From 8b99247c60ae7a52f5c24638c4bac8ba1980ed2d Mon Sep 17 00:00:00 2001
From: Manuel Thalmann <m@nuth.ch>
Date: Fri, 22 Nov 2024 17:29:45 +0100
Subject: [PATCH] Add scripts for installing woodpecker

---
 .../docker/services/woodpecker/.dockerignore  |   1 +
 .../docker/services/woodpecker/ci.Dockerfile  |   7 ++
 .../woodpecker/docker-compose.templates.yml   |  26 ++++
 .../docker/services/woodpecker/main.fish      | 116 ++++++++++++++++++
 4 files changed, 150 insertions(+)
 create mode 100644 scripts/Common/Software/docker/services/woodpecker/.dockerignore
 create mode 100644 scripts/Common/Software/docker/services/woodpecker/ci.Dockerfile
 create mode 100644 scripts/Common/Software/docker/services/woodpecker/docker-compose.templates.yml
 create mode 100755 scripts/Common/Software/docker/services/woodpecker/main.fish

diff --git a/scripts/Common/Software/docker/services/woodpecker/.dockerignore b/scripts/Common/Software/docker/services/woodpecker/.dockerignore
new file mode 100644
index 00000000..8fce6030
--- /dev/null
+++ b/scripts/Common/Software/docker/services/woodpecker/.dockerignore
@@ -0,0 +1 @@
+data/
diff --git a/scripts/Common/Software/docker/services/woodpecker/ci.Dockerfile b/scripts/Common/Software/docker/services/woodpecker/ci.Dockerfile
new file mode 100644
index 00000000..face3092
--- /dev/null
+++ b/scripts/Common/Software/docker/services/woodpecker/ci.Dockerfile
@@ -0,0 +1,7 @@
+FROM tetafro/golang-gcc AS builder
+RUN apk add -U --no-cache git
+RUN git clone -b "v2.20.0" --depth=1 https://github.com/drone/drone.git
+RUN cd drone && go build -trimpath -ldflags='-w -s' -tags nolimit -o /usr/local/bin/drone-server ./cmd/drone-server
+
+FROM drone/drone
+COPY --from=builder /usr/local/bin/drone-server /bin/
diff --git a/scripts/Common/Software/docker/services/woodpecker/docker-compose.templates.yml b/scripts/Common/Software/docker/services/woodpecker/docker-compose.templates.yml
new file mode 100644
index 00000000..1c88e53a
--- /dev/null
+++ b/scripts/Common/Software/docker/services/woodpecker/docker-compose.templates.yml
@@ -0,0 +1,26 @@
+services:
+  ci-template:
+    image: woodpeckerci/woodpecker-server
+    restart: unless-stopped
+    depends_on: []
+    env_file:
+      - ci.common.env
+    environment:
+      WOODPECKER_DATABASE_DRIVER: mysql
+    volumes: []
+  agent-template:
+    image: woodpeckerci/woodpecker-agent
+    restart: unless-stopped
+    depends_on: []
+    command: agent
+    env_file:
+      - agent.common.env
+    environment: {} 
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+  db-template:
+    image: mariadb
+    restart: unless-stopped
+    environment:
+      MARIADB_RANDOM_ROOT_PASSWORD: "yes"
+    volumes: []
diff --git a/scripts/Common/Software/docker/services/woodpecker/main.fish b/scripts/Common/Software/docker/services/woodpecker/main.fish
new file mode 100755
index 00000000..a08a4298
--- /dev/null
+++ b/scripts/Common/Software/docker/services/woodpecker/main.fish
@@ -0,0 +1,116 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+    set -l source "$dir/docker-compose.templates.yml"
+    source "$dir/../service.fish"
+
+    set -l environments \
+        my ci "" \
+        codeberg bergwache "" \
+        github gh.ci ""
+
+    function installSW -V dir -V environments -V source
+        set -l root (getServiceRoot $argv)
+        set -l config "$root/docker-compose.base.yml"
+        set -l secrets (getServiceSecretsConfig $argv)
+        set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
+        set -l agentTemplate (yq -oj (getServiceKey agent-template) "$source")
+        set -l dbTemplate (yq -oj (getServiceKey db-template) "$source")
+        initializeServiceInstallation $argv
+        echo "{}" | sudo tee "$config" >/dev/null
+        echo "{}" | sudo tee "$secrets" >/dev/null
+
+        cp "$dir/.dockerignore" "$root"
