elia/blog.lazkani.io
1
0
Fork 0
Code Issues Pull requests Packages 1 Wiki Activity

chore(): Migrates deployment to ansible
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse source
This commit is contained in:
Elia el Lazkani 2023-07-01 18:21:19 +02:00
parent e28a8c9d35
commit a25923418b
8 changed files with 122 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

67
.drone.yml
View file

@ -1,6 +1,6 @@
--- ---
kind: pipeline kind: pipeline
name: default name: generate-blog
clone: clone:
depth: 1 depth: 1
@ -36,10 +36,6 @@ steps:
squash: true squash: true
tags: tags:
- "${DRONE_COMMIT_SHA:0:8}" - "${DRONE_COMMIT_SHA:0:8}"
when:
event:
exclude:
- tag
- name: build-container - name: build-container
image: plugins/docker image: plugins/docker
@ -60,3 +56,64 @@ steps:
- promote - promote
target: target:
- production - production
---
kind: pipeline
name: deploy-blog
clone:
depth: 1
steps:
- name: syntax-check
image: plugins/ansible:latest
settings:
playbook: ansible/site.yml
inventory: ansible/inventory/hcloud.yml
requirements: ansible/requirements.txt
tags: blog
check: true
diff: true
syntax_check: true
extra_vars: "blog_container_tag=${DRONE_COMMIT_SHA:0:8}"
environment:
HCLOUD_TOKEN:
from_secret: hcloud_token
- name: dry-run
image: plugins/ansible:latest
settings:
playbook: ansible/site.yml
inventory: ansible/inventory/hcloud.yml
requirements: ansible/requirements.txt
tags: blog
check: true
diff: true
syntax_check: false
extra_vars: "blog_container_tag=${DRONE_COMMIT_SHA:0:8}"
environment:
HCLOUD_TOKEN:
from_secret: hcloud_token
- name: deploy
image: plugins/ansible:latest
settings:
playbook: ansible/site.yml
inventory: ansible/inventory/hcloud.yml
requirements: ansible/requirements.txt
tags: blog
check: false
diff: true
syntax_check: false
extra_vars: "blog_container_tag=${DRONE_COMMIT_SHA:0:8}"
environment:
HCLOUD_TOKEN:
from_secret: hcloud_token
when:
event:
- promote
target:
- production
depends_on:
- generate-blog

6
ansible/ansible.cfg Normal file
View file

@ -0,0 +1,6 @@
[defaults]
roles_path = ./external-roles/:./roles/
host_key_checking = False
[inventory]
enable_plugins = hetzner.hcloud.hcloud

1
ansible/inventory/group_vars/_application_/all.yml Normal file
View file

@ -0,0 +1 @@
---

6
ansible/inventory/hcloud.yml Normal file
View file

@ -0,0 +1,6 @@
plugin: hetzner.hcloud.hcloud
keyed_groups:
- key: labels
separator: "_"
default_value: ""
prefix: ""

3
ansible/requirements.txt Normal file
View file

@ -0,0 +1,3 @@
ansible
docker
hcloud

3
ansible/roles/defaults/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
blog_container_tag: "latest"
blog_http_port: 8080

33
ansible/roles/tasks/main.yml Normal file
View file

@ -0,0 +1,33 @@
---
- name: Deploy Blog Stack
community.docker.docker_compose:
project_name: Blog
state: present
definition:
version: '3'
services:
blog:
container_name: blog
image: "scm.project42.io/elia/blog:{{ blog_container_tag }}"
restart: unless-stopped
networks:
- traefik-ingress
environment:
- "NGINX_PORT={{ blog_http_port }}"
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik-ingress"
- "traefik.http.routers.blog.rule=Host(`blog.lazkani.io`)"
- "traefik.http.routers.blog.service=blog"
- "traefik.http.services.blog.loadbalancer.server.port={{ blog_http_port }}"
- "traefik.http.middlewares.weechat-main.chain.middlewares=frame-deny,browser-xss-filter,ssl-redirect"
- "traefik.http.routers.blog.tls.certresolver=cloudflareresolver"
networks:
traefik-ingress:
external: true
register: output_blog
- assert:
that:
- output_blog.services.blog.blog.state.running

8
ansible/site.yml Normal file
View file

@ -0,0 +1,8 @@
---
- name: Deploy Blog
hosts: _application_
become: true
tags:
- blog
roles:
- role: blog