self/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'join' (#30) from join into master

Browse Source 
Reviewed-on: #30
This commit is contained in:
emmatveev 2024-11-23 22:17:23 +03:00
commit 5c644cdc35
11 changed files with 111 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
.deploy-infra/deploy-dev.yaml
View File

@ -5,20 +5,24 @@ services:
nginx:
image: mathwave/sprint-repo:sprint-infra-nginx-dev
networks:
- common-infra-nginx
- common-infra-nginx-development
ports:
- "80:80"
- "443:443"
- published: 80
target: 80
mode: host
- published: 443
target: 443
mode: host
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
update_config:
parallelism: 1
order: start-first
# order: stop-first
postgres:
image: postgres:14-alpine3.19
@ -33,13 +37,15 @@ services:
start_period: 20s
timeout: 10s
ports:
- "5432:5432"
- published: 5432
target: 5432
mode: host
deploy:
mode: replicated
restart_policy:
condition: any
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
update_config:
parallelism: 1
order: start-first
@ -52,13 +58,15 @@ services:
MONGO_INITDB_ROOT_USERNAME: mongo
MONGO_INITDB_ROOT_PASSWORD: $MONGO_PASSWORD_DEV
ports:
- "27017:27017"
- published: 27017
target: 27017
mode: host
deploy:
mode: replicated
restart_policy:
condition: any
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
update_config:
parallelism: 1
order: start-first
@ -68,8 +76,12 @@ services:
volumes:
- /sprint-data/rabbitmq:/var/lib/rabbitmq
ports:
- "5672:5672"
- "15672:15672"
- published: 5672
target: 5672
mode: host
- published: 15672
target: 15672
mode: host
environment:
RABBITMQ_DEFAULT_PASS: $RABBITMQ_PASSWORD_DEV
deploy:
@ -77,7 +89,7 @@ services:
restart_policy:
condition: any
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
update_config:
parallelism: 1
order: start-first
@ -87,14 +99,16 @@ services:
volumes:
- /sprint-data/redis:/data
ports:
- "6379:6379"
- published: 6379
target: 6379
mode: host
command: redis-server --requirepass $REDIS_PASSWORD_DEV
deploy:
mode: replicated
restart_policy:
condition: any
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
update_config:
parallelism: 1
order: start-first
@ -107,12 +121,16 @@ services:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: $MINIO_PASSWORD_DEV
ports:
- "9000:9000"
- "9001:9001"
- published: 9000
target: 9000
mode: host
- published: 9001
target: 9001
mode: host
deploy:
mode: replicated
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
restart_policy:
condition: any
update_config:
@ -132,7 +150,7 @@ services:
deploy:
mode: replicated
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == development]
restart_policy:
condition: any
update_config:
@ -144,7 +162,5 @@ volumes:
driver: local
networks:
net:
driver: overlay
common-infra-nginx:
common-infra-nginx-development:
external: true

38
.deploy-infra/deploy-prod.yaml
View File

@ -7,8 +7,12 @@ services:
networks:
- common-infra-nginx
ports:
- "80:80"
- "443:443"
- published: 80
target: 80
mode: host
- published: 443
target: 443
mode: host
deploy:
mode: replicated
replicas: 1
@ -18,7 +22,7 @@ services:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
order: start-first
# order: start-first
postgres:
image: postgres:14-alpine3.19
@ -33,7 +37,9 @@ services:
start_period: 20s
timeout: 10s
ports:
- "5432:5432"
- published: 5432
target: 5432
mode: host
deploy:
mode: replicated
restart_policy:
@ -57,7 +63,9 @@ services:
MONGO_INITDB_ROOT_USERNAME: mongo
MONGO_INITDB_ROOT_PASSWORD: $MONGO_PASSWORD_PROD
ports:
- "27017:27017"
- published: 27017
target: 27017
mode: host
deploy:
mode: replicated
restart_policy:
@ -73,8 +81,12 @@ services:
volumes:
- /sprint-data/rabbitmq:/var/lib/rabbitmq
ports:
- "5672:5672"
- "15672:15672"
- published: 5672
target: 5672
mode: host
- published: 15672
target: 15672
mode: host
environment:
RABBITMQ_DEFAULT_PASS: $RABBITMQ_PASSWORD_PROD
deploy:
@ -92,7 +104,9 @@ services:
volumes:
- /sprint-data/redis:/data
ports:
- "6379:6379"
- published: 6379
target: 6379
mode: host
command: redis-server --requirepass $REDIS_PASSWORD_PROD
deploy:
mode: replicated
@ -112,8 +126,12 @@ services:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: $MINIO_PASSWORD_PROD
ports:
- "9000:9000"
- "9001:9001"
- published: 9000
target: 9000
mode: host
- published: 9001
target: 9001
mode: host
deploy:
mode: replicated
placement:

39
.deploy-portainer/deploy-dev.yaml
View File

@ -1,39 +0,0 @@
version: '3.2'
services:
agent:
image: portainer/agent:2.11.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
networks:
- agent_network
deploy:
mode: global
placement:
constraints: [node.platform.os == linux]
portainer:
image: portainer/portainer-ce:2.11.1
command: -H tcp://tasks.agent:9001 --tlsskipverify
ports:
- "9443:9443"
- "8888:9000"
- "8000:8000"
volumes:
- portainer_data:/data
networks:
- agent_network
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
networks:
agent_network:
driver: overlay
attachable: true
volumes:
portainer_data:

2
.deploy-portainer/deploy-prod.yaml
View File

@ -28,7 +28,7 @@ services:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
constraints: [node.labels.stage == production]
networks:
agent_network:

71
.deploy-swarmpit/deploy-dev.yaml
View File

@ -1,71 +0,0 @@
version: '3.3'
services:
app:
image: swarmpit/swarmpit:latest
environment:
- SWARMPIT_DB=http://db:5984
- SWARMPIT_INFLUXDB=http://influxdb:8086
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080"]
interval: 60s
timeout: 10s
retries: 3
networks:
- net
ports:
- "888:8080"
deploy:
resources:
limits:
memory: 1024M
reservations:
memory: 512M
placement:
constraints:
- node.role == manager
db:
image: treehouses/couchdb:2.3.1
networks:
- net
deploy:
resources:
limits:
memory: 256M
reservations:
memory: 128M
influxdb:
image: influxdb:1.7
networks:
- net
deploy:
resources:
limits:
memory: 256M
reservations:
memory: 128M
agent:
image: swarmpit/agent:latest
environment:
- DOCKER_API_VERSION=1.35
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- net
deploy:
mode: global
labels:
swarmpit.agent: 'true'
resources:
limits:
memory: 64M
reservations:
memory: 32M
networks:
net:
driver: overlay

4
.deploy-swarmpit/deploy-prod.yaml
View File

@ -24,8 +24,8 @@ services:
reservations:
memory: 512M
placement:
constraints:
- node.role == manager
constraints: [node.labels.stage == production]
db:
image: treehouses/couchdb:2.3.1
networks:

27
.gitea/workflows/deploy-dev.yaml
View File

@ -9,7 +9,7 @@ on:
jobs:
build:
name: Build
runs-on: [ dev ]
runs-on: [ prod ]
steps:
- name: login
run: docker login -u mathwave -p ${{ secrets.DOCKERHUB_PASSWORD }}
@ -23,15 +23,15 @@ jobs:
run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner
push:
name: Push
runs-on: [ dev ]
runs-on: [ prod ]
needs: build
steps:
- name: push nginx dev
run: docker push mathwave/sprint-repo:sprint-infra-nginx-dev
- name: push gitea runner
run: docker push mathwave/sprint-repo:gitea-runner
deploy-dev:
name: Deploy dev
prepare:
name: prepare
runs-on: [dev]
needs: push
steps:
@ -42,11 +42,18 @@ jobs:
with:
ref: dev
- name: prepare
run: chmod 777 ./run.sh && ./run.sh
- name: deploy swarmpit
run: docker stack deploy --with-registry-auth -c ./.deploy-swarmpit/deploy-dev.yaml swarmpit
- name: deploy portainer
run: docker stack deploy --with-registry-auth -c ./.deploy-portainer/deploy-dev.yaml portainer
run: chmod 777 ./prepare/run-development.sh && ./prepare/run-development.sh
deploy-dev:
name: Deploy dev
runs-on: [prod]
needs: prepare
steps:
- name: login
run: docker login -u mathwave -p ${{ secrets.DOCKERHUB_PASSWORD }}
- name: checkout
uses: actions/checkout@v4
with:
ref: dev
- name: deploy infra
env:
MONGO_PASSWORD_DEV: ${{ secrets.MONGO_PASSWORD_DEV }}
@ -55,4 +62,4 @@ jobs:
REDIS_PASSWORD_DEV: ${{ secrets.REDIS_PASSWORD_DEV }}
RABBITMQ_PASSWORD_DEV: ${{ secrets.RABBITMQ_PASSWORD_DEV }}
REGISTRATION_TOKEN: ${{ secrets.REGISTRATION_TOKEN }}
run: docker stack deploy --with-registry-auth -c ./.deploy-infra/deploy-dev.yaml infra
run: docker stack deploy --with-registry-auth -c ./.deploy-infra/deploy-dev.yaml infra-development

19
.gitea/workflows/deploy-prod.yaml
View File

@ -9,7 +9,7 @@ on:
jobs:
build:
name: Build
runs-on: [ dev ]
runs-on: [ prod ]
steps:
- name: login
run: docker login -u mathwave -p ${{ secrets.DOCKERHUB_PASSWORD }}
@ -23,13 +23,26 @@ jobs:
run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner
push:
name: Push
runs-on: [ dev ]
runs-on: [ prod ]
needs: build
steps:
- name: push nginx prod
run: docker push mathwave/sprint-repo:sprint-infra-nginx-prod
- name: push gitea runner
run: docker push mathwave/sprint-repo:gitea-runner
prepare:
name: prepare
runs-on: [prod]
needs: push
steps:
- name: login
run: docker login -u mathwave -p ${{ secrets.DOCKERHUB_PASSWORD }}
- name: checkout
uses: actions/checkout@v4
with:
ref: dev
- name: prepare
run: chmod 777 ./prepare/run-production.sh && ./prepare/run-production.sh
deploy-prod:
name: Deploy prod
runs-on: [prod]
@ -41,8 +54,6 @@ jobs:
uses: actions/checkout@v4
with:
ref: prod
- name: prepare
run: chmod 777 ./run.sh && ./run.sh
- name: deploy swarmpit
run: docker stack deploy --with-registry-auth -c ./.deploy-swarmpit/deploy-prod.yaml swarmpit
- name: deploy portainer

14
gitlab-runner/Dockerfile
View File

@ -1,14 +0,0 @@
FROM gitlab/gitlab-runner
RUN apt-get update
RUN apt-get install --yes ca-certificates curl gnupg lsb-release
RUN mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
RUN echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN apt-get update --yes
RUN apt-get install --yes docker-ce docker-ce-cli containerd.io docker-compose-plugin
RUN mkdir /etc/builds/
RUN chmod 777 /etc/builds

11
prepare/run-development.sh Normal file
View File

@ -0,0 +1,11 @@
docker login -u mathwave -p $DOCKERHUB_PASSWORD
docker network create -d overlay --attachable common-infra-nginx-development || true
docker network create -d overlay --attachable queues-development || true
mkdir /sprint-data/mongo || true
mkdir /sprint-data/redis || true
mkdir /sprint-data/rabbitmq || true
mkdir /sprint-data/certs || true
mkdir /sprint-data/gitea || true
chmod 777 /sprint-data/redis
chmod 777 /sprint-data/rabbitmq
chmod 777 /sprint-data/gitea

0
run.sh → prepare/run-production.sh
View File