Add scripts for installing drone

This commit is contained in:
Manuel Thalmann 2024-11-07 18:33:16 +01:00
parent 5b1695c764
commit 85b503ea80
6 changed files with 204 additions and 11 deletions

View file

@ -0,0 +1 @@
data/

View file

@ -0,0 +1,7 @@
FROM tetafro/golang-gcc AS builder
RUN apk add -U --no-cache git
RUN git clone -b "v2.20.0" --depth=1 https://github.com/drone/drone.git
RUN cd drone && go build -trimpath -ldflags='-w -s' -tags nolimit -o /usr/local/bin/drone-server ./cmd/drone-server
FROM drone/drone
COPY --from=builder /usr/local/bin/drone-server /bin/

View file

@ -0,0 +1,35 @@
services:
ci-template:
build:
context: .
dockerfile: ci.Dockerfile
extends:
file: docker-compose.secrets.yml
service: template
restart: unless-stopped
env_file:
- server.common.env
docker-template:
image: drone/drone-runner-docker
restart: unless-stopped
extends:
file: docker-compose.secrets.yml
service: template
depends_on: []
env_file:
- runner.common.env
environment:
DRONE_RUNNER_NAME: docker-runner
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ssh-template:
image: drone/drone-runner-ssh
restart: unless-stopped
extends:
file: docker-compose.secrets.yml
service: template
depends_on: []
env_file:
- runner.common.env
environment:
DRONE_RUNNER_NAME: ssh-runner

View file

@ -0,0 +1,141 @@
#!/bin/env fish
begin
set -l dir (status dirname)
set -l source "$dir/docker-compose.templates.yml"
source "$dir/../service.fish"
set -l environments \
forgejo mydrone "" \
github drone ""
function installSW -V dir -V environments -V source
set -l root (getServiceRoot $argv)
set -l config "$root/docker-compose.yml"
set -l secrets (getServiceSecretsConfig $argv)
set -l ciTemplate (yq (getServiceKey ci-template) "$source")
set -l dockerTemplate (yq (getServiceKey docker-template) "$source")
set -l sshTemplate (yq (getServiceKey ssh-template) "$source")
initializeServiceInstallation $argv
echo "{}" | sudo tee "$config" >/dev/null
echo "{}" | sudo tee "$secrets" >/dev/null
cp "$dir"/{ci.Dockerfile,.dockerignore} "$root"
echo "DRONE_JSONNET_ENABLED=true" | sudo tee "$root/server.common.env" >/dev/null
echo "DRONE_RUNNER_CAPACITY=2" | sudo tee "$root/runner.common.env" >/dev/null
for i in (seq 1 3 (count $environments))
set -l name $environments[$i]
set -l domain $environments[(math $i + 2)]
set -l subdomain $environments[(math $i + 1)]
set -l user $environments[(math $i + 3)]
set -l secret (openssl rand -hex 16)
set -l runners ssh docker
set -l services ci $runners
set -l tmpConfig (mktemp)
set -l tmpSecrets (mktemp)
set -l ciName "$name-ci"
set -l sshName "$name-ssh-runner"
set -l dockerName "$name-docker-runner"
set -l ciEnv
set -l sshEnv
set -l dockerEnv
cp "$config" "$tmpConfig"
cp "$secrets" "$tmpSecrets"
for serviceName in $services
set -l file (mktemp)
set -l nameVar "$serviceName""Name"
set -l serviceKey ".services.[\"$$nameVar\"]"
set "$serviceName""Key" "$serviceKey"
set "$serviceName""Env" "$serviceKey.environment"
end
CI_NAME=$ciName \
SECRET_ENV="$name.secret.env" \
RUNNER_ENV="$name.runner.env" begin
begin
printf "%s\n" \
DRONE_RPC_PROTO=http \
"DRONE_RPC_HOST=$name-ci"
end | sudo tee "$root/$RUNNER_ENV" >/dev/null
echo "DRONE_RPC_SECRET=$secret" | sudo tee "$root/$SECRET_ENV" >/dev/null
yq "$ciKey = $ciTemplate" "$tmpConfig" | \
ENTRY="./data/$name:/data" yq "$ciKey.volumes = [ env.ENTRY ]" | \
yq "$ciKey.env_file |= . + [ env.SECRET_ENV ]" | \
PROTO=https yq "$ciEnv.DRONE_SERVER_PROTO = env.PROTO" | \
HOST=(getServiceDomain "$subdomain" "$domain") yq "$ciEnv.DRONE_SERVER_HOST = env.HOST" | \
yq "$dockerKey = $dockerTemplate" | \
yq "$sshKey = $sshTemplate" | \
yq "$dockerKey.depends_on = [ env.CI_NAME ]" | \
yq -y "." | \
sudo tee "$config" >/dev/null
for key in $dockerKey $sshKey
set -l file (mktemp)
yq "$key.depends_on = [ env.CI_NAME ]" "$config" | \
yq "$key.env_file |= . + [ env.RUNNER_ENV, env.SECRET_ENV ]" | \
yq -y "." | \
tee "$file" >/dev/null
sudo cp "$file" "$config"
rm "$file"
end
PORT="127.0.0.1:1337:80" yq "$ciKey.ports = [ env.PORT ]" "$tmpSecrets" | \
yq -y "." | \
sudo tee "$secrets" >/dev/null
end
end
set -l services (yq --raw-output0 ".services | keys[]" "$config" | string split0)
for service in $services
set -l file (mktemp)
set -l key "$(getServiceKey "$service").extends"
cat "$config" | if string match "*-ci" "$service" >/dev/null
SERVICE="$service" yq "$key.service |= env.SERVICE" "$config"
else
yq "del($key)" "$config"
end | \
yq -y "." | \
tee "$file" >/dev/null
sudo cp "$file" "$config"
rm "$file"
end
installDockerService $argv
end
function configureSW -V dir
configureDockerService $argv
end
function getServiceServers -V environments
argparse -i "name=" -- $argv
set -l name "$_flag_name"
for i in (seq 1 3 (count $environments))
set -l domain $environments[(math $i + 2)]
set -l subdomain $environments[(math $i + 1)]
printf "%s\0" "$subdomain" "$domain"
end
end
function getServiceLocations -a index -V environments
set -l i (math (math (math $index - 1) / 2 "*" 3) + 1)
set -l name $environments[$i]
printf "%s\0" "$name-ci" /
end
function getBackupArgs
printf "%s\n" --hidden --no-ignore "data|\.secrets?\." (getServiceRoot $argv)
end
runInstaller --force $argv
end

View file

@ -21,6 +21,10 @@ begin
echo "$root/$(getServiceName $argv)" echo "$root/$(getServiceName $argv)"
end end
function getServiceKey -a name
echo ".services.[$(echo "{}" | NAME="$name" jq "env.NAME")]"
end
function __getServiceNginxConfig -V nginxRoot function __getServiceNginxConfig -V nginxRoot
echo "$nginxRoot/$(getServiceName $argv).conf" echo "$nginxRoot/$(getServiceName $argv).conf"
end end
@ -30,7 +34,19 @@ begin
end end
function __getServicePortKey -V secretsFile -a name function __getServicePortKey -V secretsFile -a name
echo ".services.$name.ports[0]" echo "$(getServiceKey "$name").ports[0]"
end
function getServiceDomain -a subdomain domain
if [ -z "$domain" ]
set domain (getMachineFQDN)
end
if [ -n "$subdomain" ]
set domain "$subdomain.$domain"
end
echo "$domain"
end end
function initializeServiceInstallation -V nginxRoot function initializeServiceInstallation -V nginxRoot
@ -71,14 +87,7 @@ begin
set -l domain $servers[(math $i + 1)] set -l domain $servers[(math $i + 1)]
set -l subdomain $servers[(math $i)] set -l subdomain $servers[(math $i)]
set -l locations (getServiceLocations $i $argv | string split0) set -l locations (getServiceLocations $i $argv | string split0)
set domain (getServiceDomain "$subdomain" "$domain")
if [ -z "$domain" ]
set domain (getMachineFQDN)
end
if [ -n "$subdomain" ]
set domain "$subdomain.$domain"
end
begin begin
printf "%s\n" \ printf "%s\n" \
@ -109,7 +118,7 @@ begin
sudo systemctl restart nginx sudo systemctl restart nginx
end end
function getBackupArgs -V root function getBackupArgs
printf "%s\n" --hidden --no-ignore . --exclude "docker-compose.yml" "$root" printf "%s\n" --hidden --no-ignore . --exclude "docker-compose.yml" (getServiceRoot $argv)
end end
end end