init
This commit is contained in:
parent
d33d7dfeaa
commit
4906016fe1
22
.env.sample
22
.env.sample
|
|
@ -6,3 +6,25 @@ DOMAIN=woodpecker.example.com
|
|||
#EXTRA_DOMAINS=', `www.woodpecker.example.com`'
|
||||
|
||||
LETS_ENCRYPT_ENV=production
|
||||
|
||||
WOODPECKER_OPEN=true
|
||||
WOODPECKER_ADMIN=
|
||||
|
||||
## Gitea
|
||||
COMPOSE_FILE="compose.yml:compose.gitea.yml"
|
||||
WOODPECKER_GITEA_URL=https://git.example.org
|
||||
WOODPECKER_GITEA_CLIENT=
|
||||
# see: https://woodpecker-ci.org/docs/administration/vcs/gitea
|
||||
|
||||
## Github
|
||||
# COMPOSE_FILE="compose.yml:compose.github.yml"
|
||||
# WOODPECKER_GITHUB_CLIENT=
|
||||
# WOODPECKER_GITHUB_SECRET=
|
||||
|
||||
## SECRETS
|
||||
SECRET_AGENT_SECRET_VERSION=v1
|
||||
CLIENT_SECRET_VERSION=v1
|
||||
|
||||
## Agent
|
||||
|
||||
WOODPECKER_MAX_PROCS=4
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
# woodpecker
|
||||
|
||||
> One line description of the recipe
|
||||
> Woodpecker is a community fork of the Drone CI system.
|
||||
|
||||
<!-- metadata -->
|
||||
|
||||
|
|
@ -21,4 +21,4 @@
|
|||
* `abra app config <app-name>`
|
||||
* `abra app deploy <app-name>`
|
||||
|
||||
For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
|
||||
Follow the [woodpecker docs](https://woodpecker-ci.org/docs/administration/vcs/gitea) to setup the Gitea oauth app.
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
version: '3.8'
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- WOODPECKER_GITEA=true
|
||||
- WOODPECKER_GITEA_URL
|
||||
- WOODPECKER_GITEA_CLIENT
|
||||
- WOODPECKER_GITEA_SECRET
|
||||
secrets:
|
||||
- client_secret
|
||||
|
||||
secrets:
|
||||
client_secret:
|
||||
name: ${STACK_NAME}_client_secret_${SECRET_CLIENT_SECRET_VERSION}
|
||||
external: true
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
version: '3.8'
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- WOODPECKER_GITHUB=true
|
||||
- WOODPECKER_GITHUB_CLIENT
|
||||
- WOODPECKER_GITHUB_SECRET
|
||||
secrets:
|
||||
- client_secret
|
||||
|
||||
secrets:
|
||||
client_secret:
|
||||
name: ${STACK_NAME}_client_secret_${SECRET_CLIENT_SECRET_VERSION}
|
||||
external: true
|
||||
64
compose.yml
64
compose.yml
|
|
@ -3,30 +3,70 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: nginx:1.20.0
|
||||
image: woodpeckerci/woodpecker-server:v0.15.6-alpine
|
||||
volumes:
|
||||
- data:/var/lib/woodpecker/
|
||||
configs:
|
||||
- source: woodpecker_env
|
||||
target: .env
|
||||
environment:
|
||||
- WOODPECKER_OPEN
|
||||
- WOODPECKER_HOST=https://${DOMAIN}
|
||||
- WOODPECKER_ADMIN
|
||||
secrets:
|
||||
- agent_secret
|
||||
networks:
|
||||
- proxy
|
||||
- internal
|
||||
deploy:
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8000"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
## Redirect from EXTRA_DOMAINS to DOMAIN
|
||||
#- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
- "coop-cloud.${STACK_NAME}.version="
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 1m
|
||||
|
||||
agent:
|
||||
image: woodpeckerci/woodpecker-agent:v0.15.6-alpine
|
||||
command: agent
|
||||
depends_on:
|
||||
- woodpecker-server
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
environment:
|
||||
- WOODPECKER_SERVER=app:9000
|
||||
- WOODPECKER_MAX_PROCS
|
||||
networks:
|
||||
- internal
|
||||
configs:
|
||||
- source: woodpecker_env
|
||||
target: .env
|
||||
secrets:
|
||||
- agent_secret
|
||||
deploy:
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
internal:
|
||||
|
||||
|
||||
volumes:
|
||||
data:
|
||||
|
||||
|
||||
configs:
|
||||
woodpecker_env:
|
||||
name: ${STACK_NAME}_woodpecker_env_${WOODPECKER_ENV_VERSION}
|
||||
file: woodpecker.env.tmpl
|
||||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
agent_secret:
|
||||
name: ${STACK_NAME}_agent_secret_${SECRET_AGENT_SECRET_VERSION}
|
||||
external: true
|
||||
|
|
|
|||
|
|
@ -0,0 +1,7 @@
|
|||
WOODPECKER_AGENT_SECRET={{ secret "agent_secret" }}
|
||||
{{ if (env "WOODPECKER_GITEA_CLIENT") }}
|
||||
WOODPECKER_GITEA_SECRET={{ secret "client_secret" }}
|
||||
{{ end }}
|
||||
{{ if (env "WOODPECKER_GITHUB_CLIENT") }}
|
||||
WOODPECKER_GITHUB_SECRET={{ secret "client_secret" }}
|
||||
{{ end }}
|
||||
Loading…
Reference in New Issue