Merge branch 'master' of makerforce.io:beep/backend
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
commit
70e60c0135
76
.drone.yml
76
.drone.yml
|
@ -1,4 +1,19 @@
|
|||
kind: pipeline
|
||||
name: ssh-test
|
||||
clone:
|
||||
depth: 1
|
||||
steps:
|
||||
- name: ssh
|
||||
image: appleboy/drone-ssh
|
||||
settings:
|
||||
host: staging.beepvoice.app
|
||||
username: core
|
||||
key:
|
||||
from_secret: ssh_key
|
||||
script:
|
||||
- cd /home/core/staging && ls
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-auth
|
||||
clone:
|
||||
depth: 1
|
||||
|
@ -31,6 +46,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-bite
|
||||
|
@ -65,6 +83,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-core
|
||||
|
@ -99,6 +120,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-heartbeat
|
||||
|
@ -133,6 +157,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-login
|
||||
|
@ -167,6 +194,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-publish
|
||||
|
@ -201,6 +231,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-signal
|
||||
|
@ -235,6 +268,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-store
|
||||
|
@ -269,6 +305,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-subscribe
|
||||
|
@ -303,6 +342,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: backend-transcription
|
||||
|
@ -337,6 +379,9 @@ steps:
|
|||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
---
|
||||
kind: pipeline
|
||||
name: deploy
|
||||
|
@ -364,35 +409,50 @@ steps:
|
|||
settings:
|
||||
host: staging.beepvoice.app
|
||||
username: core
|
||||
ssh_key:
|
||||
key:
|
||||
from_secret: ssh_key
|
||||
source:
|
||||
- docker-compose.staging.yml
|
||||
- traefik.staging.toml
|
||||
target: /home/core/staging
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
- name: copy-migrations
|
||||
image: appleboy/drone-scp
|
||||
settings:
|
||||
host: staging.beepvoice.app
|
||||
username: core
|
||||
ssh_key:
|
||||
key:
|
||||
from_secret: ssh_key
|
||||
source:
|
||||
- backend-core/postgres/*
|
||||
target: /home/core/staging/backend-core/postgres
|
||||
target: /home/core/staging
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
- name: docker-compose-up
|
||||
image: appleboy/drone-ssh
|
||||
settings:
|
||||
host: staging.beepvoice.app
|
||||
username: core
|
||||
ssh_key:
|
||||
key:
|
||||
from_secret: ssh_key
|
||||
script:
|
||||
- >-
|
||||
cd /home/core/staging && docker-compose -f docker-compose.staging.yml
|
||||
pull
|
||||
cd /home/core/staging && /home/core/docker-compose -f
|
||||
docker-compose.staging.yml pull
|
||||
- >-
|
||||
cd /home/core/staging && docker-compose -f docker-compose.staging.yml
|
||||
up -d
|
||||
cd /home/core/staging && /home/core/docker-compose -f
|
||||
docker-compose.staging.yml up -d
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
- name: slack
|
||||
image: plugins/slack
|
||||
settings:
|
||||
webhook:
|
||||
from_secret: slack_webhook_beep
|
||||
depends_on:
|
||||
- backend-auth
|
||||
- backend-bite
|
||||
|
|
|
@ -2,36 +2,12 @@
|
|||
# Deployment
|
||||
#
|
||||
# Requirements
|
||||
# ./traefik.staging.toml
|
||||
# ./backend-core/postgres
|
||||
#
|
||||
|
||||
version: "3"
|
||||
services:
|
||||
|
||||
traefik:
|
||||
image: traefik
|
||||
command: --configfile=/traefik.toml
