av/pet-project-server
1
0
Fork 0
Code Pull Requests Activity

Compare commits

base: av:c44b1322cf067a0fd9e41ae11fe9ab22d2829b6c
Branches Tags
av:master
..
compare: av:6b714a8486f8e3ba00b1172c6fd3c125b85aa448
Branches Tags
av:master

No commits in common. "c44b1322cf067a0fd9e41ae11fe9ab22d2829b6c" and "6b714a8486f8e3ba00b1172c6fd3c125b85aa448" have entirely different histories.
c44b1322cf ... 6b714a8486

5 changed files with 56 additions and 61 deletions
Show Stats Expand all files Collapse all files

4
README.md
View File

@ -5,8 +5,6 @@
## Требования ## Требования
- [ansible](https://docs.ansible.com/ansible/latest/getting_started/index.html) - [ansible](https://docs.ansible.com/ansible/latest/getting_started/index.html)
- [invoke](https://www.pyinvoke.org/)
- [task](https://taskfile.dev/)
## Установка ## Установка
@ -20,7 +18,7 @@ $ ansible-galaxy install --role-file ansible/requirements.yml
- Для каждого приложения создается свой пользователь. - Для каждого приложения создается свой пользователь.
- Для доступа используется ssh-ключ. - Для доступа используется ssh-ключ.
- Докер используется для запуска и изоляции приложений. Для загрузки образов настраивается Yandex Docker Registry. - Докер используется для запуска и изоляции приложений. Для загрузки образов настраивается Yandex Docker Registry.
- Выход во внешнюю сеть через proxy server Caddy. - Выход во внешнюю сеть через proxy-server Caddy.
- Чувствительные данные в `ansible/vars/vars.yaml` зашифрованы с помощью Ansible Vault. - Чувствительные данные в `ansible/vars/vars.yaml` зашифрованы с помощью Ansible Vault.
- Для мониторинга за сервером устанавливается [netdata](https://github.com/netdata/netdata). - Для мониторинга за сервером устанавливается [netdata](https://github.com/netdata/netdata).

13
Taskfile.yml
View File

@ -4,13 +4,12 @@ version: '3'
vars: vars:
USER_ID: USER_ID:
sh: 'id -u' sh: id -u
GROUP_ID: GROUP_ID:
sh: 'id -g' sh: id -g
HOSTS_FILE: 'ansible/hosts_prod'
REMOTE_USER: 'major' REMOTE_USER: 'major'
REMOTE_HOST: REMOTE_HOST:
sh: 'cat {{.HOSTS_FILE}} | xargs' sh: cat ./ansible/hosts_prod | xargs
tasks: tasks:
ssh: ssh:
@ -27,7 +26,7 @@ tasks:
cmds: cmds:
- >- - >-
ansible-playbook ansible-playbook
--inventory="{{.HOSTS_FILE}}" --inventory="ansible/hosts_prod"
--list-tags --list-tags
ansible/configuration.yml ansible/configuration.yml
@ -38,9 +37,9 @@ tasks:
cmds: cmds:
- >- - >-
ansible-playbook ansible-playbook
--become
--user="{{.REMOTE_USER}}" --user="{{.REMOTE_USER}}"
--inventory="{{.HOSTS_FILE}}" --become
--inventory="ansible/hosts_prod"
--extra-vars="ansible_python_interpreter=/usr/bin/python3" --extra-vars="ansible_python_interpreter=/usr/bin/python3"
{{.TAGS}} {{.TAGS}}
-vvv -vvv

23
app/gitea/tasks.py Normal file
View File

@ -0,0 +1,23 @@
from fabric import Connection
from invoke import task
import shlex
# Run task with `invoke deploy`
APP_NAME = "gitea"
SSH_HOST = f"{APP_NAME}@158.160.115.150"
@task
def deploy(c):
print("Ready to setup remote host")
with Connection(SSH_HOST) as c:
c.put(
local="docker-compose.yml",
remote=f"/home/{APP_NAME}/docker-compose.yml",
)
c.run("cp .env .env.prod")
c.run("mkdir -p data")
c.run(
f"docker-compose --project-name {shlex.quote(APP_NAME)} --env-file=.env.prod up --detach --remove-orphans"
)

51
app/tasks.py
View File

@ -1,51 +0,0 @@
import os
import shlex
import fabric
from invoke import task
SERVER_HOST_FILE = "../ansible/hosts_prod"
DOKER_REGISTRY = "cr.yandex/crplfk0168i4o8kd7ade"
@task(name="deploy:gitea")
def deploy_gitea(context):
deploy("gitea", dirs=["data"])
@task(name="deploy:wiki")
def deploy_wiki(context):
deploy("wiki")
def read_host():
with open(SERVER_HOST_FILE) as f:
return f.read().strip()
def ssh_host(app_name):
return f"{app_name}@{read_host()}"
def deploy(app_name: str, dirs=None):
docker_compose = os.path.join(app_name, "docker-compose.yml")
assert os.path.exists(docker_compose)
conn_str = ssh_host(app_name)
dirs = dirs or []
print("Deploy app from", docker_compose)
print("Start setup remote host", conn_str)
with fabric.Connection(conn_str) as c:
print("Copy docker compose file to remote host")
c.put(
local=docker_compose,
remote=f"/home/{app_name}/docker-compose.yml",
)
print("Copy environment file")
c.run("cp .env .env.prod")
for d in dirs:
print("Create remote directory", d)
c.run(f"mkdir -p {d}")
print("Up services")
c.run(
f"docker-compose --project-name {shlex.quote(app_name)} --env-file=.env.prod up --detach --remove-orphans"
)
print("Done.")

26
app/wiki/tasks.py Normal file
View File

@ -0,0 +1,26 @@
from fabric import Connection
from invoke import task
import subprocess
import shlex
APP_NAME = "wiki"
SSH_HOST = f"{APP_NAME}@158.160.115.150"
DOCKER_REGISTRY = "cr.yandex/crplfk0168i4o8kd7ade"
def run(args):
return subprocess.run(args, check=True, capture_output=True).stdout
@task
def deploy(c):
print("Ready to setup remote host")
with Connection(SSH_HOST) as c:
c.put(
"docker-compose.yml",
remote=f"/home/{APP_NAME}/docker-compose.yml",
)
c.run("cp .env .env.prod")
c.run(
f"docker-compose --project-name {shlex.quote(APP_NAME)} --env-file=.env.prod up --detach --remove-orphans"
)