From 87e9c7ff84787aeba940b77cd6a34be014b89ee2 Mon Sep 17 00:00:00 2001 From: Jonathan Dahan Date: Wed, 4 Oct 2023 16:11:03 -0400 Subject: [PATCH] Skip redo --- readme | 15 ++++-------- services/backup/{run.do => run} | 5 ---- services/caddy.yaml | 20 ++++++++++++++++ services/caddy/Containerfile | 8 +++++++ services/caddy/caddy.do | 4 ---- services/caddy/xcaddy.do | 17 ------------- services/readme | 42 +++++++++++++++++++++++++++++++++ services/web/readme | 1 + services/web/run.do | 7 ------ services/zitadel.yaml | 36 ++++++++++++++++++++++++++++ 10 files changed, 111 insertions(+), 44 deletions(-) rename services/backup/{run.do => run} (80%) mode change 100644 => 100755 create mode 100644 services/caddy.yaml create mode 100644 services/caddy/Containerfile delete mode 100644 services/caddy/caddy.do delete mode 100644 services/caddy/xcaddy.do create mode 100644 services/readme create mode 100644 services/web/readme delete mode 100644 services/web/run.do create mode 100644 services/zitadel.yaml diff --git a/readme b/readme index 1917d7b..aa4a757 100644 --- a/readme +++ b/readme @@ -1,16 +1,9 @@ # community services for woodbine.nyc -Install [redo](https://redo.readthedocs.io) - - brew install redo || sudo apt install --yes redo - -Run the services you want - - redo services/web/run - -Make sure to enable backups - - redo services/backup/run + docker-compose --env-file env.production \ + --file services/caddy.yaml \ + --file services/zitadel.yaml \ + up ## beta release diff --git a/services/backup/run.do b/services/backup/run old mode 100644 new mode 100755 similarity index 80% rename from services/backup/run.do rename to services/backup/run index 2d41879..35cc410 --- a/services/backup/run.do +++ b/services/backup/run @@ -3,11 +3,6 @@ service=$(basename $PWD) secrets="../../secrets/$service" -redo-ifchange ../../env.production \ - $secrets/application-key-id \ - $secrets/application-key \ - $secrets/passphrase - read B2_APPLICATION_KEY_ID < $secrets/application-key-id read B2_APPLICATION_KEY < $secrets/application-key export BUCKET_NAME=${DOMAIN}-backup diff --git a/services/caddy.yaml b/services/caddy.yaml new file mode 100644 index 0000000..17f07ff --- /dev/null +++ b/services/caddy.yaml @@ -0,0 +1,20 @@ +version: "3.7" + +services: + caddy: + build: ./caddy + restart: unless-stopped + ports: + - "80:80" + - "443:443" + - "443:443/udp" + volumes: + - $PWD/Caddyfile:/etc/caddy/Caddyfile + - $PWD/site:/srv + - caddy_data:/data + - caddy_config:/config + +volumes: + caddy_data: + external: true + caddy_config: diff --git a/services/caddy/Containerfile b/services/caddy/Containerfile new file mode 100644 index 0000000..9c24075 --- /dev/null +++ b/services/caddy/Containerfile @@ -0,0 +1,8 @@ +FROM caddy:latest-builder AS builder + +RUN xcaddy build \ + --with github.com/mholt/caddy-webdav + +FROM caddy:latest + +COPY --from=builder /usr/bin/caddy /usr/bin/caddy diff --git a/services/caddy/caddy.do b/services/caddy/caddy.do deleted file mode 100644 index 05e02f7..0000000 --- a/services/caddy/caddy.do +++ /dev/null @@ -1,4 +0,0 @@ -redo-ifchange xcaddy - -./xcaddy build --output $3 \ - --with github.com/mholt/caddy-webdav diff --git a/services/caddy/xcaddy.do b/services/caddy/xcaddy.do deleted file mode 100644 index de3d2e5..0000000 --- a/services/caddy/xcaddy.do +++ /dev/null @@ -1,17 +0,0 @@ -ARCH=arm64 -OS=mac - -# get the latest version -curl --silent https://api.github.com/repos/caddyserver/xcaddy/releases/latest \ - | grep browser_download_url \ - | cut -d : -f 2,3 \ - | tr -d \" \ - | grep $ARCH \ - | grep $OS \ - > .latest_download - -redo-ifchange .latest_download -curl --location --silent $(cat .latest_download) \ - | tar xf - -O xcaddy > $3 - -chmod +x $3 \ No newline at end of file diff --git a/services/readme b/services/readme new file mode 100644 index 0000000..da0bd88 --- /dev/null +++ b/services/readme @@ -0,0 +1,42 @@ +## Services + +Each of these yaml files define a service to be run via docker/podman compose. + +Any supporting files are in the corresponding folder. + +Each service should be self-contained, and optional. + +### Required Services + +#### Backup + +we have a backup script that uses duplicity, this should be moved into a container, and set to run periodically + +#### Caddy + +caddy is the web server, and handles https certificates, and proxying to all the services. + +#### Zitadel + +zitadel lets you have a single username and password to sign on to all your services. + +### Optional Services + +#### Web + +Optional - static web hosting + webDAV. WebDAV is the easiest way for people to edit websites, +without having to sync anything. + +### Adding a new service + +There are three things to think about when adding a service: + +1. How to enable sign-in with zitadel? + +Generally, zitadel has some cli commands that we have put in scripts in the zitadel folder. + +2. How to expose as a subdomain in caddy? + +You will want to make a Caddyfile, which will get mounted by the Caddy compose file. + + diff --git a/services/web/readme b/services/web/readme new file mode 100644 index 0000000..2a6152c --- /dev/null +++ b/services/web/readme @@ -0,0 +1 @@ +This is the web service - it hosts static files, and a webDAV server that can make it easy to edit diff --git a/services/web/run.do b/services/web/run.do deleted file mode 100644 index 28503b5..0000000 --- a/services/web/run.do +++ /dev/null @@ -1,7 +0,0 @@ -DIRNAME="$(dirname $0)" -cd "$DIRNAME" - -redo-ifchange ../caddy/caddy -touch $3 - -../caddy/caddy run diff --git a/services/zitadel.yaml b/services/zitadel.yaml new file mode 100644 index 0000000..39b1c02 --- /dev/null +++ b/services/zitadel.yaml @@ -0,0 +1,36 @@ +version: '3.8' + +services: + zitadel: + restart: 'always' + networks: + - 'zitadel' + image: 'ghcr.io/zitadel/zitadel:latest' + command: 'start-from-init --masterkey "6cd52ccbc4da912319f0fdc016d68575dd391bd932ebdc045c89b2dce9e90315" --tlsMode disabled' + environment: + - 'ZITADEL_DATABASE_COCKROACH_HOST=crdb' + - 'ZITADEL_EXTERNALSECURE=false' + depends_on: + crdb: + condition: 'service_healthy' + ports: + - '8123:8080' + + crdb: + restart: 'always' + networks: + - 'zitadel' + image: 'cockroachdb/cockroach:v22.2.2' + command: 'start-single-node --insecure' + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/health?ready=1"] + interval: '10s' + timeout: '30s' + retries: 5 + start_period: '20s' + ports: + - '9090:8080' + - '26257:26257' + +networks: + zitadel: