cojedzie-next: Use cojedzie@next template

2024-04-07 17:46:42 +02:00 · 2024-04-07 17:46:42 +02:00 · 430676881b
commit 430676881b
parent 6c4fa8c1c3
8 changed files with 179 additions and 1 deletions
--- a/services/cojedzie@next/stack.yml
+++ b/services/cojedzie@next/stack.yml
@ -0,0 +1,100 @@
+version: "{{ compose_version }}"
+
+x-defaults: 
+  worker: &worker
+    image: {{ cojedzie_image_base }}/worker:{{ cojedzie_worker_version }}
+    env_file:
+      - ./api.env
+      - ./sentry.env
+    volumes:
+      - db_data:/var/db
+    depends_on:
+      - api
+
+services:
+  api:
+    image: {{ cojedzie_image_base }}/api:{{ cojedzie_api_version }}
+    networks:
+      - "{{ ingress_network }}"
+      - default
+    volumes:
+      - db_data:/var/db
+    environment:
+      - TRUSTED_PROXIES=10.0.0.0/8
+    env_file:
+      - ./api.env
+      - ./sentry.env
+    deploy:
+      mode: replicated
+      replicas: 1
+      update_config:
+        parallelism: 1
+        order: start-first
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.{{ service }}-api.rule=({{ traefik_routing_rule }}) && (PathPrefix(`/api/`) || PathPrefix(`/bundles/`))
+        - traefik.http.routers.{{ service }}-api.priority=100
+        - traefik.http.routers.{{ service }}-api.tls=true
+        - traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
+        - traefik.http.services.{{ service }}-api.loadbalancer.server.port=8080
+
+  schedule:
+    <<: *worker
+    environment:
+      COJEDZIE_WORKER_OPTS: '-vv'
+      COJEDZIE_WORKER_QUEUES: 'scheduler_default scheduler_hub'
+
+  worker:
+    <<: *worker
+
+  mercure:
+    image: dunglas/mercure:{{ cojedzie_mercure_version|default('latest') }}
+    networks:
+      - "{{ ingress_network }}"
+      - default
+    environment:
+      SERVER_NAME: ":80"
+      USE_FORWARDED_HEADERS: 1
+      MERCURE_PUBLISHER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}"
+      MERCURE_SUBSCRIBER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}"
+    volumes:
+      - mercure_data:/data
+      - mercure_config:/config
+    deploy:
+      mode: replicated
+      replicas: 1
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.{{ service }}-mercure.rule=({{ traefik_routing_rule }}) && PathPrefix(`/.well-known/mercure`)
+        - traefik.http.routers.{{ service }}-mercure.tls=true
+        - traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt
+        - traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80
+
+  front:
+    image: {{ cojedzie_image_base }}/front:{{ cojedzie_front_version }}
+    networks:
+      - "{{ ingress_network }}"
+      - default
+    depends_on:
+      - api
+    env_file:
+      - ./front.env
+      - ./sentry.env
+    deploy:
+      mode: replicated
+      replicas: 1
+      update_config:
+        parallelism: 1
+        order: start-first
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.{{ service }}-front.rule={{ traefik_routing_rule }}
+        - traefik.http.routers.{{ service }}-front.tls=true
+        - traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
+        - traefik.http.routers.{{ service }}-front.middlewares=gzip@file
+        - traefik.http.services.{{ service }}-front.loadbalancer.server.port=3000
+
+volumes:
+  db_data: ~
+  mercure_data: ~
+  mercure_config: ~
--- a/services/cojedzie@next/tasks/config.yaml
+++ b/services/cojedzie@next/tasks/config.yaml
@ -0,0 +1,13 @@
+---
+- name: 'Generate env files for "{{ service }}"'
+  template:
+    src: "{{ service_path }}/templates/{{ file }}"
+    dest: "{{ remote_service_path }}/{{ file }}"
+  tags:
+    - config
+  loop_control:
+    loop_var: file
+  with_items:
+    - api.env
+    - front.env
+    - sentry.env
--- a/services/cojedzie@next/tasks/pre-deploy.yaml
+++ b/services/cojedzie@next/tasks/pre-deploy.yaml
@ -0,0 +1,15 @@
+---
+- name: 'Pull all images for "{{ service }}"'
+  when: cojedzie_force_pull_images|default(false)
+  community.docker.docker_image:
+    name: "{{ image }}"
+    source: pull
+    force_source: yes
+  with_items:
+    - "{{ cojedzie_image_base }}/front:{{ cojedzie_front_version }}"
+    - "{{ cojedzie_image_base }}/api:{{ cojedzie_api_version }}"
+    - "{{ cojedzie_image_base }}/worker:{{ cojedzie_worker_version }}"
+  loop_control:
+    loop_var: image
+  notify:
+    - Restart services
--- a/services/cojedzie@next/templates/api.env
+++ b/services/cojedzie@next/templates/api.env
@ -0,0 +1,8 @@
+MERCURE_URL=http://mercure/.well-known/mercure
+MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure
+MERCURE_JWT_SECRET={{ cojedzie_mercure_jwt_key }}
+
+DATABASE_URL=mysql://{{ cojedzie_database.user }}:{{ cojedzie_database.password }}@{{ database_mysql_host }}/{{ cojedzie_database.name }}?serverVersion=mariadb-10.7.1
+
+SENTRY_DSN={{ sentry_dsn_api }}
+SENTRY_SAMPLE_RATE={{ sentry_sample_rate_api }}
--- a/services/cojedzie@next/templates/front.env
+++ b/services/cojedzie@next/templates/front.env
@ -0,0 +1,9 @@
+COJEDZIE_GTM={{ cojedzie_gtm }}
+COJEDZIE_MAPTILER_KEY={{ cojedzie_maptiler }}
+COJEDZIE_API=http://api:8080
+COJEDZIE_API_HUB=https://{{ cojedzie_domain }}
+
+SENTRY_DSN={{ sentry_dsn_front }}
+SENTRY_SAMPLE_RATE={{ sentry_sample_rate_front }}
+SENTRY_TRACE_RATE={{ sentry_trace_rate|default(0.1) }}
+SENTRY_SESSION_RATE={{ sentry_session_rate|default(0.1) }}
--- a/services/cojedzie@next/templates/sentry.env
+++ b/services/cojedzie@next/templates/sentry.env
@ -0,0 +1 @@
+SENTRY_ENVIRONMENT={{ sentry_environment }}
--- a/services/cojedzie@next/vars/main.yml
+++ b/services/cojedzie@next/vars/main.yml
@ -0,0 +1,30 @@
+---
+cojedzie_domain: cojedzie.pl
+cojedzie_update_cron: 0 0 4 * * *
+cojedzie_gtm: ""
+cojedzie_mercure_jwt_key: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  30383839613764393562623137373934333530636564313633303062323661376333653136383066
+  6635653934313233346662653632356365343731396139330a663035636537646465353537646162
+  30356136613430316564346665653263383164333833383531353532316239316433306636303165
+  3931313836313133390a316562333130366435633335613066373232363439623932656532373032
+  62646432343334346165653466633634356635323038306435343932386233323164633134373964
+  6232656562626566663964643634366532393136383261333931
+cojedzie_maptiler: 8GX5FRUNgk4lB83GZT8Q
+
+cojedzie_image_base: docker.io/cojedzie
+
+cojedzie_version: latest
+cojedzie_front_version: "{{ cojedize_version }}"
+cojedzie_api_version: "{{ cojedize_version }}"
+cojedzie_worker_version: "{{ cojedize_version }}"
+
+sentry_dsn_api: https://fd114053dd724e0eb16011ac0da16ba1@o4505224124891136.ingest.sentry.io/4505224126332928
+sentry_dsn_front: https://2815d4e0251240fcb9cd8c81c31e86fe@o4505224124891136.ingest.sentry.io/4505224128233472
+sentry_sample_rate_api: 0.05
+sentry_sample_rate_front: 0.01
+sentry_session_replay_rate: 0.01
+sentry_error_replay_rate: 0.25
+sentry_environment: production
+
+traefik_routing_rule: "Host(`{{ cojedzie_domain }}`) || Host(`{{ service }}.{{ main_domain }}`)"
--- a/vars/services.yml
+++ b/vars/services.yml
@ -186,8 +186,9 @@ service_config:
      name: cojedzie
      user: cojedzie
      password: "{{ mysql_user_passwords['cojedzie'] }}"
+
  cojedzie-next:
-    template: cojedzie
+    template: cojedzie@next

    cojedzie_version: next
    cojedzie_domain: next.cojedzie.pl
@ -211,6 +212,7 @@ service_config:
    sentry_environment: next
    sentry_sample_rate_front: 0.01
    sentry_sample_rate_api: 0.01
+
  registry:
    registry_users:
      - "{{ swarm_registry_user }}"