feat: linux provider

Author: keskiju

docker-compose-remote.yaml

@@ -0,0 +1,222 @@
+version: '3.5'
+services:
+  server-template-ingress:
+    container_name: server-template-ingress
+    image: nginx:1.15-alpine
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      # __IMAGE_TAG__
+      - "__PORT__:80"
+    volumes:
+      - "./docker-nginx.conf:/etc/nginx/nginx.conf:delegated"
+      - "./docker-nginx.htpasswd:/etc/nginx/.htpasswd:delegated"
+
+  server-template-admin:
+    container_name: server-template-admin
+    build:
+      context: ./admin
+      dockerfile: ${dockerfile}
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "8080"
+    volumes:
+      - "./admin:/service:delegated"
+      - "./shared:/service/shared:delegated"
+      - "/service/node_modules"
+    environment:
+      COMMON_COMPANY: companyname
+      COMMON_PROJECT: server-template
+
+  server-template-client:
+    container_name: server-template-client
+    build:
+      context: ./client
+      dockerfile: ${dockerfile}
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "8080"
+    volumes:
+      - "./client:/service:delegated"
+      - "./shared:/service/shared:delegated"
+      - "/service/node_modules"
+    secrets:
+      # NOTE: Database connection is for tests only
+      - DATABASE_PASSWORD
+      - EXAMPLE_SECRET
+    environment:
+      COMMON_COMPANY: companyname
+      COMMON_PROJECT: server-template
+      # NOTE: Database connection is for tests only
+      DATABASE_HOST: server-template-database
+      DATABASE_NAME: server_template_local
+      DATABASE_USER: server_template_local_app
+
+  server-template-graphql:
+    container_name: server-template-graphql
+    build:
+      context: ./graphql
+      dockerfile: ${dockerfile}
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "8080"
+    volumes:
+      - "./graphql:/service:delegated"
+      - "./shared:/service/shared:delegated"
+      - "/service/node_modules"
+    environment:
+      COMMON_COMPANY: companyname
+      COMMON_PROJECT: server-template
+      COMMON_DOMAIN: localhost
+      COMMON_URL: http://localhost:9999
+      COMMON_DEBUG: 'false'
+      COMMON_LOG_FORMAT: text
+      COMMON_LOG_LEVEL: info      # trace, debug, info, warn, error, fatal
+      COMMON_ENV: local
+      DEBUG: 'false'
+      GRAPHQL_PORT: 8080
+      GRAPHQL_BINDADDR: 0.0.0.0
+      API_HOST: server-template-server
+      API_PORT: 8080
+
+  server-template-server:
+    container_name: server-template-server
+    build:
+      context: ./server
+      dockerfile: ${dockerfile}
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "8080"
+    volumes:
+      - "./server:/service:delegated"
+      - "./shared:/service/shared:delegated"
+      - "/service/node_modules"
+    secrets:
+      - DATABASE_PASSWORD
+      - S3_KEY_SECRET
+      - EXAMPLE_SECRET
+    environment:
+      COMMON_COMPANY: companyname
+      COMMON_PROJECT: server-template
+      COMMON_DEBUG: 'false'
+      COMMON_LOG_FORMAT: text
+      COMMON_LOG_LEVEL: info      # trace, debug, info, warn, error, fatal
+      COMMON_ENV: local
+      DEBUG: 'false'
+      SENTRY_DSN: #sentryDSN
+      API_PORT: 8080
+      API_BINDADDR: 0.0.0.0
+      KAFKA_HOST: server-template-kafka
+      KAFKA_PORT: 9092
+      DATABASE_HOST: server-template-database
+      DATABASE_NAME: server_template_local
+      DATABASE_USER: server_template_local_app
+      DATABASE_POOL_MIN: '1'
+      DATABASE_POOL_MAX: '10'
+      S3_URL: http://server-template-storage:9000/
+      S3_REGION: milkyway
+      S3_BUCKET: bucket
+      S3_KEY_ID: minio
+
+  server-template-www:
+    container_name: server-template-www
+    build:
+      context: ./www
+      dockerfile: ${dockerfile}
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      # TODO: Temporary hack for https://github.com/gatsbyjs/gatsby/issues/3721
+      - "7463:8080"
+    volumes:
+      - "./www:/service:delegated"
+      - "/service/node_modules"
+      - "/service/site/node_modules"
+      # FOR GATSBY ONLY:
+      # - "/service/site/node_modules"
+
+  server-template-cache:
+    container_name: server-template-cache
+    image: redis:5.0-alpine
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "6379"
+
+  server-template-kafka:
+    container_name: server-template-kafka
+    image: 'bitnami/kafka:latest'
+    ports:
+      - '9092'
+    environment:
+      - KAFKA_ZOOKEEPER_CONNECT=server-template-zookeeper:2181
+      - ALLOW_PLAINTEXT_LISTENER=yes
+
+  server-template-zookeeper:
+    container_name: server-template-zookeeper
+    image: 'bitnami/zookeeper:latest'
+    ports:
+      - '2181'
+    environment:
+      - ALLOW_ANONYMOUS_LOGIN=yes
+
+  # "EXTERNAL RESOURCES"
+
+  server-template-database:
+    container_name: server-template-database
+    image: postgres:9.6
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "6000:5432"
+    secrets:
+      - DATABASE_PASSWORD
+    environment:
+      POSTGRES_DB: server_template_local
+      POSTGRES_USER: server_template_local_app
+      POSTGRES_PASSWORD_FILE: /run/secrets/DATABASE_PASSWORD
+    volumes:
+      - "./database:/docker-entrypoint-initdb.d:delegated"
+
+  server-template-storage:
+    container_name: server-template-storage
+    build:
+      context: ./storage
+      dockerfile: ${dockerfile}
+    restart: unless-stopped
+    command: server /service
+    networks:
+      - default
+    ports:
+      - "9000"
+    secrets:
+      - S3_KEY_SECRET
+    environment:
+      MINIO_ACCESS_KEY: minio
+      # MINIO requires key as environment variable?
+      MINIO_SECRET_KEY: secret1234
+
+secrets:
+  DATABASE_PASSWORD:
+    file: ./secrets/${taito_env}/${db_database_name}-db-app.password
+  S3_KEY_SECRET:
+    file: ./secrets/${taito_env}/${taito_project}-${taito_env}-storage-gateway.secret
+  EXAMPLE_SECRET:
+    file: ./secrets/${taito_env}/${taito_project}-${taito_env}-example.secret
+
+networks:
+  default:
+
+# EOF

scripts/linux-provider/taito-deployment-deploy#post.sh

@@ -3,30 +3,61 @@
 : "${taito_ssh_user:?}"
 : "${taito_host:?}"
 : "${taito_host_dir:?}"
+: "${taito_namespace:?}"
+: "${taito_target_env:?}"
 
 image_tag=$1
-# TODO PORT
-taito_ingress_port=8080
+if [[ ! $image_tag ]]; then
+  image_tag=$(git rev-parse "${taito_branch:-dev}")
+  echo "Image tag not given. Using commit sha $image_tag as image tag."
+  echo
+fi
+
+echo
+echo "NOTE: Deployment is done using the taito-config.sh and"
+echo "docker-compose-remote.yaml currently located on your local directory."
+echo
 
 . "${taito_cli_path}/plugins/ssh/util/opts.sh"
 
-echo "Copying docker-compose-prod.yaml to ${taito_host}:/${taito_host_dir}"
-sed "s/__IMAGE_TAG__/${image_tag}" docker-compose-prod.yaml |
-  sed "s/__PORT__/${taito_ingress_port}" \
-  > docker-compose-prod.yaml.tmp
+echo "[Copy docker-compose-remote.yaml to ${taito_host}:/tmp]"
 (
   ${taito_setv:?}
-  scp ${opts} docker-compose-prod.yaml.tmp \
-    "${taito_ssh_user}@${taito_host}:${taito_host_dir}/docker-compose-prod.yaml"
+  mkdir -p tmp
+  tar -cf "tmp/${taito_namespace}.tar" docker-compose-remote.yaml taito-config.sh
+  scp ${opts} "tmp/${taito_namespace}.tar" "${taito_ssh_user}@${taito_host}:/tmp"
+  rm -f "tmp/${taito_namespace}.tar"
 )
-rm -f docker-compose-prod.yaml.tmp
+echo
 
-echo "Restarting docker-compose on ${taito_host}:/${taito_host_dir}"
-(
-  ${taito_setv:?}
-  ssh ${opts} "${taito_ssh_user}@${taito_host}" "
-    sudo bash -c '
-      cd ${taito_host_dir} && docker-compose stop && docker-compose -d up
-    '
-  "
-)
+echo "[Execute on ${taito_host}]"
+ssh ${opts} "${taito_ssh_user}@${taito_host}" "
+  sudo bash -c '
+    ${taito_setv:?} &&
+    cd ${taito_host_dir} &&
+    echo &&
+    echo [Extract /tmp/${taito_namespace}.tar] &&
+    tar -xf /tmp/${taito_namespace}.tar -C . &&
+    rm -f /tmp/${taito_namespace}.tar &&
+    echo &&
+    echo [Replace port and image tag in docker-compose-remote.yaml] &&
+    PORT=\$(getsiteport ${taito_namespace}) &&
+    sed -i s/__PORT__/\${PORT}/ docker-compose-remote.yaml &&
+    sed -i s/__IMAGE_TAG__/${image_tag}/ docker-compose-remote.yaml &&
+    echo &&
+    echo [Set environment in taito-config.sh] &&
+    sed -i \"1 ataito_target_env=${taito_target_env}\" taito-config.sh &&
+    sed -i /taito_util_path/d taito-config.sh &&
+    echo &&
+    echo [Set environment variables] &&
+    set -a &&
+    taito_target_env=${taito_target_env} &&
+    . taito-config.sh &&
+    set +a &&
+    echo &&
+    echo [Restart docker-compose] &&
+    docker-compose -f docker-compose-remote.yaml stop &&
+    docker-compose -f docker-compose-remote.yaml -d up
+  '
+"
+echo

scripts/linux-provider/taito-env-apply#post.sh

@@ -3,40 +3,41 @@
 : "${taito_ssh_user:?}"
 : "${taito_host:?}"
 : "${taito_host_dir:?}"
+: "${taito_env:?}"
+: "${taito_namespace:?}"
+: "${taito_domain:?}"
 
-TEMPLATE=/etc/nginx/templates/taito-site-template
-CLIENT_MAX_BODY_SIZE=32m
-# TODO PORT
-taito_ingress_port=8080
+CLIENT_MAX_BODY_SIZE=1m
 
 . "${taito_cli_path}/plugins/ssh/util/opts.sh"
 
-${taito_setv:?}
+echo "[Copy changed secrets to ${taito_host}:/tmp]"
+(
+  ${taito_setv:?}
+  mkdir -p tmp
+  tar -cf "tmp/${taito_namespace}-secrets.tar" -C "secrets/changed/${taito_env}" .
+  scp ${opts} "tmp/${taito_namespace}-secrets.tar" "${taito_ssh_user}@${taito_host}:/tmp"
+  rm -f "tmp/${taito_namespace}-secrets.tar"
+)
+echo
+
+echo "[Execute on ${taito_host}]"
 ssh ${opts} "${taito_ssh_user}@${taito_host}" "
   sudo bash -c '
-    echo Making sure ${taito_host_dir} directory exists on host ${taito_host} &&
-    mkdir -p ${taito_host_dir} &&
-    if [[ -f $TEMPLATE ]]; then
-      echo Add site ${taito_namespace} and restart nginx &&
-      sed s/NAME/${taito_namespace}/g $TEMPLATE | \
-        sed s/DOMAIN/${taito_domain}/g | \
-        sed s/PORT/${taito_ingress_port}/g | \
-        sed s/CLIENT_MAX_BODY_SIZE/${CLIENT_MAX_BODY_SIZE}/g \
-          > /etc/nginx/sites-available/${taito_namespace} &&
-      rm -f /etc/nginx/sites-enabled/${taito_namespace} &&
-      ln -s /etc/nginx/sites-available/${taito_namespace} \
-        /etc/nginx/sites-enabled/${taito_namespace} &&
-      service nginx restart;
+    ${taito_setv:?} &&
+    echo [Extract /tmp/${taito_namespace}-secrets.tar] &&
+    mkdir -p ${taito_host_dir}/secrets/${taito_env} &&
+    tar -xf /tmp/${taito_namespace}-secrets.tar -C ${taito_host_dir}/secrets/${taito_env} &&
+    rm -f /tmp/${taito_namespace}-secrets.tar &&
+    echo &&
+
+    if which createsite &> /dev/null; then
+      createsite ${taito_namespace} ${taito_domain} $CLIENT_MAX_BODY_SIZE;
     else
-      echo File $TEMPLATE does not exist. &&
+      echo NOTE: createsite command does not exist. &&
       echo Configure routing for domain ${taito_domain} yourself. &&
       echo Press enter to continue &&
       read -r;
     fi
   '
 "
-
-#  |
-#   sed s/DOMAIN/${taito_domain}/g |
-#   sed s/PORT/${taito_ingress_port}/g |
-#   sed s/CLIENT_MAX_BODY_SIZE/${CLIENT_MAX_BODY_SIZE}/g \

scripts/linux-provider/taito-env-destroy#post.sh

@@ -1,23 +1,20 @@
 #!/bin/bash
 : "${taito_cli_path:?}"
+: "${taito_namespace:?}"
 : "${taito_ssh_user:?}"
 : "${taito_host:?}"
 : "${taito_host_dir:?}"
 
 . "${taito_cli_path}/plugins/ssh/util/opts.sh"
 
-${taito_setv:?}
+echo "[Execute on ${taito_host}]"
 ssh ${opts} "${taito_ssh_user}@${taito_host}" "
   sudo bash -c '
-    echo Delete directory ${taito_host_dir} &&
-    rm -rf ${taito_host_dir} &&
-    if [[ -f /etc/nginx/sites-available/${taito_namespace} ]]; then
-      echo Delete site ${taito_namespace} and restart nginx &&
-      rm -f /etc/nginx/sites-enabled/${taito_namespace} &&
-      rm -f /etc/nginx/sites-available/${taito_namespace} &&
-      service nginx restart;
+    ${taito_setv:?} &&
+    if which deletesite &> /dev/null; then
+      deletesite ${taito_namespace};
     else
-      echo File /etc/nginx/sites-available/${taito_namespace} does not exist. &&
+      echo NOTE: deletesite command does not exist. &&
       echo You have to remove routing for domain ${taito_domain} yourself. &&
       echo Press enter to continue. &&
       read -r;