ss/sovereign-stack
ss/sovereign-stack
1
1
Fork 1
Code Releases Activity

Committing often tonight due to Hurricane Ian.

Browse Source
This commit is contained in:
Derek Smith 2022-09-28 18:20:17 -04:00
parent 5a9c27c54f
commit f671fce58f
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
6 changed files with 140 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
deployment/www/go.sh
View File

@ -134,6 +134,9 @@ fi
bash -c ./stub/nginx_yml.sh bash -c ./stub/nginx_yml.sh
bash -c ./stub/ghost_yml.sh bash -c ./stub/ghost_yml.sh
bash -c ./stub/gitea_yml.sh
# # start a browser session; point it to port 80 to ensure HTTPS redirect. # # start a browser session; point it to port 80 to ensure HTTPS redirect.
# wait-for-it -t 320 "$PRIMARY_WWW_FQDN:80" # wait-for-it -t 320 "$PRIMARY_WWW_FQDN:80"
# wait-for-it -t 320 "$PRIMARY_WWW_FQDN:443" # wait-for-it -t 320 "$PRIMARY_WWW_FQDN:443"

10
deployment/www/stub/ghost_yml.sh
View File

@ -15,6 +15,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
# for each language specified in the site_definition, we spawn a separate ghost container # for each language specified in the site_definition, we spawn a separate ghost container
# at https://www.domain.com/$LANGUAGE_CODE # at https://www.domain.com/$LANGUAGE_CODE
for LANGUAGE_CODE in ${SITE_LANGUAGE_CODES//,/ }; do for LANGUAGE_CODE in ${SITE_LANGUAGE_CODES//,/ }; do
STACK_NAME="$DOCKER_STACK_SUFFIX-$LANGUAGE_CODE" STACK_NAME="$DOCKER_STACK_SUFFIX-$LANGUAGE_CODE"
# ensure directories on remote host exist so we can mount them into the containers. # ensure directories on remote host exist so we can mount them into the containers.
@ -95,8 +96,11 @@ EOL
fi fi
docker stack deploy -c "$DOCKER_YAML_PATH" "$DOCKER_STACK_SUFFIX-$LANGUAGE_CODE" docker stack deploy -c "$DOCKER_YAML_PATH" "$DOCKER_STACK_SUFFIX-$LANGUAGE_CODE"
sleep 1
done sleep 2
domain_number=$((domain_number+1)) domain_number=$((domain_number+1))
done
done # language code
done # domain list

100
deployment/www/stub/gitea_yml.sh Normal file
View File

@ -0,0 +1,100 @@
#!/bin/bash
set -exu
cd "$(dirname "$0")"
domain_number=0
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
export DOMAIN_NAME="$DOMAIN_NAME"
export SITE_PATH="$SITES_PATH/$DOMAIN_NAME"
# source the site path so we know what features it has.
source ../../reset_env.sh
source "$SITE_PATH/site_definition"
source ../../domain_env.sh
if [ "$DEPLOY_GITEA" = true ]; then
STACK_NAME="$DOCKER_STACK_SUFFIX-$LANGUAGE_CODE"
# ensure directories on remote host exist so we can mount them into the containers.
ssh "$PRIMARY_WWW_FQDN" mkdir -p "$REMOTE_HOME/gitea/$DOMAIN_NAME/en/gitea"
export STACK_TAG="gitea-$STACK_NAME"
export DB_STACK_TAG="giteadb-$STACK_NAME"
# todo append domain number or port number.
WEBSTACK_PATH="$SITE_PATH/webstack"
mkdir -p "$WEBSTACK_PATH"
export DOCKER_YAML_PATH="$WEBSTACK_PATH/gitea-en.yml"
# here's the NGINX config. We support ghost and nextcloud.
echo "" > "$DOCKER_YAML_PATH"
cat >>"$DOCKER_YAML_PATH" <<EOL
version: "3.8"
services:
${STACK_TAG}:
image: ${GITEA_IMAGE}
volumes:
- ${REMOTE_GITEA_PATH}/data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- USER_UID=1000
- USER_GID=1000
- ROOT_URL=https://${GITEA_FQDN}
- GITEA__database__DB_TYPE=mysql
- GITEA__database__HOST=${DB_STACK_TAG}:3306
- GITEA__database__NAME=gitea
- GITEA__database__USER=gitea
- GITEA__PASSWD=\${GITEA_MYSQL_PASSWORD}
networks:
- giteanet-${DOCKER_STACK_SUFFIX}
- giteadbnet-${DOCKER_STACK_SUFFIX}
deploy:
restart_policy:
condition: on-failure
${DB_STACK_TAG}:
image: ${GITEA_DB_IMAGE}
networks:
- giteadbnet-${DOCKER_STACK_SUFFIX}
volumes:
- ${REMOTE_GITEA_PATH}/db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=\${GITEA_MYSQL_ROOT_PASSWORD}
- MYSQL_PASSWORD=\${GITEA_MYSQL_PASSWORD}
- MYSQL_DATABASE=gitea
- MYSQL_USER=gitea
deploy:
restart_policy:
condition: on-failure
EOL
fi
# if [ "$DEPLOY_GITEA" = true ]; then
# cat >>"$DOCKER_YAML_PATH" <<EOL
# gitea-net:
# giteadb-net:
# EOL
# fi
cat >>"$DOCKER_YAML_PATH" <<EOL
networks:
EOL
docker stack deploy -c "$DOCKER_YAML_PATH" "$DOCKER_STACK_SUFFIX-$LANGUAGE_CODE"
sleep 1
done
fi
domain_number=$((domain_number+1))
done

