Use working woodpecker config with proper networking and restart policies set to 'any'
This commit is contained in:
parent
d3e24bd05c
commit
f75d8425f3
SSH Key Fingerprint:
SHA256:nRPCQTeMFLdGytxRQmPVK9VXY3/ePKQ5lGRyJhT5DY8
217
stack.yml
217
stack.yml
|
|
@ -1,80 +1,96 @@
|
|||
version: "3.9"
|
||||
networks:
|
||||
default:
|
||||
external: false
|
||||
woodpecker: {}
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
services:
|
||||
server:
|
||||
image: woodpeckerci/woodpecker-server:v3.8.0
|
||||
db:
|
||||
image: mariadb:10.6
|
||||
environment:
|
||||
- WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx
|
||||
- WOODPECKER_OPEN=true
|
||||
- WOODPECKER_HOST=https://woodpecker.nixc.us
|
||||
- WOODPECKER_BACKEND=docker
|
||||
- WOODPECKER_BACKEND_DOCKER_NETWORK=default
|
||||
- WOODPECKER_ADMIN=colin
|
||||
- WOODPECKER_REPO_OWNERS=colin,meta,fansdb,lilsgym,nixius,Nixius,devsecops,mechinae,Mechinae,aenow,aenow-dev,ViperWire,mrc
|
||||
- WOODPECKER_LOG_LEVEL=error
|
||||
- WOODPECKER_GITEA=true
|
||||
- WOODPECKER_GITEA_URL=https://git.nixc.us/
|
||||
- WOODPECKER_GITEA_CLIENT=56c038d7-64b5-47e4-acae-cb8a69b31731
|
||||
- WOODPECKER_GITEA_SECRET=gto_3wopyl5cybbs6p2gjducq6atxgl2zuebhcxda4sky3yjlxx3kmla
|
||||
- WOODPECKER_AGENT_SECRET=WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG
|
||||
- WOODPECKER_DATABASE_DRIVER=mysql
|
||||
- WOODPECKER_DATABASE_DATASOURCE=woodpecker:woodpecker@tcp(woodpecker_db:3306)/woodpecker?parseTime=true
|
||||
- WOODPECKER_LOG_FILE=stdout
|
||||
networks:
|
||||
- traefik
|
||||
- default
|
||||
MYSQL_DATABASE: "woodpecker"
|
||||
MYSQL_USER: "woodpecker"
|
||||
MYSQL_PASSWORD: "woodpecker"
|
||||
MYSQL_RANDOM_ROOT_PASSWORD: 1
|
||||
volumes:
|
||||
- /mnt/tank/persist/nixc.us/woodpecker/production/data:/var/lib/woodpecker/
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /mnt/data/nixc.us/woodpecker/production/db:/var/lib/mysql
|
||||
networks:
|
||||
- woodpecker
|
||||
deploy:
|
||||
endpoint_mode: dnsrr
|
||||
replicas: 1
|
||||
placement:
|
||||
constraints:
|
||||
- node.hostname == macmini1
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.woodpecker.tls=true"
|
||||
- "traefik.http.services.woodpecker.loadbalancer.server.port=8000"
|
||||
- "traefik.http.routers.woodpecker.rule=Host(`woodpecker.nixc.us`)"
|
||||
- "traefik.http.routers.woodpecker.entrypoints=websecure"
|
||||
- "traefik.http.routers.woodpecker.tls.certresolver=letsencryptresolver"
|
||||
- "traefik.http.routers.woodpecker.service=woodpecker"
|
||||
- "traefik.docker.network=traefik"
|
||||
- "traefik.enable=false"
|
||||
update_config:
|
||||
order: stop-first
|
||||
failure_action: rollback
|
||||
delay: 5s
|
||||
delay: 0s
|
||||
parallelism: 1
|
||||
restart_policy:
|
||||
condition: any
|
||||
|
||||
db:
|
||||
image: mysql:8.0
|
||||
server:
|
||||
image: woodpeckerci/woodpecker-server:v3.8.0
|
||||
environment:
|
||||
- MYSQL_DATABASE=woodpecker
|
||||
- MYSQL_USER=woodpecker
|
||||
- MYSQL_PASSWORD=woodpecker
|
||||
- MYSQL_RANDOM_ROOT_PASSWORD=1
|
||||
volumes:
|
||||
- /mnt/tank/persist/nixc.us/woodpecker/production/db:/var/lib/mysql
|
||||
WOODPECKER_PLUGINS_PRIVILEGED: "woodpeckerci/plugin-docker-buildx"
|
||||
WOODPECKER_OPEN: "true"
|
||||
WOODPECKER_HOST: "https://woodpecker.nixc.us"
|
||||
WOODPECKER_BACKEND: "docker"
|
||||
WOODPECKER_BACKEND_DOCKER_NETWORK: "default"
|
||||
WOODPECKER_ADMIN: "colin"
|
||||
WOODPECKER_REPO_OWNERS: "colin,meta,fansdb,lilsgym,nixius,Nixius,devsecops,mechinae,Mechinae,aenow,aenow-dev,ViperWire,mrc"
|
||||
# WOODPECKER_LOG_LEVEL: trace
|
||||
WOODPECKER_LOG_LEVEL: error
