aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app/woodpecker-ci/deploy/server.hcl
diff options
context:
space:
mode:
Diffstat (limited to 'cluster/prod/app/woodpecker-ci/deploy/server.hcl')
-rw-r--r--cluster/prod/app/woodpecker-ci/deploy/server.hcl16
1 files changed, 11 insertions, 5 deletions
diff --git a/cluster/prod/app/woodpecker-ci/deploy/server.hcl b/cluster/prod/app/woodpecker-ci/deploy/server.hcl
index c974e3f..60806b9 100644
--- a/cluster/prod/app/woodpecker-ci/deploy/server.hcl
+++ b/cluster/prod/app/woodpecker-ci/deploy/server.hcl
@@ -23,7 +23,7 @@ job "woodpecker-ci" {
task "server" {
driver = "docker"
config {
- image = "woodpeckerci/woodpecker-server:v2.7.1"
+ image = "woodpeckerci/woodpecker-server:v3.0.1"
ports = [ "web_port", "grpc_port" ]
network_mode = "host"
}
@@ -31,7 +31,7 @@ job "woodpecker-ci" {
template {
data = <<EOH
WOODPECKER_OPEN=true
-WOODPECKER_ORGS=Deuxfleurs
+WOODPECKER_ORGS=Deuxfleurs,distorsion
WOODPECKER_ADMIN=lx
WOODPECKER_HOST=https://woodpecker.deuxfleurs.fr
@@ -93,6 +93,10 @@ EOH
name = "woodpecker-grpc"
tags = [
"woodpecker-grpc",
+ # The tricot tag is necessary for tricot to get us a tls certificate,
+ # but it will not make the grpc endpoint work as tricot cannot
+ # proxy grpc traffic by itself.
+ "tricot woodpecker-grpc.deuxfleurs.fr",
]
port = "grpc_port"
address_mode = "host"
@@ -120,7 +124,7 @@ http {
listen 0.0.0.0:14453 ssl;
listen [::]:14453 ssl;
http2 on;
- server_name woodpecker.deuxfleurs.fr;
+ server_name woodpecker-grpc.deuxfleurs.fr;
resolver 127.0.0.1 valid=30s;
ssl_certificate "/etc/ssl/certs/woodpecker.cert";
@@ -128,6 +132,8 @@ http {
location / {
grpc_pass grpc://woodpecker-grpc.service.prod.consul:14090;
+ grpc_read_timeout 1800s;
+ grpc_send_timeout 1800s;
}
}
}
@@ -136,11 +142,11 @@ EOH
}
template {
- data = "{{ with $d := key \"tricot/certs/woodpecker.deuxfleurs.fr\" | parseJSON }}{{ $d.key_pem }}{{ end }}"
+ data = "{{ with $d := key \"tricot/certs/woodpecker-grpc.deuxfleurs.fr\" | parseJSON }}{{ $d.key_pem }}{{ end }}"
destination = "secrets/ssl/certs/woodpecker.key"
}
template {
- data = "{{ with $d := key \"tricot/certs/woodpecker.deuxfleurs.fr\" | parseJSON }}{{ $d.cert_pem }}{{ end }}"
+ data = "{{ with $d := key \"tricot/certs/woodpecker-grpc.deuxfleurs.fr\" | parseJSON }}{{ $d.cert_pem }}{{ end }}"
destination = "secrets/ssl/certs/woodpecker.cert"
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-19 21:46:40 +0000