Compare commits
No commits in common. "master" and "home-deploy" have entirely different histories.
master
...
home-deplo
|
@ -0,0 +1,14 @@
|
||||||
|
|
||||||
|
load("@this//guacamole:drone.star", "drone")
|
||||||
|
load("@this//guacamole:stack-name.star", "stackName")
|
||||||
|
load("@this//guacamole:stack-root.star", "stackRoot")
|
||||||
|
|
||||||
|
def main(ctx):
|
||||||
|
return drone(
|
||||||
|
ctx,
|
||||||
|
"do",
|
||||||
|
stackRoot,
|
||||||
|
stackName,
|
||||||
|
[]
|
||||||
|
)
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
|
||||||
|
load("@this//guacamole:drone.star", "drone")
|
||||||
|
load("@this//guacamole:stack-name.star", "stackName")
|
||||||
|
load("@this//guacamole:stack-root.star", "stackRoot")
|
||||||
|
|
||||||
|
def main(ctx):
|
||||||
|
return drone(
|
||||||
|
ctx,
|
||||||
|
"home-deploy",
|
||||||
|
stackRoot,
|
||||||
|
stackName,
|
||||||
|
[]
|
||||||
|
)
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
docker build guacamole-postgresql \
|
|
||||||
-t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/guacamole-postgresql \
|
|
||||||
--build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/
|
|
|
@ -1,5 +0,0 @@
|
||||||
export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
|
|
||||||
&& docker stack rm guacamole \
|
|
||||||
&& echo 'sleeping...zzz' \
|
|
||||||
&& sleep 60 \
|
|
||||||
&& docker stack deploy -c docker-compose.yml guacamole --with-registry-auth
|
|
|
@ -1,64 +0,0 @@
|
||||||
local secretSecrets = import 'lib/secret-secrets.libsonnet';
|
|
||||||
local publicSecrets = import 'lib/public-secrets.libsonnet';
|
|
||||||
|
|
||||||
local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet';
|
|
||||||
local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet';
|
|
||||||
local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet';
|
|
||||||
local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet';
|
|
||||||
local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet';
|
|
||||||
local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet';
|
|
||||||
|
|
||||||
local config = {
|
|
||||||
registry: '',
|
|
||||||
root: 'stack',
|
|
||||||
name: 'guacamole',
|
|
||||||
};
|
|
||||||
|
|
||||||
local defs = [
|
|
||||||
{
|
|
||||||
load: 'postgres:12.4@sha256:c713cbd0e39ee3450bec6fa44e0f6236879b3dac79adc2d0417582785b8776b2',
|
|
||||||
save: 'postgres:12.4'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
load: 'guacamole/guacd:1.2.0@sha256:6ba0abac865bd7efd55dd52085ba8eb4f57910e33cea5ae6c4135a84f6a8bcdf',
|
|
||||||
save: 'guacamole/guacd:1.2.0',
|
|
||||||
},
|
|
||||||
{
|
|
||||||
load: 'guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9',
|
|
||||||
save: 'guacamole/guacamole:1.2.0',
|
|
||||||
},
|
|
||||||
];
|
|
||||||
[
|
|
||||||
register,
|
|
||||||
registry(
|
|
||||||
config {
|
|
||||||
// script: 'sh .drone/scripts/initialise-images.sh',
|
|
||||||
secrets: [],
|
|
||||||
images: defs,
|
|
||||||
},
|
|
||||||
),
|
|
||||||
save(config)(
|
|
||||||
defs,
|
|
||||||
[
|
|
||||||
'guacamole-postgresql',
|
|
||||||
],
|
|
||||||
),
|
|
||||||
print(config)(
|
|
||||||
[],
|
|
||||||
publicSecrets,
|
|
||||||
secretSecrets,
|
|
||||||
),
|
|
||||||
build(config)(
|
|
||||||
[],
|
|
||||||
),
|
|
||||||
deploy(config)(
|
|
||||||
[],
|
|
||||||
publicSecrets,
|
|
||||||
secretSecrets,
|
|
||||||
[
|
|
||||||
'REGISTRY_DOMAIN',
|
|
||||||
'REGISTRY_PORT',
|
|
||||||
'REGISTRY_PASSWORD',
|
|
||||||
],
|
|
||||||
),
|
|
||||||
]
|
|
|
@ -1,342 +0,0 @@
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: register
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
clone:
|
|
||||||
disable: true
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
exclude:
|
|
||||||
- promote
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: registry
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
clone:
|
|
||||||
disable: true
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: postgres:12.4
|
|
||||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
|
||||||
commands:
|
|
||||||
- set -e
