kadet.net/servers
1
0
Fork 0
Code Releases Activity

Compare commits

base: kadet.net:586e1653b7c85435fffb428fff9298f572ccab5b
Branches Tags
kadet.net:master
kadet.net:feature/mgmt-server
..
compare: kadet.net:e93948d378629193c7b04e298957f49911b48131
Branches Tags
kadet.net:master
kadet.net:feature/mgmt-server

No commits in common. "586e1653b7c85435fffb428fff9298f572ccab5b" and "e93948d378629193c7b04e298957f49911b48131" have entirely different histories.
586e1653b7 ... e93948d378

9 changed files with 10 additions and 167 deletions
Show Stats Expand all files Collapse all files

3
services/cojedzie-next/environment
View File

@ -1,3 +0,0 @@
MERCURE_URL=http://mercure/.well-known/mercure
MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure
MERCURE_JWT_SECRET="{{ cojedzie_mercure_publisher_jwt_key }}"

108
services/cojedzie-next/stack.yml
View File

@ -1,108 +0,0 @@
version: '{{ compose_version }}'
services:
api:
image: registry.kadet.net/cojedzie/api:next
networks:
- "{{ ingress_network }}"
- default
volumes:
- db_data:/var/db
environment:
- TRUSTED_PROXIES=10.0.0.0/8
env_file:
- ./environment
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-api.rule=Host(`{{ cojedzie_domain }}`) && PathPrefix(`/api/`)
- traefik.http.routers.{{ service }}-api.priority=100
- traefik.http.routers.{{ service }}-api.tls=true
- traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-api.loadbalancer.server.port=8080
update-job:
image: registry.kadet.net/cojedzie/api:next
command: ["console", "app:update", "--async"]
networks:
- default
volumes:
- db_data:/var/db
env_file:
- ./environment
deploy:
mode: replicated
replicas: 0
labels:
- "swarm.cronjob.enable=true"
- "swarm.cronjob.schedule={{ cojedzie_update_cron }}"
restart_policy:
condition: none
cron:
image: registry.kadet.net/cojedzie/cron:next
env_file:
- ./environment
volumes:
- db_data:/var/db
depends_on:
- api
worker:
image: registry.kadet.net/cojedzie/worker:next
env_file:
- ./environment
volumes:
- db_data:/var/db
depends_on:
- api
mercure:
image: dunglas/mercure
networks:
- "{{ ingress_network }}"
- default
environment:
SERVER_NAME: ':80'
USE_FORWARDED_HEADERS: 1
MERCURE_PUBLISHER_JWT_KEY: '{{ cojedzie_mercure_publisher_jwt_key }}'
MERCURE_SUBSCRIBER_JWT_KEY: '{{ cojedzie_mercure_subscriber_jwt_key }}'
volumes:
- mercure_data:/data
- mercure_config:/config
command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-mercure.rule=Host(`{{ cojedzie_domain }}`) && PathPrefix(`/.well-known/mercure`)
- traefik.http.routers.{{ service }}-mercure.tls=true
- traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80
front:
image: registry.kadet.net/cojedzie/front:next
networks:
- "{{ ingress_network }}"
- default
depends_on:
- api
environment:
- APP_GTM={{ cojedzie_gtm }}
deploy:
mode: replicated
replicas: 1
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}-front.rule=Host(`{{ service }}.{{ main_domain }}`) || Host(`{{ cojedzie_domain }}`)
- traefik.http.routers.{{ service }}-front.tls=true
- traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
- traefik.http.services.{{ service }}-front.loadbalancer.server.port=3000
volumes:
db_data: ~
mercure_data: ~
mercure_config: ~

7
services/cojedzie-next/tasks/config.yaml
View File

@ -1,7 +0,0 @@
---
- name: 'Generate env_file for "{{ service }}"'
template:
src: "{{ service_path }}/environment"
dest: "{{ remote_service_path }}/environment"
tags:
- config

20
services/cojedzie-next/vars/main.yml
View File

@ -1,20 +0,0 @@
---
cojedzie_domain: next.cojedzie.pl
cojedzie_update_cron: 0 0 4 * * *
cojedzie_gtm: ""
cojedzie_mercure_subscriber_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
30383839613764393562623137373934333530636564313633303062323661376333653136383066
6635653934313233346662653632356365343731396139330a663035636537646465353537646162
30356136613430316564346665653263383164333833383531353532316239316433306636303165
3931313836313133390a316562333130366435633335613066373232363439623932656532373032
62646432343334346165653466633634356635323038306435343932386233323164633134373964
6232656562626566663964643634366532393136383261333931
cojedzie_mercure_publisher_jwt_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
63343966303066626336623630636330363437646133393865303933613337336362343638363862
6438346633663334626136353033663536633937623239660a303032306564323462626638616534
39373765623739623134336332326537613338353936376434353263616630393062613365613638
3739383365353837310a613931333264386365663730646163383639383563313066643438326465
30633666343736323539326133626664356462356466323366633738613436636535353963663536
3837383838613130646365633232613530303863393866613830

2
services/gitea/stack.yml
View File

@ -5,7 +5,7 @@ volumes:
services: services:
server: server:
image: gitea/gitea:1.14.2 image: gitea/gitea:1.13.4
environment: environment:
- USER_UID={{ git_user.uid }} - USER_UID={{ git_user.uid }}
- USER_GID={{ git_user.group }} - USER_GID={{ git_user.group }}

4
services/portainer/stack.yml
View File

@ -2,7 +2,7 @@ version: '{{ compose_version }}'
services: services:
agent: agent:
image: portainer/agent:2.5.1 image: portainer/agent
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes - /var/lib/docker/volumes:/var/lib/docker/volumes
@ -14,7 +14,7 @@ services:
constraints: [node.platform.os == linux] constraints: [node.platform.os == linux]
portainer: portainer:
image: portainer/portainer-ce:2.5.1 image: portainer/portainer-ce
command: -H tcp://tasks.agent:9001 --tlsskipverify command: -H tcp://tasks.agent:9001 --tlsskipverify
volumes: volumes:
- portainer_data:/data - portainer_data:/data

17
services/registry/config/config.yml
View File

@ -1,24 +1,21 @@
version: 0.1 version: 0.1
log: log:
level: debug
fields: fields:
service: registry service: registry
storage: storage:
cache: cache:
blobdescriptor: redis blobdescriptor: inmemory
{{ registry_storage|to_nice_yaml(indent=2, width=140)|indent(2) }} {{ registry_storage|to_nice_yaml(indent=2, width=140)|indent(2) }}
redis:
addr: redis:6379
http: http:
addr: :5000 addr: :5000
headers: headers:
X-Content-Type-Options: [nosniff] X-Content-Type-Options: [nosniff]
auth: auth:
htpasswd: htpasswd:
realm: Kadet's private registry realm: basic-realm
path: /etc/docker/registry/htpasswd path: /etc/docker/registry/htpasswd
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3

7
services/registry/stack.yml
View File

@ -1,13 +1,6 @@
version: "{{ compose_version }}" version: "{{ compose_version }}"
services: services:
redis:
image: redis:latest
deploy:
resources:
limits:
memory: 256M
registry: registry:
image: registry:2 image: registry:2
secrets: secrets:

9
vars/services.yml
View File

@ -49,15 +49,6 @@ service_config:
6330386139356263390a663366633232346637346233653261373330343864613262313465336432 6330386139356263390a663366633232346637346233653261373330343864613262313465336432
31366633323433653632366633376533343764343565653737633837383330323630313433323836 31366633323433653632366633376533343764343565653737633837383330323630313433323836
6530363533656439663631636532363864373666343163376632 6530363533656439663631636532363864373666343163376632
- name: docker-swarm
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333030343330666634643234323865303633343330333030303066363264323434656637356233
6165386664316536366235366336393561306139346235610a393566633363383734353933366331
36343364643366626230303463633164393336363736633662643536646539616235393232643930
3266326630393535660a393764376130343264643064613131393663333836356337613566343130
65353438613864373962636463613836313034633963613834393233376136313861303538346265
6139666332373137303962646530353364333732353339313262
registry_storage: registry_storage:
s3: s3:
accesskey: !vault | accesskey: !vault |