Merge pull request 'drone' (#3) from drone into master

Reviewed-on: #3
2022-11-02 21:19:52 +00:00 · 2022-11-02 21:19:52 +00:00 · 653891f446
commit 653891f446
parent 91d441b38e 87db6ddf40
20 changed files with 187 additions and 39 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1 @@
+Dockerfile
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,19 @@
+kind: pipeline
+name: default
+type: docker
+
+steps:
+- name: deploy
+  image: v4l3n71n/covas:latest
+  pull: if-not-exists
+  commands:
+    - eval $(ssh-agent -s)
+    - id -u ansible
+    - sshpass -p 50ford5080850 ssh-add ssh_keys/id_rsa_nas
+    - sshpass -p 23v4l3n71n02cz3ry841993 ssh-add ssh_keys/id_rsa_vps
+    - ansible-playbook -i inventory --syntax-check playbook.yml
+    - ansible --ask-vault-password -i inventory -m ping playbook.yml
+
+
+image_pull_secrets:
+  - dockerconfig
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+ssh_keys/
--- a/9
+++ b/9
@ -0,0 +1,9 @@
+FROM debian:bookworm-slim
+RUN apt-get update --yes && apt-get upgrade --yes && apt-get install --yes python3 python3-pip openssh-client sshpass && rm -rf /var/lib/apt/lists/*
+RUN groupadd -r ansible && useradd -m -r -g ansible ansible
+USER ansible
+RUN pip install ansible
+WORKDIR /home/ansible
+ENV PATH="${PATH}:/home/ansible/.local/bin"
+COPY --chown=ansible:ansible . /home/ansible
+RUN  ansible-galaxy install -vvvv -r requirements.yml
--- a/inventory/group_vars/db
+++ b/inventory/group_vars/db
@ -1,3 +1,4 @@
+msg: db
 postgres_url: db.valczeryba.ovh
 postgres_db: toto
 postgres_port: 54321
--- a/inventory/group_vars/db_vault
+++ b/inventory/group_vars/db_vault
@ -1,15 +1,15 @@
 $ANSIBLE_VAULT;1.1;AES256
-39326362343932646638333238366563643865333035666231336238353131643433313237373031
-3732373733343264303039653534306461623661333266630a373363646661393764323139366266
-39326432626434343230613334386266613030313862623436623335343734343565393831376263
-3131346166303836310a663066643333613866303538653066336366353966656662333332646639
-33373134366662323632613465316465326530363662326437633630306164393438303137663730
-37333065633230663862306364356161323131653662633339353361383437346339346262383139
-64363634333364363666373636373037386265383063393938356466623237313966633538336138
-61346639313535323730323834373230373733396661386163643531356465343532323266306335
-38656232626432323737663030613130323536396266623332326130396463333434633363383139
-37636630623263383933353066333736346162376162336239376530316533663936363062616131
-30636437353963633138353838626532646238363935343764623530613139393564643464653538
-61373964373063633331653131363663333230663239633764636333363435646433643637323664
-66666336386464663231393836613862613935373465303331353563656361386363316438393662
-3530383833303736656536363238626465663330396430636332
+31393434663833363061653862663138393835663538346465383065323231616163343964303966
+3437316337383464323933306632393766386234366133360a313466356333343939396134333430
+38376636663234666534666637663638633766623034323164393234656365613437643738393833
+3466616536353935340a366165346464343863613133373739366534373835396436343138326532
+37376261383631366531333061353133643432623164633335373037393732366132346438326163
+32386639396661626431616463383165393035396139333336316263636236323130656534636237
+36636536613064393632343564343734626666323037303630623764316338346161373134656165
+64666133663364633064323763303964663964393139646663306334353435633839383164313734
+61373731356331336265663835346234323934656236646363663562396131336161663662393634
+65383761363763326366313063333337633039383830663066663261393464646437663366366565
+39366661653934626337656336306435363263373534323239353831343231303134613338623236
+63306464393031666666613530326138646535613534303365323965323466366131343236663030
+37323032656136383661333331363635643234333138626239383733336135333637353930316338
+6537303238333962313362376434383038666133376134383132
--- a/inventory/group_vars/drone
+++ b/inventory/group_vars/drone
@ -0,0 +1,22 @@
+drone_gitea_server: https://git.valczeryba.ovh
+drone_server_host: drone.valczeryba.ovh:8000
+drone_agents_enabled: true
+drone_server_proto: http
+drone_tls_autocert: false
+drone_open: false
+drone_host: http://localhost:8000
+drone_rpc_server: drone-server:8000
+
+msg: drone
+
+project_src: "/home/valentin/drone"
+
+project_directory: 
+  - "{{ project_src }}"
+
+project_env: env-drone.j2
+docker_compose_file: "docker-compose-drone.yml"
+
+ports_tcp:
+  - 8000
+  - 9000
--- a/inventory/group_vars/drone_vault
+++ b/inventory/group_vars/drone_vault
@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+38303932316262306464333166316363643239366561323234643563623362336335613237376239
+3535393466323064333163363932663731663031663933350a323431653239396663343666373765
+31373066383234303139663135326462613539626363373930346366383831646536316465373563
+3537653761373233300a383637623932616663393763643066326238633932643730336339336330
+38366430336561613866373634313130616438313234666431396638366161613839303864353561
+35613234326539383765666637323236303161623061633164646430663834393764623931656638
+63336533383065343738373564393266653738656163643165383434623836666434646337336565
+32373261636363396363343236353336306331313761623531653834346536353039656564316138
+66643166653435666162383333366233353165393837303539646538353765653465363532346231
+65633365353131613437623663313934626461313437373730623164636364393362366537373162
+62363965323662356638633661363236326437353366356134346333313466323139336362363234
+62376262346338643339363566303339366165636566623565363238363736646637646635303531
+38343031666635323539353431316164353830363838313662613063616532623730346561333665
+33316137613666636439383364353735653535346537383831323333646238356534393935643435
+31643637323366616230633039336633313631316330323064306638663039393330376366633930
+65643861363231313033333662396339636432343133336561356438636233643762313539323166
+6261
--- a/inventory/group_vars/nas_vault
+++ b/inventory/group_vars/nas_vault
@ -1,6 +1,7 @@
 $ANSIBLE_VAULT;1.1;AES256
-35333863396561393462653263323133343233346534616138616530643066323161656534653738
-3335306466663636623236383435663337393466633437660a303961663331653463343933353966
-35636161393663386137306561613965653438626432323865323233636662653333616532636665
-3562333936366238640a646262373233363665366437653032303238313266356138343239303936
-36663531303061663763653637333365303664666563353631303435633462343537
+61643965343735653231363764646132363434653530346532343765663036376434353334356330
+6133383634643439353338383039653234303666306661350a636366343465356639646535663234
+31356434363130663961653638363463333330346561333933643263643362343132376131313764
+3439663335386235610a396435303138666166383363303038663163393538323362313965613933
+65666338653533386234336365316664313266326130313064653864386235323461303938386333
+3239646561363831643530633466613035643630363761326666
--- a/inventory/group_vars/registry
+++ b/inventory/group_vars/registry
@ -1,9 +1,10 @@
-
+msg: registry
 project_src: "/home/valentin/registry"