|
||||
WOODPECKER_GITEA: "true"
|
||||
WOODPECKER_GITEA_URL: "https://git.nixc.us/"
|
||||
WOODPECKER_GITEA_CLIENT: "56c038d7-64b5-47e4-acae-cb8a69b31731"
|
||||
WOODPECKER_GITEA_SECRET: "gto_3wopyl5cybbs6p2gjducq6atxgl2zuebhcxda4sky3yjlxx3kmla"
|
||||
WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG"
|
||||
WOODPECKER_DATABASE_DRIVER: "mysql"
|
||||
WOODPECKER_DATABASE_DATASOURCE: "woodpecker:woodpecker@tcp(woodpecker_db:3306)/woodpecker?parseTime=true"
|
||||
WOODPECKER_LOG_FILE: stdout
|
||||
networks:
|
||||
- default
|
||||
- traefik
|
||||
- woodpecker
|
||||
volumes:
|
||||
- /mnt/data/nixc.us/woodpecker/production/data:/var/lib/woodpecker/
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
deploy:
|
||||
endpoint_mode: dnsrr
|
||||
replicas: 1
|
||||
placement:
|
||||
constraints:
|
||||
- node.hostname == macmini1
|
||||
labels:
|
||||
- "traefik.enable=false"
|
||||
# Web UI Configuration
|
||||
traefik.enable: "true"
|
||||
traefik.http.routers.production_woodpecker_ui.rule: "Host(`woodpecker.nixc.us`)"
|
||||
traefik.http.routers.production_woodpecker_ui.entrypoints: "websecure"
|
||||
traefik.http.routers.production_woodpecker_ui.tls.certresolver: "letsencryptresolver"
|
||||
traefik.http.routers.production_woodpecker_ui.service: "production_woodpecker_ui"
|
||||
traefik.http.services.production_woodpecker_ui.loadbalancer.server.port: "8000"
|
||||
|
||||
# gRPC service
|
||||
traefik.http.services.woodpecker-grpc.loadbalancer.server.port: 9000
|
||||
traefik.http.services.woodpecker-grpc.loadbalancer.server.scheme: h2c
|
||||
|
||||
traefik.http.routers.woodpecker-grpc-secure.rule: Host(`grpc.woodpecker.nixc.us`)
|
||||
traefik.http.routers.woodpecker-grpc-secure.tls: "true"
|
||||
traefik.http.routers.woodpecker-grpc-secure.tls.certresolver: letsencryptresolver
|
||||
traefik.http.routers.woodpecker-grpc-secure.entrypoints: websecure
|
||||
traefik.http.routers.woodpecker-grpc-secure.service: woodpecker-grpc
|
||||
|
||||
# Additional Metadata Labels
|
||||
homepage.group: Infrastructure
|
||||
homepage.name: woodpecker
|
||||
homepage.href: "https://woodpecker.nixc.us"
|
||||
homepage.description: "Woodpecker CI"
|
||||
update_config:
|
||||
order: stop-first
|
||||
failure_action: rollback
|
||||
delay: 5s
|
||||
# order: stop-first
|
||||
delay: 60s
|
||||
parallelism: 1
|
||||
restart_policy:
|
||||
condition: any
|
||||
|
|
@ -82,34 +98,77 @@ services:
|
|||
agents-managers:
|
||||
image: woodpeckerci/woodpecker-agent:v3.8.0
|
||||
networks:
|
||||
- default
|
||||
- woodpecker
|
||||
environment:
|
||||
- WOODPECKER_LOG_FILE=stdout
|
||||
- WOODPECKER_SERVER=server:9000
|
||||
- WOODPECKER_AGENT_SECRET=WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG
|
||||
- WOODPECKER_DEBUG=true
|
||||
- WOODPECKER_LOG_LEVEL=error
|
||||
- WOODPECKER_BACKEND=docker
|
||||
- WOODPECKER_MAX_WORKFLOWS=1
|
||||
- WOODPECKER_DEBUG_PRETTY=true
|
||||
- WOODPECKER_AGENT_CONFIG_FILE=/etc/woodpecker/agent-secret.conf
|
||||
- "WOODPECKER_HOSTNAME={{ .Node.Hostname }}"
|
||||
- WOODPECKER_FILTER_LABELS=location=manager
|
||||
- WOODPECKER_HEALTHCHECK=true
|
||||
WOODPECKER_LOG_FILE: stdout
|
||||
WOODPECKER_SERVER: "server:9000"
|
||||
WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG"
|
||||
WOODPECKER_DEBUG: "true"
|
||||
# WOODPECKER_LOG_LEVEL: "trace"
|
||||
WOODPECKER_LOG_LEVEL: "error"
|
||||
WOODPECKER_BACKEND: "docker"
|
||||
WOODPECKER_MAX_WORKFLOWS: 1
|
||||
WOODPECKER_DEBUG_PRETTY: "true"
|
||||
WOODPECKER_AGENT_CONFIG_FILE: "/etc/woodpecker/agent-secret.conf"
|
||||
WOODPECKER_HOSTNAME: "{{ .Node.Hostname }}"
|
||||
WOODPECKER_FILTER_LABELS: "location=manager"
|
||||
WOODPECKER_HEALTHCHECK: "true"
|
||||
deploy:
|
||||
endpoint_mode: dnsrr
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == manager
|
||||
- node.hostname != ingress.nixc.us
|
||||
mode: global
|
||||
labels:
|
||||
- "traefik.enable=false"
|
||||
update_config:
|
||||
# order: stop-first
|
||||
failure_action: rollback
|
||||
delay: 120s
|
||||
parallelism: 4
|
||||
restart_policy:
|
||||
condition: any
|
||||
labels:
|
||||
traefik.enable: "false"
|
||||
volumes:
|
||||
- agent-secret:/etc/woodpecker/
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
dns:
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
|
||||
agent-salt:
|
||||
image: woodpeckerci/woodpecker-agent:v3.8.0
|
||||
networks:
|
||||
- woodpecker
|
||||
environment:
|
||||
WOODPECKER_LOG_FILE: stdout
|
||||
WOODPECKER_SERVER: "woodpecker_server:9000"
|
||||
WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG"
|
||||
WOODPECKER_DEBUG: "true"
|
||||
# WOODPECKER_LOG_LEVEL: "trace"
|
||||
WOODPECKER_LOG_LEVEL: "error"
|
||||
WOODPECKER_BACKEND: "docker"
|
||||
WOODPECKER_MAX_WORKFLOWS: 1
|
||||
WOODPECKER_DEBUG_PRETTY: "true"
|
||||
WOODPECKER_AGENT_CONFIG_FILE: "/etc/woodpecker/agent-secret.conf"
|
||||
WOODPECKER_HOSTNAME: "{{ .Node.Hostname }}"
|
||||
WOODPECKER_FILTER_LABELS: "location=salt"
|
||||
WOODPECKER_HEALTHCHECK: "true"
|
||||
deploy:
|
||||
endpoint_mode: dnsrr
|
||||
placement:
|
||||
constraints:
|
||||
- node.hostname == ingress.nixc.us
|
||||
mode: global
|
||||
update_config:
|
||||
# order: stop-first
|
||||
failure_action: rollback
|
||||
delay: 120s
|
||||
parallelism: 4
|
||||
restart_policy:
|
||||
condition: any
|
||||
labels:
|
||||
traefik.enable: "false"
|
||||
volumes:
|
||||
- agent-secret:/etc/woodpecker/
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
|
@ -120,27 +179,29 @@ services:
|
|||
agents-workers:
|
||||
image: woodpeckerci/woodpecker-agent:v3.8.0
|
||||
networks:
|
||||
- default
|
||||
- woodpecker
|
||||
environment:
|
||||
- WOODPECKER_LOG_FILE=stdout
|
||||
- WOODPECKER_SERVER=server:9000
|
||||
- WOODPECKER_AGENT_SECRET=WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG
|
||||
- WOODPECKER_DEBUG=true
|
||||
- WOODPECKER_LOG_LEVEL=error
|
||||
- WOODPECKER_BACKEND=docker
|
||||
- WOODPECKER_MAX_WORKFLOWS=1
|
||||
- WOODPECKER_DEBUG_PRETTY=true
|
||||
- WOODPECKER_AGENT_CONFIG_FILE=/etc/woodpecker/agent-secret.conf
|
||||
- "WOODPECKER_HOSTNAME={{ .Node.Hostname }}"
|
||||
- WOODPECKER_FILTER_LABELS=location=agent
|
||||
WOODPECKER_LOG_FILE: stdout
|
||||
WOODPECKER_SERVER: "woodpecker_server:9000"
|
||||
WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG"
|
||||
WOODPECKER_DEBUG: "true"
|
||||
# WOODPECKER_LOG_LEVEL: trace
|
||||
WOODPECKER_LOG_LEVEL: error
|
||||
WOODPECKER_BACKEND: "docker"
|
||||
WOODPECKER_MAX_WORKFLOWS: "1"
|
||||
WOODPECKER_DEBUG_PRETTY: "true"
|
||||
WOODPECKER_AGENT_CONFIG_FILE: "/etc/woodpecker/agent-secret.conf"
|
||||
WOODPECKER_HOSTNAME: "{{ .Node.Hostname }}"
|
||||
WOODPECKER_FILTER_LABELS: "location=agent"
|
||||
deploy:
|
||||
endpoint_mode: dnsrr
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == worker
|
||||
- node.hostname != ingress.nixc.us
|
||||
mode: global
|
||||
labels:
|
||||
- "traefik.enable=false"
|
||||
traefik.enable: "false"
|
||||
update_config:
|
||||
order: stop-first
|
||||
failure_action: rollback
|
||||
|
|
@ -156,4 +217,4 @@ services:
|
|||
- 8.8.8.8
|
||||
|
||||
volumes:
|
||||
agent-secret:
|
||||
agent-secret: {}
|
||||
|
|
|
|||
Loading…
Reference in New Issue