daan/geekbot
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity

Use Ansible for deployment

Browse source
This commit is contained in:
runebaas 2020-06-20 00:43:59 +02:00
parent 3213e10b88
commit a4b914d576
No known key found for this signature in database
GPG key ID: 2677AF508D0300D6
2 changed files with 54 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
.deploy.yml Normal file
View file

@ -0,0 +1,37 @@
---
- name: Geekbot Deploy
hosts: all
remote_user: geekbot
vars:
ansible_port: 65432
ansible_python_interpreter: /usr/bin/python3
tasks:
- name: Login to Gitlab Docker Registry
docker_login:
registry_url: "{{ lookup('env', 'CI_REGISTRY') }}"
username: "{{ lookup('env', 'CI_REGISTRY_USER') }}"
password: "{{ lookup('env', 'CI_REGISTRY_PASSWORD') }}"
reauthorize: yes
- name: Replace Prod Container
docker_container:
name: GeekbotProd
image: "{{ lookup('env', 'IMAGE_TAG') }}"
recreate: yes
pull: yes
restart_policy: always
keep_volumes: no
ports:
- "12995:12995"
env:
GEEKBOT_DB_HOST: "{{ lookup('env', 'GEEKBOT_DB_HOST') }}"
GEEKBOT_DB_USER: "{{ lookup('env', 'GEEKBOT_DB_USER') }}"
GEEKBOT_DB_PASSWORD: "{{ lookup('env', 'GEEKBOT_DB_PASSWORD') }}"
GEEKBOT_DB_PORT: "{{ lookup('env', 'GEEKBOT_DB_PORT') }}"
GEEKBOT_DB_DATABASE: "{{ lookup('env', 'GEEKBOT_DB_DATABASE') }}"
GEEKBOT_DB_REQUIRE_SSL: "true"
GEEKBOT_DB_TRUST_CERT: "true"
GEEKBOT_SUMOLOCIG: "{{ lookup('env', 'GEEKBOT_SUMOLOCIG') }}"
GEEKBOT_SENTRY: "{{ lookup('env', 'GEEKBOT_SENTRY') }}"
- name: Cleanup Old Container
docker_prune:
images: yes

31
.gitlab-ci.yml
View file

@ -4,6 +4,8 @@ stages:
- deploy - deploy
- ops - ops
.imageTag: &IMAGE_TAG $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
Build: Build:
stage: build stage: build
image: mcr.microsoft.com/dotnet/core/sdk:5.0-focal image: mcr.microsoft.com/dotnet/core/sdk:5.0-focal
@ -19,12 +21,13 @@ Build:
Package: Package:
stage: docker stage: docker
image: docker image: docker
# only: only:
# - master - master
- docker
services: services:
- docker:stable-dind - docker:stable-dind
variables: variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG IMAGE_TAG: *IMAGE_TAG
script: script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker build -t $IMAGE_TAG . - docker build -t $IMAGE_TAG .
@ -32,21 +35,21 @@ Package:
Deploy: Deploy:
stage: deploy stage: deploy
image: runebaas/rsync-ssh-git image: ansible/ansible-runner
only: only:
- master - master
environment: - docker
name: Production variables:
url: https://discordapp.com/oauth2/authorize?client_id=171249478546882561&scope=bot&permissions=1416834054 ANSIBLE_NOCOWS: 1
IMAGE_TAG: *IMAGE_TAG
before_script: before_script:
- eval $(ssh-agent -s) - mkdir /root/.ssh
- mkdir -p ~/.ssh - cp $SSH_PRIVATE_KEY /root/.ssh/id_ed25519
- '[[ -f /.dockerenv ]] && echo -e "Host *\n StrictHostKeyChecking no" > ~/.ssh/config' - cp $SSH_PUBLIC_KEY /root/.ssh/id_ed25519.pub
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null - chmod -R 600 /root/.ssh
- chmod 700 ~/.ssh - ssh-keyscan -p 65432 $PROD_IP > /root/.ssh/known_hosts
script: script:
- rsync -rav -e "ssh -p 65432" ./Geekbot.net/Binaries/* geekbot@$DEPIP:$DEPPATH - ansible-playbook -i $PROD_IP, .deploy.yml
- ssh -p 65432 geekbot@$DEPIP "sudo systemctl restart geekbot.service"
Sentry: Sentry:
stage: ops stage: ops