Add docker stack auto-deployment to lumbung server
Some checks reported errors
continuous-integration/drone/push Build encountered an error

This commit is contained in:
3wc 2024-04-04 11:59:14 -03:00
parent a57206f8b2
commit 2184c11448
2 changed files with 103 additions and 0 deletions

View File

@ -26,6 +26,21 @@ steps:
context: payload context: payload
dockerfile: payload/Dockerfile dockerfile: payload/Dockerfile
target: prod target: prod
- name: deploy stack
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
settings:
stack: kios_lumbung_space
host: lumbung.space
deploy_key:
from_secret: drone_ssh_lumbung.space
environment:
DOMAIN: kios.lumbung.space
STACK_NAME: kios_lumbung_space
SECRET_PAYLOAD_SECRET_VERSION: v1
SECRET_TOKEN_VERSION: v1
SECRET_MONGO_PASSWORD_VERSION: v1
depends_on:
- publish container
trigger: trigger:
branch: branch:
- main - main

88
compose.yml Normal file
View File

@ -0,0 +1,88 @@
---
version: "3.8"
services:
app:
image: git.autonomic.zone/ruangrupa/lumbung-kios-astro:latest
environment:
- PAYLOAD_URL=kios_lumbung_space_app
secrets:
- mongo_password
- payload_secret
networks:
- proxy
- internal
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "traefik.enable=true"
- "traefik.http.services.${STACK_NAME}-astro.loadbalancer.server.port=80"
- "traefik.http.routers.${STACK_NAME}-astro.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}-astro.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}-astro.tls.certresolver=production"
payload:
image: git.autonomic.zone/ruangrupa/lumbung-kios-payload:latest
environment:
- "NAME=kios"
- "PAYLOAD_URL=${STACK_NAME}-payload"
- "PAYLOAD_PORT=3001"
- "PAYLOAD_SECRET_FILE=/run/secrets/payload_secret"
- "MONGODB_USER=mongo"
- "MONGODB_HOST=${STACK_NAME}_mongo"
- "MONGODB_PORT=27017"
- "MONGODB_PASSWORD_FILE=/run/secrets/mongo_password"
- "TOKEN=${TOKEN}"
secrets:
- mongo_password
- payload_secret
networks:
- proxy
- internal
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "traefik.enable=true"
- "traefik.http.services.${STACK_NAME}-payload.loadbalancer.server.port=3001"
# FIXME switch to /admin probably using PathPrefix
- "traefik.http.routers.${STACK_NAME}-payload.rule=Host(`admin.${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}-payload.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}-payload.tls.certresolver=production"
mongo:
image: mongo:6.0.5
restart: unless-stopped
volumes:
- mongo:/data/db
command:
- --storageEngine=wiredTiger
environment:
- "MONGO_INITDB_ROOT_USERNAME=mongo"
- "MONGO_INITDB_ROOT_PASSWORD_FILE=/run/secrets/mongo_password"
secrets:
- mongo_password
networks:
- internal
networks:
proxy:
external: true
internal:
secrets:
payload_secret:
external: true
name: ${STACK_NAME}_payload_secret_${SECRET_PAYLOAD_SECRET_VERSION}
token:
external: true
name: ${STACK_NAME}_token_${SECRET_TOKEN_VERSION}
mongo_password:
external: true
name: ${STACK_NAME}_mongo_password_${SECRET_MONGO_PASSWORD_VERSION}
volumes:
mongo: