Update README with Woodpecker CI configuration and required secrets
This commit is contained in:
parent
d62f7fda72
commit
fd1b50c810
|
|
@ -110,12 +110,32 @@ steps:
|
||||||
from_secret: REGISTRY_USER
|
from_secret: REGISTRY_USER
|
||||||
REGISTRY_PASSWORD:
|
REGISTRY_PASSWORD:
|
||||||
from_secret: REGISTRY_PASSWORD
|
from_secret: REGISTRY_PASSWORD
|
||||||
|
# Add production secrets
|
||||||
|
POSTGRES_PASSWORD:
|
||||||
|
from_secret: PROD_POSTGRES_PASSWORD
|
||||||
|
POSTGRES_USER:
|
||||||
|
from_secret: PROD_POSTGRES_USER
|
||||||
|
POSTGRES_DB:
|
||||||
|
from_secret: PROD_POSTGRES_DB
|
||||||
|
JWT_SECRET:
|
||||||
|
from_secret: PROD_JWT_SECRET
|
||||||
|
MAIN_URL:
|
||||||
|
from_secret: PROD_MAIN_URL
|
||||||
|
FRONTEND_URL:
|
||||||
|
from_secret: PROD_FRONTEND_URL
|
||||||
|
NEXT_PUBLIC_BACKEND_URL:
|
||||||
|
from_secret: PROD_NEXT_PUBLIC_BACKEND_URL
|
||||||
|
LINKEDIN_CLIENT_ID:
|
||||||
|
from_secret: PROD_LINKEDIN_CLIENT_ID
|
||||||
|
LINKEDIN_CLIENT_SECRET:
|
||||||
|
from_secret: PROD_LINKEDIN_CLIENT_SECRET
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
commands:
|
commands:
|
||||||
- echo "Deploying to production environment"
|
- echo "Deploying to production environment"
|
||||||
- echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
|
- echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
|
||||||
- docker stack deploy --with-registry-auth -c ./stack.production.yml $${CI_REPO_NAME}
|
- envsubst < ./stack.production.yml > ./stack.production.env.yml
|
||||||
|
- docker stack deploy --with-registry-auth -c ./stack.production.env.yml $${CI_REPO_NAME}
|
||||||
when:
|
when:
|
||||||
branch: main
|
branch: main
|
||||||
event: [push, cron]
|
event: [push, cron]
|
||||||
|
|
|
||||||
48
README.md
48
README.md
|
|
@ -1 +1,47 @@
|
||||||
<!-- build 0 -->
|
<!-- build 0 -->
|
||||||
|
|
||||||
|
# Postiz
|
||||||
|
|
||||||
|
## Deployment
|
||||||
|
|
||||||
|
This project uses Woodpecker CI for continuous integration and deployment to staging and production environments.
|
||||||
|
|
||||||
|
### Woodpecker CI Configuration
|
||||||
|
|
||||||
|
The `.woodpecker.yml` file defines the CI/CD pipeline with the following steps:
|
||||||
|
- Building and pushing Docker images for staging
|
||||||
|
- Deploying to staging environment
|
||||||
|
- Cleaning up staging environment
|
||||||
|
- Building and pushing Docker images for production
|
||||||
|
- Deploying to production environment
|
||||||
|
|
||||||
|
### Required Secrets
|
||||||
|
|
||||||
|
The following secrets need to be configured in your Woodpecker CI instance:
|
||||||
|
|
||||||
|
#### Registry and Docker Hub Access
|
||||||
|
- `REGISTRY_USER` - Registry username
|
||||||
|
- `REGISTRY_PASSWORD` - Registry password
|
||||||
|
- `DOCKER_REGISTRY_USER` - Docker Hub username
|
||||||
|
- `DOCKER_REGISTRY_PASSWORD` - Docker Hub password
|
||||||
|
|
||||||
|
#### Production Environment Variables
|
||||||
|
The following secrets are injected into the `stack.production.yml` file during deployment:
|
||||||
|
|
||||||
|
- `PROD_POSTGRES_PASSWORD` - PostgreSQL database password
|
||||||
|
- `PROD_POSTGRES_USER` - PostgreSQL username
|
||||||
|
- `PROD_POSTGRES_DB` - PostgreSQL database name
|
||||||
|
- `PROD_JWT_SECRET` - Secret key for JWT token generation
|
||||||
|
- `PROD_MAIN_URL` - Main application URL
|
||||||
|
- `PROD_FRONTEND_URL` - Frontend URL
|
||||||
|
- `PROD_NEXT_PUBLIC_BACKEND_URL` - Backend URL for public access
|
||||||
|
- `PROD_LINKEDIN_CLIENT_ID` - LinkedIn OAuth client ID
|
||||||
|
- `PROD_LINKEDIN_CLIENT_SECRET` - LinkedIn OAuth client secret
|
||||||
|
|
||||||
|
## Development
|
||||||
|
|
||||||
|
To run the application locally:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker compose up --build
|
||||||
|
```
|
||||||
|
|
@ -2,9 +2,9 @@ services:
|
||||||
postiz-postgres:
|
postiz-postgres:
|
||||||
image: postgres:17-alpine
|
image: postgres:17-alpine
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postiz-password
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
||||||
POSTGRES_USER: postiz-user
|
POSTGRES_USER: ${POSTGRES_USER}
|
||||||
POSTGRES_DB: postiz-db-local
|
POSTGRES_DB: ${POSTGRES_DB}
|
||||||
volumes:
|
volumes:
|
||||||
- /mnt/tank/persist/nixc.us/postiz/production/postiz-postgres:/var/lib/postgresql/data
|
- /mnt/tank/persist/nixc.us/postiz/production/postiz-postgres:/var/lib/postgresql/data
|
||||||
networks:
|
networks:
|
||||||
|
|
@ -28,12 +28,14 @@ services:
|
||||||
postiz:
|
postiz:
|
||||||
image: ghcr.io/gitroomhq/postiz-app:latest
|
image: ghcr.io/gitroomhq/postiz-app:latest
|
||||||
environment:
|
environment:
|
||||||
MAIN_URL: "https://postiz.nixc.us"
|
MAIN_URL: "${MAIN_URL}"
|
||||||
FRONTEND_URL: "https://postiz.nixc.us"
|
FRONTEND_URL: "${FRONTEND_URL}"
|
||||||
NEXT_PUBLIC_BACKEND_URL: "https://postiz.nixc.us/api"
|
NEXT_PUBLIC_BACKEND_URL: "${NEXT_PUBLIC_BACKEND_URL}"
|
||||||
JWT_SECRET: "zKdyVqnsLx8PrGKnFUz9AnSjrcu003kuzxBpHiNI6MU="
|
JWT_SECRET: "${JWT_SECRET}"
|
||||||
|
LINKEDIN_CLIENT_ID: "${LINKEDIN_CLIENT_ID}"
|
||||||
|
LINKEDIN_CLIENT_SECRET: "${LINKEDIN_CLIENT_SECRET}"
|
||||||
|
|
||||||
DATABASE_URL: "postgresql://postiz-user:postiz-password@postiz-postgres:5432/postiz-db-local"
|
DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postiz-postgres:5432/${POSTGRES_DB}"
|
||||||
REDIS_URL: "redis://postiz-keydb:6379"
|
REDIS_URL: "redis://postiz-keydb:6379"
|
||||||
|
|
||||||
BACKEND_INTERNAL_URL: "http://localhost:3000"
|
BACKEND_INTERNAL_URL: "http://localhost:3000"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue