64 lines
1.8 KiB
Ruby
64 lines
1.8 KiB
Ruby
#
|
|
# Cookbook:: kosmos_drone
|
|
# Recipe:: default
|
|
#
|
|
|
|
package "docker-compose"
|
|
deploy_path = "/opt/drone"
|
|
credentials = data_bag_item("credentials", "drone")
|
|
drone_credentials = data_bag_item('credentials', 'drone')
|
|
|
|
postgres_config = {
|
|
username: "drone",
|
|
password: drone_credentials["postgresql_password"],
|
|
host: "pg.kosmos.local",
|
|
port: 5432,
|
|
database: "drone"
|
|
}
|
|
|
|
directory deploy_path do
|
|
action :create
|
|
end
|
|
|
|
template "#{deploy_path}/docker-compose.yml" do
|
|
source "docker-compose.yml.erb"
|
|
sensitive true
|
|
mode 0640
|
|
variables domain: node["kosmos_drone"]["domain"],
|
|
upstream_port: node["kosmos_drone"]["upstream_port"],
|
|
gitea_server: "https://#{node["kosmos_gitea"]["nginx"]["domain"]}",
|
|
client_id: credentials['client_id'],
|
|
client_secret: credentials['client_secret'],
|
|
rpc_secret: credentials['rpc_secret'],
|
|
database_secret: credentials['database_secret'],
|
|
postgres: postgres_config,
|
|
max_procs: 4
|
|
notifies :restart, "systemd_unit[drone.service]", :delayed
|
|
end
|
|
|
|
systemd_unit "drone.service" do
|
|
content({Unit: {
|
|
Description: "drone service with docker compose",
|
|
Requires: "docker.service",
|
|
After: "docker.service",
|
|
},
|
|
Service: {
|
|
Restart: "always",
|
|
WorkingDirectory: deploy_path,
|
|
ExecStart: "/usr/bin/docker-compose up",
|
|
ExecStartPre: "/usr/bin/docker-compose rm -f",
|
|
ExecStop: "/usr/bin/docker-compose down",
|
|
},
|
|
Install: {
|
|
WantedBy: "multi-user.target",
|
|
}})
|
|
action [:create, :enable, :start]
|
|
end
|
|
|
|
firewall_rule 'drone' do
|
|
port [node["kosmos_drone"]["upstream_port"]]
|
|
source "10.1.1.0/24" # TODO only allow nginx proxy IPs
|
|
protocol :tcp
|
|
command :allow
|
|
end
|