Merge pull request 'fix' (#29) from master into dev

Reviewed-on: #29

.deploy/deploy-dev.yaml

@@ -16,9 +16,11 @@ services:
     networks:
       - configurator
     deploy:
-      mode: global
+      mode: replicated
       restart_policy:
         condition: any
+      placement:
+        constraints: [node.labels.stage == development]
       update_config:
         parallelism: 1
         order: start-first

.deploy/deploy-prod.yaml

@@ -2,44 +2,29 @@ version: "3.4"
 
 
 services:
-  worker:
+  certupdater:
-    image: mathwave/sprint-repo:pizda-bot
+    image: mathwave/sprint-repo:certupdater
     command: worker
     environment:
+      MINIO_HOST: "minio.sprinthub.ru"
+      MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD
       MONGO_HOST: "mongo.sprinthub.ru"
       MONGO_PASSWORD: $MONGO_PASSWORD_PROD
       STAGE: "production"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
     networks:
-      - queues
       - configurator
     deploy:
       mode: replicated
       restart_policy:
         condition: any
-      update_config:
+      placement:
-        parallelism: 1
+        constraints: [node.labels.stage == production]
-        order: start-first
-
-  pizda-bot-nginx:
-    image: mathwave/sprint-repo:pizda-bot
-    command: api
-    environment:
-      MONGO_HOST: "mongo.sprinthub.ru"
-      MONGO_PASSWORD: $MONGO_PASSWORD_PROD
-    networks:
-      - common-infra-nginx
-    deploy:
-      mode: replicated
-      restart_policy:
-        condition: any
       update_config:
         parallelism: 1
         order: start-first
 
 networks:
-  common-infra-nginx:
-    external: true
-  queues:
-    external: true
   configurator:
     external: true

.gitea/workflows/deploy-prod.yaml

@@ -40,4 +40,5 @@ jobs:
       - name: deploy
         env:
           MONGO_PASSWORD_PROD: ${{ secrets.MONGO_PASSWORD_PROD }}
-        run: docker stack deploy --with-registry-auth -c ./.deploy/deploy-prod.yaml pizda-bot
+          MINIO_SECRET_KEY_PROD: ${{ secrets.MINIO_SECRET_KEY_PROD }}
+        run: docker stack deploy --with-registry-auth -c ./.deploy/deploy-prod.yaml certupdater

main.py

@@ -1,5 +1,6 @@
 import datetime
 import io
+import os
 import subprocess
 import time
 from configurator import configurator
@@ -27,13 +28,16 @@ def get_hosts() -> list[str]:
 
 
 def update_host(host: str) -> bool:
+    if os.getenv("STAGE") == "development":
         container_id_run = call(f"echo $(docker ps -q -f name=infra-development_nginx)")
+    else:
+        container_id_run = call(f"echo $(docker ps -q -f name=infra_nginx)")
     if container_id_run.code != 0:
         print(f"something wrong {container_id_run.err}")
         return False
     container_name = container_id_run.out.strip()
     if not container_name:
-        print("Not correct node")
+        print("No nginx container")
         return False
     
     gen_command = f"docker exec {container_name} certbot --nginx --email emmtvv@gmail.com --agree-tos --non-interactive -d \"{host}\""
@@ -66,10 +70,17 @@ def update_host(host: str) -> bool:
 while True:
     now = datetime.datetime.now()
     mongo_hosts = mongo.hosts
+    updated = False
     for host in get_hosts():
         if now + datetime.timedelta(days=14) > mongo_hosts.get(host, {"expire_time": datetime.datetime.fromtimestamp(1)})["expire_time"]:
             success = update_host(host)
             if success:
                 print(f"Host {host} updated")
                 mongo.update_date(host)
-    time.sleep(5 * 60)
+                updated = True
+    if updated:
+        if os.getenv("STAGE") == "development":
+            call("docker service update --force infra-development_nginx")
+        else:
+            call("docker service update --force infra_nginx")
+    time.sleep(30)