v4l3n71n/covas-deployment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: v4l3n71n:2e3d7a7a84188946156f0b761834d7a98ce9a7a7
Branches Tags
v4l3n71n:master v4l3n71n:k8s-deploy
...
compare: v4l3n71n:master
Branches Tags
v4l3n71n:master v4l3n71n:k8s-deploy

46 Commits
2e3d7a7a84 ... master

Author SHA1 Message Date
Valentin CZERYBA
f7622d10a6 add mongo docker 2023-01-10 21:58:12 +01:00
Valentin CZERYBA
f36366a319 add condition for update or drop-create database 2023-01-03 19:05:39 +01:00
v4l3n71n
e502e04372 Merge pull request 'deploy-image' (#4) from deploy-image into master 
Reviewed-on: #4
 2022-12-18 17:50:19 +00:00
Valentin CZERYBA
67c2a0ed3e add or update dns with API OVH 2022-12-18 18:42:14 +01:00
Valentin CZERYBA
2a63aed0e3 add API curl 2022-12-11 11:45:40 +01:00
Valentin CZERYBA
452a650b16 deploy backend api 2022-12-10 23:05:52 +01:00
Valentin CZERYBA
3a16d3e723 deploy api 2022-12-10 22:10:13 +01:00
Valentin CZERYBA
369aed9ea1 copy kubeconfig 2022-12-10 20:30:25 +01:00
Valentin CZERYBA
11d0273ac1 fix copy kubeconfig files 2022-12-10 20:14:13 +01:00
Valentin CZERYBA
4eee20f63f list item and copy template 2022-12-10 15:24:35 +01:00
Valentin CZERYBA
8008b025d0 variabilisation kubernetes 2022-12-10 15:14:00 +01:00
Valentin CZERYBA
572be625bd push to scaleway registry 2022-11-26 18:37:05 +01:00
Valentin CZERYBA
005127a37b fix variable 2022-11-07 23:07:06 +01:00
Valentin CZERYBA
097d0621d6 fix hosts 2022-11-06 18:31:35 +01:00
Valentin CZERYBA
398adda930 add tag and push image 2022-11-06 18:13:59 +01:00
Valentin CZERYBA
371ee06a41 ajout pause dans le task create-build 2022-11-03 21:53:42 +01:00
Valentin CZERYBA
27fcb8b6ec create template env for build image 2022-11-03 21:49:56 +01:00
v4l3n71n
653891f446 Merge pull request 'drone' (#3) from drone into master 
Reviewed-on: #3
 2022-11-02 21:19:52 +00:00
Valentin CZERYBA
87db6ddf40 ignore file 2022-11-02 22:16:46 +01:00
Valentin CZERYBA
c9a0e48346 essai drone 2022-11-02 22:15:31 +01:00
Valentin CZERYBA
284e86c424 test drone check syntax 2022-10-31 20:30:26 +01:00
Valentin CZERYBA
1caaac3485 add drone yml
Some checks reported errors
continuous-integration/drone Build was killed
Details
continuous-integration/drone/push Build was killed
Details
2022-10-28 21:33:15 +02:00
Valentin CZERYBA
372f1d7c18 add debug message 2022-10-28 20:20:16 +02:00
Valentin CZERYBA
c26a6c6f84 fix url 2022-10-28 17:38:56 +02:00
Valentin CZERYBA
e4ee762c65 add drone groups 2022-10-28 17:35:49 +02:00
Valentin CZERYBA
91d441b38e remove localhost from db group 2022-10-20 17:05:48 +02:00
Valentin CZERYBA
42f2a14d87 add passwordé 2022-10-20 17:00:58 +02:00
Valentin CZERYBA
93eca7fec9 fix password 2022-10-20 16:56:51 +02:00
v4l3n71n
541eda55f6 Merge pull request 'k8s-deploy' (#2) from k8s-deploy into master 
Reviewed-on: #2
 2022-10-20 14:52:28 +00:00
Valentin CZERYBA
e6f9d71c4f build image WIP 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
da8e10ef4e deplacement build to scaleway k8s 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
ac3fecbaca add variable in db 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
db8491f577 add roles build WIP 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
44dce58617 fusion roles db et registry 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
9799d9c39c add vault for nas server 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
234e9b6395 add registry role 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
28f46dc9f0 add file requierements 2022-10-20 16:51:19 +02:00
Valentin CZERYBA
5e40ed2cc9 add variable project_id 2022-10-20 16:51:12 +02:00
Valentin CZERYBA
4af016b0c4 change yml name 2022-10-20 16:48:39 +02:00
Valentin CZERYBA
30d3b2bfee download kubeconfig 2022-10-20 16:48:39 +02:00
Valentin CZERYBA
a30ab86b4f destroy cluster and rename terraform to create-cluster 2022-10-20 16:48:39 +02:00
Valentin CZERYBA
bbb3e03651 get content from api scaleway 2022-10-20 16:48:39 +02:00
Valentin CZERYBA
b9c54eff60 first test terraform to create cluster k8s 2022-10-20 16:48:39 +02:00
Valentin CZERYBA
a9c26d97bb add sudo_password 2022-10-20 16:47:03 +02:00
Valentin CZERYBA
ad5dbdc914 variable project_id 2022-10-20 16:30:38 +02:00
v4l3n71n
29a040751a Merge pull request 'db-deploy' (#1) from db-deploy into master 
Reviewed-on: #1
 2022-10-08 17:13:19 +00:00
60 changed files with 1308 additions and 158 deletions
Expand all files Collapse all files

1
.dockerignore Normal file
View File

@@ -0,0 +1 @@
Dockerfile

19
.drone.yml Normal file
View File

@@ -0,0 +1,19 @@
kind: pipeline
name: default
type: docker
steps:
- name: deploy
image: v4l3n71n/covas:latest
pull: if-not-exists
commands:
- eval $(ssh-agent -s)
- id -u ansible
- sshpass -p 50ford5080850 ssh-add ssh_keys/id_rsa_nas
- sshpass -p 23v4l3n71n02cz3ry841993 ssh-add ssh_keys/id_rsa_vps
- ansible-playbook -i inventory --syntax-check playbook.yml
- ansible --ask-vault-password -i inventory -m ping playbook.yml
image_pull_secrets:
- dockerconfig

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
ssh_keys/

9
Dockerfile Normal file
View File

@@ -0,0 +1,9 @@
FROM debian:bookworm-slim
RUN apt-get update --yes && apt-get upgrade --yes && apt-get install --yes python3 python3-pip openssh-client sshpass && rm -rf /var/lib/apt/lists/*
RUN groupadd -r ansible && useradd -m -r -g ansible ansible
USER ansible
RUN pip install ansible
WORKDIR /home/ansible
ENV PATH="${PATH}:/home/ansible/.local/bin"
COPY --chown=ansible:ansible . /home/ansible
RUN ansible-galaxy install -vvvv -r requirements.yml

34
db/tasks/deploy-db.yml
View File

@@ -1,34 +0,0 @@
# deploy db postgresql, liquibase and redis
- name: git archive local
local_action:
module: git
repo: "https://{{ git_username | urlencode }}:{{ git_password | urlencode }}@git.valczeryba.ovh/v4l3n71n/covas-liquibase.git"
dest: "/home/valentin/src/"
archive: "/tmp/covas-liquibase.tar.gz"
force: yes
update: yes
run_once: True
- name: Create directory
file:
path: "/home/valentin/{{ item }}"
state: directory
with_items:
- db
- db/covas-liquibase
- name: Extract covas liquibase
unarchive:
src: "/tmp/covas-liquibase.tar.gz"
dest: "/home/valentin/db/covas-liquibase"
- name: Template env file
template:
src: env.j2
dest: /home/valentin/db/.env
- name: Copy docker compose server file
copy:
src: docker-compose-server.yml
dest: /home/valentin/db/docker-compose.yml

23
db/tasks/main.yml
View File

@@ -1,23 +0,0 @@
---
# tasks file for server
# include task db
- name: Deploy database postgresql and redis
ansible.builtin.import_tasks: deploy-db.yml
tags: ["start-with-deploy", "deploy"]
- name: Start db postgresql and redis
ansible.builtin.import_tasks: start-db.yml
tags: ["start-with-deploy", "start"]
- name: stop db postgresql and redis
ansible.builtin.import_tasks: stop-db.yml
tags: ["destroy", "stop"]
- name: Remove db
ansible.builtin.import_tasks: remove-db.yml
tags: ["destroy"]

34
db/tasks/start-db.yml
View File

@@ -1,34 +0,0 @@
# start services db
- name: Stopping existing service
community.docker.docker_compose:
project_src: /home/valentin/db
- name: Starting service
community.docker.docker_compose:
project_src: /home/valentin/db
register: output
- name: debug output
debug:
var: output
- name: Allow port postgresql
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: 54321
jump: ACCEPT
state: present
become: yes
become_method: sudo
- name: Allow port redis
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: 63791
jump: ACCEPT
state: present
become: yes
become_method: sudo

34
db/tasks/stop-db.yml
View File

@@ -1,34 +0,0 @@
# stop services db and redis
- name: Disallow port postgresql
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: 54321
jump: ACCEPT
state: absent
become: yes
become_method: sudo
- name: Disallow port redis
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: 63791
jump: ACCEPT
state: absent
become: yes
become_method: sudo
- name: Stopping existing service
community.docker.docker_compose:
project_src: /home/valentin/db
state: present
stopped: yes
register: output
- name: Debug output
debug:
var: output

3
db/templates/env.j2
View File

@@ -1,3 +0,0 @@
POSTGRES_PASSWORD={{ postgres_password }}
POSTGRES_USER={{ postgres_user }}
POSTGRES_DB={{ postgres_db }}

1
inventory/group_vars/all Normal file
View File

@@ -0,0 +1 @@
home_dir: "/home/valentin"

28
inventory/group_vars/db
View File

@@ -1 +1,27 @@
postgres_db: toto
msg: db
postgres_url: db.valczeryba.ovh
postgres_db: toto
postgres_port: 54321
project_src: "/home/valentin/db"
project_name: "covas-liquibase"
project_directory:
- "{{ project_src }}"
- "{{ project_src }}/{{ project_name }}"
docker_compose_file: "docker-compose-db.yml.j2"
project_env: "env-db.j2"
redis_url: redis.valczeryba.ovh
redis_port: 63791
mongo_port: 28017
ports_tcp:
- "{{ postgres_port }}"
- "{{ redis_port }}"
- "{{ mongo_port }}"
covas_liquibase: false

25
inventory/group_vars/db_vault
View File

@@ -1,10 +1,17 @@
$ANSIBLE_VAULT;1.1;AES256
35323139356565316333376432336436666566666631363635366235316435313536373765383234
6664623264396635643636663865626130616135326230610a373064656264323233663563623930
38373762363331663632343036336139663833616638653361363535643239643166363435613764
3864363664303836380a363739653638623639663262356532656262393862323164656531393531
35663166376632663734356666306433383363386236613330663536326432306561653665356533
64396538376432336532343366393938363963656432353638346165313836373136343433623435
65626138633637653631386663386462623633656434363761623366626565396362663864613166
33346136386532636132613532626133376534326339646161356461346434626335376661656534
32343936616335376563363131643938333833376231663862333961383566666137
64653663303437333433396331636461353737313832366539353264623561393761666464316363
3633613637663530383739353830366662646461653138650a663939373238663737363737353535
65313433373565343830396230656162663361366265363131323961353764333462386464376239
3662656464633566310a616331653331383631343065396537333338353738353865636539396533
63333436663739346231626139316265643438393739383761383033616465613964643830643033
66336237303833616638636336393739326332623738393032646561376564343835353533366632
64633239656639303063653538396562393366396137316530633638333539333631343238376463
62366463393234663834616639633635303537633565636634383435363663336363386238646563
32633634323332393765343933313666333134346132636637383233633064383663323531333834
61366334633532653430326266623366353761626330386439626437623266316636633235326263
33393233313463656335353639633262623335633336613030633435363232316632313031663034
34366130346135336365376332383637343761303435623138613533393561613039353561663866
66636139323138376566643239383563363738363130373735653365363133303864386462333065
63623934623032353638643034363439616333646530306430346461393264323661376335393366
62656639633339303536643535383035383964623761386166373135323465663132323262663961
39313365616266333636

