diff --git a/stacks/woodpecker.yml b/stacks/woodpecker.yml new file mode 100644 index 0000000..ca6c99d --- /dev/null +++ b/stacks/woodpecker.yml @@ -0,0 +1,88 @@ +version: '3.4' + +services: + app: + image: 'woodpeckerci/woodpecker-server:latest' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==admin' + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.gitea.rule=Host(`ci.rustybever.be`)' + - 'traefik.http.routers.gitea.tls=true' + - 'traefik.http.routers.gitea.tls.certresolver=letsEncrypt' + - 'traefik.http.services.gitea.loadbalancer.server.port=8000' + + environment: + - 'WOODPECKER_OPEN=true' + - 'WOODPECKER_HOST=ci.rustybever.be' + - 'WOODPECKER_DATABASE_DRIVER=postgres' + - 'WOODPECKER_DATABASE_DATASOURCE=postgres://woodpecker:woodpecker@db:5432/woodpecker?sslmode=disable' + - 'WOODPECKER_AGENT_SECRET_FILE=/run/secrets/woodpecker_agent_secret' + - 'WOODPECKER_GITEA=true' + - 'WOODPECKER_GITEA_URL=https://git.rustybever.be' + - 'WOODPECKER_GITEA_CLIENT_FILE=/run/secrets/woodpecker_gitea_client' + - 'WOODPECKER_GITEA_SECRET_FILE=/run/secrets/woodpecker_gitea_secret' + secrets: + - woodpecker_agent_secret + - woodpecker_gitea_client + - woodpecker_gitea_secret + volumes: + - woodpecker-server-data:/var/lib/woodpecker/ + + db: + image: 'postgres:14.1-alpine' + + deploy: + mode: 'replicated' + replicas: 1 + placement: + constraints: + - 'node.labels.class==admin' + + healthcheck: + test: pg_isready + interval: 30s + timeout: 5s + retries: 3 + start_period: 15s + + environment: + - 'POSTGRES_USER=woodpecker' + - 'POSTGRES_PASSWORD=woodpecker' + - 'POSTGRES_DB=woodpecker' + volumes: + - 'db-data:/var/lib/postgresql/data' + + agent: + image: 'woodpeckerci/woodpecker-agent:latest' + command: agent + + deploy: + mode: 'global' + placement: + constraints: + - 'node.labels.class.ci==true' + + environment: + - WOODPECKER_SERVER=app:9000 + - WOODPECKER_AGENT_SECRET_FILE=/run/secrets/woodpecker_agent_secret + secrets: + - woodpecker_agent_secret + volumes: + - /var/run/docker.sock:/var/run/docker.sock + +secrets: + woodpecker_agent_secret: + external: true + woodpecker_gitea_client: + external: true + woodpecker_gitea_secret: + external: true + +volumes: + db-data: