Initial kosmos_drone cookbook

Closes #235
2020-11-19 12:57:58 +01:00
parent 9ba364ad7a
commit ebf5f405f5
10 changed files with 353 additions and 0 deletions
--- a/site-cookbooks/kosmos_drone/templates/docker-compose.yml.erb
+++ b/site-cookbooks/kosmos_drone/templates/docker-compose.yml.erb
@@ -0,0 +1,36 @@
+version: '3'
+
+services:
+  drone-server:
+    image: drone/drone:1
+
+    ports:
+      - "<%= @upstream_port %>:80"
+    volumes:
+      - drone-server-data:/data
+    restart: always
+    environment:
+      - DRONE_USER_CREATE=username:greg,admin:true
+      - DRONE_GITEA_SERVER=<%= @gitea_server %>
+      - DRONE_GITEA_CLIENT_ID=<%= @client_id %>
+      - DRONE_GITEA_CLIENT_SECRET=<%= @client_secret %>
+      - DRONE_SERVER_HOST=<%= @domain %>
+      - DRONE_SERVER_PROTO=https # required for the Redirect URI to be built correctly
+      - DRONE_RPC_SECRET=<%= @rpc_secret %>
+
+  drone-runner:
+    image: drone/drone-runner-docker:1
+
+    command: agent
+    restart: always
+    depends_on:
+      - drone-server
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - DRONE_RPC_HOST=drone-server:80
+      - DRONE_RPC_SECRET=<%= @rpc_secret %>
+      - DRONE_RUNNER_MAX_PROCS=<%= @max_procs %>
+
+volumes:
+  drone-server-data:
--- a/site-cookbooks/kosmos_drone/templates/nginx_conf.erb
+++ b/site-cookbooks/kosmos_drone/templates/nginx_conf.erb
@@ -0,0 +1,34 @@
+<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
+# Generated by Chef
+upstream _drone {
+  server   localhost:<%= @upstream_port %>;
+}
+
+server {
+  server_name <%= @server_name %>;
+  listen 443 ssl http2;
+  listen [::]:443 ssl http2;
+
+  ssl_certificate     <%= @ssl_cert %>;
+  ssl_certificate_key <%= @ssl_key %>;
+
+  add_header Strict-Transport-Security "max-age=31536000";
+
+  # Send real IP to the Docker container
+  set_real_ip_from 127.0.0.1;
+  set_real_ip_from 172.17.0.1;
+  real_ip_header X-Forwarded-For;
+
+  client_max_body_size 20M;
+
+  location / {
+    # Increase number of buffers. Default is 8
+    proxy_buffers 1024 8k;
+
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+    proxy_pass http://_drone;
+    proxy_http_version 1.1;
+  }
+}
+<% end -%>