kadet.net/servers
1
0
Fork 0
Code Releases Activity

cojedzie: Update main stack for new architecture

Browse Source
This commit is contained in:
Kacper Donat 2021-06-04 16:15:59 +02:00
parent 586e1653b7
commit d99d224c6b
7 changed files with 67 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
services/cojedzie-next/environment
View File

@ -1,3 +1,3 @@
MERCURE_URL=http://mercure/.well-known/mercure
MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure
MERCURE_JWT_SECRET="{{ cojedzie_mercure_publisher_jwt_key }}"
MERCURE_JWT_SECRET={{ cojedzie_mercure_jwt_key }}

5
services/cojedzie-next/stack.yml
View File

@ -67,12 +67,11 @@ services:
environment:
SERVER_NAME: ':80'
USE_FORWARDED_HEADERS: 1
MERCURE_PUBLISHER_JWT_KEY: '{{ cojedzie_mercure_publisher_jwt_key }}'
MERCURE_SUBSCRIBER_JWT_KEY: '{{ cojedzie_mercure_subscriber_jwt_key }}'
MERCURE_PUBLISHER_JWT_KEY: '{{ cojedzie_mercure_jwt_key }}'
MERCURE_SUBSCRIBER_JWT_KEY: '{{ cojedzie_mercure_jwt_key }}'
volumes:
- mercure_data:/data
- mercure_config:/config
command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
deploy:
mode: replicated
replicas: 1

10
services/cojedzie-next/vars/main.yml
View File

@ -2,15 +2,7 @@
cojedzie_domain: next.cojedzie.pl
cojedzie_update_cron: 0 0 4 * * *
cojedzie_gtm: ""
cojedzie_mercure_subscriber_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
30383839613764393562623137373934333530636564313633303062323661376333653136383066
6635653934313233346662653632356365343731396139330a663035636537646465353537646162
30356136613430316564346665653263383164333833383531353532316239316433306636303165
3931313836313133390a316562333130366435633335613066373232363439623932656532373032
62646432343334346165653466633634356635323038306435343932386233323164633134373964
6232656562626566663964643634366532393136383261333931
cojedzie_mercure_publisher_jwt_key: !vault |
cojedzie_mercure_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
63343966303066626336623630636330363437646133393865303933613337336362343638363862
6438346633663334626136353033663536633937623239660a303032306564323462626638616534

3
services/cojedzie/environment Normal file
View File

@ -0,0 +1,3 @@
MERCURE_URL=http://mercure/.well-known/mercure
MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure
MERCURE_JWT_SECRET={{ cojedzie_mercure_jwt_key }}

48
services/cojedzie/stack.yml
View File

@ -10,12 +10,14 @@ services:
- db_data:/var/db
environment:
- TRUSTED_PROXIES=10.0.0.0/8
env_file:
- ./environment
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-api.rule=(Host(`{{ service }}.{{ main_domain }}`) || Host(`cojedzie.pl`)) && PathPrefix(`/api/`)
- traefik.http.routers.{{ service }}-api.rule=(Host(`{{ service }}.{{ main_domain }}`) || Host(`{{ cojedzie_domain }}`)) && PathPrefix(`/api/`)
- traefik.http.routers.{{ service }}-api.priority=100
- traefik.http.routers.{{ service }}-api.tls=true
- traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
@ -28,6 +30,8 @@ services:
- default
volumes:
- db_data:/var/db
env_file:
- ./environment
deploy:
mode: replicated
replicas: 0
@ -37,12 +41,46 @@ services:
restart_policy:
condition: none
worker:
image: cojedzie/worker:latest
cron:
image: cojedzie/cron:latest
env_file:
- ./environment
volumes:
- db_data:/var/db
depends_on:
- api
worker:
image: cojedzie/worker:latest
env_file:
- ./environment
volumes:
- db_data:/var/db
depends_on:
- api
mercure:
image: dunglas/mercure
networks:
- "{{ ingress_network }}"
- default
environment:
SERVER_NAME: ':80'
USE_FORWARDED_HEADERS: 1
MERCURE_PUBLISHER_JWT_KEY: '{{ cojedzie_mercure_jwt_key }}'
MERCURE_SUBSCRIBER_JWT_KEY: '{{ cojedzie_mercure_jwt_key }}'
volumes:
- mercure_data:/data
- mercure_config:/config
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-mercure.rule=(Host(`{{ service }}.{{ main_domain }}`) || Host(`{{ cojedzie_domain }}`)) && PathPrefix(`/.well-known/mercure`)
- traefik.http.routers.{{ service }}-mercure.tls=true
- traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80
front:
image: cojedzie/front:latest
@ -58,10 +96,12 @@ services:
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-front.rule=Host(`{{ service }}.{{ main_domain }}`) || Host(`cojedzie.pl`)
- traefik.http.routers.{{ service }}-front.rule=Host(`{{ service }}.{{ main_domain }}`) || Host(`{{ cojedzie_domain }}`)
- traefik.http.routers.{{ service }}-front.tls=true
- traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-front.loadbalancer.server.port=3000
volumes:
db_data: ~
mercure_data: ~
mercure_config: ~

7
services/cojedzie/tasks/config.yaml Normal file
View File

@ -0,0 +1,7 @@
---
- name: 'Generate env_file for "{{ service }}"'
template:
src: "{{ service_path }}/environment"
dest: "{{ remote_service_path }}/environment"
tags:
- config

9
services/cojedzie/vars/main.yml
View File

@ -1,3 +1,12 @@
---
cojedzie_domain: cojedzie.pl
cojedzie_update_cron: 0 0 4 * * *
cojedzie_gtm: ""
cojedzie_mercure_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
30383839613764393562623137373934333530636564313633303062323661376333653136383066
6635653934313233346662653632356365343731396139330a663035636537646465353537646162
30356136613430316564346665653263383164333833383531353532316239316433306636303165
3931313836313133390a316562333130366435633335613066373232363439623932656532373032
62646432343334346165653466633634356635323038306435343932386233323164633134373964
6232656562626566663964643634366532393136383261333931