From 4906016fe10819f77035e73cf504085abe4913dc Mon Sep 17 00:00:00 2001
From: Philipp Rothmann <philipprothmann@posteo.de>
Date: Mon, 9 Jan 2023 14:32:21 +0100
Subject: [PATCH] init

---
 .env.sample         | 22 ++++++++++++++++
 README.md           |  4 +--
 abra.sh             |  3 +++
 compose.gitea.yml   | 16 ++++++++++++
 compose.github.yml  | 15 +++++++++++
 compose.yml         | 64 ++++++++++++++++++++++++++++++++++++---------
 woodpecker.env.tmpl |  7 +++++
 7 files changed, 117 insertions(+), 14 deletions(-)
 create mode 100644 abra.sh
 create mode 100644 compose.gitea.yml
 create mode 100644 compose.github.yml
 create mode 100644 woodpecker.env.tmpl

diff --git a/.env.sample b/.env.sample
index ae7de5b..e3cbe8f 100644
--- a/.env.sample
+++ b/.env.sample
@@ -6,3 +6,25 @@ DOMAIN=woodpecker.example.com
 #EXTRA_DOMAINS=', `www.woodpecker.example.com`'
 
 LETS_ENCRYPT_ENV=production
+
+WOODPECKER_OPEN=true
+WOODPECKER_ADMIN=
+
+## Gitea
+COMPOSE_FILE="compose.yml:compose.gitea.yml"
+WOODPECKER_GITEA_URL=https://git.example.org
+WOODPECKER_GITEA_CLIENT=
+# see: https://woodpecker-ci.org/docs/administration/vcs/gitea
+
+## Github
+# COMPOSE_FILE="compose.yml:compose.github.yml"
+# WOODPECKER_GITHUB_CLIENT=
+# WOODPECKER_GITHUB_SECRET=
+
+## SECRETS
+SECRET_AGENT_SECRET_VERSION=v1
+CLIENT_SECRET_VERSION=v1
+
+## Agent
+
+WOODPECKER_MAX_PROCS=4
diff --git a/README.md b/README.md
index ce27924..e317517 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # woodpecker
 
-> One line description of the recipe
+>  Woodpecker is a community fork of the Drone CI system.
 
 <!-- metadata -->
 
@@ -21,4 +21,4 @@
 * `abra app config <app-name>`
 * `abra app deploy <app-name>`
 
-For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
+Follow the [woodpecker docs](https://woodpecker-ci.org/docs/administration/vcs/gitea) to setup the Gitea oauth app.
\ No newline at end of file
diff --git a/abra.sh b/abra.sh
new file mode 100644
index 0000000..7baef83
--- /dev/null
+++ b/abra.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+export WOODPECKER_ENV_VERSION=v1
\ No newline at end of file
diff --git a/compose.gitea.yml b/compose.gitea.yml
new file mode 100644
index 0000000..43089b1
--- /dev/null
+++ b/compose.gitea.yml
@@ -0,0 +1,16 @@
+version: '3.8'
+
+services:
+  app:
+    environment:
+      - WOODPECKER_GITEA=true
+      - WOODPECKER_GITEA_URL
+      - WOODPECKER_GITEA_CLIENT
+      - WOODPECKER_GITEA_SECRET
+    secrets:
+      - client_secret
+
+secrets:
+  client_secret:
+    name: ${STACK_NAME}_client_secret_${SECRET_CLIENT_SECRET_VERSION}
+    external: true
diff --git a/compose.github.yml b/compose.github.yml
new file mode 100644
index 0000000..6e76bab
--- /dev/null
+++ b/compose.github.yml
@@ -0,0 +1,15 @@
+version: '3.8'
+
+services:
+  app:
+    environment:
+      - WOODPECKER_GITHUB=true
+      - WOODPECKER_GITHUB_CLIENT
+      - WOODPECKER_GITHUB_SECRET
+    secrets:
+      - client_secret
+
+secrets:
+  client_secret:
+    name: ${STACK_NAME}_client_secret_${SECRET_CLIENT_SECRET_VERSION}
+    external: true
diff --git a/compose.yml b/compose.yml
index a2c3805..bae06f6 100644
--- a/compose.yml
+++ b/compose.yml
@@ -3,30 +3,70 @@ version: "3.8"
 
 services:
   app:
-    image: nginx:1.20.0
+    image: woodpeckerci/woodpecker-server:v0.15.6-alpine
+    volumes:
+      - data:/var/lib/woodpecker/
+    configs:
+      - source: woodpecker_env
+        target: .env
+    environment:
+      - WOODPECKER_OPEN
+      - WOODPECKER_HOST=https://${DOMAIN}
+      - WOODPECKER_ADMIN
+    secrets:
+      - agent_secret
     networks:
       - proxy
+      - internal
     deploy:
       restart_policy:
         condition: on-failure
       labels:
         - "traefik.enable=true"
-        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8000"
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        ## Redirect from EXTRA_DOMAINS to DOMAIN
-        #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
-        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
-        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "coop-cloud.${STACK_NAME}.version="
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
+
+  agent:
+    image: woodpeckerci/woodpecker-agent:v0.15.6-alpine
+    command: agent
+    depends_on:
+      - woodpecker-server
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - WOODPECKER_SERVER=app:9000
+      - WOODPECKER_MAX_PROCS
+    networks:
+      - internal
+    configs:
+      - source: woodpecker_env
+        target: .env
+    secrets:
+      - agent_secret
+    deploy:
+      restart_policy:
+        condition: on-failure
 
 networks:
   proxy:
     external: true
+  internal:
+
+
+volumes:
+  data:
+
+
+configs:
+  woodpecker_env:
+    name: ${STACK_NAME}_woodpecker_env_${WOODPECKER_ENV_VERSION}
+    file: woodpecker.env.tmpl
+    template_driver: golang
+
+secrets:
+  agent_secret:
+    name: ${STACK_NAME}_agent_secret_${SECRET_AGENT_SECRET_VERSION}
+    external: true
diff --git a/woodpecker.env.tmpl b/woodpecker.env.tmpl
new file mode 100644
index 0000000..a166999
--- /dev/null
+++ b/woodpecker.env.tmpl
@@ -0,0 +1,7 @@
+WOODPECKER_AGENT_SECRET={{ secret "agent_secret" }}
+{{ if (env "WOODPECKER_GITEA_CLIENT") }}
+WOODPECKER_GITEA_SECRET={{ secret "client_secret" }}
+{{ end }}
+{{ if (env "WOODPECKER_GITHUB_CLIENT") }}
+WOODPECKER_GITHUB_SECRET={{ secret "client_secret" }}
+{{ end }}