Updaate for current docker swarm wisdom
This commit is contained in:
parent
2fc909d2a0
commit
6ad288fb7e
21
.drone.yml
21
.drone.yml
|
@ -1,21 +0,0 @@
|
|||
---
|
||||
kind: pipeline
|
||||
name: deploy to swarm.autonomic.zone
|
||||
steps:
|
||||
- name: deployment
|
||||
image: decentral1se/drone-stack:19.03.8
|
||||
settings:
|
||||
compose: compose.yml
|
||||
host: tcp://swarm.autonomic.zone:2376
|
||||
stack_name: nextcloud
|
||||
tlsverify: true
|
||||
environment:
|
||||
PLUGIN_CACERT:
|
||||
from_secret: docker_cacert
|
||||
PLUGIN_CERT:
|
||||
from_secret: docker_cert
|
||||
PLUGIN_KEY:
|
||||
from_secret: docker_key
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
|
@ -1,7 +1,6 @@
|
|||
export PASSWORD_STORE_DIR=$(pwd)/../../Infrastructure/infrastructure/credentials/password-store
|
||||
export DOMAIN=nextcloud.example.com
|
||||
export STACK_NAME=nextcloud
|
||||
export LETS_ENCRYPT_ENV=production
|
||||
|
||||
export DB_ROOT_PASSWD_VERSION=v1
|
||||
export DB_PASSWD_VERSION=v1
|
||||
export DOMAIN=nextcloud.swarm.autonomic.zone
|
||||
export STACK_NAME=nextcloud
|
||||
export LETS_ENCRYPT_ENV=production
|
||||
|
|
14
README.md
14
README.md
|
@ -1,6 +1,14 @@
|
|||
nextcloud.test.autonomic.zone
|
||||
Nextcloud
|
||||
---
|
||||
|
||||
[![Build Status](https://drone.autonomic.zone/api/badges/autonomic-cooperative/nextcloud.test.autonomic.zone/status.svg?ref=refs/heads/main)](https://drone.autonomic.zone/autonomic-cooperative/nextcloud.test.autonomic.zone)
|
||||
|
||||
Fully automated luxury Nextcloud via docker-swarm.
|
||||
|
||||
1. Set up Docker Swarm and [`abra`][abra]
|
||||
2. Deploy [`compose-stacks/traefik`][compose-traefik]
|
||||
3. `cp .envrc.sample .envrc`
|
||||
4. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
||||
your Docker swarm box
|
||||
5. `direnv allow` (or `. .envrc`)
|
||||
6. `abra secret_generate db_password v1 && abra secret_generate db_root_password v2`
|
||||
7. `abra deploy`
|
||||
8. Open the domain you configured and finish the set-up
|
||||
|
|
16
compose.yml
16
compose.yml
|
@ -14,6 +14,7 @@ services:
|
|||
- MYSQL_USER=nextcloud
|
||||
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_password
|
||||
- DOMAIN=${DOMAIN}
|
||||
- STACK_NAME=${STACK_NAME}
|
||||
volumes:
|
||||
- nextcloud:/var/www/html
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
|
@ -28,12 +29,11 @@ services:
|
|||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.routers.nextcloud.tls=true"
|
||||
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
|
||||
- "traefik.http.routers.nextcloud.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.nextcloud.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
#- "traefik.http.routers.nextcloud.tls.certresolver=staging"
|
||||
- "traefik.http.routers.nextcloud.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls=true"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
|
||||
mariadb:
|
||||
image: "mariadb:10.5"
|
||||
|
@ -53,10 +53,10 @@ services:
|
|||
secrets:
|
||||
db_root_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
|
||||
name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}
|
||||
db_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_passwd_${DB_ROOT_PASSWD_VERSION}
|
||||
name: ${STACK_NAME}_db_password_${DB_ROOT_PASSWORD_VERSION}
|
||||
|
||||
volumes:
|
||||
nextcloud:
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
create-secrets () {
|
||||
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}" -
|
||||
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_passwd_${DB_PASSWD_VERSION}" -
|
||||
}
|
Reference in New Issue