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- "n=0\nwhile :\ndo\n docker pull postgres:12.4@sha256:c713cbd0e39ee3450bec6fa44e0f6236879b3dac79adc2d0417582785b8776b2 \\\\\n && docker tag postgres:12.4@sha256:c713cbd0e39ee3450bec6fa44e0f6236879b3dac79adc2d0417582785b8776b2 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n"
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
|
|
||||||
- name: guacamole/guacd:1.2.0
|
|
||||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
|
||||||
commands:
|
|
||||||
- set -e
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- "n=0\nwhile :\ndo\n docker pull guacamole/guacd:1.2.0@sha256:6ba0abac865bd7efd55dd52085ba8eb4f57910e33cea5ae6c4135a84f6a8bcdf \\\\\n && docker tag guacamole/guacd:1.2.0@sha256:6ba0abac865bd7efd55dd52085ba8eb4f57910e33cea5ae6c4135a84f6a8bcdf $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n"
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
|
|
||||||
- name: guacamole/guacamole:1.2.0
|
|
||||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
|
||||||
commands:
|
|
||||||
- set -e
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- "n=0\nwhile :\ndo\n docker pull guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9 \\\\\n && docker tag guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n"
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
|
|
||||||
services:
|
|
||||||
- name: docker
|
|
||||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
|
||||||
privileged: true
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
- name: ca
|
|
||||||
path: /etc/docker/certs.d
|
|
||||||
- name: daemonjson
|
|
||||||
path: /etc/docker/daemon.json
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
temp: {}
|
|
||||||
- name: ca
|
|
||||||
host:
|
|
||||||
path: /etc/docker/certs.d
|
|
||||||
- name: daemonjson
|
|
||||||
host:
|
|
||||||
path: /etc/docker/daemon.json
|
|
||||||
|
|
||||||
image_pull_secrets:
|
|
||||||
- dockerconfigjson
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
- promote
|
|
||||||
target:
|
|
||||||
- registry
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: save
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
clone:
|
|
||||||
disable: true
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: mkdir
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
script:
|
|
||||||
- mkdir -p /stack/.images/guacamole/built
|
|
||||||
- rm -f /stack/.images/guacamole/*.*
|
|
||||||
- rm -f /stack/.images/guacamole/built/*.*
|
|
||||||
|
|
||||||
- name: postgres:12.4
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
- registry_domain
|
|
||||||
- registry_port
|
|
||||||
- registry_password
|
|
||||||
- destination_registry
|
|
||||||
script:
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4
|
|
||||||
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 -o /stack/.images/guacamole/postgres:12.4.tar
|
|
||||||
- echo "docker load < postgres:12.4.tar" >> /stack/.images/guacamole/load.sh
|
|
||||||
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 $${DESTINATION_REGISTRY}/stack/guacamole/postgres:12.4" >> /stack/.images/guacamole/load.sh
|
|
||||||
|
|
||||||
- name: guacamole/guacd:1.2.0
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
- registry_domain
|
|
||||||
- registry_port
|
|
||||||
- registry_password
|
|
||||||
- destination_registry
|
|
||||||
script:
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0
|
|
||||||
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 -o /stack/.images/guacamole/guacamole_guacd:1.2.0.tar
|
|
||||||
- echo "docker load < guacamole_guacd:1.2.0.tar" >> /stack/.images/guacamole/load.sh
|
|
||||||
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 $${DESTINATION_REGISTRY}/stack/guacamole/guacamole/guacd:1.2.0" >> /stack/.images/guacamole/load.sh
|
|
||||||
|
|
||||||
- name: guacamole/guacamole:1.2.0
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
- registry_domain
|
|
||||||
- registry_port
|
|
||||||
- registry_password
|
|
||||||
- destination_registry
|
|
||||||
script:
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0
|
|
||||||
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 -o /stack/.images/guacamole/guacamole_guacamole:1.2.0.tar
|
|
||||||
- echo "docker load < guacamole_guacamole:1.2.0.tar" >> /stack/.images/guacamole/load.sh
