diff --git a/services/cojedzie@next/stack.yml b/services/cojedzie@next/stack.yml new file mode 100644 index 0000000..8feb8c9 --- /dev/null +++ b/services/cojedzie@next/stack.yml @@ -0,0 +1,100 @@ +version: "{{ compose_version }}" + +x-defaults: + worker: &worker + image: {{ cojedzie_image_base }}/worker:{{ cojedzie_worker_version }} + env_file: + - ./api.env + - ./sentry.env + volumes: + - db_data:/var/db + depends_on: + - api + +services: + api: + image: {{ cojedzie_image_base }}/api:{{ cojedzie_api_version }} + networks: + - "{{ ingress_network }}" + - default + volumes: + - db_data:/var/db + environment: + - TRUSTED_PROXIES=10.0.0.0/8 + env_file: + - ./api.env + - ./sentry.env + deploy: + mode: replicated + replicas: 1 + update_config: + parallelism: 1 + order: start-first + labels: + - traefik.enable=true + - traefik.http.routers.{{ service }}-api.rule=({{ traefik_routing_rule }}) && (PathPrefix(`/api/`) || PathPrefix(`/bundles/`)) + - traefik.http.routers.{{ service }}-api.priority=100 + - traefik.http.routers.{{ service }}-api.tls=true + - traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt + - traefik.http.services.{{ service }}-api.loadbalancer.server.port=8080 + + schedule: + <<: *worker + environment: + COJEDZIE_WORKER_OPTS: '-vv' + COJEDZIE_WORKER_QUEUES: 'scheduler_default scheduler_hub' + + worker: + <<: *worker + + mercure: + image: dunglas/mercure:{{ cojedzie_mercure_version|default('latest') }} + networks: + - "{{ ingress_network }}" + - default + environment: + SERVER_NAME: ":80" + USE_FORWARDED_HEADERS: 1 + MERCURE_PUBLISHER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}" + MERCURE_SUBSCRIBER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}" + volumes: + - mercure_data:/data + - mercure_config:/config + deploy: + mode: replicated + replicas: 1 + labels: + - traefik.enable=true + - traefik.http.routers.{{ service }}-mercure.rule=({{ traefik_routing_rule }}) && PathPrefix(`/.well-known/mercure`) + - traefik.http.routers.{{ service }}-mercure.tls=true + - traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt + - traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80 + + front: + image: {{ cojedzie_image_base }}/front:{{ cojedzie_front_version }} + networks: + - "{{ ingress_network }}" + - default + depends_on: + - api + env_file: + - ./front.env + - ./sentry.env + deploy: + mode: replicated + replicas: 1 + update_config: + parallelism: 1 + order: start-first + labels: + - traefik.enable=true + - traefik.http.routers.{{ service }}-front.rule={{ traefik_routing_rule }} + - traefik.http.routers.{{ service }}-front.tls=true + - traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt + - traefik.http.routers.{{ service }}-front.middlewares=gzip@file + - traefik.http.services.{{ service }}-front.loadbalancer.server.port=3000 + +volumes: + db_data: ~ + mercure_data: ~ + mercure_config: ~ diff --git a/services/cojedzie@next/tasks/config.yaml b/services/cojedzie@next/tasks/config.yaml new file mode 100644 index 0000000..7480a7d --- /dev/null +++ b/services/cojedzie@next/tasks/config.yaml @@ -0,0 +1,13 @@ +--- +- name: 'Generate env files for "{{ service }}"' + template: + src: "{{ service_path }}/templates/{{ file }}" + dest: "{{ remote_service_path }}/{{ file }}" + tags: + - config + loop_control: + loop_var: file + with_items: + - api.env + - front.env + - sentry.env diff --git a/services/cojedzie@next/tasks/pre-deploy.yaml b/services/cojedzie@next/tasks/pre-deploy.yaml new file mode 100644 index 0000000..eb2ba4f --- /dev/null +++ b/services/cojedzie@next/tasks/pre-deploy.yaml @@ -0,0 +1,15 @@ +--- +- name: 'Pull all images for "{{ service }}"' + when: cojedzie_force_pull_images|default(false) + community.docker.docker_image: + name: "{{ image }}" + source: pull + force_source: yes + with_items: + - "{{ cojedzie_image_base }}/front:{{ cojedzie_front_version }}" + - "{{ cojedzie_image_base }}/api:{{ cojedzie_api_version }}" + - "{{ cojedzie_image_base }}/worker:{{ cojedzie_worker_version }}" + loop_control: + loop_var: image + notify: + - Restart services diff --git a/services/cojedzie@next/templates/api.env b/services/cojedzie@next/templates/api.env new file mode 100644 index 0000000..707be8f --- /dev/null +++ b/services/cojedzie@next/templates/api.env @@ -0,0 +1,8 @@ +MERCURE_URL=http://mercure/.well-known/mercure +MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure +MERCURE_JWT_SECRET={{ cojedzie_mercure_jwt_key }} + +DATABASE_URL=mysql://{{ cojedzie_database.user }}:{{ cojedzie_database.password }}@{{ database_mysql_host }}/{{ cojedzie_database.name }}?serverVersion=mariadb-10.7.1 + +SENTRY_DSN={{ sentry_dsn_api }} +SENTRY_SAMPLE_RATE={{ sentry_sample_rate_api }} diff --git a/services/cojedzie@next/templates/front.env b/services/cojedzie@next/templates/front.env new file mode 100644 index 0000000..99cca6f --- /dev/null +++ b/services/cojedzie@next/templates/front.env @@ -0,0 +1,9 @@ +COJEDZIE_GTM={{ cojedzie_gtm }} +COJEDZIE_MAPTILER_KEY={{ cojedzie_maptiler }} +COJEDZIE_API=http://api:8080 +COJEDZIE_API_HUB=https://{{ cojedzie_domain }} + +SENTRY_DSN={{ sentry_dsn_front }} +SENTRY_SAMPLE_RATE={{ sentry_sample_rate_front }} +SENTRY_TRACE_RATE={{ sentry_trace_rate|default(0.1) }} +SENTRY_SESSION_RATE={{ sentry_session_rate|default(0.1) }} diff --git a/services/cojedzie@next/templates/sentry.env b/services/cojedzie@next/templates/sentry.env new file mode 100644 index 0000000..df7bc9f --- /dev/null +++ b/services/cojedzie@next/templates/sentry.env @@ -0,0 +1 @@ +SENTRY_ENVIRONMENT={{ sentry_environment }} diff --git a/services/cojedzie@next/vars/main.yml b/services/cojedzie@next/vars/main.yml new file mode 100644 index 0000000..b357507 --- /dev/null +++ b/services/cojedzie@next/vars/main.yml @@ -0,0 +1,30 @@ +--- +cojedzie_domain: cojedzie.pl +cojedzie_update_cron: 0 0 4 * * * +cojedzie_gtm: "" +cojedzie_mercure_jwt_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 30383839613764393562623137373934333530636564313633303062323661376333653136383066 + 6635653934313233346662653632356365343731396139330a663035636537646465353537646162 + 30356136613430316564346665653263383164333833383531353532316239316433306636303165 + 3931313836313133390a316562333130366435633335613066373232363439623932656532373032 + 62646432343334346165653466633634356635323038306435343932386233323164633134373964 + 6232656562626566663964643634366532393136383261333931 +cojedzie_maptiler: 8GX5FRUNgk4lB83GZT8Q + +cojedzie_image_base: docker.io/cojedzie + +cojedzie_version: latest +cojedzie_front_version: "{{ cojedize_version }}" +cojedzie_api_version: "{{ cojedize_version }}" +cojedzie_worker_version: "{{ cojedize_version }}" + +sentry_dsn_api: https://fd114053dd724e0eb16011ac0da16ba1@o4505224124891136.ingest.sentry.io/4505224126332928 +sentry_dsn_front: https://2815d4e0251240fcb9cd8c81c31e86fe@o4505224124891136.ingest.sentry.io/4505224128233472 +sentry_sample_rate_api: 0.05 +sentry_sample_rate_front: 0.01 +sentry_session_replay_rate: 0.01 +sentry_error_replay_rate: 0.25 +sentry_environment: production + +traefik_routing_rule: "Host(`{{ cojedzie_domain }}`) || Host(`{{ service }}.{{ main_domain }}`)" diff --git a/vars/services.yml b/vars/services.yml index dc21f12..9221b7f 100644 --- a/vars/services.yml +++ b/vars/services.yml @@ -186,8 +186,9 @@ service_config: name: cojedzie user: cojedzie password: "{{ mysql_user_passwords['cojedzie'] }}" + cojedzie-next: - template: cojedzie + template: cojedzie@next cojedzie_version: next cojedzie_domain: next.cojedzie.pl @@ -211,6 +212,7 @@ service_config: sentry_environment: next sentry_sample_rate_front: 0.01 sentry_sample_rate_api: 0.01 + registry: registry_users: - "{{ swarm_registry_user }}"