aboutsummaryrefslogtreecommitdiff
path: root/content/post/2023-01-12-gitrepo.md
diff options
context:
space:
mode:
authorAlexander Neonxp Kiryukhin <i@neonxp.ru>2024-11-03 20:08:36 +0300
committerAlexander Neonxp Kiryukhin <i@neonxp.ru>2024-11-03 20:08:36 +0300
commit59c7d4567380d1a9c80e96eb958fdbdd512ce006 (patch)
tree65410cfc10dbc7d060ec23be110662d9b7f6b0e9 /content/post/2023-01-12-gitrepo.md
новая жизнь блога
Diffstat (limited to 'content/post/2023-01-12-gitrepo.md')
-rw-r--r--content/post/2023-01-12-gitrepo.md55
1 files changed, 55 insertions, 0 deletions
diff --git a/content/post/2023-01-12-gitrepo.md b/content/post/2023-01-12-gitrepo.md
new file mode 100644
index 0000000..8635d1d
--- /dev/null
+++ b/content/post/2023-01-12-gitrepo.md
@@ -0,0 +1,55 @@
+---
+author: NeonXP
+categories:
+- Мои проекты
+date: "2023-01-12T20:22:00Z"
+guid: http://10
+id: 55
+tags:
+- it
+- моё
+title: GitRepo.ru
+---
+
+# Сегодня серьезно переделал свой хостинг [репозиториев кода](https://gitrepo.ru/):
+
+- Переехал на большой арендованный сервак
+- Привел в порядок оркестрацию вокруг сервака с использованием Docker Compose
+- Gitea заменил на её форк [Forgejo](https://forgejo.org/)
+- Впилил CI/CD на основе [Woodpecker CI](https://woodpecker-ci.org/)
+
+Приглашаю пользоваться заместо бездуховного западного github: <https://gitrepo.ru/>
+
+Сервер физически находится в датацентре в Москве у весьма годного провайдера Selectel.
+
+Тем более, время сейчас неспокойное и неизвестно когда github станет недоступен для РФ, а GitRepo — он вот тут, в нашей стране.
+
+## Немного про устройство
+
+Расскажу немного как я организовал себе Ops сервиса.
+
+У меня на руках `docker-compose.yml` который полностью описывает всю конфигурацию сервака, примерно так:
+
+<div class="highlight">```yml
+<span style="display:flex;"><span><span style="color:#f92672">version</span>: <span style="color:#e6db74">"3"</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span><span style="color:#f92672">services</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">caddy</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">caddy:2.6.2-alpine</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">container_name</span>: <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">unless-stopped</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">ports</span>:</span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"80:80"</span></span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"443:443"</span></span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"443:443/udp"</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./Caddyfile:/etc/caddy/Caddyfile</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">caddy_data:/data</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">caddy_config:/config</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span> <span style="color:#f92672">git</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">codeberg.org/forgejo/forgejo:1.18.0-1</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">container_name</span>: <span style="color:#ae81ff">git</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">USER_UID=1000</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">USER_GID=1000</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">TZ=Europe/Moscow</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">USER=git</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__DB_TYPE=postgres</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__HOST=db:5432</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__NAME=${PG_NAME}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__USER=${PG_USER}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">GITEA__database__PASSWD=${PG_PASS}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">always</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/home/git/.ssh/:/data/git/.ssh</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">forgejo:/data</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/etc/timezone:/etc/timezone:ro</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/etc/localtime:/etc/localtime:ro</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">ports</span>:</span></span><span style="display:flex;"><span> - <span style="color:#e6db74">"127.0.0.1:2222:22"</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">depends_on</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">db</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">condition</span>: <span style="color:#ae81ff">service_healthy</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span> <span style="color:#f92672">db</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">postgres:13</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">always</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">POSTGRES_USER=${PG_USER}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">POSTGRES_PASSWORD=${PG_PASS}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">POSTGRES_DB=${PG_NAME}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">healthcheck</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">test</span>: <span style="color:#ae81ff">/usr/bin/pg_isready</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">interval</span>: <span style="color:#ae81ff">5s</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">timeout</span>: <span style="color:#ae81ff">10s</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">retries</span>: <span style="color:#ae81ff">120</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">postgres:/var/lib/postgresql/data</span></span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">woodpecker-server</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">woodpeckerci/woodpecker-server:latest</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">woodpecker-server-data:/var/lib/woodpecker/</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_OPEN=true</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA=true</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA_URL=https://gitrepo.ru</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA_CLIENT=${GITEA_CLIENT}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_GITEA_SECRET=${GITEA_SECRET}</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_HOST=https://ci.gitrepo.ru</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_ADMIN=neonxp</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gateway</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">depends_on</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">git</span></span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span> <span style="color:#f92672">woodpecker-agent</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">woodpeckerci/woodpecker-agent:latest</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">command</span>: <span style="color:#ae81ff">agent</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">restart</span>: <span style="color:#ae81ff">always</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">depends_on</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">woodpecker-server</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">/var/run/docker.sock:/var/run/docker.sock</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">environment</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_SERVER=woodpecker-server:9000</span></span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}</span></span></span><span style="display:flex;"><span> <span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">gitea</span></span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">woodpecker-server-data</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">caddy_data</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">caddy_config</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">forgejo</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">postgres</span>:</span></span><span style="display:flex;"><span></span></span><span style="display:flex;"><span><span style="color:#f92672">networks</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">gateway</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">gitea</span>:</span></span><span style="display:flex;"><span> <span style="color:#f92672">external</span>: <span style="color:#66d9ef">false</span></span></span>
+```
+
+</div>а рядом лежит `.env` файлик с значениями переменных `${...}`.
+
+Запускаю деплой я с локального компьютера, предварительно добавив удаленный сервер в [контекст докера](https://docs.docker.com/engine/context/working-with-contexts/):
+
+```
+docker context create gitrepo --docker "host=ssh://gitrepo.ru" # Создаю новый контекст для удаленного сервераdocker use gitrepo # Все последующие docker команды выполняются на удаленном сервереdocker use default # Возвращаюсь в локальный контекст
+```
+
+## Оставшиеся проблемы
+
+Сейчас так получается, что Caddyfile должен лежать на удаленном сервере, т.к. часть конфига
+
+<div class="highlight">```yml
+<span style="display:flex;"><span><span style="color:#f92672">volumes</span>:</span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./Caddyfile:/etc/caddy/Caddyfile</span></span></span>
+```
+
+</div>выполняется в контексте именно удаленного сервера, а значит при его апдейте на локальном серваке приходится делать SCP этого файла на сервак. Такое себе.
+
+Как это решить — есть интересная идея, но это уже в другой раз. \ No newline at end of file