Merge branch 'dev' into 'master' (7f145ede) · Commits · REDMIC Project / Service deployment

.gitlab-ci.yml

+62 −140

Original line number	Diff line number	Diff line
		@@ -3,23 +3,27 @@ stages:

		image: registry.gitlab.com/redmic-project/docker/docker-deploy

		services:
		- docker:dind

		variables:
		DOCKER_DRIVER: overlay2

		deploy-artifactory-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: artifactory
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: artifactory
		STACK: artifactory
		SERVICES_TO_CHECK: artifactory_artifactory
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/${SERVICE}
		url: https://${SERVICE}.${DEV_PUBLIC_HOSTNAME}
		name: dev/artifactory
		url: https://artifactory.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		when: manual
		@@ -27,10 +31,10 @@ deploy-artifactory-dev:
		deploy-gitlab-ce-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: gitlab-ce
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: gitlab-ce
		STACK: gitlab
		SERVICES_TO_CHECK: gitlab_gitlab-ce
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		AWS_REGION: ${OAGDEV_GITLAB_AWS_REGION}
		@@ -40,16 +44,14 @@ deploy-gitlab-ce-dev:
		SMTP_USER: ${OAGDEV_GITLAB_SMTP_USER}
		SMTP_PASS: ${OAGDEV_GITLAB_SMTP_PASS}
		SMTP_DOMAIN: ${OAGDEV_GITLAB_SMTP_DOMAIN}
		services:
		- docker:dind
		script:
		- create-nets.sh gitlab-net
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} AWS_REGION=${AWS_REGION}
		AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} SMTP_ADDR=${SMTP_ADDR}
		SMTP_USER=${SMTP_USER} SMTP_PASS=${SMTP_PASS} SMTP_DOMAIN=${SMTP_DOMAIN}
		SMTP_USER=${SMTP_USER} SMTP_PASS=${SMTP_PASS} SMTP_DOMAIN=${SMTP_DOMAIN} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/${SERVICE}
		name: dev/gitlab-ce
		url: https://git.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		@@ -58,17 +60,15 @@ deploy-gitlab-ce-dev:
		deploy-gitlab-runner-local:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: gitlab-runner
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: gitlab-runner-local
		STACK: gitlab
		SERVICES_TO_CHECK: gitlab_gitlab-runner-local
		IMAGE_TAG: alpine
		COMPOSE_FILE: docker-compose.gitlab-runner-local.tmpl.yml:docker-compose.gitlab-runner-local.dev.yml
		GITLAB_URL: https://git.redmic.net
		GITLAB_TOKEN: ${OAGDEV_GITLAB_TOKEN}
		RUNNER_NAME: OAGDev runner
		services:
		- docker:dind
		script:
		- create-nets.sh gitlab-net
		- >
		@@ -76,7 +76,7 @@ deploy-gitlab-runner-local:
		GITLAB_TOKEN=${GITLAB_TOKEN} MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY} MINIO_SECRET_KEY=${MINIO_SECRET_KEY}
		RUNNER_NAME="${RUNNER_NAME}"
		environment:
		name: dev/${SERVICE}
		name: dev/gitlab-runner-local
		only:
		- dev
		when: manual
		@@ -84,18 +84,16 @@ deploy-gitlab-runner-local:
		deploy-gitlab-runner-remote:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: gitlab-runner
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: gitlab-runner-remote
		STACK: gitlab
		SERVICES_TO_CHECK: gitlab_gitlab-runner-remote
		IMAGE_TAG: alpine
		COMPOSE_FILE: docker-compose.gitlab-runner-remote.tmpl.yml:docker-compose.gitlab-runner-remote.dev.yml
		GITLAB_URL: https://gitlab.com
		GITLAB_TOKEN: ${GITLABCOM_GITLAB_TOKEN}
		RUNNER_NAME: GitLab.com runner
		RUNNER_TAG_LIST: client,functional,oagdev
		services:
		- docker:dind
		script:
		- create-nets.sh gitlab-net
		- >
		@@ -103,71 +101,28 @@ deploy-gitlab-runner-remote:
		GITLAB_TOKEN=${GITLAB_TOKEN} MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY} MINIO_SECRET_KEY=${MINIO_SECRET_KEY}
		RUNNER_NAME="${RUNNER_NAME}" RUNNER_TAG_LIST=${RUNNER_TAG_LIST}
		environment:
		name: dev/${SERVICE}
		name: dev/gitlab-runner-remote
		only:
		- dev
		when: manual

		deploy-grafana-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: grafana
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: grafana
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}
		environment:
		name: dev/${SERVICE}
		url: https://${SERVICE}.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		when: manual

		deploy-grafana-pro:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: grafana
		SSH_REMOTE: ${PRO_SSH_REMOTE}
		SERVICE: grafana
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PRO_PUBLIC_HOSTNAME}
		environment:
		name: pro/${SERVICE}
		url: https://${SERVICE}.${PRO_PUBLIC_HOSTNAME}
		only:
		- master
		when: manual

		deploy-mail-server-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- create-nets.sh mail-net
		- export DEPLOY_DIR_NAME=mail/mariadb SERVICE=mail-mariadb IMAGE_TAG=10.2
		- export DEPLOY_DIR_NAME=mail/mariadb STACK=mail SERVICES_TO_CHECK=mail_mail-mariadb IMAGE_TAG=10.2
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
		MYSQL_PASSWORD=${DB_PASSWORD}
		- export DEPLOY_DIR_NAME=mail/redis SERVICE=mail-redis IMAGE_TAG=4.0-alpine
		- export DEPLOY_DIR_NAME=mail/redis STACK=mail SERVICES_TO_CHECK=mail_mail-redis IMAGE_TAG=4.0-alpine
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}
		- export DEPLOY_DIR_NAME=mail/mailserver SERVICE=mail-mailserver IMAGE_TAG=1.1-latest
		- export DEPLOY_DIR_NAME=mail/mailserver STACK=mail SERVICES_TO_CHECK=mail_mail-mailserver IMAGE_TAG=1.1-latest
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} RSPAMD_PASSWORD=${RSPAMD_PASSWORD}
		DBPASS=${DB_PASSWORD}
		DBPASS=${DB_PASSWORD} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/rspamd
		url: https://spam.${DEV_PUBLIC_HOSTNAME}
		@@ -178,16 +133,16 @@ deploy-mail-server-dev:
		deploy-mail-admin-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: mail/postfixadmin
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: mail-postfixadmin
		STACK: mail
		SERVICES_TO_CHECK: mail_mail-postfixadmin
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} DBPASS=${DB_PASSWORD}
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} DBPASS=${DB_PASSWORD}
		PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/postfixadmin
		url: https://postfixadmin.${DEV_PUBLIC_HOSTNAME}
		@@ -198,16 +153,14 @@ deploy-mail-admin-dev:
		deploy-mail-client-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: mail/rainloop
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: mail-rainloop
		STACK: mail
		SERVICES_TO_CHECK: mail_mail-rainloop
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/rainloop
		url: https://webmail.${DEV_PUBLIC_HOSTNAME}
		@@ -218,21 +171,19 @@ deploy-mail-client-dev:
		deploy-minio-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: minio
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: minio
		STACK: minio
		SERVICES_TO_CHECK: minio_minio
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY}
		MINIO_SECRET_KEY=${MINIO_SECRET_KEY}
		MINIO_SECRET_KEY=${MINIO_SECRET_KEY} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/${SERVICE}
		url: https://${SERVICE}.${DEV_PUBLIC_HOSTNAME}
		name: dev/minio
		url: https://minio.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		when: manual
		@@ -240,21 +191,20 @@ deploy-minio-dev:
		deploy-pgadmin-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: pgadmin
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: pgadmin
		STACK: postgres
		SERVICES_TO_CHECK: postgres_pgadmin
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PGADMIN_SETUP_EMAIL=${PGADMIN_SETUP_EMAIL}
		PGADMIN_SETUP_PASSWORD=${PGADMIN_SETUP_PASSWORD} MAIL_USER=${MAIL_USER} MAIL_PASSWORD=${MAIL_PASSWORD}
		PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/${SERVICE}
		url: https://${SERVICE}.${DEV_PUBLIC_HOSTNAME}
		name: dev/pgadmin
		url: https://pgadmin.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		when: manual
		@@ -262,19 +212,17 @@ deploy-pgadmin-dev:
		deploy-portainer-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: portainer
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: portainer
		STACK: portainer
		SERVICES_TO_CHECK: portainer_agent portainer_portainer
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		environment:
		name: dev/${SERVICE}
		url: https://${SERVICE}.${DEV_PUBLIC_HOSTNAME}
		name: dev/portainer
		url: https://portainer.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		when: manual
		@@ -282,77 +230,51 @@ deploy-portainer-dev:
		deploy-portainer-pro:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: portainer
		SSH_REMOTE: ${PRO_SSH_REMOTE}
		STACK: portainer
		SERVICES_TO_CHECK: portainer_agent portainer_portainer
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PRO_PUBLIC_HOSTNAME}
		environment:
		name: pro/${SERVICE}
		url: https://${SERVICE}.${PRO_PUBLIC_HOSTNAME}
		name: pro/portainer
		url: https://portainer.${PRO_PUBLIC_HOSTNAME}
		only:
		- master
		when: manual

		deploy-prometheus-dev:
		deploy-traefik-dev:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: prometheus
		DEPLOY_DIR_NAME: traefik
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		SERVICE: prometheus
		STACK: traefik
		SERVICES_TO_CHECK: traefik_traefik
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}
		- create-nets.sh redmic-net traefik-net
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		UI_AUTH=${UI_AUTH}
		environment:
		name: dev/${SERVICE}
		url: https://${SERVICE}.${DEV_PUBLIC_HOSTNAME}
		name: dev/traefik
		url: https://traefik.${DEV_PUBLIC_HOSTNAME}
		only:
		- dev
		when: manual

