Remove web and runner configs

ansible/misc-docker.yaml

@@ -45,13 +45,13 @@
         build: yes
         debug: yes
       loop:
-        - name: web
-          state: absent
-        - name: runner
-          state: absent
+        - name: caddy
+          state: present
         - name: gitea
           state: present
-        - name: caddy
+        - name: drone
+          state: present
+        - name: codi
           state: present
     - name: Add Notebooks folder
       become: yes

docker/codi/README.md

@@ -0,0 +1,10 @@
+Add a `.env` file like this:
+
+```
+CODI_SESSION_SECRET=...
+CODI_DB_USER=...
+CODI_DB_PASSWORD=...
+CODI_DB_DB=...
+```
+
+See also: https://docs.drone.io/server/provider/gitea/.

docker/codi/docker-compose.yaml

@@ -0,0 +1,40 @@
+version: "3"
+
+services:
+  codi:
+    image: hackmdio/hackmd:2.4.2
+    environment:
+      CMD_USECDN: "false"
+      CMD_DOMAIN: codi.pbrinkmeier.de
+      CMD_PROTOCOL_USESSL: "true"
+      CMD_EMAIL: "true"
+      CMD_ALLOW_EMAIL_REGISTER: "false"
+      CMD_ALLOW_ANONYMOUS_EDITS: "true"
+      CMD_PLANTUML_SERVER: https://plantuml.pbrinkmeier.de
+      CMD_DB_URL: "postgres://${CODI_DB_USER}:${CODI_DB_PASSWORD}@codi_db/${CODI_DB_DB}"
+      CMD_SESSION_SECRET: "${CODI_SESSION_SECRET}"
+    depends_on:
+      - codi_db
+      - codi_plantuml
+    volumes:
+      - /var/lib/pbri/docker/codi_uploads:/home/hackmd/app/public/uploads
+    restart: always
+    
+  codi_db:
+    image: postgres:11.6-alpine
+    environment:
+      POSTGRES_USER: "${CODI_DB_USER}"
+      POSTGRES_PASSWORD: "${CODI_DB_PASSWORD}"
+      POSTGRES_DB: "${CODI_DB_DB}"
+    volumes:
+      - /var/lib/pbri/docker/codi_database:/var/lib/postgresql/data
+    restart: always
+
+  codi_plantuml:
+    image: plantuml/plantuml-server:jetty-v1.2022.7
+    restart: always
+
+networks:
+  default:
+    name: caddy-network
+    external: true

docker/drone/README.md

@@ -0,0 +1,9 @@
+Add a `.env` file like this:
+
+```
+DRONE_GITEA_CLIENT_ID=...
+DRONE_GITEA_CLIENT_SECRET=...
+DRONE_RPC_SECRET=...
+```
+
+See also: https://docs.drone.io/server/provider/gitea/.

docker/drone/docker-compose.yaml

@@ -0,0 +1,32 @@
+version: "3"
+
+services:
+  drone:
+    image: drone/drone:2
+    environment:
+      DRONE_GITEA_SERVER: https://git.pbrinkmeier.de
+      DRONE_GITEA_CLIENT_ID: "${DRONE_GITEA_CLIENT_ID}"
+      DRONE_GITEA_CLIENT_SECRET: "${DRONE_GITEA_CLIENT_SECRET}"
+      DRONE_RPC_SECRET: "${DRONE_RPC_SECRET}"
+      DRONE_SERVER_HOST: ci.pbrinkmeier.de
+      DRONE_SERVER_PROTO: https
+    volumes:
+      - /var/lib/pbri/docker/drone:/data
+    restart: always
+
+  drone_runner:
+    image: drone/drone-runner-docker:1
+    environment:
+      DRONE_RPC_PROTO: https
+      DRONE_RPC_HOST: ci.pbrinkmeier.de
+      DRONE_RPC_SECRET: "${DRONE_RPC_SECRET}"
+      DRONE_RUNNER_CAPACITY: 1
+      DRONE_RUNNER_NAME: shamash
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    restart: always
+
+networks:
+  default:
+    name: caddy-network
+    external: true

docker/gitea/README.md

@@ -0,0 +1,6 @@
+Add a `.env` file like this:
+
+```
+GITEA_DB_PASSWORD=...
+GITEA_SMTP_PASSWORD=...
+```

docker/runner/README.md

@@ -1,19 +0,0 @@
-# runner
-
-After installation, individual runners must still be registered, e.g.:
-
-```
-docker run --rm -it -v gitlab_runner_config:/etc/gitlab-runner gitlab/gitlab-runner register --name <name>
-```
-
-An issue I encountered when trying to cache stuff between builds was the following warning in the runner logs:
-
-```
-ERROR: Could not create cache adapter               error=cache factory not found: factory for cache adapter "" was not registered
-```
-
-In order to make the runner able to create caches, register it like so:
-
-```
-docker run --rm -it -v gitlab_runner_config:/etc/gitlab-runner gitlab/gitlab-runner register --name <name> --docker-disable-cache=false -docker-cache-dir /cache --docker-volumes gitlab_runner_cache:/cache
-```

docker/runner/docker-compose.yaml

@@ -1,13 +0,0 @@
-version: "3"
-
-services:
-  # Webserver for static files and reverse proxy
-  gitlab_runner:
-    image: gitlab/gitlab-runner:alpine
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - gitlab_runner_config:/etc/gitlab-runner
-    restart: always
-volumes:
-  gitlab_runner_config:
-    external: yes

docker/web/README.md

@@ -1,7 +0,0 @@
-# web
-
-Old god project.
-
-## Jupyter
-
-The Docker image for Jupyter is built using Nix. That process is not part of the Ansible setup (yet).

docker/web/docker-compose.yaml

@@ -1,114 +0,0 @@
-version: "3"
-
-services:
-  codi:
-    image: hackmdio/hackmd:2.4.2
-    # CMD_DB_{URL,CMD_SESSION_SECRET}
-    env_file: codi.env
-    environment:
-      - CMD_USECDN=false
-      - CMD_DOMAIN=codi.pbrinkmeier.de
-      - CMD_PROTOCOL_USESSL=true
-      - CMD_EMAIL=true
-      - CMD_ALLOW_EMAIL_REGISTER=false
-      - CMD_ALLOW_ANONYMOUS_EDITS=true
-      - CMD_PLANTUML_SERVER=https://plantuml.pbrinkmeier.de
-    depends_on:
-      - codi_db
-      - codi_plantuml
-    volumes:
-      - /var/lib/pbri/docker/codi_uploads:/home/hackmd/app/public/uploads
-    restart: always
-    
-  codi_db:
-    image: postgres:11.6-alpine
-    # POSTGRES_{USER,PASSWORD,DB}
-    # Must match CMD_DB_URL in codi.env
-    env_file: codi_db.env
-    volumes:
-      - /var/lib/pbri/docker/codi_database:/var/lib/postgresql/data
-    restart: always
-  
-  codi_plantuml:
-    image: plantuml/plantuml-server:jetty-v1.2022.7
-    restart: always
-
-  gitlab:
-    image: gitlab/gitlab-ce:15.3.2-ce.0
-    ports:
-      - "22:22"
-    volumes:
-      - /var/lib/pbri/docker/gitlab_data:/var/opt/gitlab
-      - /var/lib/pbri/docker/gitlab_logs:/var/log/gitlab
-      - /var/lib/pbri/docker/gitlab_config:/etc/gitlab
-    restart: always
-    # GITLAB_SMTP_PASSWORD
-    env_file: gitlab.env
-    environment:
-      GITLAB_OMNIBUS_CONFIG: |
-        external_url 'https://git.pbrinkmeier.de'
-
-        gitlab_rails['smtp_enable'] = true
-        gitlab_rails['smtp_address'] = "smtp.mailbox.org"
-        gitlab_rails['smtp_port'] = 465
-        gitlab_rails['smtp_user_name'] = "hallo@pbrinkmeier.de"
-        gitlab_rails['smtp_password'] = ENV['GITLAB_SMTP_PASSWORD']
-        gitlab_rails['smtp_domain'] = "smtp.mailbox.org"
-        gitlab_rails['smtp_authentication'] = "login"
-        gitlab_rails['smtp_enable_starttls_auto'] = true
-        gitlab_rails['smtp_tls'] = true
-        gitlab_rails['smtp_openssl_verify_mode'] = 'none'
-        gitlab_rails['gitlab_email_from'] = 'git@pbrinkmeier.de'
-        gitlab_rails['gitlab_email_reply_to'] = 'noreply@pbrinkmeier.de'
-
-        gitlab_rails['gitlab_shell_ssh_port'] = 22
-
-        # https://docs.gitlab.com/omnibus/settings/rpi.html
-        puma['worker_processes'] = 2
-        sidekiq['concurrency'] = 9
-
-        nginx['listen_port'] = 80
-        nginx['listen_https'] = false
-
-        # https://forum.gitlab.com/t/clear-up-postges-prometheus-data/38216/3
-        prometheus_monitoring['enable'] = false
-        prometheus['enable'] = false
-        prometheus['flags'] = {
-          'storage.tsdb.retention.time' => "12h"
-        }
-
-  jupyter:
-    image: ihaskell-docker:1.0
-    # ports:
-    #   - "8888:8888"
-    user: "42000" # Jupyter user UID (jupyter does not exist in container (TODO...))
-    environment:
-      HOME: /Notebooks
-    volumes:
-      - /home/jupyter/Notebooks:/Notebooks
-    restart: always
-  
-  drone:
-    image: drone/drone:2
-    # DRONE_{GITLAB_CLIENT_ID,GITLAB_CLIENT_SECRET,RPC_SECRET}
-    env_file: drone.env
-    environment:
-      DRONE_GITLAB_SERVER: https://git.pbrinkmeier.de
-      DRONE_SERVER_HOST: ci.pbrinkmeier.de
-      DRONE_SERVER_PROTO: https
-    volumes:
-      - /var/lib/pbri/docker/drone:/data
-    restart: always
-
-  drone_runner:
-    image: drone/drone-runner-docker:1
-    # DRONE_RPC_SECRET
-    env_file: drone.env
-    environment:
-      DRONE_RPC_PROTO: https
-      DRONE_RPC_HOST: ci.pbrinkmeier.de
-      DRONE_RUNNER_CAPACITY: 1
-      DRONE_RUNNER_NAME: shamash
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    restart: always