+        sudo touch "$root"/{agent,ci}.common.env
+
+        for i in (seq 1 3 (count $environments))
+            set -l name $environments[$i]
+            set -l domain $environments[(math $i + 2)]
+            set -l subdomain $environments[(math $i + 1)]
+            set -l secret (openssl rand -hex 32)
+            set -l services ci db agent
+            set -l tmpConfig (mktemp)
+            set -l tmpSecrets (mktemp)
+            set -l ciName "$name-ci"
+            set -l dbName "$name-db"
+            set -l agentName "$name-agent"
+            set -l ciEnv
+            set -l dbEnv
+            set -l agentEnv
+            set -l ciKey
+            set -l dbKey
+            set -l agentKey
+            set -l db Woodpecker
+            set -l dbUser woodpecker
+            set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
+            set -l domain (getServiceDomain "$subdomain" "$domain")
+
+            cp "$config" "$tmpConfig"
+            cp "$secrets" "$tmpSecrets"
+
+            for serviceName in $services
+                set -l file (mktemp)
+                set -l nameVar "$serviceName""Name"
+                set -l serviceKey (getServiceKey "$$nameVar")
+                set "$serviceName""Key" "$serviceKey"
+                set "$serviceName""Env" "$serviceKey.environment"
+            end
+
+            CI_NAME=$ciName \
+            SECRET_ENV="$name.secret.env" begin
+                begin
+                    echo "WOODPECKER_AGENT_SECRET=$secret"
+                end | sudo tee "$root/$SECRET_ENV" >/dev/null
+
+                yq "$ciKey = $ciTemplate" "$tmpConfig" | \
+                    DB="$dbName" yq "$ciKey.depends_on |= . + [ env(DB) ]" | \
+                    ENTRY="./data/$name/ci:/data" yq "$ciKey.volumes = [ env(ENTRY) ]" | \
+                    yq "$ciKey.env_file |= . + [ env(SECRET_ENV) ]" | \
+                    yq "$agentKey = $agentTemplate" | \
+                    yq "$agentKey.depends_on |= . + [ env(CI_NAME) ]" | \
+                    yq "$agentKey.env_file |= . + [ env(SECRET_ENV) ]" | \
+                    SERVER="$ciName:9000" yq "$agentEnv.WOODPECKER_SERVER = env(SERVER)" | \
+                    yq "$dbKey = $dbTemplate" | \
+                    ENTRY="./data/$name/database:/var/lib/mysql" yq "$dbKey.volumes |= . + [ env(ENTRY) ]" | \
+                    sudo tee "$config" >/dev/null
+
+                PORT="127.0.0.1:1337:8000" yq "$ciKey.ports = [ env(PORT) ]" "$tmpSecrets" | \
+                    HOST="https://$domain" yq "$ciEnv.WOODPECKER_HOST = env(HOST)" | \
+                    DB="$dbUser:$pw@tcp($dbName:3306)/$db?parseTime=true" yq "$ciEnv.WOODPECKER_DATABASE_DATASOURCE = env(DB)" | \
+                    USER="$dbUser" yq "$dbEnv.MARIADB_USER = env(USER)" | \
+                    PW="$pw" yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
+                    DB="$db" yq "$dbEnv.MARIADB_DATABASE = env(DB)" | \
+                    sudo tee "$secrets" >/dev/null
+            end
+        end
+
+        installDockerService $argv
+    end
+
+    function configureSW -V dir
+        configureDockerService $argv
+    end
+
+    function getServiceServers -V environments
+        argparse -i "name=" -- $argv
+        set -l name "$_flag_name"
+
+        for i in (seq 1 3 (count $environments))
+            set -l domain $environments[(math $i + 2)]
+            set -l subdomain  $environments[(math $i + 1)]
+            printf "%s\0" "$subdomain" "$domain"
+        end
+    end
+
+    function getServiceLocations -a index -V environments
+        set -l i (math (math (math $index - 1) / 2 "*" 3) + 1)
+        set -l name $environments[$i]
+        printf "%s\0" "$name-ci" /
+    end
+
+    function getBackupArgs
+        printf "%s\n" --hidden --no-ignore "data|\.secrets?\." (getServiceRoot $argv)
+    end
+
+    runInstaller --force $argv
+end