22
inventory/group_vars/drone Normal file
View File

@@ -0,0 +1,22 @@
drone_gitea_server: https://git.valczeryba.ovh
drone_server_host: drone.valczeryba.ovh:8000
drone_agents_enabled: true
drone_server_proto: http
drone_tls_autocert: false
drone_open: false
drone_host: http://localhost:8000
drone_rpc_server: drone-server:8000
msg: drone
project_src: "/home/valentin/drone"
project_directory:
- "{{ project_src }}"
project_env: env-drone.j2
docker_compose_file: "docker-compose-drone.yml.j2"
ports_tcp:
- 8000
- 9000

18
inventory/group_vars/drone_vault Normal file
View File

@@ -0,0 +1,18 @@
$ANSIBLE_VAULT;1.1;AES256
38303932316262306464333166316363643239366561323234643563623362336335613237376239
3535393466323064333163363932663731663031663933350a323431653239396663343666373765
31373066383234303139663135326462613539626363373930346366383831646536316465373563
3537653761373233300a383637623932616663393763643066326238633932643730336339336330
38366430336561613866373634313130616438313234666431396638366161613839303864353561
35613234326539383765666637323236303161623061633164646430663834393764623931656638
63336533383065343738373564393266653738656163643165383434623836666434646337336565
32373261636363396363343236353336306331313761623531653834346536353039656564316138
66643166653435666162383333366233353165393837303539646538353765653465363532346231
65633365353131613437623663313934626461313437373730623164636364393362366537373162
62363965323662356638633661363236326437353366356134346333313466323139336362363234
62376262346338643339363566303339366165636566623565363238363736646637646635303531
38343031666635323539353431316164353830363838313662613063616532623730346561333665
33316137613666636439383364353735653535346537383831323333646238356534393935643435
31643637323366616230633039336633313631316330323064306638663039393330376366633930
65643861363231313033333662396339636432343133336561356438636233643762313539323166
6261

20
inventory/group_vars/local Normal file
View File

@@ -0,0 +1,20 @@
project_terraform: "/home/valentin/terraform"
project_backend: "/home/valentin/k8s_backend"
project_kubeconfig: "/home/valentin/.kube/config"
region_k8s: "fr-par"
project_name_tf: "terraform-test"
quarkus_project: "covas-quarkus"
mailer_host: "smtp.gmail.com"
mailer_from: "valczebackup@gmail.com"
mailer_port: "587"
port: 8083
targetPort: 8080
backend_yaml:
- backend-deployment
- backend-service
- env-configmap
- secret

46
inventory/group_vars/local_vault Normal file
View File

@@ -0,0 +1,46 @@
$ANSIBLE_VAULT;1.1;AES256
30356465363432393266326366393162306331353564346565663139336538613832396135306537
6262336438613736636266623766333233336631656661640a663838373936613666373133383632
32613962623330303964333161373165363164646266396461633233346136336630646631306564
3939363432643961610a313338306136303132666461393637643235623361393830653534643137
38623038613364396538353533336631633863343834333030653164303231346263316435356231
61383966663834333662393138303035613330366533663037326532356332633839363763356466
63396536323864383933346434363231396164613838316162656333626634373936643738386565
32326532346334343666383632306264636132613266333863626462366530306439613130333564
38623461613739343461386564323865316332653530623862313163396566616230653030653266
61613836303231363534393531373233363332316639316137653132336638356161333764373562
34363034353935633437353466303364653039626137383534633239316563373663623030646330
38383639326563643266346530616666646337373765643336326536303864613363663536643465
34343663373131323437666462303763366439356362306337356131383932353731393935343931
32613333373439343864653864636438646431306637613038313061663961653033643465643864
31333366663037373835326330316535326134393761333662326665333464666164623336666439
35313066303830343737343063396335383461653338303734353461643736343163346565323864
65356437376663386535646437653566326532346462313932346435393730366530646164323537
35363633333065356162653762623239343836356230303734316130383234313536623339626531
36643434336233626234333235636566313566353939616433373465666362316663353336653162
32346534333665353934653738343335356137643539376639323164393837383065323436363064
35643762656365313261373030336339616266333765613735346565623138366533626335633033
38373732626337353535656230636235373535363332376535343162666266393931303236653631
33653432633337306230396434316230663438363630313038386538663732393863633837313638
31663763303462343063613638663361626462623035336465383661646433643833636361346236
32386263326664363338633861643264383462313863666662623033323761613132666130353235
34633261303761623033633964323862666137333035306333323932346334356365333563316630
34313263306561303538353134613233313337323636623230616532383133613561333439663337
64376230363038306238656236653366353738633436623330383239373062313831393066313838
38653532356632383765613530373034396639633064383336393934353061656266633463336333
66356538616233313936376565386432303134306363343734333563333266643062666231303532
37363664396165653333656661376334333432376566666237316232643234386332323936346630
63303563363162356666643732366131393066333838363935613336353062633862353838613761
64333939663733643132366334653835633733623539393735313961613131303934363731663231
64313434613934336630306165343665376261353562656634356365613137346232633431343734
63363532313765646434346132313434373366656332353133383530306639633062633365613932
65383865643262666666383933363534623838653661376531303763623261323937626335373635
32623262343130383462316462643338363433653133353737633562353330313533303835666634
65386336616466316663356236316466353164353139326333316362303737343335353731366531
36653062323764316332353136343738616338313465333261363664663934393038343237313135
64363036636634646137616365366538613338343761646137623432396539363035663031313464
66646663373838316161643161613838343139346165663331373334383334316562353235633461
65316666616334653034393165616434306664633336613639636433663761363932396663396630
64383961623136623639306435663965303632663039653538646463663235653333306434313931
32636536643536636561663534346633663464333830646139383939626665393964353739616435
35663834393738646130316564633966653765303033356132393961653831646362

0
inventory/group_vars/nas Normal file
View File

7
inventory/group_vars/nas_vault Normal file
View File

@@ -0,0 +1,7 @@
$ANSIBLE_VAULT;1.1;AES256
61643965343735653231363764646132363434653530346532343765663036376434353334356330
6133383634643439353338383039653234303666306661350a636366343465356639646535663234
31356434363130663961653638363463333330346561333933643263643362343132376131313764
3439663335386235610a396435303138666166383363303038663163393538323362313965613933
65666338653533386234336365316664313266326130313064653864386235323461303938386333
3239646561363831643530633466613035643630363761326666

12
inventory/group_vars/registry Normal file
View File

@@ -0,0 +1,12 @@
msg: registry
project_src: "/home/valentin/registry"
project_directory:
- "{{ project_src }}"
docker_compose_file: "docker-compose-registry.yml.j2"
ports_tcp:
- 5000

36
inventory/hosts
View File

@@ -1,7 +1,37 @@
vps ansible_connection=ssh ansible_host=51.222.107.37 ansible_port=2424 ansible_user=valentin
vps-host ansible_connection=ssh ansible_host=51.222.107.37 ansible_port=2424 ansible_user=valentin
valentin-nas ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin
drone-host ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin
localhost ansible_host=127.0.0.1 ansible_python_interpreter=/usr/bin/python3.10
[db]
[vps]
vps-host
[db:children]
local
vps
[db_vault:children]
db
db
[nas]
valentin-nas
[registry]
valentin-nas
[drone]
drone-host
[drone_vault:children]
drone
[nas_vault:children]
nas
[local]
localhost
[local_vault:children]
local

10
playbook.yml
View File

@@ -1,5 +1,11 @@
---
- hosts: db
- hosts: registry vps
remote_user: valentin
roles:
- db
- server
- hosts: local
remote_user: valentin
roles:
- scaleway-k8s

211
requirements.yml Normal file
View File

@@ -0,0 +1,211 @@
collections:
amazon.aws:
version: 3.4.0
ansible.netcommon:
version: 3.1.1
ansible.posix:
version: 1.4.0
ansible.utils:
version: 2.6.1
ansible.windows:
version: 1.11.1
arista.eos:
version: 5.0.1
awx.awx:
version: 21.5.0
azure.azcollection:
version: 1.13.0
check_point.mgmt:
version: 2.3.0
chocolatey.chocolatey:
version: 1.3.0
cisco.aci:
version: 2.2.0
cisco.asa:
version: 3.1.0
cisco.dnac:
version: 6.6.0
cisco.intersight:
version: 1.0.19
cisco.ios:
version: 3.3.1
cisco.iosxr:
version: 3.3.1
cisco.ise:
version: 2.5.3
cisco.meraki:
version: 2.11.0
cisco.mso:
version: 2.0.0
cisco.nso:
version: 1.0.3
cisco.nxos:
version: 3.1.1
cisco.ucs:
version: 1.8.0
cloud.common:
version: 2.1.2
cloudscale_ch.cloud:
version: 2.2.2
community.aws:
version: 3.5.0
community.azure:
version: 1.1.0
community.ciscosmb:
version: 1.0.5
community.crypto:
version: 2.5.0
community.digitalocean:
version: 1.21.0
community.dns:
version: 2.3.2
community.docker:
version: 2.7.1
community.fortios:
version: 1.0.0
community.general:
version: 5.6.0
community.google:
version: 1.0.0
community.grafana:
version: 1.5.2
community.hashi_vault:
version: 3.2.0
community.hrobot:
version: 1.5.2
community.libvirt:
version: 1.2.0
community.mongodb:
version: 1.4.2
community.mysql:
version: 3.5.1
community.network:
version: 4.0.1
community.okd:
version: 2.2.0
community.postgresql:
version: 2.2.0
community.proxysql:
version: 1.4.0
community.rabbitmq:
version: 1.2.2
community.routeros:
version: 2.3.0
community.sap:
version: 1.0.0
community.sap_libs:
version: 1.3.0
community.skydive:
version: 1.0.0
community.sops:
version: 1.4.0
community.vmware:
version: 2.9.1
community.windows:
version: 1.11.0
community.zabbix:
version: 1.8.0
containers.podman:
version: 1.9.4
cyberark.conjur:
version: 1.2.0
cyberark.pas:
version: 1.0.14
dellemc.enterprise_sonic:
version: 1.1.2
dellemc.openmanage:
version: 5.5.0
dellemc.os10:
version: 1.1.1
dellemc.os6:
version: 1.0.7
dellemc.os9:
version: 1.0.4
f5networks.f5_modules:
version: 1.19.0
fortinet.fortimanager:
version: 2.1.5
fortinet.fortios:
version: 2.1.7
frr.frr:
version: 2.0.0
gluster.gluster:
version: 1.0.2
google.cloud:
version: 1.0.2
hetzner.hcloud:
version: 1.8.2
hpe.nimble:
version: 1.1.4
ibm.qradar:
version: 2.1.0
ibm.spectrum_virtualize:
version: 1.9.0
infinidat.infinibox:
version: 1.3.3
infoblox.nios_modules:
version: 1.3.0
inspur.ispim:
version: 1.0.1
inspur.sm:
version: 2.0.0
junipernetworks.junos:
version: 3.1.0
kubernetes.core:
version: 2.3.2
mellanox.onyx:
version: 1.0.0
netapp.aws:
version: 21.7.0
netapp.azure:
version: 21.10.0
netapp.cloudmanager:
version: 21.19.0
netapp.elementsw:
version: 21.7.0
netapp.ontap:
version: 21.23.0
netapp.storagegrid:
version: 21.11.0
netapp.um_info:
version: 21.8.0
netapp_eseries.santricity:
version: 1.3.1
netbox.netbox:
version: 3.7.1
ngine_io.cloudstack:
version: 2.2.4
ngine_io.exoscale:
version: 1.0.0
ngine_io.vultr:
version: 1.1.2
openstack.cloud:
version: 1.9.1
openvswitch.openvswitch:
version: 2.1.0
ovirt.ovirt:
version: 2.2.3
purestorage.flasharray:
version: 1.13.0
purestorage.flashblade:
version: 1.10.0
purestorage.fusion:
version: 1.1.0
sensu.sensu_go:
version: 1.13.1
servicenow.servicenow:
version: 1.0.6
splunk.es:
version: 2.1.0
t_systems_mms.icinga_director:
version: 1.31.0
theforeman.foreman:
version: 3.6.0
vmware.vmware_rest:
version: 2.2.0
vultr.cloud:
version: 1.1.0
vyos.vyos:
version: 3.0.1
wti.remote:
version: 1.0.4

