fix: template updates and code fixes
This commit comes after provisioning the development environment. Changes: - templates: template the container name. - mage: update the deploy target to deploy to specific environments. - compose: fix network ref. - traefik: merge all dynamic templates into one file. - woodpecker(dockerfile): remove commands to copy entrypoint to the docker container since the entrypoint has been removed. - traefik: add support for using existing TLS certificates.
This commit is contained in:
parent
a51db2d523
commit
dd339eb3d6
11 changed files with 126 additions and 118 deletions
2
config
2
config
|
@ -1 +1 @@
|
|||
Subproject commit 4d9d8e21385c3c9fe481930ab157724f8d5d0dcc
|
||||
Subproject commit 1282396d8afa236111beb8bc76c36efda33fe8d8
|
|
@ -10,14 +10,14 @@ import (
|
|||
)
|
||||
|
||||
type config struct {
|
||||
RootDomain string `json:"rootDomain"`
|
||||
FlowGID int32 `json:"flowGID"`
|
||||
Docker dockerConfig `json:"docker"`
|
||||
Traefik traefikConfig `json:"traefik"`
|
||||
Forgejo forgejoConfig `json:"forgejo"`
|
||||
GoToSocial gotosocialConfig `json:"gotosocial"`
|
||||
Woodpecker woodpeckerConfig `json:"woodpecker"`
|
||||
Landing landingConfig `json:"landing"`
|
||||
RootDomain string `json:"rootDomain"`
|
||||
FlowGID int32 `json:"flowGID"`
|
||||
Docker dockerConfig `json:"docker"`
|
||||
Traefik traefikConfig `json:"traefik"`
|
||||
Forgejo forgejoConfig `json:"forgejo"`
|
||||
GoToSocial gotosocialConfig `json:"gotosocial"`
|
||||
Woodpecker woodpeckerConfig `json:"woodpecker"`
|
||||
Landing landingConfig `json:"landing"`
|
||||
}
|
||||
|
||||
type dockerConfig struct {
|
||||
|
@ -31,24 +31,27 @@ type dockerNetworkConfig struct {
|
|||
}
|
||||
|
||||
type traefikConfig struct {
|
||||
Version string `json:"version"`
|
||||
CheckNewVersion bool `json:"checkNewVersion"`
|
||||
ExternalSSHPort int32 `json:"externalSSHPort"`
|
||||
LogLevel string `json:"logLevel"`
|
||||
SendAnonymousUsage bool `json:"sendAnonymousUsage"`
|
||||
ContainerIpv4Address string `json:"containerIpv4Address"`
|
||||
AcmeEmail string `json:"acmeEmail"`
|
||||
SharedMountPoint string `json:"sharedMountPoint"`
|
||||
TlsHostDirectory string `json:"tlsHostDirectory"`
|
||||
TlsContainerDirectory string `json:"tlsContainerDirectory"`
|
||||
StaticConfigDirectory string `json:"staticConfigDirectory"`
|
||||
DynamicConfigDirectory string `json:"dynamicConfigDirectory"`
|
||||
Version string `json:"version"`
|
||||
CheckNewVersion bool `json:"checkNewVersion"`
|
||||
ExternalSSHPort int32 `json:"externalSSHPort"`
|
||||
LogLevel string `json:"logLevel"`
|
||||
SendAnonymousUsage bool `json:"sendAnonymousUsage"`
|
||||
ContainerName string `json:"containerName"`
|
||||
ContainerIpv4Address string `json:"containerIpv4Address"`
|
||||
GenerateAcmeCertificates bool `json:"generateAcmeCertificates"`
|
||||
AcmeEmail string `json:"acmeEmail"`
|
||||
SharedMountPoint string `json:"sharedMountPoint"`
|
||||
TlsHostDirectory string `json:"tlsHostDirectory"`
|
||||
TlsContainerDirectory string `json:"tlsContainerDirectory"`
|
||||
StaticConfigDirectory string `json:"staticConfigDirectory"`
|
||||
DynamicConfigDirectory string `json:"dynamicConfigDirectory"`
|
||||
}
|
||||
|
||||
type forgejoConfig struct {
|
||||
Version string `json:"version"`
|
||||
Name string `json:"name"`
|
||||
Subdomain string `json:"subdomain"`
|
||||