|
||||
depends_on:
|
||||
- core
|
||||
- signal
|
||||
- heartbeat
|
||||
- bite
|
||||
- publish
|
||||
- subscribe
|
||||
- transcription
|
||||
- auth
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
- "1837:1837"
|
||||
- "8080:8080"
|
||||
volumes:
|
||||
- ./traefik.staging.toml:/traefik.toml:ro
|
||||
networks:
|
||||
- traefiknet
|
||||
- authnet
|
||||
|
||||
pg:
|
||||
image: postgres:10.3
|
||||
environment:
|
||||
|
@ -71,7 +47,13 @@ services:
|
|||
- POSTGRES=postgresql://root@pg:5432/core?sslmode=disable
|
||||
networks:
|
||||
- pgnet
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/core/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
signal:
|
||||
image: registry.makerforce.io/beep/backend-signal:latest
|
||||
|
@ -79,7 +61,13 @@ services:
|
|||
environment:
|
||||
- PORT=80
|
||||
networks:
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/signal/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
heartbeat:
|
||||
image: registry.makerforce.io/beep/backend-heartbeat:latest
|
||||
|
@ -91,7 +79,13 @@ services:
|
|||
- REDIS=redis:6379
|
||||
networks:
|
||||
- redisnet
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/heartbeat/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
login:
|
||||
image: registry.makerforce.io/beep/backend-login:latest
|
||||
|
@ -106,9 +100,13 @@ services:
|
|||
- TWILIO_SID=AC22ea3eea85e5108a96b947aea8ab1320
|
||||
- TWILIO_TOKEN=fb23fa1a1564aa9f62a7a3117f07b3a0
|
||||
networks:
|
||||
- traefiknet
|
||||
- http
|
||||
- redisnet
|
||||
- pgnet
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/login/
|
||||
- traefik.port=80
|
||||
|
||||
auth:
|
||||
image: registry.makerforce.io/beep/backend-auth:latest
|
||||
|
@ -119,7 +117,7 @@ services:
|
|||
ports:
|
||||
- "10205:10205" # Remove this for production
|
||||
networks:
|
||||
- authnet
|
||||
- http
|
||||
|
||||
bite:
|
||||
image: registry.makerforce.io/beep/backend-bite:latest
|
||||
|
@ -131,7 +129,13 @@ services:
|
|||
- NATS=nats://nats:4222
|
||||
networks:
|
||||
- natsnet
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/bite/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
publish:
|
||||
image: registry.makerforce.io/beep/backend-publish:latest
|
||||
|
@ -144,7 +148,13 @@ services:
|
|||
- SECRET=secret
|
||||
networks:
|
||||
- natsnet
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/publish/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
store:
|
||||
image: registry.makerforce.io/beep/backend-store:latest
|
||||
|
@ -167,7 +177,13 @@ services:
|
|||
- NATS=nats://nats:4222
|
||||
networks:
|
||||
- natsnet
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/subscribe/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
transcription:
|
||||
image: registry.makerforce.io/beep/backend-transcription:latest
|
||||
|
@ -180,11 +196,18 @@ services:
|
|||
- API_KEY=AIzaSyDxSXDefzw9gXCQaVzOCYlRn_vcC9Da9Q0
|
||||
networks:
|
||||
- natsnet
|
||||
- traefiknet
|
||||
- http
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/transcription/
|
||||
- traefik.frontend.auth.forward.address=http://auth:10205/auth
|
||||
- traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim
|
||||
- traefik.port=80
|
||||
|
||||
networks:
|
||||
authnet:
|
||||
pgnet:
|
||||
natsnet:
|
||||
redisnet:
|
||||
traefiknet:
|
||||
http:
|
||||
external:
|
||||
name: http
|
||||
|
|
60
drone_gen.js
60
drone_gen.js
|
@ -47,10 +47,37 @@ const yamls = dockers.map(f => ({
|
|||
from_secret: 'docker_password',
|
||||
},
|
||||
},
|
||||
when: {
|
||||
branch: ['master'],
|
||||
},
|
||||
},
|
||||
],
|
||||
}))
|
||||
|
||||
const sshTest = {
|
||||
kind: 'pipeline',
|
||||
name: 'ssh-test',
|
||||
clone: {
|
||||
depth: 1,
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: 'ssh',
|
||||
image: 'appleboy/drone-ssh',
|
||||
settings: {
|
||||
host: 'staging.beepvoice.app',
|
||||
username: 'core',
|
||||
key: {
|
||||
from_secret: 'ssh_key',
|
||||
},
|
||||
script: [
|
||||
'cd /home/core/staging && ls'
|
||||
],
|
||||
},
|
||||
},
|
||||
],
|
||||
};
|
||||
|
||||
const deploy = {
|
||||
kind: 'pipeline',
|
||||
name: 'deploy',
|
||||
|
@ -72,14 +99,18 @@ const deploy = {
|
|||
settings: {
|
||||
host: 'staging.beepvoice.app',
|
||||
username: 'core',
|
||||
ssh_key: {
|
||||
key: {
|
||||
from_secret: 'ssh_key',
|
||||
},
|
||||
source: [
|
||||
'docker-compose.staging.yml',
|
||||
'traefik.staging.toml',
|
||||
],
|
||||
target: '/home/core/staging',
|
||||
},
|
||||
when: {
|
||||
branch: ['master'],
|
||||
},
|
||||
},
|
||||
{
|
||||
name: 'copy-migrations',
|
||||
|
@ -87,13 +118,16 @@ const deploy = {
|
|||
settings: {
|
||||
host: 'staging.beepvoice.app',
|
||||
username: 'core',
|
||||
ssh_key: {
|
||||
key: {
|
||||
from_secret: 'ssh_key',
|
||||
},
|
||||
source: [
|
||||
'backend-core/postgres/*',
|
||||
],
|
||||
target: '/home/core/staging/backend-core/postgres',
|
||||
target: '/home/core/staging',
|
||||
},
|
||||
when: {
|
||||
branch: ['master'],
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -102,20 +136,32 @@ const deploy = {
|
|||
settings: {
|
||||
host: 'staging.beepvoice.app',
|
||||
username: 'core',
|
||||
ssh_key: {
|
||||
key: {
|
||||
from_secret: 'ssh_key',
|
||||
},
|
||||
script: [
|
||||
'cd /home/core/staging && docker-compose -f docker-compose.staging.yml pull',
|
||||
'cd /home/core/staging && docker-compose -f docker-compose.staging.yml up -d',
|
||||
'cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml pull',
|
||||
'cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml up -d',
|
||||
],
|
||||
},
|
||||
when: {
|
||||
branch: ['master'],
|
||||
},
|
||||
},
|
||||
{
|
||||
name: 'slack',
|
||||
image: 'plugins/slack',
|
||||
settings: {
|
||||
webhook: {
|
||||
from_secret: 'slack_webhook_beep',
|
||||
},
|
||||
},
|
||||
},
|
||||
],
|
||||
depends_on: dockers,
|
||||
};
|
||||
|
||||
const droneyml = [].concat(yamls).concat(deploy).map(yaml.safeDump).join('---\n');
|
||||
const droneyml = [].concat(sshTest).concat(yamls).concat(deploy).map(yaml.safeDump).join('---\n');
|
||||
|
||||
fs.writeFileSync(path.join(cwd, '.drone.yml'), droneyml);
|
||||
console.log('Written to .drone.yml');
|
||||
|
|
|
@ -1,183 +0,0 @@
|
|||
# staging
|
||||
|
||||
[api]
|
||||
|
||||
dashboard = false
|
||||
|
||||
[acme]
|
||||
|
||||
email = "letsencrypt+alpha@beepvoice.app"
|
||||
caServer = "https://acme-v02.api.letsencrypt.org/directory"
|
||||
acmeLogging = true
|
||||
storage = "acme-staging.json"
|
||||
onHostRule = true
|
||||
entryPoint = "https"
|
||||
[acme.httpChallenge]
|
||||
entryPoint = "http"
|
||||
|
||||
# funny, this doesn't work...
|
||||
defaultEntryPoints = ["http", "https"]
|
||||
|
||||
[entryPoints]
|
||||
|
||||
[entryPoints.http]
|
||||
address = ":80"
|
||||
[entryPoints.http.redirect]
|
||||
entryPoint = "https"
|
||||
[entryPoints.https]
|
||||
address = ":443"
|
||||
[entryPoints.https.tls]
|
||||
[entryPoints.traefik]
|
||||
address = ":8080"
|
||||
|
||||
[file]
|
||||
|
||||
# Core
|
||||
|
||||
[backends.core]
|
||||
[backends.core.servers.one]
|
||||
url = "http://core"
|
||||
|
||||
[frontends.core]
|
||||
backend = "core"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.core.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.core.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.core.routes.one]
|
||||
rule = "PathPrefixStrip: /core/"
|
||||
|
||||
# Signal
|
||||
|
||||
[backends.signal]
|
||||
[backends.signal.servers.one]
|
||||
url = "http://signal"
|
||||
|
||||
[frontends.signal]
|
||||
backend = "signal"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.signal.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.signal.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.signal.routes.one]
|
||||
rule = "PathPrefixStrip: /signal/"
|
||||
|
||||
# Heartbeat
|
||||
|
||||
[backends.heartbeat]
|
||||
[backends.heartbeat.servers.one]
|
||||
url = "http://heartbeat"
|
||||
|
||||
[frontends.heartbeat]
|
||||
backend = "heartbeat"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.heartbeat.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.heartbeat.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.heartbeat.routes.one]
|
||||
rule = "PathPrefixStrip: /heartbeat/"
|
||||
|
||||
# Bite
|
||||
|
||||
[backends.bite]
|
||||
[backends.bite.servers.one]
|
||||
url = "http://bite"
|
||||
|
||||
[frontends.bite]
|
||||
backend = "bite"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.bite.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.bite.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.bite.routes.one]
|
||||
rule = "PathPrefixStrip: /bite/"
|
||||
|
||||
# Publish
|
||||
|
||||
[backends.publish]
|
||||
[backends.publish.servers.one]
|
||||
url = "http://publish"
|
||||
|
||||
[frontends.publish]
|
||||
backend = "publish"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.publish.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.publish.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.publish.routes.one]
|
||||
rule = "PathPrefixStrip: /publish/"
|
||||
|
||||
# Subscribe
|
||||
|
||||
[backends.subscribe]
|
||||
[backends.subscribe.servers.one]
|
||||
url = "http://subscribe"
|
||||
|
||||
[frontends.subscribe]
|
||||
backend = "subscribe"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.subscribe.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.subscribe.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.subscribe.routes.one]
|
||||
rule = "PathPrefixStrip: /subscribe/"
|
||||
|
||||
# Transcription
|
||||
|
||||
[backends.transcription]
|
||||
[backends.transcription.servers.one]
|
||||
url = "http://transcription"
|
||||
|
||||
[frontends.transcription]
|
||||
backend = "transcription"
|
||||
entrypoints = ["http", "https"]
|
||||
[frontends.transcription.auth.forward]
|
||||
address = "http://auth:10205/auth"
|
||||
[frontends.transcription.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.transcription.routes.one]
|
||||
rule = "PathPrefixStrip: /transcription/"
|
||||
|
||||
# Login
|
||||
|
||||
[backends.login]
|
||||
[backends.login.servers.one]
|
||||
url = "http://login"
|
||||
|
||||
[frontends.login]
|
||||
backend = "login"
|
||||
entrypoints = ["login", "login_https"]
|
||||
[frontends.login.headers.customresponseheaders]
|
||||
Access-Control-Allow-Origin = "*"
|
||||
Access-Control-Allow-Headers = "Content-Type, Authorization"
|
||||
Access-Control-Allow-Credentials = "true"
|
||||
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||
[frontends.login.routes.one]
|
||||
rule = "PathPrefixStrip: /"
|
Loading…
Reference in New Issue