neonxp/blog
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
blog/content/post/2023-01-12-gitrepo.md

55 lines
No EOL
14 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
author: NeonXP
categories:
- Мои проекты
date: "2023-01-12T20:22:00Z"
guid: http://10
id: 55
tags:
- it
- моё
title: GitRepo.ru
---
# Сегодня серьезно переделал свой хостинг [репозиториев кода](https://gitrepo.ru/):
- Переехал на большой арендованный сервак
- Привел в порядок оркестрацию вокруг сервака с использованием Docker Compose
- Gitea заменил на её форк [Forgejo](https://forgejo.org/)
- Впилил CI/CD на основе [Woodpecker CI](https://woodpecker-ci.org/)
Приглашаю пользоваться заместо бездуховного западного github: <https://gitrepo.ru/>
Сервер физически находится в датацентре в Москве у весьма годного провайдера Selectel.
Тем более, время сейчас неспокойное и неизвестно когда github станет недоступен для РФ, а GitRepo — он вот тут, в нашей стране.
## Немного про устройство
Расскажу немного как я организовал себе Ops сервиса.
У меня на руках `docker-compose.yml` который полностью описывает всю конфигурацию сервака, примерно так:
<div class="highlight">```yml
<span style="display:flex;"><span><span style="color:#f92672">version</span>: <span style="color:#e6db74">"3"</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span><span style="color:#f92672">services</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">caddy</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">caddy:2.6.2-alpine</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">container_name</span>: <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">unless-stopped</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">ports</span>:</span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"80:80"</span></span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"443:443"</span></span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"443:443/udp"</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./Caddyfile:/etc/caddy/Caddyfile</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">caddy_data:/data</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">caddy_config:/config</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span> <span style="color:#f92672">git</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">codeberg.org/forgejo/forgejo:1.18.0-1</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">container_name</span>: <span style="color:#ae81ff">git</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">USER_UID=1000</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">USER_GID=1000</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">TZ=Europe/Moscow</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">USER=git</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__DB_TYPE=postgres</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__HOST=db:5432</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__NAME=${PG_NAME}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__USER=${PG_USER}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__PASSWD=${PG_PASS}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">always</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/home/git/.ssh/:/data/git/.ssh</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">forgejo:/data</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/etc/timezone:/etc/timezone:ro</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/etc/localtime:/etc/localtime:ro</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">ports</span>:</span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"127.0.0.1:2222:22"</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">depends_on</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">db</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">condition</span>: <span style="color:#ae81ff">service_healthy</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span> <span style="color:#f92672">db</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">postgres:13</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">always</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">POSTGRES_USER=${PG_USER}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">POSTGRES_PASSWORD=${PG_PASS}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">POSTGRES_DB=${PG_NAME}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">healthcheck</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">test</span>: <span style="color:#ae81ff">/usr/bin/pg_isready</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">interval</span>: <span style="color:#ae81ff">5s</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">timeout</span>: <span style="color:#ae81ff">10s</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">retries</span>: <span style="color:#ae81ff">120</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">postgres:/var/lib/postgresql/data</span></span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">woodpecker-server</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">woodpeckerci/woodpecker-server:latest</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">woodpecker-server-data:/var/lib/woodpecker/</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_OPEN=true</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA=true</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA_URL=https://gitrepo.ru</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA_CLIENT=${GITEA_CLIENT}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA_SECRET=${GITEA_SECRET}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_HOST=https://ci.gitrepo.ru</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_ADMIN=neonxp</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">depends_on</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">git</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span> <span style="color:#f92672">woodpecker-agent</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">woodpeckerci/woodpecker-agent:latest</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">command</span>: <span style="color:#ae81ff">agent</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">always</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">depends_on</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">woodpecker-server</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/var/run/docker.sock:/var/run/docker.sock</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_SERVER=woodpecker-server:9000</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">woodpecker-server-data</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">caddy_data</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">caddy_config</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">forgejo</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">postgres</span>:</span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span><span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">gateway</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">gitea</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">external</span>: <span style="color:#66d9ef">false</span></span></span>
```
</div>а рядом лежит `.env` файлик с значениями переменных `${...}`.
Запускаю деплой я с локального компьютера, предварительно добавив удаленный сервер в [контекст докера](https://docs.docker.com/engine/context/working-with-contexts/):
```
docker context create gitrepo --docker "host=ssh://gitrepo.ru" # Создаю новый контекст для удаленного сервераdocker use gitrepo # Все последующие docker команды выполняются на удаленном сервереdocker use default # Возвращаюсь в локальный контекст
```
## Оставшиеся проблемы
Сейчас так получается, что Caddyfile должен лежать на удаленном сервере, т.к. часть конфига
<div class="highlight">```yml
<span style="display:flex;"><span><span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./Caddyfile:/etc/caddy/Caddyfile</span></span></span>
```
</div>выполняется в контексте именно удаленного сервера, а значит при его апдейте на локальном серваке приходится делать SCP этого файла на сервак. Такое себе.
Как это решить — есть интересная идея, но это уже в другой раз.
Reference in a new issue View git blame Copy permalink