|
|
||||||
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 $${DESTINATION_REGISTRY}/stack/guacamole/guacamole/guacamole:1.2.0" >> /stack/.images/guacamole/load.sh
|
|
||||||
|
|
||||||
- name: guacamole-postgresql
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
- registry_domain
|
|
||||||
- registry_port
|
|
||||||
- registry_password
|
|
||||||
- destination_registry
|
|
||||||
script:
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole-postgresql
|
|
||||||
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole-postgresql -o /stack/.images/guacamole/built/guacamole-postgresql.tar
|
|
||||||
- echo "docker load guacamole-postgresql.tar" >> /stack/.images/guacamole/built/load.sh
|
|
||||||
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole-postgresql ${DESINATION_REGISTRY}/stack/guacamole/guacamole-postgresql" >> /stack/.images/guacamole/built/load.sh
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
- promote
|
|
||||||
target:
|
|
||||||
- save
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: print
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: print env
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
- postgres_password
|
|
||||||
script:
|
|
||||||
- rm -f env-guacamole
|
|
||||||
- "echo \"export POSTGRES_PASSWORD='$${POSTGRES_PASSWORD}'\" >> env-guacamole # \"postgres-password\""
|
|
||||||
environment:
|
|
||||||
POSTGRES_PASSWORD:
|
|
||||||
from_secret: postgres-password
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
- promote
|
|
||||||
target:
|
|
||||||
- print
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: build
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: "dockerbuild:"
|
|
||||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
|
||||||
commands:
|
|
||||||
- set -e
|
|
||||||
- export NAME=guacamole
|
|
||||||
- export ROOT=stack
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- sh .drone/build.sh
|
|
||||||
- sh .drone/push.sh
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
|
|
||||||
services:
|
|
||||||
- name: docker
|
|
||||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
|
||||||
privileged: true
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
- name: ca
|
|
||||||
path: /etc/docker/certs.d
|
|
||||||
- name: daemonjson
|
|
||||||
path: /etc/docker/daemon.json
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
temp: {}
|
|
||||||
- name: ca
|
|
||||||
host:
|
|
||||||
path: /etc/docker/certs.d
|
|
||||||
- name: daemonjson
|
|
||||||
host:
|
|
||||||
path: /etc/docker/daemon.json
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
- promote
|
|
||||||
target:
|
|
||||||
- build
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: deploy
|
|
||||||
|
|
||||||
platform:
|
|
||||||
os: linux
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: scp
|
|
||||||
image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47
|
|
||||||
settings:
|
|
||||||
command_timeout: 2m
|
|
||||||
source:
|
|
||||||
- .
|
|
||||||
target: /stack/guacamole
|
|
||||||
|
|
||||||
- name: deploy
|
|
||||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
|
||||||
settings:
|
|
||||||
envs:
|
|
||||||
- drone_tag
|
|
||||||
- drone_commit
|
|
||||||
- drone_build_number
|
|
||||||
- drone_repo_name
|
|
||||||
- drone_repo_namespace
|
|
||||||
- registry_domain
|
|
||||||
- registry_port
|
|
||||||
- registry_password
|
|
||||||
- postgres_password
|
|
||||||
script:
|
|
||||||
- export POSTGRES_PASSWORD=$${POSTGRES_PASSWORD}
|
|
||||||
- export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}
|
|
||||||
- export REGISTRY_PORT=$${REGISTRY_PORT}
|
|
||||||
- export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}
|
|
||||||
- set -e
|
|
||||||
- export NAME=guacamole
|
|
||||||
- export ROOT=stack
|
|
||||||
- cd /stack/guacamole
|
|
||||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
|
||||||
- sh .drone/pull.sh
|
|
||||||
- sh .drone/deploy.sh
|
|
||||||
environment:
|
|
||||||
POSTGRES_PASSWORD:
|
|
||||||
from_secret: postgres-password
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
- promote
|
|
||||||
target:
|
|
||||||
- deploy
|
|
||||||
|
|
||||||
...
