updated docker stack files
This commit is contained in:
parent
874a043991
commit
417adbf9ef
@ -1,4 +1,5 @@
|
||||
DATA_ROOT := /home/gfs-data
|
||||
D1_ROOT := /home/gfs-data
|
||||
D2_ROOT := /media/seagate-1000
|
||||
|
||||
all:
|
||||
@echo "ERROR: Be specific with one or more targets"
|
||||
@ -10,62 +11,98 @@ push:
|
||||
docker tag alpine:prom-proc-net docker.io/hyunghwan/alpine:prom-proc-net
|
||||
docker push docker.io/hyunghwan/alpine:prom-proc-net
|
||||
|
||||
#------------------------------------------------
|
||||
|
||||
init-traefik-data:
|
||||
mkdir -p "$(DATA_ROOT)/traefik"
|
||||
cp traefik-cert.yml "$(DATA_ROOT)/traefik"
|
||||
cp /etc/letsencrypt/live/miflux.com/fullchain.pem "$(DATA_ROOT)/traefik/miflux.crt"
|
||||
cp /etc/letsencrypt/live/miflux.com/privkey.pem "$(DATA_ROOT)/traefik/miflux.key"
|
||||
[ -d "$(D1_ROOT)/traefik" ] || mkdir "$(D1_ROOT)/traefik"
|
||||
cp traefik-cert.yml "$(D1_ROOT)/traefik"
|
||||
cp -f /etc/letsencrypt/live/miflux.com/fullchain.pem "$(D1_ROOT)/traefik/miflux.crt"
|
||||
cp -f /etc/letsencrypt/live/miflux.com/privkey.pem "$(D1_ROOT)/traefik/miflux.key"
|
||||
|
||||
init-coder-data:
|
||||
[ -d "$(D1_ROOT)/coder" ] || { mkdir "$(D1_ROOT)/coder"; chown 1000:1000 "$(D1_ROOT)/coder"; }
|
||||
[ -d "$(D1_ROOT)/coder/data" ] || { mkdir "$(D1_ROOT)/coder/data"; chown 1000:1000 "$(D1_ROOT)/coder/data"; }
|
||||
[ -d "$(D1_ROOT)/coder/templates" ] || { mkdir "$(D1_ROOT)/coder/templates"; chown 1000:1000 "$(D1_ROOT)/coder/templates"; }
|
||||
[ -d "$(D1_ROOT)/coder/workspace" ] || { mkdir "$(D1_ROOT)/coder/workspace"; chown 1000:1000 "$(D1_ROOT)/coder/workspace"; }
|
||||
|
||||
|
||||
init-gitea-data:
|
||||
[ -d "$(D1_ROOT)/gitea" ] || mkdir "$(D1_ROOT)/gitea"
|
||||
|
||||
init-prometheus-data:
|
||||
mkdir -p "$(DATA_ROOT)/prometheus/etc"
|
||||
mkdir -p "$(DATA_ROOT)/prometheus/data"
|
||||
chown 65534:65534 "$(DATA_ROOT)/prometheus/data"
|
||||
cp prometheus.conf.yml "$(DATA_ROOT)/prometheus/etc/prometheus.yml"
|
||||
[ -d "$(D1_ROOT)/prometheus" ] || mkdir "$(D1_ROOT)/prometheus"
|
||||
[ -d "$(D1_ROOT)/prometheus/etc" ] || mkdir "$(D1_ROOT)/prometheus/etc"
|
||||
[ -d "$(D1_ROOT)/prometheus/data" ] || mkdir "$(D1_ROOT)/prometheus/data"
|
||||
chown 65534:65534 "$(D1_ROOT)/prometheus/data"
|
||||
cp -f prometheus.conf.yml "$(D1_ROOT)/prometheus/etc/prometheus.yml"
|
||||
##cp -f prometheus.alert.rules.yml "$(D1_ROOT)/prometheus/etc/alert.rules.yml"
|
||||
|
||||
init-nextcloud-data:
|
||||
[ -d "$(D2_ROOT)/nextcloud" ] || mkdir "$(D2_ROOT)/nextcloud"
|
||||
|
||||
init-onlyoffice-data:
|
||||
[ -d "$(D2_ROOT)/onlyoffice" ] || mkdir "$(D2_ROOT)/onlyoffice"
|
||||
[ -d "$(D2_ROOT)/onlyoffice/data" ] || mkdir "$(D2_ROOT)/onlyoffice/data"
|
||||
[ -d "$(D2_ROOT)/onlyoffice/logs" ] || mkdir "$(D2_ROOT)/onlyoffice/logs"
|
||||
|
||||
#------------------------------------------------
|
||||
network-up-coder:
|
||||
docker network ls | grep -q coder-network || docker network create --driver overlay --attachable coder-network
|
||||
|
||||
network-down-coder:
|
||||
docker network rm coder-network
|
||||
|
||||
network-up-drone:
|
||||
docker network create --driver overlay --attachable drone-network
|
||||
docker network ls | grep -q drone-network || docker network create --driver overlay --attachable drone-network
|
||||
|
||||
network-down-drone:
|
||||
docker network rm drone-network
|
||||
|
||||
network-up-prometheus:
|
||||
docker network create --driver overlay --attachable prometheus-network
|
||||
docker network ls | grep -q prometheus-network || docker network create --driver overlay --attachable prometheus-network
|
||||
|
||||
network-down-prometheus:
|
||||
docker network rm prometheus-network
|
||||
|
||||
network-up-traefik:
|
||||
docker network create --driver overlay --attachable traefik-network
|
||||
docker network ls | grep -q traefik-network || docker network create --driver overlay --attachable traefik-network
|
||||
|
||||
network-down-traefik:
|
||||
docker network rm traefik-network
|
||||
|
||||
stack-up-traefik:
|
||||
#------------------------------------------------
|
||||
|
||||
stack-up-traefik: network-up-traefik init-traefik-data
|
||||
docker stack deploy --compose-file traefik.yml traefik-stack
|
||||
|
||||
stack-down-traefik:
|
||||
docker stack rm traefik-stack
|
||||
|
||||
|
||||
stack-up-codepot:
|
||||
stack-up-codepot: network-up-traefik
|
||||
docker stack deploy --compose-file codepot.yml codepot-stack
|
||||
|
||||
stack-down-codepot:
|
||||
docker stack rm codepot-stack
|
||||
|
||||
stack-up-gitea:
|
||||
stack-up-coder: network-up-traefik network-up-coder init-coder-data
|
||||
docker stack deploy --compose-file coder.yml coder-stack
|
||||
|
||||
stack-down-coder:
|
||||
docker stack rm coder-stack
|
||||
|
||||
stack-up-gitea: network-up-traefik init-gitea-data
|
||||
docker stack deploy --compose-file gitea.yml gitea-stack
|
||||
|
||||
stack-down-gitea:
|
||||
docker stack rm gitea-stack
|
||||
|
||||
stack-up-drone:
|
||||
stack-up-drone: network-up-traefik network-up-drone
|
||||
docker stack deploy --compose-file drone.yml drone-stack
|
||||
|
||||
stack-down-drone:
|
||||
docker stack rm drone-stack
|
||||
|
||||
stack-up-drone-runner:
|
||||
stack-up-drone-runner: network-up-drone
|
||||
docker stack deploy --compose-file drone-runner.yml drone-runner-stack
|
||||
|
||||
stack-down-drone-runner:
|
||||
@ -84,13 +121,13 @@ stack-up-cadvisor:
|
||||
stack-down-cadvisor:
|
||||
docker stack rm cadvisor-stack
|
||||
|
||||
stack-up-prometheus-node-exporter:
|
||||
stack-up-prometheus-node-exporter: network-up-prometheus
|
||||
docker stack deploy --compose-file prometheus-node-exporter.yml prometheus-node-exporter-stack
|
||||
|
||||
stack-down-prometheus-node-exporter:
|
||||
docker stack rm prometheus-node-exporter-stack
|
||||
|
||||
stack-up-prometheus:
|
||||
stack-up-prometheus: network-up-prometheus init-prometheus-data
|
||||
docker stack deploy --compose-file prometheus.yml prometheus-stack
|
||||
|
||||
stack-down-prometheus:
|
||||
@ -103,17 +140,13 @@ stack-down-grafana:
|
||||
docker stack rm grafana-stack
|
||||
|
||||
|
||||
stack-up-nextcloud:
|
||||
[ -d /media/seagate-1000/nextcloud ] || mkdir /media/seagate-1000/nextcloud
|
||||
stack-up-nextcloud: network-up-traefik init-nextcloud-data
|
||||
docker stack deploy --compose-file nextcloud.yml nextcloud-stack
|
||||
|
||||
stack-down-nextcloud:
|
||||
docker stack rm nextcloud-stack
|
||||
|
||||
stack-up-onlyoffice:
|
||||
[ -d /media/seagate-1000/onlyoffice ] || mkdir /media/seagate-1000/onlyoffice
|
||||
[ -d /media/seagate-1000/onlyoffice/data ] || mkdir /media/seagate-1000/onlyoffice/data
|
||||
[ -d /media/seagate-1000/onlyoffice/logs ] || mkdir /media/seagate-1000/onlyoffice/logs
|
||||
stack-up-onlyoffice: init-onlyoffice-data
|
||||
docker stack deploy --compose-file onlyoffice.yml onlyoffice-stack
|
||||
|
||||
stack-down-onlyoffice:
|
||||
|
@ -18,9 +18,9 @@ services:
|
||||
- -logtostderr
|
||||
#- -docker_only
|
||||
environment:
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
networks:
|
||||
- traefik-network
|
||||
- prometheus-network
|
||||
|
@ -10,9 +10,9 @@ services:
|
||||
hostname: codepot-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
command:
|
||||
- --port=80
|
||||
- --hide-index-page=yes
|
||||
|
66
docker-stack/coder.yml
Normal file
66
docker-stack/coder.yml
Normal file
@ -0,0 +1,66 @@
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
coder-network:
|
||||
external: true
|
||||
traefik-network:
|
||||
external: true
|
||||
|
||||
services:
|
||||
coder-service:
|
||||
image: ghcr.io/coder/coder:latest
|
||||
hostname: coder-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
- CODER_ACCESS_URL=https://vc.miflux.com
|
||||
- CODER_ADDRESS=0.0.0.0:80
|
||||
- CODER_TLS_ENABLE=false
|
||||
- CODER_OIDC_ISSUER_URL=https://code.miflux.com/
|
||||
- CODER_OIDC_EMAIL_DOMAIN=miflux.com
|
||||
- CODER_OIDC_CLIENT_ID=8fc09269-57cd-4a03-a66b-6fb357d8abec
|
||||
- CODER_OIDC_CLIENT_SECRET=gto_7hfqdkyg3tfc6ho5zuv2k34wl4jmnwxctzp32kvujrrmjf4bb2ta
|
||||
networks:
|
||||
- coder-network
|
||||
- traefik-network
|
||||
volumes:
|
||||
- type: bind
|
||||
source: /home/gfs-data/coder/data
|
||||
target: /home/coder/.config
|
||||
- type: bind
|
||||
source: /home/gfs-data/coder/templates
|
||||
target: /home/coder/templates
|
||||
- type: bind
|
||||
source: /home/gfs-data/coder/workspace
|
||||
target: /workspace
|
||||
# ports:
|
||||
# - target: 80
|
||||
# published: 80
|
||||
# protocol: tcp
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
placement:
|
||||
max_replicas_per_node: 1
|
||||
##constraints:
|
||||
## - node.labels.location == home
|
||||
## - node.hostname == rose
|
||||
resources:
|
||||
limits:
|
||||
memory: 1GB
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
##- traefik.docker.network=traefik-network
|
||||
- traefik.http.routers.coder-https.entrypoints=websec
|
||||
- traefik.http.routers.coder-https.rule=Host(`vc.miflux.com`)
|
||||
- traefik.http.routers.coder-https.tls=true
|
||||
# - traefik.http.routers.coder-http.entrypoints=web
|
||||
# - traefik.http.routers.coder-http.rule=Host(`vc.miflux.com`)
|
||||
# - traefik.http.routers.coder-http.tls=false
|
||||
- traefik.http.services.coder-service.loadbalancer.server.port=80
|
||||
- traefik.http.services.coder-service.loadbalancer.sticky.cookie=true
|
||||
- traefik.http.services.coder-service.loadbalancer.sticky.cookie.name=coder-sticker
|
@ -12,6 +12,9 @@ services:
|
||||
hostname: drone-runner-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
##- DRONE_RPC_PROTO=https
|
||||
##- DRONE_RPC_HOST=ci.miflux.com
|
||||
- DRONE_RPC_PROTO=http
|
||||
@ -20,9 +23,6 @@ services:
|
||||
- DRONE_RPC_SECRET=bd7c7058fd60caa00b86f7ea944c913d
|
||||
- DRONE_RUNNER_CAPACITY=10
|
||||
- DRONE_RUNNER_NAME=drone-runner-docker-1
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
networks:
|
||||
- drone-network
|
||||
##- traefik-network
|
||||
|
@ -12,7 +12,10 @@ services:
|
||||
hostname: drone-service-host
|
||||
tty: true
|
||||
environment:
|
||||
## unabel to use the internal DNS name as this URL is shown to
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
## unable to use the internal DNS name as this URL is shown to
|
||||
## the user for oauth login.
|
||||
##- DRONE_GITEA_SERVER=http://gitea-service-host:3000
|
||||
- DRONE_GITEA_SERVER=https://code.miflux.com
|
||||
@ -22,9 +25,6 @@ services:
|
||||
- DRONE_SERVER_HOST=ci.miflux.com
|
||||
- DRONE_SERVER_PROTO=https
|
||||
- DRONE_USER_CREATE=username:hyung-hwan,admin:true
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
networks:
|
||||
- drone-network
|
||||
- traefik-network
|
||||
|
@ -15,6 +15,9 @@ services:
|
||||
hostname: gitea-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
##- USER_UID=1000
|
||||
##- USER_GID=1000
|
||||
- GITEA____APP_NAME=HYUNG-HWAN
|
||||
@ -32,11 +35,8 @@ services:
|
||||
- GITEA__service__EMAIL_NOTIFY_TRUE=false
|
||||
- GITEA__openid__ENABLE_OPENID_SIGNIN=false
|
||||
- GITEA__openid__ENABLE_OPENID_SIGNUP=false
|
||||
- GITEA__wehhook__ALLOWED_HOST_LIST=*
|
||||
- GITEA__webhook__ALLOWED_HOST_LIST=*
|
||||
- GITEA__metrics__ENABLED=true
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
networks:
|
||||
- traefik-network
|
||||
- prometheus-network
|
||||
|
@ -15,11 +15,11 @@ services:
|
||||
hostname: grafana-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
- GF_SECURITY_ADMIN_USER=admin
|
||||
- GF_SECURITY_ADMIN_PASSWORD=admin
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
networks:
|
||||
- prometheus-network
|
||||
- traefik-network
|
||||
|
@ -15,9 +15,9 @@ services:
|
||||
hostname: prometheus-node-exporter-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
networks:
|
||||
- host-network
|
||||
volumes:
|
||||
|
@ -12,12 +12,12 @@ global:
|
||||
|
||||
scrape_configs:
|
||||
- job_name: prometheus
|
||||
scrape_interval: 10s
|
||||
scrape_interval: 30s
|
||||
static_configs:
|
||||
- targets: ['localhost:9090']
|
||||
|
||||
- job_name: gitea
|
||||
scrape_interval: 10s
|
||||
scrape_interval: 60s
|
||||
#scheme: https
|
||||
#static_configs:
|
||||
# - targets: ['gitea-service-host:3000']
|
||||
@ -28,7 +28,7 @@ scrape_configs:
|
||||
refresh_interval: 30s
|
||||
|
||||
- job_name: node
|
||||
scrape_interval: 10s
|
||||
scrape_interval: 25s
|
||||
#scheme: https
|
||||
#static_configs:
|
||||
# - targets: ['prometheus-node-exporter-service-host:9100']
|
||||
@ -41,14 +41,23 @@ scrape_configs:
|
||||
- host: tcp://prometheus-socat-service-host:2375
|
||||
role: nodes
|
||||
relabel_configs:
|
||||
- source_labels: [__meta_dockerswarm_node_address]
|
||||
- source_labels:
|
||||
- __meta_dockerswarm_node_address
|
||||
target_label: __address__
|
||||
replacement: $1:9100
|
||||
- source_labels: [__meta_dockerswarm_node_hostname]
|
||||
- source_labels:
|
||||
- __meta_dockerswarm_node_manager_leader
|
||||
- __meta_dockerswarm_node_manager_address
|
||||
regex: 'true;(.+):[0-9]+'
|
||||
target_label: __address__
|
||||
replacement: '$1:9100'
|
||||
- source_labels:
|
||||
- __meta_dockerswarm_node_hostname
|
||||
target_label: instance
|
||||
|
||||
|
||||
- job_name: cadvisor
|
||||
scrape_interval: 10s
|
||||
scrape_interval: 60s
|
||||
dns_sd_configs:
|
||||
- names: ['cadvisor-service-host']
|
||||
type: A
|
||||
|
@ -15,9 +15,9 @@ services:
|
||||
hostname: prometheus-socat-service-host
|
||||
command: tcp-listen:2375,fork,reuseaddr unix-connect:/var/run/docker.sock
|
||||
environment:
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
volumes:
|
||||
- type: bind
|
||||
source: /var/run/docker.sock
|
||||
@ -35,9 +35,9 @@ services:
|
||||
hostname: prometheus-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
networks:
|
||||
- prometheus-network
|
||||
ports:
|
||||
|
@ -13,9 +13,9 @@ services:
|
||||
hostname: traefik-service-host
|
||||
tty: true
|
||||
environment:
|
||||
- DS_NODE_NAME="{{.Node.Hostname}}"
|
||||
- DS_SERVICE_NAME="{{.Service.Name}}"
|
||||
- DS_TASK_NAME="{{.Task.Name}}"
|
||||
- DS_NODE_NAME={{.Node.Hostname}}
|
||||
- DS_SERVICE_NAME={{.Service.Name}}
|
||||
- DS_TASK_NAME={{.Task.Name}}
|
||||
volumes:
|
||||
- type: bind
|
||||
source: /var/run/docker.sock
|
||||
|
Loading…
x
Reference in New Issue
Block a user