paul/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Compare commits

base: paul:244a4df636188d2353fcb04248decb1a80f26b16
Branches Tags
paul:main
paul:nixos-gilgamesh
paul:feature/gitea-actions
...
compare: paul:39a18a603d7ba3892ed0bc06c9839fee47bd37df
Branches Tags
paul:main
paul:nixos-gilgamesh
paul:feature/gitea-actions

3 Commits
244a4df636 ... 39a18a603d

Author SHA1 Message Date
Paul Brinkmeier
39a18a603d Remove web and runner configs 2022-09-15 03:02:06 +02:00
Paul Brinkmeier
034465b02d Add codi config 2022-09-15 02:50:00 +02:00
Paul Brinkmeier
736a19e8d4 Add gitea and drone configs 2022-09-15 02:23:47 +02:00
10 changed files with 102 additions and 158 deletions
Show Stats Expand all files Collapse all files

10
ansible/misc-docker.yaml
View File

@ -45,13 +45,13 @@
build: yes build: yes
debug: yes debug: yes
loop: loop:
- name: web - name: caddy
state: absent state: present
- name: runner
state: absent
- name: gitea - name: gitea
state: present state: present
- name: caddy - name: drone
state: present
- name: codi
state: present state: present
- name: Add Notebooks folder - name: Add Notebooks folder
become: yes become: yes

10
docker/codi/README.md Normal file
View File

@ -0,0 +1,10 @@
Add a `.env` file like this:
```
CODI_SESSION_SECRET=...
CODI_DB_USER=...
CODI_DB_PASSWORD=...
CODI_DB_DB=...
```
See also: https://docs.drone.io/server/provider/gitea/.

40
docker/codi/docker-compose.yaml Normal file
View File

@ -0,0 +1,40 @@
version: "3"
services:
codi:
image: hackmdio/hackmd:2.4.2
environment:
CMD_USECDN: "false"
CMD_DOMAIN: codi.pbrinkmeier.de
CMD_PROTOCOL_USESSL: "true"
CMD_EMAIL: "true"
CMD_ALLOW_EMAIL_REGISTER: "false"
CMD_ALLOW_ANONYMOUS_EDITS: "true"
CMD_PLANTUML_SERVER: https://plantuml.pbrinkmeier.de
CMD_DB_URL: "postgres://${CODI_DB_USER}:${CODI_DB_PASSWORD}@codi_db/${CODI_DB_DB}"
CMD_SESSION_SECRET: "${CODI_SESSION_SECRET}"
depends_on:
- codi_db
- codi_plantuml
volumes:
- /var/lib/pbri/docker/codi_uploads:/home/hackmd/app/public/uploads
restart: always
codi_db:
image: postgres:11.6-alpine
environment:
POSTGRES_USER: "${CODI_DB_USER}"
POSTGRES_PASSWORD: "${CODI_DB_PASSWORD}"
POSTGRES_DB: "${CODI_DB_DB}"
volumes:
- /var/lib/pbri/docker/codi_database:/var/lib/postgresql/data
restart: always
codi_plantuml:
image: plantuml/plantuml-server:jetty-v1.2022.7
restart: always
networks:
default:
name: caddy-network
external: true

9
docker/drone/README.md Normal file
View File

@ -0,0 +1,9 @@
Add a `.env` file like this:
```
DRONE_GITEA_CLIENT_ID=...
DRONE_GITEA_CLIENT_SECRET=...
DRONE_RPC_SECRET=...
```
See also: https://docs.drone.io/server/provider/gitea/.

32
docker/drone/docker-compose.yaml Normal file
View File

@ -0,0 +1,32 @@
version: "3"
services:
drone:
image: drone/drone:2
environment:
DRONE_GITEA_SERVER: https://git.pbrinkmeier.de
DRONE_GITEA_CLIENT_ID: "${DRONE_GITEA_CLIENT_ID}"
DRONE_GITEA_CLIENT_SECRET: "${DRONE_GITEA_CLIENT_SECRET}"
DRONE_RPC_SECRET: "${DRONE_RPC_SECRET}"
DRONE_SERVER_HOST: ci.pbrinkmeier.de
DRONE_SERVER_PROTO: https
volumes:
- /var/lib/pbri/docker/drone:/data
restart: always
drone_runner:
image: drone/drone-runner-docker:1
environment:
DRONE_RPC_PROTO: https
DRONE_RPC_HOST: ci.pbrinkmeier.de
DRONE_RPC_SECRET: "${DRONE_RPC_SECRET}"
DRONE_RUNNER_CAPACITY: 1
DRONE_RUNNER_NAME: shamash
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
networks:
default:
name: caddy-network
external: true

6
docker/gitea/README.md Normal file
View File

@ -0,0 +1,6 @@
Add a `.env` file like this:
```
GITEA_DB_PASSWORD=...
GITEA_SMTP_PASSWORD=...
```

19
docker/runner/README.md
View File

@ -1,19 +0,0 @@
# runner
After installation, individual runners must still be registered, e.g.:
```
docker run --rm -it -v gitlab_runner_config:/etc/gitlab-runner gitlab/gitlab-runner register --name <name>
```
An issue I encountered when trying to cache stuff between builds was the following warning in the runner logs:
```
ERROR: Could not create cache adapter error=cache factory not found: factory for cache adapter "" was not registered
```
In order to make the runner able to create caches, register it like so:
```
docker run --rm -it -v gitlab_runner_config:/etc/gitlab-runner gitlab/gitlab-runner register --name <name> --docker-disable-cache=false -docker-cache-dir /cache --docker-volumes gitlab_runner_cache:/cache
```

13
docker/runner/docker-compose.yaml
View File

@ -1,13 +0,0 @@
version: "3"
services:
# Webserver for static files and reverse proxy
gitlab_runner:
image: gitlab/gitlab-runner:alpine
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- gitlab_runner_config:/etc/gitlab-runner
restart: always
volumes:
gitlab_runner_config:
external: yes

7
docker/web/README.md
View File

@ -1,7 +0,0 @@
# web
Old god project.
## Jupyter
The Docker image for Jupyter is built using Nix. That process is not part of the Ansible setup (yet).

114
docker/web/docker-compose.yaml
View File

@ -1,114 +0,0 @@
version: "3"
services:
codi:
image: hackmdio/hackmd:2.4.2
# CMD_DB_{URL,CMD_SESSION_SECRET}
env_file: codi.env
environment:
- CMD_USECDN=false
- CMD_DOMAIN=codi.pbrinkmeier.de
- CMD_PROTOCOL_USESSL=true
- CMD_EMAIL=true
- CMD_ALLOW_EMAIL_REGISTER=false
- CMD_ALLOW_ANONYMOUS_EDITS=true
- CMD_PLANTUML_SERVER=https://plantuml.pbrinkmeier.de
depends_on:
- codi_db
- codi_plantuml
volumes:
- /var/lib/pbri/docker/codi_uploads:/home/hackmd/app/public/uploads
restart: always
codi_db:
image: postgres:11.6-alpine
# POSTGRES_{USER,PASSWORD,DB}
# Must match CMD_DB_URL in codi.env
env_file: codi_db.env
volumes:
- /var/lib/pbri/docker/codi_database:/var/lib/postgresql/data
restart: always
codi_plantuml:
image: plantuml/plantuml-server:jetty-v1.2022.7
restart: always
gitlab:
image: gitlab/gitlab-ce:15.3.2-ce.0
ports:
- "22:22"
volumes:
- /var/lib/pbri/docker/gitlab_data:/var/opt/gitlab
- /var/lib/pbri/docker/gitlab_logs:/var/log/gitlab
- /var/lib/pbri/docker/gitlab_config:/etc/gitlab
restart: always
# GITLAB_SMTP_PASSWORD
env_file: gitlab.env
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://git.pbrinkmeier.de'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.mailbox.org"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "hallo@pbrinkmeier.de"
gitlab_rails['smtp_password'] = ENV['GITLAB_SMTP_PASSWORD']
gitlab_rails['smtp_domain'] = "smtp.mailbox.org"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'none'
gitlab_rails['gitlab_email_from'] = 'git@pbrinkmeier.de'
gitlab_rails['gitlab_email_reply_to'] = 'noreply@pbrinkmeier.de'
gitlab_rails['gitlab_shell_ssh_port'] = 22
# https://docs.gitlab.com/omnibus/settings/rpi.html
puma['worker_processes'] = 2
sidekiq['concurrency'] = 9
nginx['listen_port'] = 80
nginx['listen_https'] = false
# https://forum.gitlab.com/t/clear-up-postges-prometheus-data/38216/3
prometheus_monitoring['enable'] = false
prometheus['enable'] = false
prometheus['flags'] = {
'storage.tsdb.retention.time' => "12h"
}
jupyter:
image: ihaskell-docker:1.0
# ports:
# - "8888:8888"
user: "42000" # Jupyter user UID (jupyter does not exist in container (TODO...))
environment:
HOME: /Notebooks
volumes:
- /home/jupyter/Notebooks:/Notebooks
restart: always
drone:
image: drone/drone:2
# DRONE_{GITLAB_CLIENT_ID,GITLAB_CLIENT_SECRET,RPC_SECRET}
env_file: drone.env
environment:
DRONE_GITLAB_SERVER: https://git.pbrinkmeier.de
DRONE_SERVER_HOST: ci.pbrinkmeier.de
DRONE_SERVER_PROTO: https
volumes:
- /var/lib/pbri/docker/drone:/data
restart: always
drone_runner:
image: drone/drone-runner-docker:1
# DRONE_RPC_SECRET
env_file: drone.env
environment:
DRONE_RPC_PROTO: https
DRONE_RPC_HOST: ci.pbrinkmeier.de
DRONE_RUNNER_CAPACITY: 1
DRONE_RUNNER_NAME: shamash
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always