27
deployment/www/stub/gittea_yml.sh
View File

@ -1,27 +0,0 @@
if [ "$DEPLOY_GITEA" = true ]; then
cat >>"$NGINX_CONF_PATH" <<EOL
# TLS listener for ${GITEA_FQDN}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${GITEA_FQDN};
location / {
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 64;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://gitea:3000;
}
}
EOL
fi

24
deployment/www/stub/nginx_config.sh
View File

@ -222,7 +222,6 @@ EOL
# SERVER block for BTCPAY Server # SERVER block for BTCPAY Server
if [ "$VPS_HOSTING_TARGET" = lxd ]; then if [ "$VPS_HOSTING_TARGET" = lxd ]; then
# gitea http to https redirect.
if [ "$DEPLOY_BTCPAY_SERVER" = true ]; then if [ "$DEPLOY_BTCPAY_SERVER" = true ]; then
cat >>"$NGINX_CONF_PATH" <<EOL cat >>"$NGINX_CONF_PATH" <<EOL
@ -361,6 +360,29 @@ EOL
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
} }
EOL
cat >>"$NGINX_CONF_PATH" <<EOL
# TLS listener for ${GITEA_FQDN}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${GITEA_FQDN};
location / {
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 64;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://gitea:3000;
}
EOL EOL
done done

52
deployment/www/stub_docker_yml.sh
View File

@ -47,47 +47,6 @@
# EOL # EOL
# fi # fi
# if [ "$DEPLOY_GITEA" = true ]; then
# cat >>"$DOCKER_YAML_PATH" <<EOL
# gitea:
# image: ${GITEA_IMAGE}
# volumes:
# - ${REMOTE_GITEA_PATH}/data:/data
# - /etc/timezone:/etc/timezone:ro
# - /etc/localtime:/etc/localtime:ro
# environment:
# - USER_UID=1000
# - USER_GID=1000
# - ROOT_URL=https://${GITEA_FQDN}
# - GITEA__database__DB_TYPE=mysql
# - GITEA__database__HOST=gitea-db:3306
# - GITEA__database__NAME=gitea
# - GITEA__database__USER=gitea
# - GITEA__PASSWD=\${GITEA_MYSQL_PASSWORD}
# networks:
# - gitea-net
# - giteadb-net
# deploy:
# restart_policy:
# condition: on-failure
# gitea-db:
# image: ${GITEA_DB_IMAGE}
# networks:
# - giteadb-net
# volumes:
# - ${REMOTE_GITEA_PATH}/db:/var/lib/mysql
# environment:
# - MYSQL_ROOT_PASSWORD=\${GITEA_MYSQL_ROOT_PASSWORD}
# - MYSQL_PASSWORD=\${GITEA_MYSQL_PASSWORD}
# - MYSQL_DATABASE=gitea
# - MYSQL_USER=gitea
# deploy:
# restart_policy:
# condition: on-failure
# EOL
# fi
# if [ "$DEPLOY_ONION_SITE" = true ]; then # if [ "$DEPLOY_ONION_SITE" = true ]; then
@ -144,11 +103,6 @@
# EOL # EOL
# fi # fi
# if [ "$DEPLOY_GITEA" = true ]; then
# cat >>"$DOCKER_YAML_PATH" <<EOL
# - gitea-net
# EOL
# fi
# if [ "$DEPLOY_ONION_SITE" = true ]; then # if [ "$DEPLOY_ONION_SITE" = true ]; then
# cat >>"$DOCKER_YAML_PATH" <<EOL # cat >>"$DOCKER_YAML_PATH" <<EOL
@ -176,12 +130,6 @@
# EOL # EOL
# fi # fi
# if [ "$DEPLOY_GITEA" = true ]; then
# cat >>"$DOCKER_YAML_PATH" <<EOL
# gitea-net:
# giteadb-net:
# EOL
# fi
# if [ "$DEPLOY_ONION_SITE" = true ]; then # if [ "$DEPLOY_ONION_SITE" = true ]; then
# cat >>"$DOCKER_YAML_PATH" <<EOL # cat >>"$DOCKER_YAML_PATH" <<EOL