updated docker stack files

This commit is contained in:
hyung-hwan 2022-10-31 00:40:09 +09:00
parent 874a043991
commit 417adbf9ef
12 changed files with 172 additions and 64 deletions

View File

@ -1,4 +1,5 @@
DATA_ROOT := /home/gfs-data
D1_ROOT := /home/gfs-data
D2_ROOT := /media/seagate-1000
all:
@echo "ERROR: Be specific with one or more targets"
@ -10,62 +11,98 @@ push:
docker tag alpine:prom-proc-net docker.io/hyunghwan/alpine:prom-proc-net
docker push docker.io/hyunghwan/alpine:prom-proc-net
#------------------------------------------------
init-traefik-data:
mkdir -p "$(DATA_ROOT)/traefik"
cp traefik-cert.yml "$(DATA_ROOT)/traefik"
cp /etc/letsencrypt/live/miflux.com/fullchain.pem "$(DATA_ROOT)/traefik/miflux.crt"
cp /etc/letsencrypt/live/miflux.com/privkey.pem "$(DATA_ROOT)/traefik/miflux.key"
[ -d "$(D1_ROOT)/traefik" ] || mkdir "$(D1_ROOT)/traefik"
cp traefik-cert.yml "$(D1_ROOT)/traefik"
cp -f /etc/letsencrypt/live/miflux.com/fullchain.pem "$(D1_ROOT)/traefik/miflux.crt"
cp -f /etc/letsencrypt/live/miflux.com/privkey.pem "$(D1_ROOT)/traefik/miflux.key"
init-coder-data:
[ -d "$(D1_ROOT)/coder" ] || { mkdir "$(D1_ROOT)/coder"; chown 1000:1000 "$(D1_ROOT)/coder"; }
[ -d "$(D1_ROOT)/coder/data" ] || { mkdir "$(D1_ROOT)/coder/data"; chown 1000:1000 "$(D1_ROOT)/coder/data"; }
[ -d "$(D1_ROOT)/coder/templates" ] || { mkdir "$(D1_ROOT)/coder/templates"; chown 1000:1000 "$(D1_ROOT)/coder/templates"; }
[ -d "$(D1_ROOT)/coder/workspace" ] || { mkdir "$(D1_ROOT)/coder/workspace"; chown 1000:1000 "$(D1_ROOT)/coder/workspace"; }
init-gitea-data:
[ -d "$(D1_ROOT)/gitea" ] || mkdir "$(D1_ROOT)/gitea"
init-prometheus-data:
mkdir -p "$(DATA_ROOT)/prometheus/etc"
mkdir -p "$(DATA_ROOT)/prometheus/data"
chown 65534:65534 "$(DATA_ROOT)/prometheus/data"
cp prometheus.conf.yml "$(DATA_ROOT)/prometheus/etc/prometheus.yml"
[ -d "$(D1_ROOT)/prometheus" ] || mkdir "$(D1_ROOT)/prometheus"
[ -d "$(D1_ROOT)/prometheus/etc" ] || mkdir "$(D1_ROOT)/prometheus/etc"
[ -d "$(D1_ROOT)/prometheus/data" ] || mkdir "$(D1_ROOT)/prometheus/data"
chown 65534:65534 "$(D1_ROOT)/prometheus/data"
cp -f prometheus.conf.yml "$(D1_ROOT)/prometheus/etc/prometheus.yml"
##cp -f prometheus.alert.rules.yml "$(D1_ROOT)/prometheus/etc/alert.rules.yml"
init-nextcloud-data:
[ -d "$(D2_ROOT)/nextcloud" ] || mkdir "$(D2_ROOT)/nextcloud"
init-onlyoffice-data:
[ -d "$(D2_ROOT)/onlyoffice" ] || mkdir "$(D2_ROOT)/onlyoffice"
[ -d "$(D2_ROOT)/onlyoffice/data" ] || mkdir "$(D2_ROOT)/onlyoffice/data"
[ -d "$(D2_ROOT)/onlyoffice/logs" ] || mkdir "$(D2_ROOT)/onlyoffice/logs"
#------------------------------------------------
network-up-coder:
docker network ls | grep -q coder-network || docker network create --driver overlay --attachable coder-network
network-down-coder:
docker network rm coder-network
network-up-drone:
docker network create --driver overlay --attachable drone-network
docker network ls | grep -q drone-network || docker network create --driver overlay --attachable drone-network
network-down-drone:
docker network rm drone-network
network-up-prometheus:
docker network create --driver overlay --attachable prometheus-network
docker network ls | grep -q prometheus-network || docker network create --driver overlay --attachable prometheus-network
network-down-prometheus:
docker network rm prometheus-network
network-up-traefik:
docker network create --driver overlay --attachable traefik-network
docker network ls | grep -q traefik-network || docker network create --driver overlay --attachable traefik-network
network-down-traefik:
docker network rm traefik-network
stack-up-traefik:
#------------------------------------------------
stack-up-traefik: network-up-traefik init-traefik-data
docker stack deploy --compose-file traefik.yml traefik-stack
stack-down-traefik:
docker stack rm traefik-stack
stack-up-codepot:
stack-up-codepot: network-up-traefik
docker stack deploy --compose-file codepot.yml codepot-stack
stack-down-codepot:
docker stack rm codepot-stack
stack-up-gitea:
stack-up-coder: network-up-traefik network-up-coder init-coder-data
docker stack deploy --compose-file coder.yml coder-stack
stack-down-coder:
docker stack rm coder-stack
stack-up-gitea: network-up-traefik init-gitea-data
docker stack deploy --compose-file gitea.yml gitea-stack
stack-down-gitea:
docker stack rm gitea-stack
stack-up-drone:
stack-up-drone: network-up-traefik network-up-drone
docker stack deploy --compose-file drone.yml drone-stack
stack-down-drone:
docker stack rm drone-stack
stack-up-drone-runner:
stack-up-drone-runner: network-up-drone
docker stack deploy --compose-file drone-runner.yml drone-runner-stack
stack-down-drone-runner:
@ -84,13 +121,13 @@ stack-up-cadvisor:
stack-down-cadvisor:
docker stack rm cadvisor-stack
stack-up-prometheus-node-exporter:
stack-up-prometheus-node-exporter: network-up-prometheus
docker stack deploy --compose-file prometheus-node-exporter.yml prometheus-node-exporter-stack
stack-down-prometheus-node-exporter:
docker stack rm prometheus-node-exporter-stack
stack-up-prometheus:
stack-up-prometheus: network-up-prometheus init-prometheus-data
docker stack deploy --compose-file prometheus.yml prometheus-stack
stack-down-prometheus:
@ -103,17 +140,13 @@ stack-down-grafana:
docker stack rm grafana-stack
stack-up-nextcloud:
[ -d /media/seagate-1000/nextcloud ] || mkdir /media/seagate-1000/nextcloud
stack-up-nextcloud: network-up-traefik init-nextcloud-data
docker stack deploy --compose-file nextcloud.yml nextcloud-stack
stack-down-nextcloud:
docker stack rm nextcloud-stack
stack-up-onlyoffice:
[ -d /media/seagate-1000/onlyoffice ] || mkdir /media/seagate-1000/onlyoffice
[ -d /media/seagate-1000/onlyoffice/data ] || mkdir /media/seagate-1000/onlyoffice/data
[ -d /media/seagate-1000/onlyoffice/logs ] || mkdir /media/seagate-1000/onlyoffice/logs
stack-up-onlyoffice: init-onlyoffice-data
docker stack deploy --compose-file onlyoffice.yml onlyoffice-stack
stack-down-onlyoffice:

View File

@ -18,9 +18,9 @@ services:
- -logtostderr
#- -docker_only
environment:
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
networks:
- traefik-network
- prometheus-network

View File

@ -10,9 +10,9 @@ services:
hostname: codepot-service-host
tty: true
environment:
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
command:
- --port=80
- --hide-index-page=yes

66
docker-stack/coder.yml Normal file
View File

@ -0,0 +1,66 @@
version: "3.8"
networks:
coder-network:
external: true
traefik-network:
external: true
services:
coder-service:
image: ghcr.io/coder/coder:latest
hostname: coder-service-host
tty: true
environment:
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
- CODER_ACCESS_URL=https://vc.miflux.com
- CODER_ADDRESS=0.0.0.0:80
- CODER_TLS_ENABLE=false
- CODER_OIDC_ISSUER_URL=https://code.miflux.com/
- CODER_OIDC_EMAIL_DOMAIN=miflux.com
- CODER_OIDC_CLIENT_ID=8fc09269-57cd-4a03-a66b-6fb357d8abec
- CODER_OIDC_CLIENT_SECRET=gto_7hfqdkyg3tfc6ho5zuv2k34wl4jmnwxctzp32kvujrrmjf4bb2ta
networks:
- coder-network
- traefik-network
volumes:
- type: bind
source: /home/gfs-data/coder/data
target: /home/coder/.config
- type: bind
source: /home/gfs-data/coder/templates
target: /home/coder/templates
- type: bind
source: /home/gfs-data/coder/workspace
target: /workspace
# ports:
# - target: 80
# published: 80
# protocol: tcp
deploy:
mode: replicated
replicas: 1
placement:
max_replicas_per_node: 1
##constraints:
## - node.labels.location == home
## - node.hostname == rose
resources:
limits:
memory: 1GB
restart_policy:
condition: on-failure
labels:
- traefik.enable=true
##- traefik.docker.network=traefik-network
- traefik.http.routers.coder-https.entrypoints=websec
- traefik.http.routers.coder-https.rule=Host(`vc.miflux.com`)
- traefik.http.routers.coder-https.tls=true
# - traefik.http.routers.coder-http.entrypoints=web
# - traefik.http.routers.coder-http.rule=Host(`vc.miflux.com`)
# - traefik.http.routers.coder-http.tls=false
- traefik.http.services.coder-service.loadbalancer.server.port=80
- traefik.http.services.coder-service.loadbalancer.sticky.cookie=true
- traefik.http.services.coder-service.loadbalancer.sticky.cookie.name=coder-sticker

View File

@ -12,6 +12,9 @@ services:
hostname: drone-runner-service-host
tty: true
environment:
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
##- DRONE_RPC_PROTO=https
##- DRONE_RPC_HOST=ci.miflux.com
- DRONE_RPC_PROTO=http
@ -20,9 +23,6 @@ services:
- DRONE_RPC_SECRET=bd7c7058fd60caa00b86f7ea944c913d
- DRONE_RUNNER_CAPACITY=10
- DRONE_RUNNER_NAME=drone-runner-docker-1
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
networks:
- drone-network
##- traefik-network

View File

@ -12,7 +12,10 @@ services:
hostname: drone-service-host
tty: true
environment:
## unabel to use the internal DNS name as this URL is shown to
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
## unable to use the internal DNS name as this URL is shown to
## the user for oauth login.
##- DRONE_GITEA_SERVER=http://gitea-service-host:3000
- DRONE_GITEA_SERVER=https://code.miflux.com
@ -22,9 +25,6 @@ services:
- DRONE_SERVER_HOST=ci.miflux.com
- DRONE_SERVER_PROTO=https
- DRONE_USER_CREATE=username:hyung-hwan,admin:true
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
networks:
- drone-network
- traefik-network

View File

@ -15,6 +15,9 @@ services:
hostname: gitea-service-host
tty: true
environment:
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
##- USER_UID=1000
##- USER_GID=1000
- GITEA____APP_NAME=HYUNG-HWAN
@ -32,11 +35,8 @@ services:
- GITEA__service__EMAIL_NOTIFY_TRUE=false
- GITEA__openid__ENABLE_OPENID_SIGNIN=false
- GITEA__openid__ENABLE_OPENID_SIGNUP=false
- GITEA__wehhook__ALLOWED_HOST_LIST=*
- GITEA__webhook__ALLOWED_HOST_LIST=*
- GITEA__metrics__ENABLED=true
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
networks:
- traefik-network
- prometheus-network

View File

@ -15,11 +15,11 @@ services:
hostname: grafana-service-host
tty: true
environment:
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=admin
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
networks:
- prometheus-network
- traefik-network

View File

@ -15,9 +15,9 @@ services:
hostname: prometheus-node-exporter-service-host
tty: true
environment:
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
networks:
- host-network
volumes:

View File

@ -12,12 +12,12 @@ global:
scrape_configs:
- job_name: prometheus
scrape_interval: 10s
scrape_interval: 30s
static_configs:
- targets: ['localhost:9090']
- job_name: gitea
scrape_interval: 10s
scrape_interval: 60s
#scheme: https
#static_configs:
# - targets: ['gitea-service-host:3000']
@ -28,7 +28,7 @@ scrape_configs:
refresh_interval: 30s
- job_name: node
scrape_interval: 10s
scrape_interval: 25s
#scheme: https
#static_configs:
# - targets: ['prometheus-node-exporter-service-host:9100']
@ -41,14 +41,23 @@ scrape_configs:
- host: tcp://prometheus-socat-service-host:2375
role: nodes
relabel_configs:
- source_labels: [__meta_dockerswarm_node_address]
- source_labels:
- __meta_dockerswarm_node_address
target_label: __address__
replacement: $1:9100
- source_labels: [__meta_dockerswarm_node_hostname]
- source_labels:
- __meta_dockerswarm_node_manager_leader
- __meta_dockerswarm_node_manager_address
regex: 'true;(.+):[0-9]+'
target_label: __address__
replacement: '$1:9100'
- source_labels:
- __meta_dockerswarm_node_hostname
target_label: instance
- job_name: cadvisor
scrape_interval: 10s
scrape_interval: 60s
dns_sd_configs:
- names: ['cadvisor-service-host']
type: A

View File

@ -15,9 +15,9 @@ services:
hostname: prometheus-socat-service-host
command: tcp-listen:2375,fork,reuseaddr unix-connect:/var/run/docker.sock
environment:
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
volumes:
- type: bind
source: /var/run/docker.sock
@ -35,9 +35,9 @@ services:
hostname: prometheus-service-host
tty: true
environment:
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
networks:
- prometheus-network
ports:

View File

@ -13,9 +13,9 @@ services:
hostname: traefik-service-host
tty: true
environment:
- DS_NODE_NAME="{{.Node.Hostname}}"
- DS_SERVICE_NAME="{{.Service.Name}}"
- DS_TASK_NAME="{{.Task.Name}}"
- DS_NODE_NAME={{.Node.Hostname}}
- DS_SERVICE_NAME={{.Service.Name}}
- DS_TASK_NAME={{.Task.Name}}
volumes:
- type: bind
source: /var/run/docker.sock