		deploy-prometheus-pro:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: prometheus
		SSH_REMOTE: ${PRO_SSH_REMOTE}
		STACK: prometheus
		SERVICES_TO_CHECK: prometheus_prometheus
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml
		services:
		- docker:dind
		script:
		- deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PRO_PUBLIC_HOSTNAME}
		environment:
		name: pro/${SERVICE}
		url: https://${SERVICE}.${PRO_PUBLIC_HOSTNAME}
		only:
		- master
		when: manual

		deploy-traefik-pro:
		stage: deploy
		variables:
		DOCKER_DRIVER: overlay2
		DEPLOY_DIR_NAME: traefik
		SSH_REMOTE: ${PRO_SSH_REMOTE}
		STACK: traefik
		SERVICES_TO_CHECK: traefik_traefik
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml
		services:
		- docker:dind
		script:
		- echo "${CERT_FILE}" > "${DEPLOY_DIR_NAME}/certFile.cert"
		- echo "${KEY_FILE}" > "${DEPLOY_DIR_NAME}/keyFile.key"
		@@ -361,8 +283,8 @@ deploy-traefik-pro:
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PRO_PUBLIC_HOSTNAME}
		UI_AUTH=${UI_AUTH}
		environment:
		name: pro/${SERVICE}
		url: https://${SERVICE}.${PRO_PUBLIC_HOSTNAME}
		name: pro/traefik
		url: https://traefik.${PRO_PUBLIC_HOSTNAME}
		only:
		- master
		when: manual

README.md

+0 −2

Original line number	Diff line number	Diff line
		@@ -6,12 +6,10 @@
		* GitLab-CE
		* GitLab Runner local
		* GitLab Runner remote
		* Grafana
		* Mail admin
		* Mail client
		* Mail server
		* Minio
		* PGAdmin
		* Portainer
		* Prometheus
		* Traefik

artifactory/docker-compose.dev.yml

+18 −2

Original line number	Diff line number	Diff line
		@@ -2,10 +2,26 @@ version: '3.5'

		services:
		artifactory:
		container_name: artifactory
		restart: on-failure:3
		ports:
		- ${ARTIFACTORY_PORT}:8081
		deploy:
		mode: replicated
		replicas: 1
		labels:
		traefik.port: "8081"
		traefik.docker.network: traefik-net
		traefik.frontend.rule: Host:artifactory.${PUBLIC_HOSTNAME}
		traefik.backend: artifactory
		restart_policy:
		condition: on-failure
		delay: 30s
		window: 2m
		resources:
		limits:
		cpus: '0.5'
		memory: 2560M
		reservations:
		memory: 2048M

		volumes:
		artifactory-vol:

artifactory/docker-compose.tmpl.yml

+3 −0

Original line number	Diff line number	Diff line
		@@ -5,9 +5,12 @@ services:
		image: docker.bintray.io/jfrog/artifactory-oss:${IMAGE_TAG:-latest}
		networks:
		- redmic-net
		- traefik-net
		volumes:
		- artifactory-vol:/var/opt/jfrog/artifactory

		networks:
		redmic-net:
		external: true
		traefik-net:
		external: true

gitlab-ce/docker-compose.dev.yml

+24 −9

Original line number	Diff line number	Diff line
		@@ -2,15 +2,6 @@ version: '3.5'

		services:
		gitlab-ce:
		container_name: gitlab-ce
		hostname: ${GITLAB_SUBDOMAIN}.${GITLAB_DOMAIN}
		restart: on-failure:3
		ports:
		- "${GITLAB_SSH_PORT}:22"
		- "${GITLAB_HTTP_PORT}:80"
		- "${GITLAB_HTTPS_PORT}:443"
		volumes:
		- /home/git/.ssh/authorized_keys_proxy:/gitlab-data/ssh/authorized_keys
		environment:
		GITLAB_OMNIBUS_CONFIG: \|
		external_url '${GITLAB_PROTOCOL}://${GITLAB_SUBDOMAIN}.${GITLAB_DOMAIN}'
		@@ -35,6 +26,30 @@ services:
		gitlab_rails['smtp_authentication'] = "plain"
		gitlab_rails['smtp_enable_starttls_auto'] = true
		unicorn['port'] = 8090
		ports:
		- "${GITLAB_SSH_PORT}:22"
		- "${GITLAB_HTTP_PORT}:80"
		- "${GITLAB_HTTPS_PORT}:443"
		volumes:
		- /home/git/.ssh/authorized_keys_proxy:/gitlab-data/ssh/authorized_keys
		deploy:
		mode: replicated
		replicas: 1
		labels:
		traefik.port: "443"
		traefik.docker.network: traefik-net
		traefik.frontend.rule: Host:git.${PUBLIC_HOSTNAME}
		traefik.backend: gitlab
		restart_policy:
		condition: on-failure
		delay: 2m
		window: 5m
		resources:
		limits:
		cpus: '2'
		memory: 4G
		reservations:
		memory: 3G

		volumes:
		gitlab-ce-config-vol: