Compare commits
32 Commits
36dac62c67
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
831ab77fed | ||
|
|
d1f7bf05ea | ||
|
|
ccc1bfd366 | ||
|
|
b5e4a462db | ||
|
|
4c4b509b90 | ||
|
|
5940099978 | ||
|
|
bb88b190ee | ||
|
|
7f100d85d1 | ||
|
|
6931df8463 | ||
|
|
a339ad8d9c | ||
|
|
a975f69891 | ||
|
|
fa8afa87e5 | ||
|
|
46582b611d | ||
|
|
ddcc2ace6a | ||
|
|
dc23f3ac69 | ||
|
|
1e1d4913a8 | ||
|
|
4f77663f89 | ||
|
|
882a32f2dc | ||
|
|
7d8f7d4658 | ||
|
|
6dfca196a2 | ||
|
|
0600f09f5b | ||
|
|
90adb34542 | ||
|
|
8c871178cc | ||
|
|
6d4effa607 | ||
|
|
d2102f88e7 | ||
|
|
f28f43bdab | ||
|
|
2618ea8ec3 | ||
|
|
c8f490d8aa | ||
|
|
3108c915c8 | ||
|
|
7bade2f31e | ||
|
|
be029575ed | ||
|
|
6a49e454a9 |
@@ -1,9 +1,9 @@
|
|||||||
---
|
---
|
||||||
name: CI/CD Pipeline
|
name: CI/CD Pipeline
|
||||||
|
|
||||||
on:
|
"on":
|
||||||
push:
|
push:
|
||||||
branches: [main, flip_dev]
|
branches: [main, flip_dev, hannes]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
lint:
|
lint:
|
||||||
@@ -38,21 +38,35 @@ jobs:
|
|||||||
apt-get update && apt-get install -y python3 python3-pip openssh-client bash git
|
apt-get update && apt-get install -y python3 python3-pip openssh-client bash git
|
||||||
pip3 install --upgrade pip
|
pip3 install --upgrade pip
|
||||||
pip3 install ansible
|
pip3 install ansible
|
||||||
|
ansible-galaxy collection install community.docker:">=3.5.0"
|
||||||
|
|
||||||
|
|
||||||
- name: Setup SSH key with passphrase
|
- name: Setup SSH
|
||||||
|
shell: bash
|
||||||
|
env:
|
||||||
|
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
|
||||||
|
SSH_PASSPHRASE: ${{ secrets.SSH_PASSPHRASE }}
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
printf "%s\n" "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
|
chmod 700 ~/.ssh
|
||||||
chmod 600 ~/.ssh/id_rsa
|
|
||||||
|
echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
|
||||||
|
chmod 600 ~/.ssh/id_ed25519
|
||||||
|
|
||||||
ssh-keyscan -H 213.95.90.157 >> ~/.ssh/known_hosts
|
ssh-keyscan -H 213.95.90.157 >> ~/.ssh/known_hosts
|
||||||
|
|
||||||
eval "$(ssh-agent -s)"
|
eval "$(ssh-agent -s)"
|
||||||
ssh-add ~/.ssh/id_rsa <<< "${{ secrets.SSH_PASSPHRASE }}"
|
if [ -n "${SSH_PASSPHRASE:-}" ]; then
|
||||||
|
echo "$SSH_PASSPHRASE" | ssh-add ~/.ssh/id_ed25519
|
||||||
|
else
|
||||||
- name: Run Ansible deployment
|
ssh-add ~/.ssh/id_ed25519
|
||||||
run: |
|
|
||||||
if [ -n "$SSH_PASSPHRASE" ]; then
|
|
||||||
eval "$(ssh-agent -s)"
|
|
||||||
ssh-add ~/.ssh/id_rsa <<< "$SSH_PASSPHRASE"
|
|
||||||
fi
|
fi
|
||||||
ansible-playbook -i ansible/inventory.yaml site.yaml
|
|
||||||
|
ssh -o BatchMode=yes root@213.95.90.157 true
|
||||||
|
|
||||||
|
- name: Run Ansible
|
||||||
|
run: |
|
||||||
|
ansible-playbook -i ansible/inventory.yaml site.yaml
|
||||||
|
|
||||||
@@ -2,3 +2,5 @@
|
|||||||
[defaults]
|
[defaults]
|
||||||
inventory = ansible/inventory.yaml
|
inventory = ansible/inventory.yaml
|
||||||
roles_path = ./roles
|
roles_path = ./roles
|
||||||
|
[ssh_connection]
|
||||||
|
ssh_args = -o BatchMode=yes -o PreferredAuthentications=publickey
|
||||||
@@ -4,4 +4,3 @@ all:
|
|||||||
server1:
|
server1:
|
||||||
ansible_host: 213.95.90.157
|
ansible_host: 213.95.90.157
|
||||||
ansible_user: root
|
ansible_user: root
|
||||||
ansible_ssh_private_key_file: /Users/sotos/.ssh/id_rsa
|
|
||||||
|
|||||||
@@ -1,24 +1,8 @@
|
|||||||
---
|
|
||||||
- hosts: all
|
- hosts: all
|
||||||
become: true
|
become: true
|
||||||
roles:
|
|
||||||
- docker/snake
|
|
||||||
vars:
|
vars:
|
||||||
app_dir: /opt/docker/snake
|
app_dir: /opt/docker/snake
|
||||||
|
snake_image: dns.s-martika.com/smartika/snake-game:2.0
|
||||||
|
|
||||||
tasks:
|
roles:
|
||||||
- name: Create app directory
|
- role: docker/snake
|
||||||
file:
|
|
||||||
path: "{{ app_dir }}"
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Copy compose file
|
|
||||||
copy:
|
|
||||||
src: "{{ playbook_dir }}/roles/docker/snake/files/docker-compose.yaml"
|
|
||||||
dest: "{{ app_dir }}/docker-compose.yaml"
|
|
||||||
|
|
||||||
|
|
||||||
- name: Start snake container
|
|
||||||
command: docker compose up -d
|
|
||||||
args:
|
|
||||||
chdir: "{{ app_dir }}"
|
|
||||||
|
|||||||
@@ -13,7 +13,7 @@
|
|||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: Install Docker
|
- name: Install Docker
|
||||||
shell: curl -fsSL https://get.docker.com | sh
|
shell: curl -fsSL https://get.docker.com | bash
|
||||||
args:
|
args:
|
||||||
creates: /usr/bin/docker
|
creates: /usr/bin/docker
|
||||||
|
|
||||||
|
|||||||
@@ -1,21 +1,33 @@
|
|||||||
---
|
|
||||||
- hosts: all
|
- hosts: all
|
||||||
become: true
|
become: true
|
||||||
vars:
|
vars:
|
||||||
monitor_dir: /opt/docker/monitoring
|
monitor_dir: /opt/docker/monitoring
|
||||||
|
docker_network: monitoring
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Create monitoring directory
|
- name: Ensure monitoring directory exists
|
||||||
file:
|
file:
|
||||||
path: "{{ monitor_dir }}"
|
path: "{{ monitor_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
- name: Copy monitoring stack
|
- name: Copy monitoring stack
|
||||||
copy:
|
copy:
|
||||||
src: ../../docker/monitoring/
|
src: ../../docker/monitoring/
|
||||||
dest: "{{ monitor_dir }}"
|
dest: "{{ monitor_dir }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
- name: Start monitoring
|
- name: Ensure monitoring Docker network exists
|
||||||
command: docker compose up -d
|
docker_network:
|
||||||
args:
|
name: "{{ docker_network }}"
|
||||||
chdir: "{{ monitor_dir }}"
|
state: present
|
||||||
|
|
||||||
|
- name: Start monitoring stack
|
||||||
|
community.docker.docker_compose_v2:
|
||||||
|
project_src: "{{ monitor_dir }}"
|
||||||
|
project_name: monitoring
|
||||||
|
state: present
|
||||||
|
|||||||
11
ansible/playbooks/roles/docker/monitoring/tasks/main.yaml
Normal file
11
ansible/playbooks/roles/docker/monitoring/tasks/main.yaml
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
- name: Ensure snake_net exists for monitoring
|
||||||
|
docker_network:
|
||||||
|
name: snake_net
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Start monitoring stack
|
||||||
|
community.docker.docker_compose:
|
||||||
|
project_src: /opt/docker/monitoring
|
||||||
|
project_name: monitoring
|
||||||
|
state: present
|
||||||
|
restarted: true
|
||||||
@@ -3,7 +3,7 @@
|
|||||||
gitea_user: smartika
|
gitea_user: smartika
|
||||||
gitea_token: "idNu783r4ub7ZXi"
|
gitea_token: "idNu783r4ub7ZXi"
|
||||||
|
|
||||||
snake_image: dns.s-martika.com/smartika/snake-game
|
snake_image: dns.s-martika.com/smartika/snake-game:2.0
|
||||||
snake_tag: "1.0"
|
app_dir: /opt/docker/snake
|
||||||
snake_container_name: snake-game
|
snake_container_name: snake-game
|
||||||
snake_port: 8080
|
snake_port: 8080
|
||||||
|
|||||||
@@ -2,8 +2,12 @@
|
|||||||
version: "3.8"
|
version: "3.8"
|
||||||
services:
|
services:
|
||||||
snake:
|
snake:
|
||||||
image: dns.s-martika.com/smartika/snake-game:1.0
|
image: dns.s-martika.com/smartika/snake-game:2.0
|
||||||
container_name: snake-game777
|
container_name: snake-game777
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
ports:
|
ports:
|
||||||
- "8080:80"
|
- "8080:80"
|
||||||
|
networks:
|
||||||
|
snake_net:
|
||||||
|
external: true
|
||||||
|
|
||||||
|
|||||||
@@ -1,22 +1,43 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
- name: Ensure app directory exists
|
||||||
|
file:
|
||||||
|
path: "{{ app_dir }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
|
- name: Ensure snake_net exists
|
||||||
|
docker_network:
|
||||||
|
name: snake_net
|
||||||
|
state: present
|
||||||
|
|
||||||
|
# Login to private registry
|
||||||
- name: Login to private registry
|
- name: Login to private registry
|
||||||
docker_login:
|
docker_login:
|
||||||
registry_url: dns.s-martika.com
|
registry_url: dns.s-martika.com
|
||||||
username: "{{ gitea_user }}"
|
username: "{{ gitea_user }}"
|
||||||
password: "{{ gitea_token }}"
|
password: "{{ gitea_token }}"
|
||||||
|
|
||||||
|
# Pull latest image
|
||||||
- name: Pull snake-game image
|
- name: Pull snake-game image
|
||||||
docker_image:
|
docker_image:
|
||||||
name: dns.s-martika.com/smartika/snake-game
|
name: "{{ snake_image }}"
|
||||||
tag: "1.0"
|
|
||||||
source: pull
|
source: pull
|
||||||
|
|
||||||
|
# Run container
|
||||||
- name: Run snake-game container
|
- name: Run snake-game container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: snake-game
|
name: snake-game
|
||||||
image: dns.s-martika.com/smartika/snake-game:1.0
|
image: "{{ snake_image }}"
|
||||||
state: started
|
state: started
|
||||||
restart_policy: always
|
restart_policy: unless-stopped
|
||||||
ports:
|
ports:
|
||||||
- "8080:80"
|
- "8080:80" # host port → container port
|
||||||
|
pull: yes
|
||||||
|
networks:
|
||||||
|
- name: snake_net
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -1,33 +1,43 @@
|
|||||||
---
|
|
||||||
version: '3.8'
|
version: '3.8'
|
||||||
services:
|
|
||||||
prometheus:
|
|
||||||
image: prom/prometheus:latest
|
|
||||||
volumes:
|
|
||||||
- ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
|
|
||||||
ports:
|
|
||||||
- "9090:9090"
|
|
||||||
networks:
|
|
||||||
- snake_net
|
|
||||||
restart: unless-stopped
|
|
||||||
|
|
||||||
grafana:
|
|
||||||
image: grafana/grafana:latest
|
|
||||||
volumes:
|
|
||||||
- ./grafana/provisioning:/etc/grafana/provisioning:ro
|
|
||||||
- grafana_data:/var/lib/grafana
|
|
||||||
environment:
|
|
||||||
GF_SECURITY_ADMIN_PASSWORD: "admin"
|
|
||||||
GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH: /var/lib/grafana/dashboards/home.json
|
|
||||||
ports:
|
|
||||||
- "3000:3000"
|
|
||||||
networks:
|
|
||||||
- snake_net
|
|
||||||
restart: unless-stopped
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
grafana_data:
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
snake_net:
|
snake_net:
|
||||||
external: true
|
external: true
|
||||||
|
|
||||||
|
services:
|
||||||
|
prometheus:
|
||||||
|
image: prom/prometheus:latest
|
||||||
|
container_name: monitoring-prometheus
|
||||||
|
ports:
|
||||||
|
- "9090:9090"
|
||||||
|
volumes:
|
||||||
|
- ./prometheus.yaml:/etc/prometheus/prometheus.yml
|
||||||
|
networks:
|
||||||
|
- snake_net
|
||||||
|
|
||||||
|
grafana:
|
||||||
|
image: grafana/grafana:latest
|
||||||
|
container_name: monitoring-grafana
|
||||||
|
ports:
|
||||||
|
- "3000:3000"
|
||||||
|
volumes:
|
||||||
|
- ./grafana/provisioning:/etc/grafana/provisioning
|
||||||
|
- ./grafana/dashboards:/var/lib/grafana/dashboards
|
||||||
|
networks:
|
||||||
|
- snake_net
|
||||||
|
|
||||||
|
nginx-exporter:
|
||||||
|
image: nginx/nginx-prometheus-exporter:latest
|
||||||
|
container_name: nginx-exporter
|
||||||
|
ports:
|
||||||
|
- "9113:9113"
|
||||||
|
networks:
|
||||||
|
- snake_net
|
||||||
|
|
||||||
|
blackbox-exporter:
|
||||||
|
image: prom/blackbox-exporter:latest
|
||||||
|
container_name: blackbox-exporter
|
||||||
|
ports:
|
||||||
|
- "9115:9115"
|
||||||
|
networks:
|
||||||
|
- snake_net
|
||||||
|
|||||||
@@ -6,3 +6,21 @@ scrape_configs:
|
|||||||
- job_name: "prometheus"
|
- job_name: "prometheus"
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets: ["localhost:9090"]
|
- targets: ["localhost:9090"]
|
||||||
|
|
||||||
|
- job_name: 'nginx'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['nginx-prometheus-exporter:9113']
|
||||||
|
|
||||||
|
- job_name: 'snake-game'
|
||||||
|
metrics_path: /probe
|
||||||
|
params:
|
||||||
|
module: [http_2xx] # probe returns 1 if HTTP 200
|
||||||
|
static_configs:
|
||||||
|
- targets: ['snake-game:8080'] # snake game container + port
|
||||||
|
relabel_configs:
|
||||||
|
- source_labels: [__address__]
|
||||||
|
target_label: __param_target
|
||||||
|
- source_labels: [__param_target]
|
||||||
|
target_label: instance
|
||||||
|
- target_label: __address__
|
||||||
|
replacement: blackbox-exporter:9115
|
||||||
Reference in New Issue
Block a user