From 7bcd640ef337d6ac3340e01bda328a427499b19c Mon Sep 17 00:00:00 2001 From: giles bradshaw Date: Sun, 11 Feb 2024 12:31:51 +0000 Subject: [PATCH] first commit --- .gitignore | 4 +++ Dockerfile | 5 ++++ README.md | 56 ++++++++++++++++++++++++++++++++++++++ build.sh | 1 + config.development.json | 20 ++++++++++++++ config.production.template | 27 ++++++++++++++++++ deploy.sh | 3 ++ docker-compose.yml | 51 ++++++++++++++++++++++++++++++++++ run.sh | 5 ++++ 9 files changed, 172 insertions(+) create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 build.sh create mode 100644 config.development.json create mode 100644 config.production.template create mode 100644 deploy.sh create mode 100644 docker-compose.yml create mode 100644 run.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..363304d --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +.email +.db-password +.db-root-password + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..1dbc9a2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,5 @@ +FROM ghost:alpine +RUN apk update && apk add gettext +COPY config.production.template /var/lib/ghost/ +COPY run.sh . +CMD ["sh", "./run.sh"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..d198587 --- /dev/null +++ b/README.md @@ -0,0 +1,56 @@ +# Village hall website + +This is the configuration for the **docker stack** running village hall web site. + +Served by a reverse proxy running on another docker stack. + +## secrets + +you need to put secrets in the following files + +### .email + +``` +{ + "transport": "SMTP", + "options": + { + "service": "Mailgun", + "host": "smtp.eu.mailgun.org", + "secure": true, + "port": 465, + "auth": { + "user": "[secret!!]", + "pass": "[secret!]" + } + } +} +``` + +### .db-password + +``` +[secret!] +``` + +### .db-root-password + +``` +[secret!] +``` + +## build + +```sh + +sh build.sh + +``` + +## deploy + +```sh + +sh deploy.sh +``` + diff --git a/build.sh b/build.sh new file mode 100644 index 0000000..f4c2e40 --- /dev/null +++ b/build.sh @@ -0,0 +1 @@ +docker build . -t rose-ash-ghost diff --git a/config.development.json b/config.development.json new file mode 100644 index 0000000..8594f11 --- /dev/null +++ b/config.development.json @@ -0,0 +1,20 @@ +{ + "url": "http://localhost:2368", + "server": { + "port": 2368, + "host": "::" + }, + "mail": { + "transport": "Direct" + }, + "logging": { + "transports": [ + "file", + "stdout" + ] + }, + "process": "systemd", + "paths": { + "contentPath": "/var/lib/ghost/content" + } +} diff --git a/config.production.template b/config.production.template new file mode 100644 index 0000000..a4b3686 --- /dev/null +++ b/config.production.template @@ -0,0 +1,27 @@ +{ + "url": "http://localhost:2368", + "server": { + "port": 2368, + "host": "::" + }, + "mail": $EMAIL, + "logging": { + "transports": [ + "file", + "stdout" + ] + }, + "process": "systemd", + "paths": { + "contentPath": "/var/lib/ghost/content" + }, + "database": { + "client": "mysql", + "connection": { + "host": "db", + "user": "ghost", + "password": "$DBPASSWORD", + "database": "ghostdb" + } + } +} diff --git a/deploy.sh b/deploy.sh new file mode 100644 index 0000000..4c7cf17 --- /dev/null +++ b/deploy.sh @@ -0,0 +1,3 @@ +docker stack rm rose-ash + +for i in 1 2 3 4 5 6 7 8 9 10; do sleep 5 && docker stack deploy -c docker-compose.yml rose-ash && break ; done diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..11de1b3 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,51 @@ +version: "3.3" +services: + ghost: + image: rose-ash-ghost:latest + depends_on: + - db + environment: + url: https://sigyl.com:4000/ + NODE_ENV: production + volumes: + - ghost-content:/var/lib/ghost/content + networks: + - appnet + - externalnet + secrets: + - email + - db-password + + db: + image: mariadb:latest + environment: + FILE__MYSQL_ROOT_PASSWORD: /run/secrets/db-root-password + MYSQL_USER: ghost + FILE__MYSQL_PASSWORD: /run/secrets/db-password + MYSQL_DATABASE: ghostdb + volumes: + - ghost-db:/var/lib/mysql + networks: + - appnet + secrets: + - db-password + - db-root-password + +volumes: + ghost-content: + ghost-config: + ghost-db: + +networks: + appnet: + driver: overlay + externalnet: + driver: overlay + external: true +secrets: + email: + file: ./.email + db-password: + file: ./.db-password + db-root-password: + file: ./.db-root-password diff --git a/run.sh b/run.sh new file mode 100644 index 0000000..af1ecde --- /dev/null +++ b/run.sh @@ -0,0 +1,5 @@ +export EMAIL=$(cat /run/secrets/email) +export DBPASSWORD=$(cat /run/secrets/db-password) +envsubst < /var/lib/ghost/config.production.template > /var/lib/ghost/config.production.json +cat /var/lib/ghost/config.production.json +node current/index.js