forked from coop-cloud/nextcloud
Updaate for current docker swarm wisdom
This commit is contained in:
parent
2fc909d2a0
commit
6ad288fb7e
21
.drone.yml
21
.drone.yml
|
@ -1,21 +0,0 @@
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: deploy to swarm.autonomic.zone
|
|
||||||
steps:
|
|
||||||
- name: deployment
|
|
||||||
image: decentral1se/drone-stack:19.03.8
|
|
||||||
settings:
|
|
||||||
compose: compose.yml
|
|
||||||
host: tcp://swarm.autonomic.zone:2376
|
|
||||||
stack_name: nextcloud
|
|
||||||
tlsverify: true
|
|
||||||
environment:
|
|
||||||
PLUGIN_CACERT:
|
|
||||||
from_secret: docker_cacert
|
|
||||||
PLUGIN_CERT:
|
|
||||||
from_secret: docker_cert
|
|
||||||
PLUGIN_KEY:
|
|
||||||
from_secret: docker_key
|
|
||||||
trigger:
|
|
||||||
branch:
|
|
||||||
- main
|
|
|
@ -1,7 +1,6 @@
|
||||||
export PASSWORD_STORE_DIR=$(pwd)/../../Infrastructure/infrastructure/credentials/password-store
|
export DOMAIN=nextcloud.example.com
|
||||||
|
export STACK_NAME=nextcloud
|
||||||
|
export LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
export DB_ROOT_PASSWD_VERSION=v1
|
export DB_ROOT_PASSWD_VERSION=v1
|
||||||
export DB_PASSWD_VERSION=v1
|
export DB_PASSWD_VERSION=v1
|
||||||
export DOMAIN=nextcloud.swarm.autonomic.zone
|
|
||||||
export STACK_NAME=nextcloud
|
|
||||||
export LETS_ENCRYPT_ENV=production
|
|
||||||
|
|
14
README.md
14
README.md
|
@ -1,6 +1,14 @@
|
||||||
nextcloud.test.autonomic.zone
|
Nextcloud
|
||||||
---
|
---
|
||||||
|
|
||||||
[![Build Status](https://drone.autonomic.zone/api/badges/autonomic-cooperative/nextcloud.test.autonomic.zone/status.svg?ref=refs/heads/main)](https://drone.autonomic.zone/autonomic-cooperative/nextcloud.test.autonomic.zone)
|
|
||||||
|
|
||||||
Fully automated luxury Nextcloud via docker-swarm.
|
Fully automated luxury Nextcloud via docker-swarm.
|
||||||
|
|
||||||
|
1. Set up Docker Swarm and [`abra`][abra]
|
||||||
|
2. Deploy [`compose-stacks/traefik`][compose-traefik]
|
||||||
|
3. `cp .envrc.sample .envrc`
|
||||||
|
4. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
||||||
|
your Docker swarm box
|
||||||
|
5. `direnv allow` (or `. .envrc`)
|
||||||
|
6. `abra secret_generate db_password v1 && abra secret_generate db_root_password v2`
|
||||||
|
7. `abra deploy`
|
||||||
|
8. Open the domain you configured and finish the set-up
|
||||||
|
|
16
compose.yml
16
compose.yml
|
@ -14,6 +14,7 @@ services:
|
||||||
- MYSQL_USER=nextcloud
|
- MYSQL_USER=nextcloud
|
||||||
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_password
|
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_password
|
||||||
- DOMAIN=${DOMAIN}
|
- DOMAIN=${DOMAIN}
|
||||||
|
- STACK_NAME=${STACK_NAME}
|
||||||
volumes:
|
volumes:
|
||||||
- nextcloud:/var/www/html
|
- nextcloud:/var/www/html
|
||||||
- nextapps:/var/www/html/custom_apps:cached
|
- nextapps:/var/www/html/custom_apps:cached
|
||||||
|
@ -28,12 +29,11 @@ services:
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.docker.network=proxy"
|
- "traefik.docker.network=proxy"
|
||||||
- "traefik.http.routers.nextcloud.tls=true"
|
- "traefik.http.routers.${STACK_NAME}.tls=true"
|
||||||
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||||
- "traefik.http.routers.nextcloud.rule=Host(`${DOMAIN}`)"
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
||||||
- "traefik.http.routers.nextcloud.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
#- "traefik.http.routers.nextcloud.tls.certresolver=staging"
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
- "traefik.http.routers.nextcloud.entrypoints=web-secure"
|
|
||||||
|
|
||||||
mariadb:
|
mariadb:
|
||||||
image: "mariadb:10.5"
|
image: "mariadb:10.5"
|
||||||
|
@ -53,10 +53,10 @@ services:
|
||||||
secrets:
|
secrets:
|
||||||
db_root_password:
|
db_root_password:
|
||||||
external: true
|
external: true
|
||||||
name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
|
name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}
|
||||||
db_password:
|
db_password:
|
||||||
external: true
|
external: true
|
||||||
name: ${STACK_NAME}_db_passwd_${DB_ROOT_PASSWD_VERSION}
|
name: ${STACK_NAME}_db_password_${DB_ROOT_PASSWORD_VERSION}
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
nextcloud:
|
nextcloud:
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
create-secrets () {
|
|
||||||
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}" -
|
|
||||||
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_passwd_${DB_PASSWD_VERSION}" -
|
|
||||||
}
|
|
Loading…
Reference in New Issue