0
db/.travis.yml → scaleway-k8s/.travis.yml
View File

0
db/README.md → scaleway-k8s/README.md
View File

5
scaleway-k8s/defaults/main.yml Normal file
View File

@@ -0,0 +1,5 @@
---
# defaults file for server
project_name: covas_quarkus
project_env: env-build.j2

1
scaleway-k8s/files/requierements.txt Normal file
View File

@@ -0,0 +1 @@
ovh

2
scaleway-k8s/handlers/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# handlers file for scaleway-k8s

0
db/meta/main.yml → scaleway-k8s/meta/main.yml
View File

60
scaleway-k8s/tasks/create-build.yml Normal file
View File

@@ -0,0 +1,60 @@
# create folder build
- name: git archive local
local_action:
module: git
repo: "https://{{ git_username | urlencode }}:{{ git_password | urlencode }}@git.valczeryba.ovh/v4l3n71n/{{ quarkus_project }}.git"
dest: "/home/valentin/src/"
archive: "/tmp/{{ quarkus_project }}.tar.gz"
force: yes
update: yes
when: "quarkus_project is defined"
- name: Create directory
file:
path: "{{ home_dir }}/{{ quarkus_project }}"
state: directory
when: "quarkus_project is defined"
- name: Extract covas quarkus
unarchive:
src: "/tmp/{{ quarkus_project }}.tar.gz"
dest: "{{ home_dir }}/{{ quarkus_project }}"
when: "quarkus_project is defined"
- name: Template env file
template:
src: "env-build.j2"
dest: "{{ home_dir }}/{{ quarkus_project }}/.env"
- name: Pause for build image
pause:
prompt: aller au dossier {{ home_dir }}/{{ quarkus_project }}, et exécuter le script build-image.sh
- name: Get quarkus image
docker_image_info:
name: quarkus-native
register: result
- name: Check quarkus image
assert:
that:
- result.images | length == 1
- name: Login to scaleway registry
docker_login:
registry_url: rg.fr-par.scw.cloud/covas
username: nologin
password: "{{ token_scaleway }}"
reauthorize: true
- name: Tag and push to custom registry
docker_image:
name: quarkus-native
repository: rg.fr-par.scw.cloud/covas/quarkus-native
tag: latest
push: yes
source: local

27
scaleway-k8s/tasks/create-cluster.yml Normal file
View File

@@ -0,0 +1,27 @@
---
# tasks file for create cluster k8s via terraform
- name: Create directory {{ project_terraform }}
file:
path: "{{ project_terraform }}"
state: directory
- name: Copy main.tf
template:
src: main.tf.j2
dest: "{{ project_terraform }}/main.tf"
- name: Create cluster scaleway
community.general.terraform:
project_path: '{{ project_terraform }}'
state: present
force_init: yes
environment:
SCW_ACCESS_KEY: "{{ scw_access_key }}"
SCW_SECRET_KEY: "{{ scw_secret_key }}"
register: output
- name: display terraform result
debug:
var: output

98
scaleway-k8s/tasks/deploy-backend.yml Normal file
View File

@@ -0,0 +1,98 @@
---
# tasks file for create cluster k8s via terraform
- name: Create directory {{ project_terraform }}
file:
path: "{{ project_backend }}"
state: directory
- name: Copy backend k8s yaml
template:
src: "{{ item }}.yaml.j2"
dest: "{{ project_backend }}/{{ item }}.yaml"
with_items: "{{ backend_yaml }}"
- name: Create a k8s namespace
kubernetes.core.k8s:
name: testing
api_version: v1
kind: Namespace
state: present
- name: Apply deployment
kubernetes.core.k8s:
src: "{{ project_backend }}/backend-deployment.yaml"
state: present
- name: Apply services
kubernetes.core.k8s:
src: "{{ project_backend }}/backend-service.yaml"
state: present
- name: Apply configmap
kubernetes.core.k8s:
src: "{{ project_backend }}/env-configmap.yaml"
state: present
- name: Apply secret
kubernetes.core.k8s:
src: "{{ project_backend }}/secret.yaml"
state: present
- name: En attente d'une adresse IP publique du cluster
ansible.builtin.pause:
minutes: 2
- name: Get IP Cluster
block:
- name: Fetch services
set_fact:
service: "{{ query('kubernetes.core.k8s', kind='Service', namespace='testing') }}"
register: result
- name: debug services
debug:
msg: "{{ result.ansible_facts.service[0].status.loadBalancer.ingress[0].ip }}"
- name: Test API Backend
ansible.builtin.uri:
url: "http://{{ result.ansible_facts.service[0].status.loadBalancer.ingress[0].ip }}:{{ port }}/api/hello"
status_code: 200
method: GET
tags: ["services", "dns"]
- name: Add DNS for IP Cluster
block:
- name: Copy script add or update DNS
template:
src: "dns_add_update.py.j2"
dest: "{{ project_backend }}/dns_add_update.py"
- name: Copy requierements python
copy:
src: "requierements.txt"
dest: "{{ project_backend }}"
- name: Pip install requierements
shell: "pip3.10 install -r {{ project_backend }}/requierements.txt"
- name: En attente de l'installation des packages
ansible.builtin.pause:
minutes: 2
- name: Add or update DNS
shell: "python3.10 {{ project_backend }}/dns_add_update.py --ip {{ result.ansible_facts.service[0].status.loadBalancer.ingress[0].ip }}"
register: result
- name: Display result script
debug:
msg: "{{ result }}"
- name: Test API Backend with DNS
ansible.builtin.uri:
url: "http://api.valczeryba.ovh:{{ port }}/api/hello"
status_code: 200
method: GET
tags: [ "dns" ]

42
scaleway-k8s/tasks/destroy-backend.yml Normal file
View File

@@ -0,0 +1,42 @@
---
# tasks file for create cluster k8s via terraform
- name: Apply deployment
kubernetes.core.k8s:
src: "{{ project_backend }}/backend-deployment.yaml"
state: absent
- name: Apply services
kubernetes.core.k8s:
src: "{{ project_backend }}/backend-service.yaml"
state: absent
- name: Apply configmap
kubernetes.core.k8s:
src: "{{ project_backend }}/env-configmap.yaml"
state: absent
- name: Apply secret
kubernetes.core.k8s:
src: "{{ project_backend }}/secret.yaml"
state: absent
- name: Create a k8s namespace
kubernetes.core.k8s:
name: testing
api_version: v1
kind: Namespace
state: absent
- name: Create directory {{ project_terraform }}
file:
path: "{{ project_backend }}"
state: absent

13
scaleway-k8s/tasks/destroy-cluster.yml Normal file
View File

@@ -0,0 +1,13 @@
- name: "Destroy cluster via terraform"
community.general.terraform:
project_path: '{{ project_terraform }}'
state: absent
environment:
SCW_ACCESS_KEY: "{{ scw_access_key }}"
SCW_SECRET_KEY: "{{ scw_secret_key }}"
register: output
- name: Remove directory
file:
path: '{{ project_terraform }}'
state: absent

25
scaleway-k8s/tasks/kubeconfig.yml Normal file
View File

@@ -0,0 +1,25 @@
- name: Get id of cluster
ansible.builtin.uri:
url: "https://api.scaleway.com/k8s/v1/regions/{{ region_k8s }}/clusters"
status_code: 200
return_content: yes
method: GET
headers:
X-Auth-Token: "{{ scw_secret_key }}"
register: output
- name: Download kubeconfig
ansible.builtin.uri:
url: "https://api.scaleway.com/k8s/v1/regions/{{ region_k8s }}/clusters/{{ item.id }}/kubeconfig?dl=1"
status_code: 200
dest: "{{ project_terraform }}/kubeconfig"
method: GET
headers:
X-Auth-Token: "{{ scw_secret_key }}"
when: item.name == "{{ project_name_tf }}"
with_items: "{{ (output.content |from_json).clusters }}"
- name: Copy kubeconfig
copy:
src: "{{ project_terraform }}/kubeconfig"
dest: "{{ project_kubeconfig }}"

24
scaleway-k8s/tasks/main.yml Normal file
View File

@@ -0,0 +1,24 @@
- name: Create folder for image
import_tasks: create-build.yml
tags: ["create-build"]
- name: Create cluster k8s scaleway via terraform
import_tasks: create-cluster.yml
tags: ["create-cluster"]
- name: Get id Cluster
import_tasks: kubeconfig.yml
tags: ["create-cluster", "kubeconfig"]
- name: Deploy a API backend
import_tasks: deploy-backend.yml
tags: ["deploy"]
- name: Deploy a API backend
import_tasks: destroy-backend.yml
tags: ["destroy"]
- name: Destroy cluster k8s scaleway via terraform
import_tasks: destroy-cluster.yml
tags: ["destroy-cluster"]

98
scaleway-k8s/templates/backend-deployment.yaml.j2 Normal file
View File

@@ -0,0 +1,98 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
kompose.cmd: kompose convert -f ../docker-compose.yml
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: backend
name: backend
namespace: testing
spec:
replicas: 1
selector:
matchLabels:
io.kompose.service: backend
strategy: {}
template:
metadata:
annotations:
kompose.cmd: kompose convert -f ../docker-compose.yml
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: backend
spec:
imagePullSecrets:
- name: regcred
containers:
- env:
- name: POSTGRES_DB
valueFrom:
configMapKeyRef:
key: POSTGRES_DB
name: env
- name: POSTGRES_PASSWORD
valueFrom:
configMapKeyRef:
key: POSTGRES_PASSWORD
name: env
- name: POSTGRES_PORT
valueFrom:
configMapKeyRef:
key: POSTGRES_PORT
name: env
- name: POSTGRES_URL
valueFrom:
configMapKeyRef:
key: POSTGRES_URL
name: env
- name: POSTGRES_USER
valueFrom:
configMapKeyRef:
key: POSTGRES_USER
name: env
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
key: REDIS_PORT
name: env
- name: REDIS_URL
valueFrom:
configMapKeyRef:
key: REDIS_URL
name: env
- name: MAILER_FROM
valueFrom:
configMapKeyRef:
key: MAILER_FROM
name: env
- name: MAILER_HOST
valueFrom:
configMapKeyRef:
key: MAILER_HOST
name: env
- name: MAILER_PORT
valueFrom:
configMapKeyRef:
key: MAILER_PORT
name: env
- name: MAILER_USERNAME
valueFrom:
configMapKeyRef:
key: MAILER_USERNAME
name: env
- name: MAILER_PASSWORD
valueFrom:
configMapKeyRef:
key: MAILER_PASSWORD
name: env
image: rg.fr-par.scw.cloud/covas/quarkus-native
name: backend
ports:
- containerPort: 8080
resources: {}
restartPolicy: Always
status: {}

21
scaleway-k8s/templates/backend-service.yaml.j2 Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert -f ../docker-compose.yml
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: backend
name: backend
namespace: testing
spec:
ports:
- name: "{{ port }}"
port: {{ port }}
targetPort: {{ targetPort }}
type: LoadBalancer
selector:
io.kompose.service: backend
status:
loadBalancer: {}

49
scaleway-k8s/templates/dns_add_update.py.j2 Normal file
View File

@@ -0,0 +1,49 @@
# -*- encoding: utf-8 -*-
'''
First, install the latest release of Python wrapper: $ pip install ovh
'''
import json
import ovh
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('--ip', help='foo help')
args = parser.parse_args()
# Instanciate an OVH Client.
# You can generate new credentials with full access to your account on
# the token creation page
client = ovh.Client(
endpoint='ovh-eu', # Endpoint of API OVH Europe (List of available endpoints)
application_key='{{ application_key }}', # Application Key
application_secret='{{ application_secret }}', # Application Secret
consumer_key='{{ consumer_key }}', # Consumer Key
)
result = client.get('/domain/zone/valczeryba.ovh/record',
fieldType='A',
subDomain='api',
)
# Pretty print
if len(result) > 0:
for idDns in result:
result = client.get('/domain/zone/valczeryba.ovh/record/{0}'.format(idDns))
if result["target"] != args.ip:
result = client.put('/domain/zone/valczeryba.ovh/record/{0}'.format(idDns),
subDomain='api',
target=args.ip,
)
print(result)
else:
result = client.post('/domain/zone/valczeryba.ovh/record',
fieldType='A',
subDomain='api',
target=args.ip,
ttl=None,
)
print(result)