|
|
|
@ -1 +0,0 @@
|
||||||
[]
|
|
|
@ -1,3 +0,0 @@
|
||||||
[
|
|
||||||
'postgres-password',
|
|
||||||
]
|
|
|
@ -1,9 +0,0 @@
|
||||||
{
|
|
||||||
"private": true,
|
|
||||||
"scripts": {
|
|
||||||
"build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream"
|
|
||||||
},
|
|
||||||
"dependencies": {
|
|
||||||
"@sigyl/jsonnet-drone": "^1.0.0"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1 +0,0 @@
|
||||||
docker pull ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/guacamole-postgresql
|
|
|
@ -1 +0,0 @@
|
||||||
docker push ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/guacamole-postgresql
|
|
|
@ -1,55 +0,0 @@
|
||||||
Arguments:
|
|
||||||
/usr/local/Cellar/node/11.9.0/bin/node /usr/local/Cellar/yarn/1.13.0/libexec/bin/yarn.js
|
|
||||||
|
|
||||||
PATH:
|
|
||||||
/Users/giles/.cargo/bin:/Users/giles/.local/bin:/Users/giles/Library/Python/3.7/bin:/Library/Frameworks/Python.framework/Versions/3.7/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/usr/local/share/dotnet/sdk:/usr/local/share/dotnet/sdk/2.2.101:/opt/X11/bin:~/.dotnet/tools:/usr/local/bin:/usr/local/Cellar/openssl/1.0.2j/bin/openssl
|
|
||||||
|
|
||||||
Yarn version:
|
|
||||||
1.13.0
|
|
||||||
|
|
||||||
Node version:
|
|
||||||
12.13.1
|
|
||||||
|
|
||||||
Platform:
|
|
||||||
darwin x64
|
|
||||||
|
|
||||||
Trace:
|
|
||||||
Error: getaddrinfo ENOTFOUND registry.yarnpkg.com
|
|
||||||
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:60:26)
|
|
||||||
|
|
||||||
npm manifest:
|
|
||||||
{
|
|
||||||
"private": true,
|
|
||||||
"scripts": {
|
|
||||||
"build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream"
|
|
||||||
},
|
|
||||||
"dependencies": {
|
|
||||||
"@sigyl/jsonnet-drone": "^0.0.3"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
yarn manifest:
|
|
||||||
No manifest
|
|
||||||
|
|
||||||
Lockfile:
|
|
||||||
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
|
|
||||||
# yarn lockfile v1
|
|
||||||
|
|
||||||
|
|
||||||
"@sigyl/jsonnet-compose@^0.0.2":
|
|
||||||
version "0.0.2"
|
|
||||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda"
|
|
||||||
integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA==
|
|
||||||
|
|
||||||
"@sigyl/jsonnet-drone-environment@0.0.5":
|
|
||||||
version "0.0.5"
|
|
||||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff"
|
|
||||||
integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw==
|
|
||||||
|
|
||||||
"@sigyl/jsonnet-drone@^0.0.2":
|
|
||||||
version "0.0.2"
|
|
||||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.0.2.tgz#64572524155eaa2c2b8bda6102f238a0269cafbb"
|
|
||||||
integrity sha512-1/EZR5Vbo8oKAm+R31XIzsS6VZxcEIcRLyrLi53JQ0+z+CWLPvrUwiq0homBysYJhqk1XRzYF6+ctwbbmmzxrA==
|
|
||||||
dependencies:
|
|
||||||
"@sigyl/jsonnet-compose" "^0.0.2"
|
|
||||||
"@sigyl/jsonnet-drone-environment" "0.0.5"
|
|
|
@ -1,21 +0,0 @@
|
||||||
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
|
|
||||||
# yarn lockfile v1
|
|
||||||
|
|
||||||
|
|
||||||
"@sigyl/jsonnet-compose@^0.0.2":
|
|
||||||
version "0.0.2"
|
|
||||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda"
|
|
||||||
integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA==
|
|
||||||
|
|
||||||
"@sigyl/jsonnet-drone-environment@0.0.5":
|
|
||||||
version "0.0.5"
|
|
||||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff"
|
|
||||||
integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw==
|
|
||||||
|
|
||||||
"@sigyl/jsonnet-drone@^1.0.0":
|
|
||||||
version "1.0.0"
|
|
||||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-1.0.0.tgz#943bd8a1abc8a916026944816709f5ed1d8e7ef8"
|
|
||||||
integrity sha512-ubyVC1/nAM584wTnnRBZTOP18z28Yy7SRApvSuo/3y2arngKlNI1FwOzKTFt/7L9+rNy19dRO/g0obEkyR3KmA==
|
|
||||||
dependencies:
|
|
||||||
"@sigyl/jsonnet-compose" "^0.0.2"
|
|
||||||
"@sigyl/jsonnet-drone-environment" "0.0.5"
|
|
|
@ -1,2 +0,0 @@
|
||||||
node_modules
|
|
||||||
.log
|
|
|
@ -1,3 +0,0 @@
|
||||||
{
|
|
||||||
"tagMessageInChangeLog": true
|
|
||||||
}
|
|
30
CHANGELOG.md
30
CHANGELOG.md
|
@ -1,30 +0,0 @@
|
||||||
# Changelog
|
|
||||||
|
|
||||||
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
|
||||||
|
|
||||||
### [0.0.6](https://sigyl.com///compare/v0.0.5...v0.0.6) "chore(release): 0.0.6" (2020-10-23)
|
|
||||||
|
|
||||||
|
|
||||||
### Features
|
|
||||||
|
|
||||||
* print, build, save, registry, deploy ([50a035e](https://sigyl.com///commit/50a035eff200829d5cab9a79f4720bfebe21cf1e))
|
|
||||||
|
|
||||||
### [0.0.5](https://sigyl.com///compare/v0.0.3...v0.0.5) "chore(release): 0.0.5" (2020-09-25)
|
|
||||||
|
|
||||||
|
|
||||||
### Features
|
|
||||||
|
|
||||||
* registry promotion ([3b16cde](https://sigyl.com///commit/3b16cdebe5a7212bc5823927f5bfb8cf8b7a567f))
|
|
||||||
|
|
||||||
### [0.0.4](https://sigyl.com///compare/v0.0.3...v0.0.4) "chore(release): 0.0.4" (2020-08-19)
|
|
||||||
|
|
||||||
|
|
||||||
### Bug Fixes
|
|
||||||
|
|
||||||
* build and deloy scripts ([b6f60a1](https://sigyl.com///commit/b6f60a17bf23165b355085b63f879b1949f34888))
|
|
||||||
|
|
||||||
### [0.0.3](https://sigyl.com///compare/v0.0.1...v0.0.3) "chore(release): 0.0.3" (2020-08-11)
|
|
||||||
|
|
||||||
### [0.0.2](https://sigyl.com///compare/v0.0.1...v0.0.2) (2020-08-11)
|
|
||||||
|
|
||||||
### 0.0.1 (2020-08-11)
|
|
46
README.md
46
README.md
|
@ -2,47 +2,5 @@
|
||||||
|
|
||||||
## secrets
|
## secrets
|
||||||
|
|
||||||
* postgres-password
|
* guacamole-postgres-password
|
||||||
* postgres-user
|
* local-docker-registry
|
||||||
* postgres-db
|
|
||||||
|
|
||||||
## initial deployment
|
|
||||||
|
|
||||||
initialise database
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker ps | grep guacamole-postgresql.1
|
|
||||||
sh init-postgresql.sh $ID
|
|
||||||
```
|
|
||||||
|
|
||||||
## using ssh keys
|
|
||||||
|
|
||||||
guacamole does *not* work with the standard openssh format for private keys. ie:
|
|
||||||
|
|
||||||
```
|
|
||||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
||||||
[key goes here]
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
|
||||||
```
|
|
||||||
|
|
||||||
you need to generate the public/private key pair using:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
ssh-keygen -m pem
|
|
||||||
```
|
|
||||||
|
|
||||||
this will give you a private key that looks like:
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
-----BEGIN RSA PRIVATE KEY-----
|
|
||||||
Proc-Type: 4,ENCRYPTED
|
|
||||||
DEK-Info: [dec info goes here]
|
|
||||||
|
|
||||||
[key goes here]
|
|
||||||
-----END RSA PRIVATE KEY-----
|
|
||||||
```
|
|
||||||
|
|
||||||
then on the target machine you need to paste the *public* key into the file /home/[user]/.ssh/authorized_keys
|
|
||||||
|
|
||||||
and the *private* key into the configuration for the guacamole connection
|
|
||||||
|
|
|
@ -10,7 +10,7 @@ services:
|
||||||
condition: any
|
condition: any
|
||||||
image: ${LOCAL_DOCKER_REGISTRY}guacamole-postgresql:latest
|
image: ${LOCAL_DOCKER_REGISTRY}guacamole-postgresql:latest
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
POSTGRES_PASSWORD: ${GUACAMOLE_POSTGRES_PASSWORD}
|
||||||
POSTGRES_DB: guacamole_db
|
POSTGRES_DB: guacamole_db
|
||||||
volumes:
|
volumes:
|
||||||
- guacamole-postgresql-data:/var/lib/postgresql/data
|
- guacamole-postgresql-data:/var/lib/postgresql/data
|
||||||
|
@ -24,7 +24,7 @@ services:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: any
|
condition: any
|
||||||
image: ${LOCAL_DOCKER_REGISTRY}guacamole/guacd:1.2.0
|
image: guacamole/guacd:latest
|
||||||
networks:
|
networks:
|
||||||
- appnet
|
- appnet
|
||||||
|
|
||||||
|
@ -35,13 +35,12 @@ services:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: any
|
condition: any
|
||||||
image: ${LOCAL_DOCKER_REGISTRY}guacamole/guacamole:1.2.0
|
image: guacamole/guacamole:latest
|
||||||
#@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9
|
|
||||||
environment:
|
environment:
|
||||||
- POSTGRES_HOSTNAME=guacamole-postgresql
|
- POSTGRES_HOSTNAME=guacamole-postgresql
|
||||||
- POSTGRES_PORT=5432
|
- POSTGRES_PORT=5432
|
||||||
- POSTGRES_USER=guacamole_user
|
- POSTGRES_USER=guacamole_user
|
||||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
- POSTGRES_PASSWORD=${GUACAMOLE_POSTGRES_PASSWORD}
|
||||||
- POSTGRES_DATABASE=guacamole_db
|
- POSTGRES_DATABASE=guacamole_db
|
||||||
- GUACD_HOSTNAME=guacd
|
- GUACD_HOSTNAME=guacd
|
||||||
networks:
|
networks:
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
drone jsonnet --source .drone/drone-home.jsonnet --target .drone/drone-home.yml --stream \
|
|
||||||
&& git add .drone/drone-home.yml \
|
|
||||||
&& echo "jsonnet built"
|
|
|
@ -1,4 +1,2 @@
|
||||||
ARG REGISTRY
|
FROM postgres:12
|
||||||
FROM ${REGISTRY}postgres:12.4
|
|
||||||
# @sha256:b0cfe264cb1143c7c660ddfd5c482464997d62d6bc9f97f8fdf3deefce881a8c
|
|
||||||
COPY *.sql /
|
COPY *.sql /
|
|
@ -1,2 +0,0 @@
|
||||||
docker exec -it $1 psql -U postgres -d $POSTGRES_DB -f /initdb.sql
|
|
||||||
docker exec -it $1 psql -U postgres -d $POSTGRES_DB -f /init-user.sql -v password=$POSTGRES_PASSWORD -v user=$POSTGRES_USER
|
|
|
@ -1,2 +0,0 @@
|
||||||
docker exec -it $1 psql -U postgres -d $GUACAMOLE_POSTGRES_DB -f /initdb.sql
|
|
||||||
docker exec -it $1 psql -U postgres -d $GUACAMOLE_POSTGRES_DB -f /init-user.sql -v password=$POSTGRES_PASSWORD -v user=$POSTGRES_USER
|
|
19
package.json
19
package.json
|
@ -1,19 +0,0 @@
|
||||||
{
|
|
||||||
"private": true,
|
|
||||||
"name": "guacamole",
|
|
||||||
"version": "0.0.6",
|
|
||||||
"description": "remote access",
|
|
||||||
"scripts": {
|
|
||||||
"release": "standard-version",
|
|
||||||
"test": "echo \"Error: no test specified\" && exit 1"
|
|
||||||
},
|
|
||||||
"repository": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://sigyl.com/git/stack/guacamole"
|
|
||||||
},
|
|
||||||
"author": "Giles Bradshaw",
|
|
||||||
"license": "ISC",
|
|
||||||
"devDependencies": {
|
|
||||||
"standard-version": "git+https://github.com/gilesbradshaw/standard-version.git"
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in New Issue