diff options
author | Alex Auvolat <alex@adnab.me> | 2021-02-08 14:52:13 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2021-02-08 14:52:13 +0100 |
commit | 9c2232cebc89324abd5d6499da095e1a15f81ddb (patch) | |
tree | d9b0c10891b909ce8090db0d53fe3182ba36128a /app/drone-ci/deploy/drone.hcl | |
parent | 9c060b3c28882331dee9acb684eb1f148f17becb (diff) | |
download | infrastructure-9c2232cebc89324abd5d6499da095e1a15f81ddb.tar.gz infrastructure-9c2232cebc89324abd5d6499da095e1a15f81ddb.zip |
Add Drone CI
Diffstat (limited to 'app/drone-ci/deploy/drone.hcl')
-rw-r--r-- | app/drone-ci/deploy/drone.hcl | 123 |
1 files changed, 123 insertions, 0 deletions
diff --git a/app/drone-ci/deploy/drone.hcl b/app/drone-ci/deploy/drone.hcl new file mode 100644 index 0000000..8d39422 --- /dev/null +++ b/app/drone-ci/deploy/drone.hcl @@ -0,0 +1,123 @@ +job "drone-ci" { + datacenters = ["dc1"] + type = "service" + + group "server" { + count = 1 + + network { + port "web_port" { + to = 80 + } + } + + task "drone_server" { + driver = "docker" + config { + image = "drone/drone:1.10.1" + ports = [ "web_port" ] + } + + template { + data = <<EOH +DRONE_GITEA_SERVER=https://git.deuxfleurs.fr +DRONE_GITEA_CLIENT_ID={{ key "secrets/drone-ci/oauth_client_id" }} +DRONE_GITEA_CLIENT_SECRET={{ key "secrets/drone-ci/oauth_client_secret" }} +DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" }} +DRONE_SERVER_HOST=drone.deuxfleurs.fr +DRONE_SERVER_PROTO=https +DRONE_DATABASE_SECRET={{ key "secrets/drone-ci/db_enc_secret" }} +DRONE_COOKIE_SECRET={{ key "secrets/drone-ci/cookie_secret" }} +AWS_ACCESS_KEY_ID={{ key "secrets/drone-ci/s3_ak" }} +AWS_SECRET_ACCESS_KEY={{ key "secrets/drone-ci/s3_sk" }} +AWS_DEFAULT_REGION=garage +AWS_REGION=garage +DRONE_S3_BUCKET={{ key "secrets/drone-ci/s3_bucket" }} +DRONE_S3_ENDPOINT=https://garage.deuxfleurs.fr +DRONE_S3_PATH_STYLE=true +DRONE_DATABASE_DRIVER=postgres +DRONE_DATABASE_DATASOURCE=postgres://{{ key "secrets/drone-ci/db_user" }}:{{ key "secrets/drone-ci/db_pass" }}@psql-proxy.service.2.cluster.deuxfleurs.fr:5432/postgres?sslmode=disable +DRONE_USER_CREATE=username:lx-admin,admin:true +DRONE_LOGS_TEXT=true +DRONE_LOGS_PRETTY=true +DRONE_LOGS_DEBUG=true +DOCKER_API_VERSION=1.39 +EOH + destination = "secrets/env" + env = true + } + + resources { + memory = 100 + cpu = 100 + } + + service { + name = "drone" + tags = [ + "drone", + "traefik.enable=true", + "traefik.frontend.entryPoints=https,http", + "traefik.frontend.rule=Host:drone.deuxfleurs.fr", + ] + port = "web_port" + address_mode = "host" + check { + type = "http" + protocol = "http" + port = "web_port" + path = "/" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "600s" + ignore_warnings = false + } + } + } + } + } + + group "runner" { + count = 3 + + constraint { + operator = "distinct_hosts" + value = "true" + } + + task "drone_runner" { + driver = "docker" + config { + network_mode = "host" + + #image = "drone/drone-runner-nomad:latest" + + image = "drone/drone-runner-docker:latest" + volumes = [ + "/var/run/docker.sock:/var/run/docker.sock" + ] + } + + template { + data = <<EOH +DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" }} +DRONE_RPC_HOST=drone.deuxfleurs.fr +DRONE_RPC_PROTO=https +DRONE_RUNNER_NAME={{ env "node.unique.name" }} +DRONE_DEBUG=true +NOMAD_ADDR=http://nomad-client.service.2.cluster.deuxfleurs.fr:4646 +DOCKER_API_VERSION=1.39 +EOH + destination = "secrets/env" + env = true + } + + resources { + memory = 100 + cpu = 100 + } + } + } +} |