kadet.net/servers
1
0
Fork 0
Code Releases Activity

cojedzie-next: Create service

Browse Source
This commit is contained in:
Kacper Donat 2021-06-04 09:53:11 +02:00
parent e93948d378
commit ec8365dfb5
5 changed files with 147 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
services/cojedzie-next/environment Normal file
View File

@ -0,0 +1,3 @@
MERCURE_URL=http://mercure/.well-known/mercure
MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure
MERCURE_JWT_SECRET="{{ cojedzie_mercure_publisher_jwt_key }}"

108
services/cojedzie-next/stack.yml Normal file
View File

@ -0,0 +1,108 @@
version: '{{ compose_version }}'
services:
api:
image: registry.kadet.net/cojedzie/api:next
networks:
- "{{ ingress_network }}"
- default
volumes:
- db_data:/var/db
environment:
- TRUSTED_PROXIES=10.0.0.0/8
env_file:
- ./environment
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-api.rule=Host(`{{ cojedzie_domain }}`) && PathPrefix(`/api/`)
- traefik.http.routers.{{ service }}-api.priority=100
- traefik.http.routers.{{ service }}-api.tls=true
- traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-api.loadbalancer.server.port=8080
update-job:
image: registry.kadet.net/cojedzie/api:next
command: ["console", "app:update", "--async"]
networks:
- default
volumes:
- db_data:/var/db
env_file:
- ./environment
deploy:
mode: replicated
replicas: 0
labels:
- "swarm.cronjob.enable=true"
- "swarm.cronjob.schedule={{ cojedzie_update_cron }}"
restart_policy:
condition: none
cron:
image: registry.kadet.net/cojedzie/cron:next
env_file:
- ./environment
volumes:
- db_data:/var/db
depends_on:
- api
worker:
image: registry.kadet.net/cojedzie/worker:next
env_file:
- ./environment
volumes:
- db_data:/var/db
depends_on:
- api
mercure:
image: dunglas/mercure
networks:
- "{{ ingress_network }}"
- default
environment:
SERVER_NAME: ':80'
USE_FORWARDED_HEADERS: 1
MERCURE_PUBLISHER_JWT_KEY: '{{ cojedzie_mercure_publisher_jwt_key }}'
MERCURE_SUBSCRIBER_JWT_KEY: '{{ cojedzie_mercure_subscriber_jwt_key }}'
volumes:
- mercure_data:/data
- mercure_config:/config
command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-mercure.rule=Host(`{{ cojedzie_domain }}`) && PathPrefix(`/.well-known/mercure`)
- traefik.http.routers.{{ service }}-mercure.tls=true
- traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80
front:
image: registry.kadet.net/cojedzie/front:next
networks:
- "{{ ingress_network }}"
- default
depends_on:
- api
environment:
- APP_GTM={{ cojedzie_gtm }}
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-front.rule=Host(`{{ service }}.{{ main_domain }}`) || Host(`{{ cojedzie_domain }}`)
- traefik.http.routers.{{ service }}-front.tls=true
- traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-front.loadbalancer.server.port=3000
volumes:
db_data: ~
mercure_data: ~
mercure_config: ~

7
services/cojedzie-next/tasks/config.yaml Normal file
View File

@ -0,0 +1,7 @@
---
- name: 'Generate env_file for "{{ service }}"'
template:
src: "{{ service_path }}/environment"
dest: "{{ remote_service_path }}/environment"
tags:
- config

20
services/cojedzie-next/vars/main.yml Normal file
View File

@ -0,0 +1,20 @@
---
cojedzie_domain: next.cojedzie.pl
cojedzie_update_cron: 0 0 4 * * *
cojedzie_gtm: ""
cojedzie_mercure_subscriber_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
30383839613764393562623137373934333530636564313633303062323661376333653136383066
6635653934313233346662653632356365343731396139330a663035636537646465353537646162
30356136613430316564346665653263383164333833383531353532316239316433306636303165
3931313836313133390a316562333130366435633335613066373232363439623932656532373032
62646432343334346165653466633634356635323038306435343932386233323164633134373964
6232656562626566663964643634366532393136383261333931
cojedzie_mercure_publisher_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
63343966303066626336623630636330363437646133393865303933613337336362343638363862
6438346633663334626136353033663536633937623239660a303032306564323462626638616534
39373765623739623134336332326537613338353936376434353263616630393062613365613638
3739383365353837310a613931333264386365663730646163383639383563313066643438326465
30633666343736323539326133626664356462356466323366633738613436636535353963663536
3837383838613130646365633232613530303863393866613830

9
vars/services.yml
View File

@ -49,6 +49,15 @@ service_config:
6330386139356263390a663366633232346637346233653261373330343864613262313465336432
31366633323433653632366633376533343764343565653737633837383330323630313433323836
6530363533656439663631636532363864373666343163376632
- name: docker-swarm
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333030343330666634643234323865303633343330333030303066363264323434656637356233
6165386664316536366235366336393561306139346235610a393566633363383734353933366331
36343364643366626230303463633164393336363736633662643536646539616235393232643930
3266326630393535660a393764376130343264643064613131393663333836356337613566343130
65353438613864373962636463613836313034633963613834393233376136313861303538346265
6139666332373137303962646530353364333732353339313262
registry_storage:
s3:
accesskey: !vault |