networks: woodpecker: {} traefik: external: true services: db: image: mariadb:10.6 environment: MYSQL_DATABASE: "woodpecker" MYSQL_USER: "woodpecker" MYSQL_PASSWORD: "woodpecker" MYSQL_RANDOM_ROOT_PASSWORD: 1 volumes: - /mnt/tank/persist/nixc.us/woodpecker/production/db:/var/lib/mysql networks: - woodpecker deploy: endpoint_mode: dnsrr replicas: 1 placement: constraints: - node.hostname == macmini1 labels: - "traefik.enable=false" update_config: order: stop-first failure_action: rollback delay: 0s parallelism: 1 restart_policy: condition: any server: image: woodpeckerci/woodpecker-server:v3.10.0 environment: WOODPECKER_PLUGINS_PRIVILEGED: "woodpeckerci/plugin-docker-buildx" WOODPECKER_OPEN: "true" WOODPECKER_HOST: "https://woodpecker.nixc.us" WOODPECKER_BACKEND: "docker" WOODPECKER_BACKEND_DOCKER_NETWORK: "default" WOODPECKER_ADMIN: "colin" WOODPECKER_REPO_OWNERS: "colin,meta,fansdb,lilsgym,nixius,Nixius,devsecops,mechinae,Mechinae,aenow,aenow-dev,ViperWire,mrc" # WOODPECKER_LOG_LEVEL: trace WOODPECKER_LOG_LEVEL: error WOODPECKER_GITEA: "true" WOODPECKER_GITEA_URL: "https://git.nixc.us/" WOODPECKER_GITEA_CLIENT: "56c038d7-64b5-47e4-acae-cb8a69b31731" WOODPECKER_GITEA_SECRET: "gto_3wopyl5cybbs6p2gjducq6atxgl2zuebhcxda4sky3yjlxx3kmla" WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG" WOODPECKER_DATABASE_DRIVER: "mysql" WOODPECKER_DATABASE_DATASOURCE: "woodpecker:woodpecker@tcp(db:3306)/woodpecker?parseTime=true" WOODPECKER_LOG_FILE: stdout networks: - traefik - woodpecker volumes: - /mnt/tank/persist/nixc.us/woodpecker/production/data:/var/lib/woodpecker/ - /var/run/docker.sock:/var/run/docker.sock - /etc/localtime:/etc/localtime:ro deploy: endpoint_mode: dnsrr replicas: 1 placement: constraints: - node.hostname == macmini1 labels: # Web UI Configuration traefik.enable: "true" traefik.http.routers.production_woodpecker_ui.rule: "Host(`woodpecker.nixc.us`)" traefik.http.routers.production_woodpecker_ui.entrypoints: "websecure" traefik.http.routers.production_woodpecker_ui.tls.certresolver: "letsencryptresolver" traefik.http.routers.production_woodpecker_ui.service: "production_woodpecker_ui" traefik.http.services.production_woodpecker_ui.loadbalancer.server.port: "8000" # gRPC service traefik.http.services.woodpecker-grpc.loadbalancer.server.port: 9000 traefik.http.services.woodpecker-grpc.loadbalancer.server.scheme: h2c traefik.http.routers.woodpecker-grpc-secure.rule: Host(`grpc.woodpecker.nixc.us`) traefik.http.routers.woodpecker-grpc-secure.tls: "true" traefik.http.routers.woodpecker-grpc-secure.tls.certresolver: letsencryptresolver traefik.http.routers.woodpecker-grpc-secure.entrypoints: websecure traefik.http.routers.woodpecker-grpc-secure.service: woodpecker-grpc # Additional Metadata Labels homepage.group: Infrastructure homepage.name: woodpecker homepage.href: "https://woodpecker.nixc.us" homepage.description: "Woodpecker CI" # update_config: # order: stop-first # delay: 60s # parallelism: 1 restart_policy: condition: any agents-managers: image: woodpeckerci/woodpecker-agent:v3.10.0 networks: - woodpecker environment: WOODPECKER_LOG_FILE: stdout WOODPECKER_SERVER: "woodpecker_server:9000" WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG" WOODPECKER_DEBUG: "true" # WOODPECKER_LOG_LEVEL: "trace" WOODPECKER_LOG_LEVEL: "error" WOODPECKER_BACKEND: "docker" WOODPECKER_MAX_WORKFLOWS: 1 WOODPECKER_DEBUG_PRETTY: "true" WOODPECKER_AGENT_CONFIG_FILE: "/etc/woodpecker/agent-secret.conf" WOODPECKER_HOSTNAME: "{{ .Node.Hostname }}" WOODPECKER_FILTER_LABELS: "location=manager" WOODPECKER_HEALTHCHECK: "true" deploy: endpoint_mode: dnsrr placement: constraints: - node.role == manager - node.hostname != ingress.nixc.us mode: global # update_config: # order: stop-first # failure_action: rollback # delay: 120s # parallelism: 4 restart_policy: condition: any labels: traefik.enable: "false" volumes: - agent-secret:/etc/woodpecker/ - /var/run/docker.sock:/var/run/docker.sock dns: - 1.1.1.1 - 8.8.8.8 agent-salt: image: woodpeckerci/woodpecker-agent:v3.10.0 networks: - woodpecker environment: WOODPECKER_LOG_FILE: stdout WOODPECKER_SERVER: "woodpecker_server:9000" WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG" WOODPECKER_DEBUG: "true" # WOODPECKER_LOG_LEVEL: "trace" WOODPECKER_LOG_LEVEL: "error" WOODPECKER_BACKEND: "docker" WOODPECKER_MAX_WORKFLOWS: 1 WOODPECKER_DEBUG_PRETTY: "true" WOODPECKER_AGENT_CONFIG_FILE: "/etc/woodpecker/agent-secret.conf" WOODPECKER_HOSTNAME: "{{ .Node.Hostname }}" WOODPECKER_FILTER_LABELS: "location=salt" WOODPECKER_HEALTHCHECK: "true" deploy: endpoint_mode: dnsrr placement: constraints: - node.hostname == ingress.nixc.us mode: global # update_config: # order: stop-first # failure_action: rollback # delay: 120s # parallelism: 4 restart_policy: condition: any labels: traefik.enable: "false" volumes: - agent-secret:/etc/woodpecker/ - /var/run/docker.sock:/var/run/docker.sock dns: - 1.1.1.1 - 8.8.8.8 agents-workers: image: woodpeckerci/woodpecker-agent:v3.10.0 networks: - woodpecker environment: WOODPECKER_LOG_FILE: stdout WOODPECKER_SERVER: "woodpecker_server:9000" WOODPECKER_AGENT_SECRET: "WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG" WOODPECKER_DEBUG: "true" # WOODPECKER_LOG_LEVEL: trace WOODPECKER_LOG_LEVEL: error WOODPECKER_BACKEND: "docker" WOODPECKER_MAX_WORKFLOWS: "1" WOODPECKER_DEBUG_PRETTY: "true" WOODPECKER_AGENT_CONFIG_FILE: "/etc/woodpecker/agent-secret.conf" WOODPECKER_HOSTNAME: "{{ .Node.Hostname }}" WOODPECKER_FILTER_LABELS: "location=agent" deploy: endpoint_mode: dnsrr placement: constraints: - node.role == worker - node.hostname != ingress.nixc.us mode: global labels: traefik.enable: "false" # update_config: # order: stop-first # failure_action: rollback # delay: 120s # parallelism: 4 restart_policy: condition: any volumes: - agent-secret:/etc/woodpecker/ - /var/run/docker.sock:/var/run/docker.sock dns: - 1.1.1.1 - 8.8.8.8 volumes: agent-secret: {}