serguzim/services
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add woodpecker to ansible

Browse source
This commit is contained in:
Tobias Reisinger 2023-12-11 02:26:23 +01:00
parent 2b8aef7f9f
commit 570864c00f
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
8 changed files with 64 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -21,9 +21,11 @@
/watchtower/
/webdis/
/wiki-js/
/woodpecker/
/caddy/config/conf.002.d/acme.serguzim.me.conf
/caddy/config/conf.002.d/analytics.serguzim.me.conf
/caddy/config/conf.002.d/ci.serguzim.me.conf
/caddy/config/conf.002.d/coder.serguzim.me.conf
/caddy/config/conf.002.d/faas.serguzim.me.conf
/caddy/config/conf.002.d/git.serguzim.me.conf

1
_ansible/node002.yml
View file

@ -19,3 +19,4 @@
- watchtower
- webdis
- wiki-js
- woodpecker

1
_ansible/roles/telegraf/vars/main.yml
View file

@ -7,6 +7,7 @@ svc:
bucket: metrics
prometheus:
urls:
- https://ci.serguzim.me/metrics
- https://git.serguzim.me/metrics
- https://matrix.msrg.cc/_synapse/metrics
- https://tick.serguzim.me/metrics

7
_ansible/roles/woodpecker/tasks/main.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: Deploy {{ svc.name }}
tags:
- woodpecker
- ci
block:
- import_tasks: deploy-common-service.yml

53
_ansible/roles/woodpecker/vars/main.yml Normal file
View file

@ -0,0 +1,53 @@
svc:
domain: "ci.serguzim.me"
name: woodpecker
port: 8000
extra_svcs:
- domain: agents.ci.serguzim.me
docker_host: h2c://woodpecker
port: 9000
db:
host: "{{ postgres.host }}"
port: "{{ postgres.port }}"
database: woodpecker
user: "{{ vault_woodpecker.db.user }}"
pass: "{{ vault_woodpecker.db.pass }}"
svc_env:
WOODPECKER_OPEN: true
WOODPECKER_HOST: "https://{{ svc.domain }}"
WOODPECKER_ADMIN: "serguzim"
WOODPECKER_AGENT_SECRET: "{{ vault_woodpecker.agent_secret }}"
WOODPECKER_PROMETHEUS_AUTH_TOKEN: "{{ vault_metrics_token }}"
WOODPECKER_SERVER: "{{ svc.extra_svcs[0].domain }}:443"
WOODPECKER_GRPC_SECURE: true
WOODPECKER_GITEA: true
WOODPECKER_GITEA_URL: "https://git.serguzim.me"
WOODPECKER_GITEA_CLIENT: "{{ vault_woodpecker.gitea.client }}"
WOODPECKER_GITEA_SECRET: "{{ vault_woodpecker.gitea.secret }}"
WOODPECKER_DATABASE_DRIVER: "postgres"
WOODPECKER_DATABASE_DATASOURCE: "postgres://{{ svc.db.user }}:{{ svc.db.pass }}@{{ svc.db.host }}:{{ svc.db.port }}/{{ svc.db.database }}?sslmode=verify-full"
compose:
watchtower: true
image: woodpeckerci/woodpecker-server
env: true
file:
services:
agent:
image: woodpeckerci/woodpecker-agent:latest
restart: always
labels:
com.centurylinklabs.watchtower.enable: true
command: agent
env_file:
- service.env
depends_on:
- app
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
local-net:

9
caddy/config/conf.002.d/ci.serguzim.me.conf
View file

@ -1,9 +0,0 @@
ci.serguzim.me {
import default
reverse_proxy woodpecker:8000
}
agents.ci.serguzim.me {
import default
reverse_proxy h2c://woodpecker:9000
}

16
woodpecker/.env
View file

@ -1,16 +0,0 @@
WOODPECKER_OPEN="true"
WOODPECKER_HOST="https://ci.serguzim.me"
WOODPECKER_ADMIN="serguzim"
WOODPECKER_AGENT_SECRET=
WOODPECKER_PROMETHEUS_AUTH_TOKEN=
WOODPECKER_SERVER="agents.ci.serguzim.me:443"
WOODPECKER_GRPC_SECURE="true"
WOODPECKER_GITEA="true"
WOODPECKER_GITEA_URL="https://git.serguzim.me"
WOODPECKER_GITEA_CLIENT=
WOODPECKER_GITEA_SECRET=
WOODPECKER_DATABASE_DRIVER="postgres"
WOODPECKER_DATABASE_DATASOURCE="postgres://woodpecker:xxxxxx@db.serguzim.me:5432/woodpecker?sslmode=verify-full"

37
woodpecker/docker-compose.yml
View file

@ -1,37 +0,0 @@
version: '3'
services:
server:
image: woodpeckerci/woodpecker-server:latest
restart: always
labels:
com.centurylinklabs.watchtower.enable: true
env_file:
- .env
- .secret.env
networks:
local-net:
apps:
aliases:
- woodpecker
agent:
image: woodpeckerci/woodpecker-agent:latest
restart: always
labels:
com.centurylinklabs.watchtower.enable: true
command: agent
env_file:
- .env
- .secret.env
depends_on:
- server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
local-net:
networks:
local-net:
apps:
external: true