159 lines
5.1 KiB
YAML
159 lines
5.1 KiB
YAML
version: "3.9"
|
|
networks:
|
|
default:
|
|
external: false
|
|
traefik:
|
|
external: true
|
|
services:
|
|
server:
|
|
image: woodpeckerci/woodpecker-server:v3.8.0
|
|
environment:
|
|
- WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx
|
|
- WOODPECKER_OPEN=true
|
|
- WOODPECKER_HOST=https://woodpecker.nixc.us
|
|
- WOODPECKER_BACKEND=docker
|
|
- WOODPECKER_BACKEND_DOCKER_NETWORK=default
|
|
- WOODPECKER_ADMIN=colin
|
|
- WOODPECKER_REPO_OWNERS=colin,meta,fansdb,lilsgym,nixius,Nixius,devsecops,mechinae,Mechinae,aenow,aenow-dev,ViperWire,mrc
|
|
- WOODPECKER_LOG_LEVEL=error
|
|
- WOODPECKER_GITEA=true
|
|
- WOODPECKER_GITEA_URL=https://git.nixc.us/
|
|
- WOODPECKER_GITEA_CLIENT=56c038d7-64b5-47e4-acae-cb8a69b31731
|
|
- WOODPECKER_GITEA_SECRET=gto_3wopyl5cybbs6p2gjducq6atxgl2zuebhcxda4sky3yjlxx3kmla
|
|
- WOODPECKER_AGENT_SECRET=WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG
|
|
- WOODPECKER_DATABASE_DRIVER=mysql
|
|
- WOODPECKER_DATABASE_DATASOURCE=woodpecker:woodpecker@tcp(woodpecker_db:3306)/woodpecker?parseTime=true
|
|
- WOODPECKER_LOG_FILE=stdout
|
|
networks:
|
|
- traefik
|
|
- default
|
|
volumes:
|
|
- /mnt/tank/persist/nixc.us/woodpecker/production/data:/var/lib/woodpecker/
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- /etc/localtime:/etc/localtime:ro
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.hostname == macmini1
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.woodpecker.tls=true"
|
|
- "traefik.http.services.woodpecker.loadbalancer.server.port=8000"
|
|
- "traefik.http.routers.woodpecker.rule=Host(`woodpecker.nixc.us`)"
|
|
- "traefik.http.routers.woodpecker.entrypoints=websecure"
|
|
- "traefik.http.routers.woodpecker.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.routers.woodpecker.service=woodpecker"
|
|
- "traefik.docker.network=traefik"
|
|
update_config:
|
|
order: stop-first
|
|
failure_action: rollback
|
|
delay: 5s
|
|
parallelism: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
|
|
db:
|
|
image: mariadb:10.6
|
|
environment:
|
|
- MYSQL_DATABASE=woodpecker
|
|
- MYSQL_USER=woodpecker
|
|
- MYSQL_PASSWORD=woodpecker
|
|
- MYSQL_RANDOM_ROOT_PASSWORD=1
|
|
volumes:
|
|
- /mnt/tank/persist/nixc.us/woodpecker/production/db:/var/lib/mysql
|
|
networks:
|
|
- default
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.hostname == macmini1
|
|
labels:
|
|
- "traefik.enable=false"
|
|
update_config:
|
|
order: stop-first
|
|
failure_action: rollback
|
|
delay: 5s
|
|
parallelism: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
|
|
agents-managers:
|
|
image: woodpeckerci/woodpecker-agent:v3.8.0
|
|
networks:
|
|
- default
|
|
environment:
|
|
- WOODPECKER_LOG_FILE=stdout
|
|
- WOODPECKER_SERVER=server:9000
|
|
- WOODPECKER_AGENT_SECRET=WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG
|
|
- WOODPECKER_DEBUG=true
|
|
- WOODPECKER_LOG_LEVEL=error
|
|
- WOODPECKER_BACKEND=docker
|
|
- WOODPECKER_MAX_WORKFLOWS=1
|
|
- WOODPECKER_DEBUG_PRETTY=true
|
|
- WOODPECKER_AGENT_CONFIG_FILE=/etc/woodpecker/agent-secret.conf
|
|
- "WOODPECKER_HOSTNAME={{ .Node.Hostname }}"
|
|
- WOODPECKER_FILTER_LABELS=location=manager
|
|
- WOODPECKER_HEALTHCHECK=true
|
|
deploy:
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
- node.hostname != ingress.nixc.us
|
|
mode: global
|
|
labels:
|
|
- "traefik.enable=false"
|
|
update_config:
|
|
failure_action: rollback
|
|
delay: 120s
|
|
parallelism: 4
|
|
restart_policy:
|
|
condition: on-failure
|
|
volumes:
|
|
- agent-secret:/etc/woodpecker/
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
dns:
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
|
|
agents-workers:
|
|
image: woodpeckerci/woodpecker-agent:v3.8.0
|
|
networks:
|
|
- default
|
|
environment:
|
|
- WOODPECKER_LOG_FILE=stdout
|
|
- WOODPECKER_SERVER=server:9000
|
|
- WOODPECKER_AGENT_SECRET=WdK6TEWqsfi6R6SGKYSaqsg7ZQyKxnZFyWBeegt2TCCDHmivcYaPCMmdXTN5G7U3bv3C6TFDDiyBdoKB5M5c5hikGrQzm67rcBbfKB3SZRYFeurAGwsPmtVQWnVkPCtG
|
|
- WOODPECKER_DEBUG=true
|
|
- WOODPECKER_LOG_LEVEL=error
|
|
- WOODPECKER_BACKEND=docker
|
|
- WOODPECKER_MAX_WORKFLOWS=1
|
|
- WOODPECKER_DEBUG_PRETTY=true
|
|
- WOODPECKER_AGENT_CONFIG_FILE=/etc/woodpecker/agent-secret.conf
|
|
- "WOODPECKER_HOSTNAME={{ .Node.Hostname }}"
|
|
- WOODPECKER_FILTER_LABELS=location=agent
|
|
deploy:
|
|
placement:
|
|
constraints:
|
|
- node.role == worker
|
|
- node.hostname != ingress.nixc.us
|
|
mode: global
|
|
labels:
|
|
- "traefik.enable=false"
|
|
update_config:
|
|
order: stop-first
|
|
failure_action: rollback
|
|
delay: 120s
|
|
parallelism: 4
|
|
restart_policy:
|
|
condition: on-failure
|
|
volumes:
|
|
- agent-secret:/etc/woodpecker/
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
dns:
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
|
|
volumes:
|
|
agent-secret: |