Skip redo

2 years ago · 87e9c7ff84
parent 710d9d5476
commit 87e9c7ff84
10 changed files with 111 additions and 44 deletions
--- a/15
+++ b/15
@ -1,16 +1,9 @@
 # community services for woodbine.nyc
-Install [redo](https://redo.readthedocs.io)
+    docker-compose --env-file env.production \
-
+      --file services/caddy.yaml \
-    brew install redo || sudo apt install --yes redo
+      --file services/zitadel.yaml \
-
+      up
 Run the services you want
    redo services/web/run
 Make sure to enable backups
    redo services/backup/run
 ## beta release
--- a/services/backup/run.do
+++ b/services/backup/run.do
@ -3,11 +3,6 @@
 service=$(basename $PWD)
 secrets="../../secrets/$service"
 redo-ifchange ../../env.production \
  $secrets/application-key-id \
  $secrets/application-key \
  $secrets/passphrase
 read B2_APPLICATION_KEY_ID < $secrets/application-key-id
 read B2_APPLICATION_KEY < $secrets/application-key
 export BUCKET_NAME=${DOMAIN}-backup
--- a/services/caddy.yaml
+++ b/services/caddy.yaml
@ -0,0 +1,20 @@
 version: "3.7"
 services:
  caddy:
    build: ./caddy
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - $PWD/Caddyfile:/etc/caddy/Caddyfile
      - $PWD/site:/srv
      - caddy_data:/data
      - caddy_config:/config
 volumes:
  caddy_data:
    external: true
  caddy_config:
--- a/services/caddy/Containerfile
+++ b/services/caddy/Containerfile
@ -0,0 +1,8 @@
 FROM caddy:latest-builder AS builder
 RUN xcaddy build \
    --with github.com/mholt/caddy-webdav
 FROM caddy:latest
 COPY --from=builder /usr/bin/caddy /usr/bin/caddy
--- a/services/caddy/caddy.do
+++ b/services/caddy/caddy.do
@ -1,4 +0,0 @@
 redo-ifchange xcaddy
 ./xcaddy build --output $3 \
  --with github.com/mholt/caddy-webdav
--- a/services/caddy/xcaddy.do
+++ b/services/caddy/xcaddy.do
@ -1,17 +0,0 @@
 ARCH=arm64
 OS=mac
 # get the latest version
 curl --silent https://api.github.com/repos/caddyserver/xcaddy/releases/latest \
  | grep browser_download_url \
  | cut -d : -f 2,3 \
  | tr -d \" \
  | grep $ARCH \
  | grep $OS \
  > .latest_download
 redo-ifchange .latest_download
 curl --location --silent $(cat .latest_download) \
  | tar xf - -O xcaddy > $3
 chmod +x $3
--- a/services/readme
+++ b/services/readme
@ -0,0 +1,42 @@
 ## Services
 Each of these yaml files define a service to be run via docker/podman compose. 
 Any supporting files are in the corresponding folder.
 Each service should be self-contained, and optional. 
 ### Required Services
 #### Backup
 we have a backup script that uses duplicity, this should be moved into a container, and set to run periodically
 #### Caddy
 caddy is the web server, and handles https certificates, and proxying to all the services.
 #### Zitadel
 zitadel lets you have a single username and password to sign on to all your services.
 ### Optional Services
 #### Web
 Optional - static web hosting + webDAV. WebDAV is the easiest way for people to edit websites,
 without having to sync anything.
 ### Adding a new service
 There are three things to think about when adding a service:
 1. How to enable sign-in with zitadel?
 Generally, zitadel has some cli commands that we have put in scripts in the zitadel folder.
 2. How to expose as a subdomain in caddy?
 You will want to make a Caddyfile, which will get mounted by the Caddy compose file. 
--- a/services/web/readme
+++ b/services/web/readme
@ -0,0 +1 @@
 This is the web service - it hosts static files, and a webDAV server that can make it easy to edit
--- a/services/web/run.do
+++ b/services/web/run.do
@ -1,7 +0,0 @@
 DIRNAME="$(dirname $0)"
 cd "$DIRNAME"
 redo-ifchange ../caddy/caddy
 touch $3
 ../caddy/caddy run
--- a/services/zitadel.yaml
+++ b/services/zitadel.yaml
@ -0,0 +1,36 @@
 version: '3.8'
 services:
  zitadel:
    restart: 'always'
    networks:
      - 'zitadel'
    image: 'ghcr.io/zitadel/zitadel:latest'
    command: 'start-from-init --masterkey "6cd52ccbc4da912319f0fdc016d68575dd391bd932ebdc045c89b2dce9e90315" --tlsMode disabled'
    environment:
      - 'ZITADEL_DATABASE_COCKROACH_HOST=crdb'
      - 'ZITADEL_EXTERNALSECURE=false'
    depends_on:
      crdb:
        condition: 'service_healthy'
    ports:
      - '8123:8080'
  crdb:
    restart: 'always'
    networks:
      - 'zitadel'
    image: 'cockroachdb/cockroach:v22.2.2'
    command: 'start-single-node --insecure'
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8080/health?ready=1"]
      interval: '10s'
      timeout: '30s'
      retries: 5
      start_period: '20s'
    ports:
      - '9090:8080'
      - '26257:26257'
 networks:
  zitadel:
		`@ -0,0 +1 @@`
							`This is the web service - it hosts static files, and a webDAV server that can make it easy to edit`