init
This commit is contained in:
parent
d33d7dfeaa
commit
4906016fe1
22
.env.sample
22
.env.sample
|
@ -6,3 +6,25 @@ DOMAIN=woodpecker.example.com
|
||||||
#EXTRA_DOMAINS=', `www.woodpecker.example.com`'
|
#EXTRA_DOMAINS=', `www.woodpecker.example.com`'
|
||||||
|
|
||||||
LETS_ENCRYPT_ENV=production
|
LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
|
WOODPECKER_OPEN=true
|
||||||
|
WOODPECKER_ADMIN=
|
||||||
|
|
||||||
|
## Gitea
|
||||||
|
COMPOSE_FILE="compose.yml:compose.gitea.yml"
|
||||||
|
WOODPECKER_GITEA_URL=https://git.example.org
|
||||||
|
WOODPECKER_GITEA_CLIENT=
|
||||||
|
# see: https://woodpecker-ci.org/docs/administration/vcs/gitea
|
||||||
|
|
||||||
|
## Github
|
||||||
|
# COMPOSE_FILE="compose.yml:compose.github.yml"
|
||||||
|
# WOODPECKER_GITHUB_CLIENT=
|
||||||
|
# WOODPECKER_GITHUB_SECRET=
|
||||||
|
|
||||||
|
## SECRETS
|
||||||
|
SECRET_AGENT_SECRET_VERSION=v1
|
||||||
|
CLIENT_SECRET_VERSION=v1
|
||||||
|
|
||||||
|
## Agent
|
||||||
|
|
||||||
|
WOODPECKER_MAX_PROCS=4
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# woodpecker
|
# woodpecker
|
||||||
|
|
||||||
> One line description of the recipe
|
> Woodpecker is a community fork of the Drone CI system.
|
||||||
|
|
||||||
<!-- metadata -->
|
<!-- metadata -->
|
||||||
|
|
||||||
|
@ -21,4 +21,4 @@
|
||||||
* `abra app config <app-name>`
|
* `abra app config <app-name>`
|
||||||
* `abra app deploy <app-name>`
|
* `abra app deploy <app-name>`
|
||||||
|
|
||||||
For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
|
Follow the [woodpecker docs](https://woodpecker-ci.org/docs/administration/vcs/gitea) to setup the Gitea oauth app.
|
|
@ -0,0 +1,16 @@
|
||||||
|
version: '3.8'
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- WOODPECKER_GITEA=true
|
||||||
|
- WOODPECKER_GITEA_URL
|
||||||
|
- WOODPECKER_GITEA_CLIENT
|
||||||
|
- WOODPECKER_GITEA_SECRET
|
||||||
|
secrets:
|
||||||
|
- client_secret
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
client_secret:
|
||||||
|
name: ${STACK_NAME}_client_secret_${SECRET_CLIENT_SECRET_VERSION}
|
||||||
|
external: true
|
|
@ -0,0 +1,15 @@
|
||||||
|
version: '3.8'
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- WOODPECKER_GITHUB=true
|
||||||
|
- WOODPECKER_GITHUB_CLIENT
|
||||||
|
- WOODPECKER_GITHUB_SECRET
|
||||||
|
secrets:
|
||||||
|
- client_secret
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
client_secret:
|
||||||
|
name: ${STACK_NAME}_client_secret_${SECRET_CLIENT_SECRET_VERSION}
|
||||||
|
external: true
|
64
compose.yml
64
compose.yml
|
@ -3,30 +3,70 @@ version: "3.8"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: nginx:1.20.0
|
image: woodpeckerci/woodpecker-server:v0.15.6-alpine
|
||||||
|
volumes:
|
||||||
|
- data:/var/lib/woodpecker/
|
||||||
|
configs:
|
||||||
|
- source: woodpecker_env
|
||||||
|
target: .env
|
||||||
|
environment:
|
||||||
|
- WOODPECKER_OPEN
|
||||||
|
- WOODPECKER_HOST=https://${DOMAIN}
|
||||||
|
- WOODPECKER_ADMIN
|
||||||
|
secrets:
|
||||||
|
- agent_secret
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
|
- internal
|
||||||
deploy:
|
deploy:
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: on-failure
|
condition: on-failure
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8000"
|
||||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
## Redirect from EXTRA_DOMAINS to DOMAIN
|
|
||||||
#- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
|
||||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
|
||||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
|
||||||
- "coop-cloud.${STACK_NAME}.version="
|
- "coop-cloud.${STACK_NAME}.version="
|
||||||
healthcheck:
|
|
||||||
test: ["CMD", "curl", "-f", "http://localhost"]
|
agent:
|
||||||
interval: 30s
|
image: woodpeckerci/woodpecker-agent:v0.15.6-alpine
|
||||||
timeout: 10s
|
command: agent
|
||||||
retries: 10
|
depends_on:
|
||||||
start_period: 1m
|
- woodpecker-server
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
environment:
|
||||||
|
- WOODPECKER_SERVER=app:9000
|
||||||
|
- WOODPECKER_MAX_PROCS
|
||||||
|
networks:
|
||||||
|
- internal
|
||||||
|
configs:
|
||||||
|
- source: woodpecker_env
|
||||||
|
target: .env
|
||||||
|
secrets:
|
||||||
|
- agent_secret
|
||||||
|
deploy:
|
||||||
|
restart_policy:
|
||||||
|
condition: on-failure
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
proxy:
|
proxy:
|
||||||
external: true
|
external: true
|
||||||
|
internal:
|
||||||
|
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
data:
|
||||||
|
|
||||||
|
|
||||||
|
configs:
|
||||||
|
woodpecker_env:
|
||||||
|
name: ${STACK_NAME}_woodpecker_env_${WOODPECKER_ENV_VERSION}
|
||||||
|
file: woodpecker.env.tmpl
|
||||||
|
template_driver: golang
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
agent_secret:
|
||||||
|
name: ${STACK_NAME}_agent_secret_${SECRET_AGENT_SECRET_VERSION}
|
||||||
|
external: true
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
WOODPECKER_AGENT_SECRET={{ secret "agent_secret" }}
|
||||||
|
{{ if (env "WOODPECKER_GITEA_CLIENT") }}
|
||||||
|
WOODPECKER_GITEA_SECRET={{ secret "client_secret" }}
|
||||||
|
{{ end }}
|
||||||
|
{{ if (env "WOODPECKER_GITHUB_CLIENT") }}
|
||||||
|
WOODPECKER_GITHUB_SECRET={{ secret "client_secret" }}
|
||||||
|
{{ end }}
|
Loading…
Reference in New Issue