14
scaleway-k8s/templates/env-build.j2 Normal file
View File

@@ -0,0 +1,14 @@
POSTGRES_PASSWORD={{ postgres_password }}
POSTGRES_USER={{ postgres_user }}
POSTGRES_DB={{ postgres_db }}
POSTGRES_URL={{ postgres_url }}
POSTGRES_PORT={{ postgres_port }}
REDIS_URL={{ redis_url }}
REDIS_PORT={{ redis_port }}
MAILER_FROM={{ mailer_from }}
MAILER_HOST={{ mailer_host }}
MAILER_PORT={{ mailer_port }}
MAILER_USERNAME={{ mailer_username }}
MAILER_PASSWORD={{ mailer_password }}

22
scaleway-k8s/templates/env-configmap.yaml.j2 Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: v1
data:
POSTGRES_DB: {{ postgres_db }}
POSTGRES_PASSWORD: {{ postgres_password }}
POSTGRES_PORT: "{{ postgres_port }}"
POSTGRES_URL: {{ postgres_url }}
POSTGRES_USER: {{ postgres_user }}
REDIS_PORT: "{{ redis_port }}"
REDIS_URL: {{ redis_url }}
MAILER_FROM: {{ mailer_from }}
MAILER_HOST: {{ mailer_host }}
MAILER_PORT: "{{ mailer_port }}"
MAILER_USERNAME: {{ mailer_username }}
MAILER_PASSWORD: {{ mailer_password }}
kind: ConfigMap
metadata:
creationTimestamp: null
labels:
io.kompose.service: backend-env
name: env
namespace: testing

21
main.tf → scaleway-k8s/templates/main.tf.j2
View File

@@ -7,16 +7,17 @@ terraform {
required_version = ">= 0.13"
}
resource "scaleway_k8s_cluster" "terraform-test" {
name = "terraform-test"
resource "scaleway_k8s_cluster" "{{ project_name_tf }}" {
name = "{{ project_name_tf }}"
version = "1.24.3"
cni = "cilium"
project_id = "81af2696-6120-4f45-baf3-d17fb0525824"
region = "fr-par"
}
project_id = "{{ project_id }}"
region = "{{ region_k8s }}"
}
resource "scaleway_k8s_pool" "john" {
cluster_id = scaleway_k8s_cluster.terraform-test.id
cluster_id = scaleway_k8s_cluster.{{ project_name_tf }}.id
name = "john"
node_type = "DEV1-M"
size = 1
@@ -25,9 +26,9 @@ resource "scaleway_k8s_cluster" "terraform-test" {
resource "null_resource" "kubeconfig" {
depends_on = [scaleway_k8s_pool.john] # at least one pool here
triggers = {
host = scaleway_k8s_cluster.terraform-test.kubeconfig[0].host
token = scaleway_k8s_cluster.terraform-test.kubeconfig[0].token
cluster_ca_certificate = scaleway_k8s_cluster.terraform-test.kubeconfig[0].cluster_ca_certificate
host = scaleway_k8s_cluster.{{ project_name_tf }}.kubeconfig[0].host
token = scaleway_k8s_cluster.{{ project_name_tf }}.kubeconfig[0].token
cluster_ca_certificate = scaleway_k8s_cluster.{{ project_name_tf }}.kubeconfig[0].cluster_ca_certificate
}
}
@@ -40,4 +41,4 @@ provider "kubernetes" {
cluster_ca_certificate = base64decode(
null_resource.kubeconfig.triggers.cluster_ca_certificate
)
}
}

10
scaleway-k8s/templates/secret.yaml.j2 Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
data:
.dockerconfigjson: {{ dockerconfigjson }}
kind: Secret
metadata:
creationTimestamp: "2022-11-26T19:19:41Z"
name: regcred
namespace: testing
uid: {{ uid_secret }}
type: kubernetes.io/dockerconfigjson

2
scaleway-k8s/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for scaleway-k8s

29
server/.travis.yml Normal file
View File

@@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

38
server/README.md Normal file
View File

@@ -0,0 +1,38 @@
Role Name
=========
A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

0
db/defaults/main.yml → server/defaults/main.yml
View File

0
db/handlers/main.yml → server/handlers/main.yml
View File

52
server/meta/main.yml Normal file
View File

@@ -0,0 +1,52 @@
galaxy_info:
author: your name
description: your role description
company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Choose a valid license ID from https://spdx.org - some suggested licenses:
# - BSD-3-Clause (default)
# - MIT
# - GPL-2.0-or-later
# - GPL-3.0-only
# - Apache-2.0
# - CC-BY-4.0
license: license (GPL-2.0-or-later, MIT, etc)
min_ansible_version: 2.1
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
#
# Provide a list of supported platforms, and for each platform a list of versions.
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
# platforms:
# - name: Fedora
# versions:
# - all
# - 25
# - name: SomePlatform
# versions:
# - all
# - 1.0
# - 7
# - 99.99
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.