 project_directory:
  - "{{ project_src }}"

+
 docker_compose_file: "docker-compose-registry.yml"


--- a/inventory/hosts
+++ b/inventory/hosts
@ -1,5 +1,6 @@
 vps ansible_connection=ssh ansible_host=51.222.107.37 ansible_port=2424 ansible_user=valentin
 valentin-nas ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin
+drone-host ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin
 localhost ansible_host=127.0.0.1

 [db]
@ -11,8 +12,16 @@ db
 [nas]
 valentin-nas

-[registry:children]
-nas
+ 
+[registry]
+valentin-nas
+
+
+[drone]
+drone-host
+
+[drone_vault:children]
+drone

 [nas_vault:children]
 nas
--- a/playbook.yml
+++ b/playbook.yml
@ -1,9 +1,10 @@
 ---
- hosts: registry db
+- hosts: registry db drone
  remote_user: valentin
  roles:
    - server

+
 - hosts: local
  remote_user: valentin
  roles:
--- a/requirements.yml
+++ b/requirements.yml
@ -1,7 +1,4 @@
-/home/valentin/.ansible/collections/ansible_collections:
-  community.docker:
-    version: 3.1.0
-/usr/lib/python3.10/site-packages/ansible_collections:
+collections:
  amazon.aws:
    version: 3.4.0
  ansible.netcommon:
--- a/scaleway-k8s/tasks/main.yml
+++ b/scaleway-k8s/tasks/main.yml
@ -1,15 +1,15 @@
 - name: Create folder for image
-  ansible.builtin.import_tasks: create-build.yml
+  import_tasks: create-build.yml
  tags: ["create-build"]

 - name: Create cluster k8s scaleway via terraform
-  ansible.builtin.import_tasks: create-cluster.yml
+  import_tasks: create-cluster.yml
  tags: ["create-cluster"]

 - name: Get id Cluster
-  ansible.builtin.import_tasks: kubeconfig.yml
+  import_tasks: kubeconfig.yml
  tags: ["create-cluster", "kubeconfig"]

 - name: Destroy cluster k8s scaleway via terraform
-  ansible.builtin.import_tasks: destroy-cluster.yml
+  import_tasks: destroy-cluster.yml
  tags: ["destroy-cluster"]
--- a/server/files/docker-compose-drone.yml
+++ b/server/files/docker-compose-drone.yml
@ -0,0 +1,51 @@
+version: '3.5'
+
+services:
+  drone-server:
+    image: drone/drone:2
+    ports:
+      - 8000:80
+      - 9000:443
+    networks:
+      - drone
+    volumes:
+      - ./drone-data:/var/lib/drone/
+      - /var/run/docker.sock:/var/run/docker.sock
+    env_file:
+      - .env
+    restart: always
+    environment:
+      - DRONE_GITHUB_SKIP_VERIFY=true
+      - DRONE_AGENTS_ENABLED=true
+      - DRONE_SERVER_PROTO=http
+      - DRONE_TLS_AUTOCERT=false
+      - DRONE_OPEN=false
+      - DRONE_HOST=http://drone.valczeryba.ovh:8000
+      - DRONE_GITHUB=true
+      # Variables below set via drone.env file
+      # - DRONE_USER_CREATE=
+      # - DRONE_USER_FILTER=
+      # - DRONE_GITHUB_CLIENT_ID=
+      # - DRONE_GITHUB_CLIENT_SECRET=
+      # - DRONE_RPC_SECRET=
+
+  drone-agent:
+    image: drone/agent:1.2.1
+    command: agent
+    restart: always
+    depends_on:
+      - drone-server
+    networks:
+      - drone
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    env_file:
+      - .env
+    environment:
+      - DRONE_RPC_SERVER=drone-server:8000
+      # Variables below set via drone.env file
+      # - DRONE_RPC_SECRET=
+
+networks:
+  drone:
+    name: drone_network
--- a/server/files/docker-compose-registry.yml
+++ b/server/files/docker-compose-registry.yml
@ -7,5 +7,6 @@ services:
    - "5000:5000"
    environment:
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
+    
    volumes:
      - ./data:/data    
--- a/server/tasks/debug.yml
+++ b/server/tasks/debug.yml
@ -0,0 +1,3 @@
+- name: debug
+  debug:
+    msg: "coucou {{ msg }}"
--- a/server/tasks/main.yml
+++ b/server/tasks/main.yml
@ -1,19 +1,24 @@
 ---
 # tasks file for server

+
+- name: Debug role
+  import_tasks: debug.yml
+  tags: ["debug"]
+
 - name: Deploy services
-  ansible.builtin.import_tasks: deploy.yml
+  import_tasks: deploy.yml
  tags: ["deploy", "create"]

 - name: Start services
-  ansible.builtin.import_tasks: start.yml
+  import_tasks: start.yml
  tags: ["deploy", "start"]


 - name: stop services
-  ansible.builtin.import_tasks: stop.yml
+  import_tasks: stop.yml
  tags: ["destroy", "stop"]

 - name: Remove services
-  ansible.builtin.import_tasks: remove.yml
+  import_tasks: remove.yml
  tags: ["destroy"]
--- a/server/templates/env-drone.j2
+++ b/server/templates/env-drone.j2
@ -0,0 +1,8 @@
+# Drone secret key, used for private communication between agents and web UI
+DRONE_USER_CREATE=
+DRONE_USER_FILTER= {{ drone_user_filter }}
+DRONE_GITEA_SERVER={{ drone_gitea_server }}
+DRONE_GITEA_CLIENT_ID={{ drone_gitea_client_id }}
+DRONE_GITEA_CLIENT_SECRET={{ drone_gitea_client_secret }}
+DRONE_RPC_SECRET={{ drone_rpc_secret }}
+DRONE_SERVER_HOST={{ drone_server_host }}