add woodpecker files

Signed-off-by: natto1784 <natto@weirdnatto.in>
2022-10-23 22:11:44 +05:30
parent f3e0b2271a
commit e2c95f5bfe
4 changed files with 186 additions and 8 deletions
--- a/concourse/terraform.tfstate
+++ b/concourse/terraform.tfstate
@@ -1,8 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "1.1.7",
-  "serial": 3,
-  "lineage": "024f69f1-cac1-435f-fdb1-d90b3bfd0638",
-  "outputs": {},
-  "resources": []
-}
--- a/woodpecker/main.tf
+++ b/woodpecker/main.tf
@@ -0,0 +1,16 @@
+provider "nomad" {}
+//Set everything via environment variables
+
+resource "nomad_job" "woodpecker-server" {
+  jobspec = file("./woodpecker-server.nomad")
+  hcl2 {
+    enabled = true
+  }
+}
+
+resource "nomad_job" "woodpecker-agent" {
+  jobspec = file("./woodpecker-agent.nomad")
+  hcl2 {
+    enabled = true
+  }
+}
--- a/woodpecker/woodpecker-agent.nomad
+++ b/woodpecker/woodpecker-agent.nomad
@@ -0,0 +1,57 @@
+job "woodpecker-agent" { 
+  region = "global"
+  datacenters = [ "nazrin" ]
+  type = "service"
+  group "svc" {
+    count = 1
+    network {
+      mode = "bridge"
+    }
+
+    vault {
+      policies = [ "woodpecker-agent" ]
+    }
+
+    service {
+      connect {
+        sidecar_service {
+          proxy {
+            upstreams {
+              destination_name = "woodpecker-grpc"
+              local_bind_port = 9000
+            }
+          }
+        }
+      }
+    }
+
+
+    task "woodpecker" {
+      driver = "docker"
+
+      config {
+        image = "woodpeckerci/woodpecker-agent:latest"
+        command = "agent"
+        volumes = [ "/var/run/docker.sock:/var/run/docker.sock"]
+      }
+
+      resources {
+        cpu    = 2048
+        memory = 2048
+      }
+
+      template {
+        data = <<EOF
+        WOODPECKER_LOG_LEVEL=info
+        WOODPECKER_USERNAME=Marisa
+        WOODPECKER_AGENT_SECRET={{ with secret "kv/data/woodpecker/agent" }}{{ .Data.data.agent_secret }}{{ end }}
+        WOODPECKER_MAX_PROCS=2
+        WOODPECKER_SERVER={{ env "NOMAD_UPSTREAM_ADDR_woodpecker_grpc" }}
+EOF
+        env = true
+        change_mode = "restart"
+        destination = "${NOMAD_SECRETS_DIR}/data.env"
+      }
+    }
+  }
+}
--- a/woodpecker/woodpecker-server.nomad
+++ b/woodpecker/woodpecker-server.nomad
@@ -0,0 +1,113 @@
+job "woodpecker-server" {
+  region = "global"
+  datacenters = [ "nazrin" ]
+  type = "service"
+
+  group "svc" {
+    count = 1
+    network {
+      mode = "bridge"
+      port "db" {
+        to = 5432
+      }
+      port "http" { 
+        static = "6666"
+        to = "8000"
+      }
+      port "grpc" {
+        to = "9000"
+      }
+    }
+
+    vault {
+      policies = [ "woodpecker-server" ]
+    }
+
+    service {
+      name = "woodpecker-grpc"
+      port = "9000"
+      connect {   
+        sidecar_service {}   
+      }
+    }
+
+    service {
+      name = "woodpecker-db"
+      port = "db"
+    }
+
+    service {
+      name = "woodpecker-http"
+      port = "http"
+    }
+
+    task "db" {
+      template {
+        data = <<EOF
+{{ with secret "kv/data/woodpecker/db" }}{{ .Data.data.pass }}{{ end }}
+EOF
+        destination = "${NOMAD_SECRETS_DIR}/db.pass"
+      }
+      driver = "docker"
+      config {
+        image = "postgres:alpine"
+        ports = [ "db" ]
+        volumes = [ "/var/lib/nomad-st/postgres-woodpecker:/var/lib/postgresql/data" ]
+      }
+      env {
+        POSTGRES_USER     = "woodpecker"
+        POSTGRES_PASSWORD_FILE="${NOMAD_SECRETS_DIR}/db.pass"
+        POSTGRES_DB       = "woodpecker"
+      }
+      resources {
+        cpu    = 250
+        memory = 128
+      }
+    }
+    task "woodpecker" {
+      driver = "docker"
+      config {
+        image = "woodpeckerci/woodpecker-server:latest"
+        command = "web"
+        image_pull_timeout = "30m"
+        ports = [ "http" ]
+      }
+
+      resources {
+        cpu    = 250
+        memory = 128
+      }
+
+      template {
+        data = <<EOF
+{{ with secret "kv/data/woodpecker/keys" }}
+WOODPECKER_LOG_LEVEL=info
+WOODPECKER_HOST={{ .Data.data.external_host }}
+WOODPECKER_AGENT_SECRET={{ .Data.data.agent_secret }}
+{{end}}
+
+{{ with secret "kv/data/woodpecker/admin" }}
+WOODPECKER_ADMIN={{ .Data.data.users }}
+{{ end }}
+
+WOODPECKER_OPEN=true
+WOODPECKER_DATABASE_DRIVER=postgres
+
+{{ with secret "kv/data/woodpecker/db" }}
+WOODPECKER_DATABASE_DATASOURCE=postgres://woodpecker:{{ .Data.data.pass }}@localhost:{{ env "NOMAD_PORT_db" }}/woodpecker?sslmode=disable
+{{ end }}
+
+{{ with secret "kv/data/woodpecker/gitea" }}
+ WOODPECKER_GITEA=true
+WOODPECKER_GITEA_URL={{ .Data.data.url }}
+WOODPECKER_GITEA_CLIENT={{ .Data.data.client }}
+WOODPECKER_GITEA_SECRET={{ .Data.data.secret }}
+{{ end }}
+EOF
+        env = true
+        change_mode = "restart"
+        destination = "${NOMAD_SECRETS_DIR}/data.env"
+      }
+    }
+  }
+}