aboutsummaryrefslogtreecommitdiff
path: root/app/drone-ci/deploy/drone.hcl
blob: 8d394225f802bb6a9fd02d976b74d89a596a0ec9 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
job "drone-ci" {
  datacenters = ["dc1"]
  type = "service"

  group "server" {
    count = 1

    network {
      port "web_port" {
		  to = 80
	  }
    }

    task "drone_server" {
      driver = "docker"
      config {
        image = "drone/drone:1.10.1"
        ports = [ "web_port" ]
      }

	  template {
		  data = <<EOH
DRONE_GITEA_SERVER=https://git.deuxfleurs.fr
DRONE_GITEA_CLIENT_ID={{ key "secrets/drone-ci/oauth_client_id" }}
DRONE_GITEA_CLIENT_SECRET={{ key "secrets/drone-ci/oauth_client_secret" }}
DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" }}
DRONE_SERVER_HOST=drone.deuxfleurs.fr
DRONE_SERVER_PROTO=https
DRONE_DATABASE_SECRET={{ key "secrets/drone-ci/db_enc_secret" }}
DRONE_COOKIE_SECRET={{ key "secrets/drone-ci/cookie_secret" }}
AWS_ACCESS_KEY_ID={{ key "secrets/drone-ci/s3_ak" }}
AWS_SECRET_ACCESS_KEY={{ key "secrets/drone-ci/s3_sk" }}
AWS_DEFAULT_REGION=garage
AWS_REGION=garage
DRONE_S3_BUCKET={{ key "secrets/drone-ci/s3_bucket" }}
DRONE_S3_ENDPOINT=https://garage.deuxfleurs.fr
DRONE_S3_PATH_STYLE=true
DRONE_DATABASE_DRIVER=postgres
DRONE_DATABASE_DATASOURCE=postgres://{{ key "secrets/drone-ci/db_user" }}:{{ key "secrets/drone-ci/db_pass" }}@psql-proxy.service.2.cluster.deuxfleurs.fr:5432/postgres?sslmode=disable
DRONE_USER_CREATE=username:lx-admin,admin:true
DRONE_LOGS_TEXT=true
DRONE_LOGS_PRETTY=true
DRONE_LOGS_DEBUG=true
DOCKER_API_VERSION=1.39
EOH
		destination = "secrets/env"
		env = true
	  }

      resources {
        memory = 100
        cpu = 100
      }

      service {
        name = "drone"
        tags = [
          "drone",
          "traefik.enable=true",
          "traefik.frontend.entryPoints=https,http",
          "traefik.frontend.rule=Host:drone.deuxfleurs.fr",
        ]
        port = "web_port"
        address_mode = "host"
        check {
          type = "http"
          protocol = "http"
          port = "web_port"
          path = "/"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "600s"
            ignore_warnings = false
          }
        }
      }
    }
  }

  group "runner" {
    count = 3

	constraint {
	  operator  = "distinct_hosts"
	  value     = "true"
	}

    task "drone_runner" {
      driver = "docker"
      config {
		network_mode = "host"

        #image = "drone/drone-runner-nomad:latest"

        image = "drone/drone-runner-docker:latest"
        volumes = [
          "/var/run/docker.sock:/var/run/docker.sock"
        ]
      }

	  template {
		  data = <<EOH
DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" }}
DRONE_RPC_HOST=drone.deuxfleurs.fr
DRONE_RPC_PROTO=https
DRONE_RUNNER_NAME={{ env "node.unique.name" }}
DRONE_DEBUG=true
NOMAD_ADDR=http://nomad-client.service.2.cluster.deuxfleurs.fr:4646
DOCKER_API_VERSION=1.39
EOH
		destination = "secrets/env"
		env = true
	  }

      resources {
        memory = 100
        cpu = 100
      }
	}
  }
}