diff options
Diffstat (limited to 'cluster/prod/app/drone-ci/integration/docker-compose.yml')
-rw-r--r-- | cluster/prod/app/drone-ci/integration/docker-compose.yml | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/cluster/prod/app/drone-ci/integration/docker-compose.yml b/cluster/prod/app/drone-ci/integration/docker-compose.yml deleted file mode 100644 index 41938c2..0000000 --- a/cluster/prod/app/drone-ci/integration/docker-compose.yml +++ /dev/null @@ -1,54 +0,0 @@ -version: '3.4' -services: - nix-daemon: - image: nixpkgs/nix:nixos-22.05 - restart: always - command: nix-daemon - privileged: true - volumes: - - "nix:/nix" - - "./nix.conf:/etc/nix/nix.conf:ro" - - drone-runner: - image: drone/drone-runner-docker:1.8.2 - restart: always - environment: - - DRONE_RPC_PROTO=https - - DRONE_RPC_HOST=drone.deuxfleurs.fr - - DRONE_RPC_SECRET=${DRONE_SECRET} - - DRONE_RUNNER_CAPACITY=3 - - DRONE_DEBUG=true - - DRONE_LOGS_TRACE=true - - DRONE_RPC_DUMP_HTTP=true - - DRONE_RPC_DUMP_HTTP_BODY=true - - DRONE_RUNNER_NAME=i_forgot_to_change_my_runner_name - - DRONE_RUNNER_LABELS=nix-daemon:1 - # we should put "nix:/nix:ro but it is not supported by - # drone-runner-docker because the dependency envconfig does - # not support having two colons (:) in the same stanza. - # Without the RO flag (or using docker userns), build isolation - # is broken. - # https://discourse.drone.io/t/allow-mounting-a-host-volume-as-read-only/10071 - # https://github.com/kelseyhightower/envconfig/pull/153 - # - # A workaround for isolation is to configure docker with a userns, - # so even if the folder is writable to root, it is not to any non - # privileged docker daemon ran by drone! - - DRONE_RUNNER_VOLUMES=drone_nix:/nix - - DRONE_RUNNER_ENVIRON=NIX_REMOTE:daemon - ports: - - "3000:3000/tcp" - volumes: - - "/var/run/docker.sock:/var/run/docker.sock" - - drone-gc: - image: drone/gc:latest - restart: always - environment: - - GC_DEBUG=true - - GC_CACHE=10gb - - GC_INTERVAL=10m - volumes: - - "/var/run/docker.sock:/var/run/docker.sock" -volumes: - nix: |