ContainerName string `json:"containerName"`
|
||||
ContainerIpv4Address string `json:"containerIpv4Address"`
|
||||
SshPort int32 `json:"sshPort"`
|
||||
HttpPort int32 `json:"httpPort"`
|
||||
|
@ -79,6 +82,7 @@ type gotosocialConfig struct {
|
|||
LogLevel string `json:"logLevel"`
|
||||
LinuxUID int32 `json:"linuxUID"`
|
||||
Subdomain string `json:"subdomain"`
|
||||
ContainerName string `json:"containerName"`
|
||||
ContainerIpv4Address string `json:"containerIpv4Address"`
|
||||
Port int32 `json:"port"`
|
||||
DataHostDirectory string `json:"dataHostDirectory"`
|
||||
|
@ -96,6 +100,7 @@ type woodpeckerConfig struct {
|
|||
LinuxUID int32 `json:"linuxUID"`
|
||||
Subdomain string `json:"subdomain"`
|
||||
GrpcSubdomain string `json:"grpcSubdomain"`
|
||||
ContainerName string `json:"containerName"`
|
||||
ContainerIpv4Address string `json:"containerIpv4Address"`
|
||||
HttpPort int32 `json:"httpPort"`
|
||||
GrpcPort int32 `json:"grpcPort"`
|
||||
|
@ -110,6 +115,7 @@ type woodpeckerConfig struct {
|
|||
|
||||
type landingConfig struct {
|
||||
Version string `json:"version"`
|
||||
ContainerName string `json:"containerName"`
|
||||
ContainerIpv4Address string `json:"containerIpv4Address"`
|
||||
Services []landingConfigLinks `json:"services"`
|
||||
Profiles []landingConfigLinks `json:"profiles"`
|
||||
|
|
|
@ -15,7 +15,7 @@ func Deploy(environment, name string) error {
|
|||
os.Setenv("MAGEFILE_VERBOSE", "true")
|
||||
|
||||
mg.Deps(
|
||||
mg.F(Prepare, name),
|
||||
mg.F(Prepare, environment, name),
|
||||
)
|
||||
|
||||
cfg, err := newConfig(environment)
|
||||
|
|
|
@ -22,12 +22,12 @@ networks:
|
|||
services:
|
||||
# -- Traffic flow --
|
||||
traefik:
|
||||
container_name: "traffic-flow"
|
||||
container_name: "{{ .Traefik.ContainerName }}"
|
||||
image: "localhost/flow/traefik:{{ .Traefik.Version }}"
|
||||
build:
|
||||
context: "../traefik"
|
||||
networks:
|
||||
{{ .Docker.Network.Name }}:
|
||||
flow:
|
||||
ipv4_address: "{{ .Traefik.ContainerIpv4Address }}"
|
||||
ports:
|
||||
- target: 80
|
||||
|
@ -51,7 +51,7 @@ services:
|
|||
target: "{{ .Traefik.TlsContainerDirectory }}"
|
||||
# -- Code flow --
|
||||
forgejo:
|
||||
container_name: "code-flow"
|
||||
container_name: "{{ .Forgejo.ContainerName }}"
|
||||
image: "localhost/flow/forgejo:{{ .Forgejo.Version }}"
|
||||
build:
|
||||
context: "../forgejo"
|
||||
|
@ -59,7 +59,7 @@ services:
|
|||
- "{{ .Forgejo.SshPort }}"
|
||||
- "{{ .Forgejo.HttpPort }}"
|
||||
networks:
|
||||
{{ .Docker.Network.Name }}:
|
||||
flow:
|
||||
ipv4_address: "{{ .Forgejo.ContainerIpv4Address }}"
|
||||
restart: "always"
|
||||
volumes:
|
||||
|
@ -70,7 +70,7 @@ services:
|
|||
target: "{{ .Forgejo.DataContainerDirectory }}"
|
||||
# -- Free Flow --
|
||||
gotosocial:
|
||||
container_name: "free-flow"
|
||||
container_name: "{{ .GoToSocial.ContainerName }}"
|
||||
image: "localhost/flow/gotosocial:{{ .GoToSocial.Version }}"
|
||||
build:
|
||||
context: "../gotosocial"
|
||||
|
@ -79,7 +79,7 @@ services:
|
|||
expose:
|
||||
- "{{ .GoToSocial.Port }}"
|
||||
networks:
|
||||
{{ .Docker.Network.Name }}:
|
||||
flow:
|
||||
ipv4_address: "{{ .GoToSocial.ContainerIpv4Address }}"
|
||||
restart: "always"
|
||||
volumes:
|
||||
|
@ -90,7 +90,7 @@ services:
|
|||
target: "{{ .GoToSocial.DataContainerDirectory }}"
|
||||
# -- Work Flow --
|
||||
woodpecker:
|
||||
container_name: "work-flow"
|
||||
container_name: "{{ .Woodpecker.ContainerName }}"
|
||||
image: "localhost/flow/woodpecker:{{ .Woodpecker.Version }}"
|
||||
build:
|
||||
context: "../woodpecker"
|
||||
|
@ -114,7 +114,7 @@ services:
|
|||
- "{{ .Woodpecker.HttpPort }}"
|
||||
- "{{ .Woodpecker.GrpcPort }}"
|
||||
networks:
|
||||
{{ .Docker.Network.Name }}:
|
||||
flow:
|
||||
ipv4_address: "{{ .Woodpecker.ContainerIpv4Address }}"
|
||||
restart: "always"
|
||||
volumes:
|
||||
|
@ -125,7 +125,7 @@ services:
|
|||
target: "{{ .Woodpecker.DataContainerDirectory }}"
|
||||
# -- Landing Page --
|
||||
landing:
|
||||
container_name: "landing-page"
|
||||
container_name: "{{ .Landing.ContainerName }}"
|
||||
command:
|
||||
- --address={{ .Landing.ContainerIpv4Address }}:{{ .Landing.Port }}
|
||||
{{ range .Landing.Services -}}
|
||||
|
@ -138,7 +138,7 @@ services:
|
|||
expose:
|
||||
- "{{ .Landing.Port }}"
|
||||
networks:
|
||||
{{ .Docker.Network.Name }}:
|
||||
flow:
|
||||
ipv4_address: "{{ .Landing.ContainerIpv4Address }}"
|
||||
restart: "always"
|
||||
volumes:
|
||||
|
|
86
templates/traefik/dynamic_config.yaml.gotmpl
Normal file
86
templates/traefik/dynamic_config.yaml.gotmpl
Normal file
|
@ -0,0 +1,86 @@
|
|||
{{- define "tlsSetup" -}}
|
||||
{{- if .Traefik.GenerateAcmeCertificates }}
|
||||
tls:
|
||||
certResolver: resolver
|
||||
{{- else }}
|
||||
tls: {}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
---
|
||||
http:
|
||||
routers:
|
||||
forgejo:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .Forgejo.Subdomain }}.{{ .RootDomain }}`)"
|
||||
service: "forgejo"
|
||||
{{- template "tlsSetup" }}
|
||||
gotosocial:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .GoToSocial.Subdomain }}.{{ .RootDomain }}`)"
|
||||
service: "gotosocial"
|
||||
{{- template "tlsSetup" }}
|
||||
landing:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .RootDomain }}`)"
|
||||
service: "landing"
|
||||
{{- template "tlsSetup" }}
|
||||
woodpecker:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .Woodpecker.Subdomain }}.{{ .RootDomain }}`)"
|
||||
service: "woodpecker"
|
||||
{{- template "tlsSetup" }}
|
||||
woodpecker-grpc:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .Woodpecker.GrpcSubdomain }}.{{ .RootDomain }}`)"
|
||||
service: "woodpecker-grpc"
|
||||
{{- template "tlsSetup" }}
|
||||
|
||||
services:
|
||||
forgejo:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .Forgejo.ContainerIpv4Address }}:{{ .Forgejo.HttpPort }}/"
|
||||
gotosocial:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .GoToSocial.ContainerIpv4Address }}:{{ .GoToSocial.Port }}/"
|
||||
landing:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .Landing.ContainerIpv4Address }}:{{ .Landing.Port }}/"
|
||||
woodpecker:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .Woodpecker.ContainerIpv4Address }}:{{ .Woodpecker.HttpPort }}/"
|
||||
woodpecker-grpc:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "h2c://{{ .Woodpecker.ContainerIpv4Address }}:{{ .Woodpecker.GrpcPort }}/"
|
||||
|
||||
tcp:
|
||||
routers:
|
||||
gitSSH:
|
||||
entryPoints:
|
||||
- "gitSSH"
|
||||
rule: "HostSNI(`*`)"
|
||||
service: "gitSSH"
|
||||
services:
|
||||
gitSSH:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- address: "{{ .Forgejo.ContainerIpv4Address }}:{{ .Forgejo.SshPort }}"
|
||||
|
||||
{{- if not .Traefik.GenerateAcmeCertificates }}
|
||||
|
||||
tls:
|
||||
stores:
|
||||
default:
|
||||
defaultCertificate:
|
||||
certFile: {{ .Traefik.TlsContainerDirectory }}/traefik.crt
|
||||
keyFile: {{ .Traefik.TlsContainerDirectory }}/traefik.key
|
||||
{{- end }}
|
|
@ -1,28 +0,0 @@
|
|||
---
|
||||
http:
|
||||
routers:
|
||||
gitea:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .Forgejo.Subdomain }}.{{ .RootDomain }}`)"
|
||||
service: "git"
|
||||
tls:
|
||||
certResolver: resolver
|
||||
services:
|
||||
git:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .Forgejo.ContainerIpv4Address }}:{{ .Forgejo.HttpPort }}/"
|
||||
|
||||
tcp:
|
||||
routers:
|
||||
gitSSH:
|
||||
entryPoints:
|
||||
- "gitSSH"
|
||||
rule: "HostSNI(`*`)"
|
||||
service: "gitSSH"
|
||||
services:
|
||||
gitSSH:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- address: "{{ .Forgejo.ContainerIpv4Address }}:{{ .Forgejo.SshPort }}"
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
http:
|
||||
routers:
|
||||
gotosocial:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .GoToSocial.Subdomain }}.{{ .RootDomain }}`)"
|
||||
service: "gotosocial"
|
||||
tls:
|
||||
certResolver: resolver
|
||||
services:
|
||||
gotosocial:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .GoToSocial.ContainerIpv4Address }}:{{ .GoToSocial.Port }}/"
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
http:
|
||||
routers:
|
||||
landing-page:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .RootDomain }}`)"
|
||||
service: landing-page
|
||||
tls:
|
||||
certResolver: resolver
|
||||
services:
|
||||
landing-page:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .Landing.ContainerIpv4Address }}:{{ .Landing.Port }}"
|
|
@ -1,26 +0,0 @@
|
|||
---
|
||||
http:
|
||||
routers:
|
||||
woodpecker:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .Woodpecker.Subdomain }}.{{ .RootDomain }}`)"
|
||||
service: "woodpecker"
|
||||
tls:
|
||||
certResolver: resolver
|
||||
woodpecker-grpc:
|
||||
entryPoints:
|
||||
- "https"
|
||||
rule: "Host(`{{ .Woodpecker.GrpcSubdomain }}.{{ .RootDomain }}`)"
|
||||
service: "woodpecker-grpc"
|
||||
tls:
|
||||
certResolver: resolver
|
||||
services:
|
||||
woodpecker:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://{{ .Woodpecker.ContainerIpv4Address }}:{{ .Woodpecker.HttpPort }}/"
|
||||
woodpecker-grpc:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "h2c://{{ .Woodpecker.ContainerIpv4Address }}:{{ .Woodpecker.GrpcPort }}"
|
|
@ -23,6 +23,7 @@ providers:
|
|||
file:
|
||||
watch: true
|
||||
directory: "{{ .Traefik.DynamicConfigDirectory }}"
|
||||
{{- if .Traefik.GenerateAcmeCertificates }}
|
||||
certificatesResolvers:
|
||||
resolver:
|
||||
acme:
|
||||
|
@ -30,5 +31,6 @@ certificatesResolvers:
|
|||
storage: "{{ .Traefik.TlsContainerDirectory }}/acme.json"
|
||||
keyType: "RSA4096"
|
||||
tlsChallenge: {}
|
||||
{{- end }}
|
||||
log:
|
||||
level: "{{ .Traefik.LogLevel }}"
|
||||
|
|
|
@ -14,8 +14,6 @@ RUN --mount=type=bind,source=.,target=/packages \
|
|||
&& chmod 0700 {{ .Woodpecker.DataContainerDirectory }} /flow/woodpecker/tmp \
|
||||
&& tar xzvf /packages/woodpecker-server-{{ .Woodpecker.Version }}_linux_amd64.tar.gz \
|
||||
&& mv /tmp/woodpecker-server /usr/local/bin/woodpecker-server \
|
||||
&& cp /packages/entrypoint.sh /usr/local/bin/entrypoint \
|
||||
&& chmod a+x /usr/local/bin/entrypoint \
|
||||
&& rm -rf /tmp/*
|
||||
|
||||
ENV GODEBUG=netdns=go
|
||||
|
|
Loading…
Reference in a new issue