3
server/tasks/debug.yml Normal file
View File

@@ -0,0 +1,3 @@
- name: debug
debug:
msg: "coucou {{ msg }}"

35
server/tasks/deploy.yml Normal file
View File

@@ -0,0 +1,35 @@
# deploy db postgresql, liquibase and redis
- name: git archive local
local_action:
module: git
repo: "https://{{ git_username | urlencode }}:{{ git_password | urlencode }}@git.valczeryba.ovh/v4l3n71n/{{ project_name }}.git"
dest: "/home/valentin/src/"
archive: "/tmp/{{ project_name }}.tar.gz"
force: yes
update: yes
when: "project_name is defined"
- name: Create directory
file:
path: "{{ item }}"
state: directory
with_items: "{{ project_directory }}"
- name: Extract covas liquibase
unarchive:
src: "/tmp/{{ project_name }}.tar.gz"
dest: "{{ project_src }}/{{ project_name }}"
when: "project_name is defined"
- name: Template env file
template:
src: "{{ project_env }}"
dest: "{{ project_src }}/.env"
when: "project_env is defined"
- name: Copy docker compose server file
template:
src: "{{ docker_compose_file }}"
dest: "{{ project_src }}/docker-compose.yml"

24
server/tasks/main.yml Normal file
View File

@@ -0,0 +1,24 @@
---
# tasks file for server
- name: Debug role
import_tasks: debug.yml
tags: ["debug"]
- name: Deploy services
import_tasks: deploy.yml
tags: ["configure", "create"]
- name: Start services
import_tasks: start.yml
tags: ["configure", "start"]
- name: stop services
import_tasks: stop.yml
tags: ["deconfigure", "stop"]
- name: Remove services
import_tasks: remove.yml
tags: ["deconfigure"]

12
db/tasks/remove-db.yml → server/tasks/remove.yml
View File

@@ -2,7 +2,7 @@
- name: Stopping existing service
community.docker.docker_compose:
project_src: /home/valentin/db
project_src: "{{ project_src }}"
state: absent
remove_volumes: yes
remove_images: local
@@ -12,7 +12,11 @@
debug:
var: output
- name: Remove project covas db
- name: Remove project
file:
path: /home/valentin/db
state: absent
path: "{{ project_src }}"
state: absent
vars:
ansible_become: yes
ansible_become_method: sudo
ansible_become_password: "{{ sudo_password }}"

29
server/tasks/start.yml Normal file
View File

@@ -0,0 +1,29 @@
# start services db
- name: Stopping existing service
community.docker.docker_compose:
project_src: "{{ project_src }}"
state: absent
- name: Starting service
community.docker.docker_compose:
project_src: "{{ project_src }}"
register: output
- name: debug output
debug:
var: output
- name: "Allow port {{ item }}"
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: "{{ item }}"
jump: ACCEPT
state: present
vars:
ansible_become: yes
ansible_become_method: sudo
ansible_become_password: "{{ sudo_password }}"
with_items: "{{ ports_tcp }}"

28
server/tasks/stop.yml Normal file
View File

@@ -0,0 +1,28 @@
# stop services db and redis
- name: Disallow port {{ item }}
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: "{{ item }}"
jump: ACCEPT
state: absent
vars:
ansible_become: yes
ansible_become_method: sudo
ansible_become_password: "{{ sudo_password }}"
with_items: "{{ ports_tcp }}"
- name: Stopping existing service
community.docker.docker_compose:
project_src: "{{ project_src }}"
state: present
stopped: yes
register: output
- name: Debug output
debug:
var: output

11
db/files/docker-compose-server.yml → server/templates/docker-compose-db.yml.j2
View File

@@ -11,12 +11,20 @@ services:
- PGDATA=/var/lib/postgresql/data/pgdata
ports:
- "54321:5432"
mongo:
image: mongo
env_file:
- .env
ports:
- "28017:27017"
redis:
image: redis/redis-stack-server:latest
ports:
- "63791:6379"
{% if covas_liquibase == true %}
liquibase:
build:
context: ./covas-liquibase
@@ -25,6 +33,7 @@ services:
- db
command:
- "update"
{% endif %}
volumes:
app-db-data:

51
server/templates/docker-compose-drone.yml.j2 Normal file
View File

@@ -0,0 +1,51 @@
version: '3.5'
services:
drone-server:
image: drone/drone:2
ports:
- 8000:80
- 9000:443
networks:
- drone
volumes:
- ./drone-data:/var/lib/drone/
- /var/run/docker.sock:/var/run/docker.sock
env_file:
- .env
restart: always
environment:
- DRONE_GITHUB_SKIP_VERIFY=true
- DRONE_AGENTS_ENABLED=true
- DRONE_SERVER_PROTO=http
- DRONE_TLS_AUTOCERT=false
- DRONE_OPEN=false
- DRONE_HOST=http://drone.valczeryba.ovh:8000
- DRONE_GITHUB=true
# Variables below set via drone.env file
# - DRONE_USER_CREATE=
# - DRONE_USER_FILTER=
# - DRONE_GITHUB_CLIENT_ID=
# - DRONE_GITHUB_CLIENT_SECRET=
# - DRONE_RPC_SECRET=
drone-agent:
image: drone/agent:1.2.1
command: agent
restart: always
depends_on:
- drone-server
networks:
- drone
volumes:
- /var/run/docker.sock:/var/run/docker.sock
env_file:
- .env
environment:
- DRONE_RPC_SERVER=drone-server:8000
# Variables below set via drone.env file
# - DRONE_RPC_SECRET=
networks:
drone:
name: drone_network

12
server/templates/docker-compose-registry.yml.j2 Normal file
View File

@@ -0,0 +1,12 @@
version: '3'
services:
registry:
image: registry:2
ports:
- "5000:5000"
environment:
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
volumes:
- ./data:/data

6
server/templates/env-db.j2 Normal file
View File

@@ -0,0 +1,6 @@
POSTGRES_PASSWORD={{ postgres_password }}
POSTGRES_USER={{ postgres_user }}
POSTGRES_DB={{ postgres_db }}
MONGO_INITDB_ROOT_USERNAME={{ mongo_user }}
MONGO_INITDB_ROOT_PASSWORD={{ mongo_password }}

8
server/templates/env-drone.j2 Normal file
View File

@@ -0,0 +1,8 @@
# Drone secret key, used for private communication between agents and web UI
DRONE_USER_CREATE=
DRONE_USER_FILTER= {{ drone_user_filter }}
DRONE_GITEA_SERVER={{ drone_gitea_server }}
DRONE_GITEA_CLIENT_ID={{ drone_gitea_client_id }}
DRONE_GITEA_CLIENT_SECRET={{ drone_gitea_client_secret }}
DRONE_RPC_SECRET={{ drone_rpc_secret }}
DRONE_SERVER_HOST={{ drone_server_host }}

0
db/vars/main.yml → server/vars/main.yml
View File