export") -load("@this//:echo-secret.star", "echoSecret") -load("@this//:wait.star", "wait") -load("@this//:build.star", "build") -load("@this//:scp.star", "scp") -load("@this//zabbix:public-secrets.star", "publicSecrets") -load("@this//zabbix:secret-secrets.star", "secretSecrets") -load("@this//:rescale.star", "rescale") -load("@this//:pull.star", "pull") -load("@this//:deploy.star", "deploy") -load("@this//:build-folder.star", "buildFolder") -load("@this//:build-docker-folder.star", "buildDockerFolder") -load("@this//:pipeline.star", "pipeline") - -def drone( - ctx, - branch, - base, - name, - commands, -): - if ctx.build.branch == branch: - return [ - pipeline( - branch, - [ - scp(base), - wait(15, "wait"), - printSecrets( - "env-zabbix", - publicSecrets, - secretSecrets, - ), - deploy( - "docker-compose.yml", - name, - base, - publicSecrets + secretSecrets, - commands, - ctx - ), - ], - [], - [ - { - "name": "ca", - "host": { - "path": "/etc/docker/certs.d", - }, - } - ], - [ - { - "name": "ca", - "path": "/etc/docker/certs.d", - }, - ] - ), - ] - else: - return pipeline( - ctx.build.branch, - [], - [], - [], - [], - ) - \ No newline at end of file diff --git a/drone-starlark/repos/zabbix/public-secrets.star b/drone-starlark/repos/zabbix/public-secrets.star deleted file mode 100644 index a3939ad..0000000 --- a/drone-starlark/repos/zabbix/public-secrets.star +++ /dev/null @@ -1 +0,0 @@ -publicSecrets = [] \ No newline at end of file diff --git a/drone-starlark/repos/zabbix/secret-secrets.star b/drone-starlark/repos/zabbix/secret-secrets.star deleted file mode 100644 index 621d7da..0000000 --- a/drone-starlark/repos/zabbix/secret-secrets.star +++ /dev/null @@ -1,4 +0,0 @@ -secretSecrets = [ - "zabbix-mysql-root-password", - "zabbix-mysql-password", -] \ No newline at end of file diff --git a/drone-starlark/repos/zabbix/stack-name._star b/drone-starlark/repos/zabbix/stack-name._star deleted file mode 100644 index 50e0339..0000000 --- a/drone-starlark/repos/zabbix/stack-name._star +++ /dev/null @@ -1 +0,0 @@ -stackName='zabbix' \ No newline at end of file diff --git a/drone-starlark/repos/zabbix/stack-root._star b/drone-starlark/repos/zabbix/stack-root._star deleted file mode 100644 index 8d53004..0000000 --- a/drone-starlark/repos/zabbix/stack-root._star +++ /dev/null @@ -1 +0,0 @@ -stackRoot='/stack/zabbix' \ No newline at end of file diff --git a/drone-starlark/run.sh b/drone-starlark/run.sh deleted file mode 100644 index fff70cc..0000000 --- a/drone-starlark/run.sh +++ /dev/null @@ -1,34 +0,0 @@ -envsubst < /repos/proxy/stack-name._star > /repos/proxy/stack-name.star -envsubst < /repos/proxy/stack-root._star > /repos/proxy/stack-root.star - -envsubst < /repos/drone/stack-name._star > /repos/drone/stack-name.star -envsubst < /repos/drone/stack-root._star > /repos/drone/stack-root.star - -envsubst < /repos/commento/stack-name._star > /repos/commento/stack-name.star -envsubst < /repos/commento/stack-root._star > /repos/commento/stack-root.star - -envsubst < /repos/ghost/stack-name._star > /repos/ghost/stack-name.star -envsubst < /repos/ghost/stack-root._star > /repos/ghost/stack-root.star - -envsubst < /repos/gitea/stack-name._star > /repos/gitea/stack-name.star -envsubst < /repos/gitea/stack-root._star > /repos/gitea/stack-root.star - -envsubst < /repos/guacamole/stack-name._star > /repos/guacamole/stack-name.star -envsubst < /repos/guacamole/stack-root._star > /repos/guacamole/stack-root.star - -envsubst < /repos/chat/stack-name._star > /repos/chat/stack-name.star -envsubst < /repos/chat/stack-root._star > /repos/chat/stack-root.star - -envsubst < /repos/huginn/stack-name._star > /repos/huginn/stack-name.star -envsubst < /repos/huginn/stack-root._star > /repos/huginn/stack-root.star - -envsubst < /repos/matomo/stack-name._star > /repos/matomo/stack-name.star -envsubst < /repos/matomo/stack-root._star > /repos/matomo/stack-root.star - -envsubst < /repos/zabbix/stack-name._star > /repos/zabbix/stack-name.star -envsubst < /repos/zabbix/stack-root._star > /repos/zabbix/stack-root.star - -envsubst < /repos/portainer/stack-name._star > /repos/portainer/stack-name.star -envsubst < /repos/portainer/stack-root._star > /repos/portainer/stack-root.star - -/bin/drone-convert-starlark \ No newline at end of file