remove systemd and use native docker-compose

This commit is contained in:
Robert Kaussow 2020-06-04 18:44:52 +02:00
parent a5ebe80dfa
commit dbfc6b8256
No known key found for this signature in database
GPG Key ID: 65362AE74AF98B61
8 changed files with 106 additions and 120 deletions

View File

@ -1,35 +1,57 @@
---
droneci_version: 1.6.0
droneci_service_directory: /var/lib/docker/services/drone-ci
droneci_docker_socket_path: /var/run/docker.sock
droneci_image: "drone/drone:{{ droneci_version }}"
droneci_service_directory: /var/lib/docker/services/droneci
droneci_container_name: droneci
droneci_restart_policy: always
droneci_service_stopped: False
droneci_host: http://localhost
droneci_secret: myveryownsecret
# @var droneci_license_key:description Path to the license key file
# @var droneci_license_key: $ "_unset_"
droneci_restart_policy: always
droneci_exposed_ports:
- "127.0.0.1:8080:80"
droneci_server_container_name: drone-server
droneci_server_image: "drone/drone:{{ droneci_version }}"
droneci_server_exposed_port: 8080
droneci_server_exposed_ip: 127.0.0.1
# @var droneci_volumes:description: > Define required docker volumes.
# If you don't use sqlite you could remove the default volume. To enable a Drone licences
# you will need to configure a bind mount to `/etc/drone.key`.
# @end
# @var droneci_volumes:example: >
# droneci_volumes:
# # Instead of the name you could specify a path on the container host system,
# # but you also have to enable bind mount for this volume
# - name: droneci-data
# # target location inside the container
# dest: /var/lib/drone
# # enable bind mount, if false volume will be configured as named volume
# # keep in mind you MUST set bind in any case
# bind: True
# @end
droneci_volumes:
- name: droneci-data
dest: /var/lib/drone
bind: False
# @var droneci_server_memory_limit: $ "_unset_"
# @var droneci_server_memory_limit:example: $ "512m"
# @var droneci_server_memory_reservation: $ "_unset_"
# @var droneci_server_memory_reservation:example: $ "256m"
# @var droneci_networks:example: >
# droneci_networks:
# - name: droneci
# # optional network driver, defaults to 'bride'
# driver: host
# @end
droneci_networks:
- name: droneci
droneci_server_extra_hosts: []
droneci_networks_applied:
- droneci
droneci_agent_container_name: drone-agent
droneci_agent_image: "drone/drone-runner-docker:1.0.1"
droneci_agent_capacity: 2
# @var droneci_agent_memory_limit:example: $ "512m"
# @var droneci_agent_memory_limit: $ "_unset_"
# @var droneci_agent_memory_reservation:example: $ "256m"
# @var droneci_agent_memory_reservation: $ "_unset_"
# @var droneci_memory_limit: $ "_unset_"
# @var droneci_memory_limit:example: $ "512m"
# @var droneci_memory_reservation: $ "_unset_"
# @var droneci_memory_reservation:example: $ "256m"
droneci_db_type: sqlite
droneci_db_server: localhost
@ -48,11 +70,12 @@ droneci_gitea_skip_verify: False
# droneci_gitea_oauth_client_id: 1111-222-33333-44444 # defaults to not set
# droneci_gitea_oauth_client_secret: 1234abcd5678efgh # defaults to not set
# @var droneci_admin: $ "_unset_"
# @var droneci_admin_user: $ "_unset_"
# @var droneci_http_proxy: $ "_unset_"
# @var droneci_https_proxy: $ "_unset_"
# @var droneci_no_proxy: $ ["drone-server", "drone-agent"]
droneci_no_proxy: []
droneci_docker_compose_bin: /usr/local/bin/docker-compose
droneci_docker_socket_path: /var/run/docker.sock
droneci_extra_hosts: []

View File

@ -1,9 +0,0 @@
---
- name: Restart container
systemd:
state: restarted
daemon_reload: yes
name: drone
listen: __drone_restart
become: True
become_user: root

View File

@ -2,9 +2,12 @@
- name: Converge
hosts: all
vars:
droneci_admin: dummy
dockerengine_packages_extra:
- epel-release
- python-pip
droneci_admin_user: dummy
droneci_service_stopped: True
roles:
- role: xoxys.python3
- role: xoxys.docker_engine
- role: xoxys.droneci

View File

@ -1,10 +1,5 @@
---
- src: https://gitea.rknet.org/ansible/xoxys.python3.git
name: xoxys.python3
scm: git
version: master
- src: https://gitea.rknet.org/ansible/xoxys.docker_engine.git
name: xoxys.docker_engine
scm: git
version: master
version: refactoring

View File

@ -10,6 +10,6 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
def test_droneci_compose_file(host):
f = host.file('/var/lib/docker/services/drone-ci/docker-compose.yml')
f = host.file('/var/lib/docker/services/droneci/droneci.yml')
assert f.exists

View File

@ -13,19 +13,11 @@
- name: Deploy compose file to '{{ droneci_service_directory }}'
template:
src: "services/droneci-compose.yml.j2"
dest: "{{ droneci_service_directory }}/docker-compose.yml"
dest: "{{ droneci_service_directory }}/droneci.yml"
owner: root
group: root
mode: 0644
validate: "{{ droneci_docker_compose_bin }} -f %s config -q"
notify: __drone_restart
- name: Create systemd unit files
template:
src: "etc/systemd/system/drone.service.j2"
dest: "/etc/systemd/system/drone.service"
mode: 0644
notify: __drone_restart
validate: "docker-compose -f %s config -q"
- name: Copy license key file is defined
copy:
@ -34,11 +26,16 @@
mode: 0600
when: droneci_license_key is defined
- name: Ensure drone service is up and running
systemd:
state: started
daemon_reload: yes
enabled: yes
name: drone
- name: Ensure Drone is up and running
docker_compose:
project_src: "{{ droneci_service_directory }}"
files:
- droneci.yml
pull: yes
remove_orphans: yes
stopped: "{{ droneci_service_stopped }}"
state: present
# temp. disable changes; breaks idempotency for whatever reason
changed_when: False
become: True
become_user: root

View File

@ -1,20 +0,0 @@
#jinja2:lstrip_blocks: True
{{ ansible_managed | comment }}
[Unit]
Description=Drone CI compose service
Requires=docker.service
After=docker.service
[Service]
Restart={{ droneci_restart_policy }}
WorkingDirectory={{ droneci_service_directory }}
ExecStartPre={{ droneci_docker_compose_bin }} pull --quiet --ignore-pull-failures
ExecStart={{ droneci_docker_compose_bin }} up --remove-orphans
ExecStop={{ droneci_docker_compose_bin }} down --remove-orphans
ExecReload={{ droneci_docker_compose_bin }} pull --quiet --ignore-pull-failures
[Install]
WantedBy=multi-user.target

View File

@ -1,24 +1,33 @@
#jinja2:lstrip_blocks: True
{{ ansible_managed | comment }}
version: '2'
version: "3"
services:
droneserver:
container_name: {{ droneci_server_container_name }}
image: {{ droneci_server_image }}
droneci:
container_name: {{ droneci_container_name }}
image: {{ droneci_image }}
{% if droneci_exposed_ports | default([]) %}
ports:
- {{ droneci_server_exposed_ip + ':' if droneci_server_exposed_ip is defined else '' }}{{ droneci_server_exposed_port }}:80
{% for port in droneci_exposed_ports %}
- {{ port | quote }}
{% endfor %}
{% endif %}
{% if droneci_volumes | default([]) %}
volumes:
{% if droneci_db_type == "sqlite" %}
- droneserver-data:/var/lib/drone/
{% for volume in droneci_volumes %}
- "{{ volume.name }}:{{ volume.dest }}"
{% endfor %}
{% endif %}
{% if droneci_license_key is defined %}
- {{ droneci_license_key }}:/etc/drone.key
{% if droneci_networks_applied | default([]) %}
networks:
{% for network in droneci_networks_applied %}
- {{ network }}
{% endfor %}
{% endif %}
{% if droneci_server_extra_hosts | default([]) %}
{% if droneci_extra_hosts | default([]) %}
extra_hosts:
{% for host in droneci_server_extra_hosts %}
- {{ '"' + host + '"' }}
{% for host in droneci_extra_hosts %}
- {{ host | quote }}
{% endfor %}
{% endif %}
privileged: true
@ -27,7 +36,7 @@ services:
- DRONE_SERVER_PROTO={{ droneci_host | urlsplit('scheme') }}
- DRONE_AGENTS_ENABLED=true
- DRONE_RPC_SECRET={{ droneci_secret }}
- DRONE_USER_CREATE=username:{{ droneci_admin }},admin:true
- DRONE_USER_CREATE=username:{{ droneci_admin_user }},admin:true
- DRONE_LOGS_COLOR=true
- DRONE_LOGS_PRETTY=true
- DRONE_TLS_AUTOCERT=false
@ -53,36 +62,24 @@ services:
{% endif %}
- NO_PROXY={{ droneci_no_proxy | join(',') }}
- no_proxy={{ droneci_no_proxy | join(',') }}
{% if droneci_server_memory_limit is defined %}
mem_limit: {{ droneci_server_memory_limit }}
{% if droneci_memory_limit is defined %}
mem_limit: {{ droneci_memory_limit }}
{% endif %}
{% if droneci_server_memory_reservation is defined %}
mem_reservation: {{ droneci_server_memory_reservation }}
{% if droneci_memory_reservation is defined %}
mem_reservation: {{ droneci_memory_reservation }}
{% endif %}
droneagent:
container_name: {{ droneci_agent_container_name }}
image: {{ droneci_agent_image }}
depends_on:
- droneserver
{% if droneci_volumes | default([]) | rejectattr("bind") %}
volumes:
- {{ droneci_docker_socket_path }}:/var/run/docker.sock
privileged: true
environment:
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=droneserver
- DRONE_RPC_SECRET={{ droneci_secret }}
- DRONE_RUNNER_CAPACITY={{ droneci_agent_capacity }}
# TODO: temp static value, needs to be replaced by a custom fact
- DOCKER_API_VERSION=1.26
{% if droneci_agent_memory_limit is defined %}
mem_limit: {{ droneci_agent_memory_limit }}
{% endif %}
{% if droneci_agent_memory_reservation is defined %}
mem_reservation: {{ droneci_agent_memory_reservation }}
{% for volume in droneci_volumes | rejectattr("bind") %}
{{ volume.name }}:
{% endfor %}
{% endif %}
{% if droneci_db_type == "sqlite" %}
volumes:
droneserver-data:
{% if droneci_networks | default([]) %}
networks:
{% for network in droneci_networks %}
{{ network.name }}:
driver: {{ network.backend | default("bridge") }}
{% endfor %}
{% endif %}