Merge pull request 'feat: Add Garage deploy' (#25) from garage into main

Reviewed-on: https://git.weko.io/resilien/resilien.fr/pulls/25
This commit is contained in:
Simon 2022-12-05 12:38:31 +01:00
commit fefd4b5172
8 changed files with 47 additions and 109 deletions

View File

@ -1,4 +0,0 @@
# Ignore everything
**
!public

View File

@ -1,20 +1,26 @@
---
# drone encrypt resilien/resilien.fr $REGISTRY_PASSWORD
# drone encrypt resilien/resilien.fr $AWS_ACCESS_KEY_ID
kind: secret
name: REGISTRY_PASSWORD
data: dYAxgJzu+Ic48OIWSFSy1fIG/Z9UUb7ErEyN+3KyI3DaVl1HKWIjdhd6HQZNcgjyKqxZh+smR7CeklVTO2cJhAfQfXIu8ENfGW1QEiFM
name: STAGING_AWS_ACCESS_KEY_ID
data: FfmGMdepp8r8bXErlvn8p+QijBfkTtHHDpyMLEq/MMvF21k5IPgasU6DBSYQmSy3w2deAE/n
---
# drone encrypt resilien/resilien.fr $REGISTRY_USER
# drone encrypt resilien/resilien.fr $AWS_SECRET_ACCESS_KEY
kind: secret
name: REGISTRY_USER
data: Y/LGloHcxShJGmqXaGvFJYLSCDbG7wWZap8oywddPdJfcw==
name: STAGING_AWS_SECRET_ACCESS_KEY
data: KfVK2Dmpj2Pprt9boMvOMWYY3tq6k5d+SF/EpnnZQfK5z7NGaTU8CzMC7m3YcHh+Z7OzTNMK7nbzgoQriLNd5EFfVwvGf2TFW+qSByYkrBOzAYHy/GD4Ejn6mLs=
---
# drone encrypt resilien/resilien.fr "{\"auths\":{\"https://registry.weko.io\":{\"auth\":\"$(echo -n "$REGISTRY_USER:$REGISTRY_PASSWORD" | base64)\",\"email\":\"$REGISTRY_USER\"}}}"
# drone encrypt resilien/resilien.fr $AWS_ACCESS_KEY_ID
kind: secret
name: REGISTRY_CONFIG
data: ICKt0HnBLKDrCNUH1xJnOKCwOMn/R+xMqtO8AxQ8ZorJO/J1O3hUFx3gYH6uKe3y3qa73zGPjSHnTGFv43eGBS0K8L0qQtXdLqIKTOQiIMK9CENN+w8uULCKSls01XHv7zY0bGR5FjmniXCLNYHiWHnJOi8xbAkDorhy6GwhBBpsumsZ6uzA5I0NfHTs+gplvQh6H+6Dmh03ygx39pMfE+P1F2D5VS9OiieS
name: PRODUCTION_AWS_ACCESS_KEY_ID
data: IHBJJpNYL76/4+h3eJQF0dxuHlybyNU7ruM1OOjkM8W1N++IG8FGtFTVi3mHVu1h4DHgc+ux
---
# drone encrypt resilien/resilien.fr $AWS_SECRET_ACCESS_KEY
kind: secret
name: PRODUCTION_AWS_SECRET_ACCESS_KEY
data: RciAFkEXLF+Czpk5EclFKU/Nq9ivYoBv5xR96LURauZWLJacfx/o1Pr+1neK+W7R6XJ80nYqNySPex3cce9QjEc3ijr+FVXAHvqZbC2QTYfXv56iiruTljBznaU=
---
kind: pipeline
@ -40,7 +46,7 @@ steps:
- (cd themes/hugo-theme-lowtech && npm i)
- name: build website
image: jakejarvis/hugo-extended
image: klakegg/hugo:0.101.0-ext-debian-ci
commands:
- hugo --minify --environment production
@ -52,20 +58,15 @@ steps:
commands:
- node themes/hugo-theme-lowtech/scripts/typo
- name: build and push docker image on registry
image: plugins/docker
settings:
username:
from_secret: REGISTRY_USER
password:
from_secret: REGISTRY_PASSWORD
repo: registry.weko.io/resilien_fr
registry: registry.weko.io
tags:
- latest
image_pull_secrets:
- REGISTRY_CONFIG
- name: deploy
image: klakegg/hugo:0.101.0-ext-debian-ci
environment:
AWS_ACCESS_KEY_ID:
from_secret: PRODUCTION_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY:
from_secret: PRODUCTION_AWS_SECRET_ACCESS_KEY
commands:
- hugo deploy --environment production
trigger:
event:
@ -102,7 +103,7 @@ steps:
- (cd themes/hugo-theme-lowtech && npm i)
- name: build website
image: jakejarvis/hugo-extended
image: klakegg/hugo:0.101.0-ext-debian-ci
commands:
- hugo --minify --buildDrafts --buildFuture --environment staging
@ -114,20 +115,15 @@ steps:
commands:
- node themes/hugo-theme-lowtech/scripts/typo
- name: push docker image on registry
image: plugins/docker
settings:
username:
from_secret: REGISTRY_USER
password:
from_secret: REGISTRY_PASSWORD
repo: registry.weko.io/resilien_fr
registry: registry.weko.io
tags:
- staging
image_pull_secrets:
- REGISTRY_CONFIG
- name: deploy
image: klakegg/hugo:0.101.0-ext-debian-ci
environment:
AWS_ACCESS_KEY_ID:
from_secret: STAGING_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY:
from_secret: STAGING_AWS_SECRET_ACCESS_KEY
commands:
- hugo deploy --environment staging
trigger:
event:

4
.env
View File

@ -1,4 +0,0 @@
DOCKER_CONTEXT=vert.weko.resilien
NAME=vert.weko.resilien
URL=resilien.fr
STATS_CONTAINER=resilien-stats

View File

@ -1,4 +0,0 @@
FROM registry.weko.io/nginx-lowtech:0.1.0
# Copie des sources du site
COPY public /usr/share/nginx/html

View File

@ -1 +1,7 @@
baseURL: https://resilien.fr/
deployment:
targets:
- name: production
URL: >-
s3://resilien.fr?endpoint=http://10.20.20.10:3900&disableSSL=true&s3ForcePathStyle=true&region=garage

View File

@ -1 +1,7 @@
baseURL: https://staging.resilien.fr/
deployment:
targets:
- name: staging
URL: >-
s3://staging.resilien.fr?endpoint=http://10.20.20.10:3900&disableSSL=true&s3ForcePathStyle=true&region=garage

View File

@ -1,38 +0,0 @@
version: "3.8"
volumes:
resilien-log:
name: resilien-log
resilien-stats:
name: resilien-stats
services:
resilien-prod:
container_name: resilien-prod
build: .
image: registry.weko.io/resilien_fr:latest
restart: always
labels:
traefik.enable: "true"
traefik.http.routers.resilien.rule: "Host(`${URL}`)"
traefik.http.routers.resilien.entrypoints: "web"
com.centurylinklabs.watchtower.enable: true
volumes:
- resilien-log:/var/log/nginx
- resilien-stats:/usr/share/nginx/html/stats
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
resilien-stats:
container_name: resilien-stats
image: registry.weko.io/goaccess:1.5.1
restart: always
volumes:
- resilien-log:/var/log/nginx
- resilien-stats:/usr/share/nginx/html/stats
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
networks:
default:
name: traefik

View File

@ -1,20 +0,0 @@
version: "3.8"
networks:
default:
name: traefik
services:
resilien-staging:
container_name: resilien-staging
build: .
image: registry.weko.io/resilien_fr:staging
restart: always
labels:
traefik.enable: "true"
traefik.http.routers.resilien-staging.rule: "Host(`staging.${URL}`)"
traefik.http.routers.resilien-staging.entrypoints: "web"
com.centurylinklabs.watchtower.enable: true
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro