diff --git a/ansible/host_vars/dchi/drone.yml b/ansible/host_vars/dchi/drone.yml index 8a43600..d41f0f0 100644 --- a/ansible/host_vars/dchi/drone.yml +++ b/ansible/host_vars/dchi/drone.yml @@ -1,12 +1,11 @@ -drone_domain: drone.try.gitea.io -drone_orgs: gitea -drone_admins: lafriks,lunny,techknowlogick +drone_server_host: drone.try.gitea.io +drone_user_filter: lafriks,lunny,techknowlogick,gitea drone_max_procs: 1 drone_gitea: true -drone_gitea_url: https://try.gitea.io +drone_gitea_server: https://try.gitea.io drone_gitea_skip_verify: false -drone_secret: !vault | +drone_rpc_secret: !vault | $ANSIBLE_VAULT;1.1;AES256 33396362313237376239323631386235343930613537623363613663326165373664663362323732 3166323537636530613634326436663539333631646636370a353466643231643366343738396239 diff --git a/ansible/host_vars/pangu/drone.yml b/ansible/host_vars/pangu/drone.yml index a67514a..d380b07 100644 --- a/ansible/host_vars/pangu/drone.yml +++ b/ansible/host_vars/pangu/drone.yml @@ -1,10 +1,9 @@ -drone_domain: drone.gitea.io -drone_orgs: go-gitea -drone_admins: lafriks,lunny,techknowlogick +drone_server_host: drone.gitea.io +drone_user_filter: lafriks,lunny,techknowlogick,go-gitea drone_max_procs: 2 drone_github: true -drone_secret: !vault | +drone_rpc_secret: !vault | $ANSIBLE_VAULT;1.1;AES256 31363030316336373437656164363162646539393137633932666230333739333036363734313237 6265383139366564383865366232663137343733396238390a613631623539656634336365323132 diff --git a/ansible/roles/drone/defaults/main.yml b/ansible/roles/drone/defaults/main.yml index b5ff4de..6fa48a4 100644 --- a/ansible/roles/drone/defaults/main.yml +++ b/ansible/roles/drone/defaults/main.yml @@ -1,17 +1,21 @@ -drone_server: drone/drone:0.8 -drone_agent: drone/agent:0.8 -drone_domain: -drone_debug: true -drone_open: true -drone_orgs: -drone_admins: +drone_server: drone/drone:1.0.0 +drone_agent: drone/agent:1.0.0 + +drone_server_host: +drone_server_port: +drone_server_proto: + +drone_database_driver: sqlite3 +drone_database_datasource: /data/database.sqlite + +drone_user_filter: drone_max_procs: 2 -drone_secret: +drone_rpc_secret: drone_github: false drone_github_client: drone_github_secret: drone_gitea: false -drone_gitea_url: +drone_gitea_server: drone_gitea_skip_verify: false diff --git a/ansible/roles/drone/templates/compose.j2 b/ansible/roles/drone/templates/compose.j2 index 0a02ac9..31e3f9d 100644 --- a/ansible/roles/drone/templates/compose.j2 +++ b/ansible/roles/drone/templates/compose.j2 @@ -17,28 +17,26 @@ services: restart: always environment: - DRONE_GITHUB=${DRONE_GITHUB} - - DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT} - - DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET} - - DRONE_GOGS=${DRONE_GITEA} - - DRONE_GOGS_URL=${DRONE_GITEA_URL} - - DRONE_GOGS_SKIP_VERIFY=${DRONE_GITEA_SKIP_VERIFY} - - DRONE_DEBUG=${DRONE_DEBUG} - - DRONE_SECRET=${DRONE_SECRET} - - DRONE_OPEN=${DRONE_OPEN} - - DRONE_ORGS=${DRONE_ORGS} - - DRONE_ADMIN=${DRONE_ADMIN} - - DRONE_HOST=https://${DRONE_DOMAIN} + - DRONE_GITHUB_CLIENT_ID=${DRONE_GITHUB_CLIENT} + - DRONE_GITHUB_CLIENT_SECRET=${DRONE_GITHUB_SECRET} + - DRONE_GITEA=${DRONE_GITEA} + - DRONE_GITEA_SERVER=${DRONE_GITEA_SERVER} + - DRONE_GITEA_SKIP_VERIFY=${DRONE_GITEA_SKIP_VERIFY} + - DRONE_RPC_SECRET=${DRONE_RPC_SECRET} + - DRONE_SERVER_HOST=${DRONE_SERVER_HOST} + - DRONE_SERVER_PROTO=https + - DRONE_SERVER_PORT=:8000 - DRONE_VOLUME=/etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro - DRONE_NETWORK=drone_internal - - DATABASE_DRIVER=sqlite3 - - DATABASE_CONFIG=/var/lib/drone/database.sqlite3 + - DRONE_DATABASE_DRIVER=${DRONE_DATABASE_DRIVER} + - DRONE_DATABASE_DATASOURCE=${DRONE_DATABASE_DATASOURCE} networks: - traefik - internal labels: - traefik.docker.network=traefik_general - traefik.port=8000 - - traefik.frontend.rule=Host:${DRONE_DOMAIN} + - traefik.frontend.rule=Host:${DRONE_SERVER_HOST} healthcheck: test: ["NONE"] interval: 30s @@ -46,16 +44,16 @@ services: retries: 5 volumes: - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro - - server:/var/lib/drone + - server:/data agent: image: ${DRONE_AGENT} restart: always environment: - - DRONE_SERVER=server:9000 - - DRONE_DEBUG=${DRONE_DEBUG} - - DRONE_SECRET=${DRONE_SECRET} + - DRONE_SERVER=https://${DRONE_SERVER_HOST} + - DRONE_RPC_SECRET=${DRONE_RPC_SECRET} - DRONE_MAX_PROCS=${DRONE_MAX_PROCS} + - DRONE_RUNNER_VOLUMES=/etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro networks: - internal depends_on: diff --git a/ansible/roles/drone/templates/default.j2 b/ansible/roles/drone/templates/default.j2 index 3224aba..ca0015d 100644 --- a/ansible/roles/drone/templates/default.j2 +++ b/ansible/roles/drone/templates/default.j2 @@ -1,18 +1,18 @@ DRONE_SERVER={{ drone_server }} DRONE_AGENT={{ drone_agent }} -DRONE_DOMAIN={{ drone_domain }} -DRONE_SERVER_HOST=https://{{ drone_domain }} +DRONE_SERVER_HOST={{ drone_server_host }} DRONE_DEBUG={{ drone_debug | default(False) | lower }} -DRONE_SECRET={{ drone_secret }} -DRONE_OPEN={{ drone_open | default(False) | lower }} -DRONE_ORGS={{ drone_orgs | default("") }} -DRONE_ADMIN={{ drone_admins | default("") }} +DRONE_RPC_SECRET={{ drone_rpc_secret }} DRONE_MAX_PROCS={{ drone_max_procs | default(5) }} +DRONE_USER_FILTER={{ drone_user_filter }} + +DRONE_DATABASE_DRIVER={{ drone_database_driver | default("sqlite3") }} +DRONE_DATABASE_DATASOURCE={{ drone_database_datasource }} DRONE_GITHUB={{ drone_github | default(False) | lower }} DRONE_GITHUB_CLIENT={{ drone_github_client | default("") }} DRONE_GITHUB_SECRET={{ drone_github_secret | default("") }} DRONE_GITEA={{ drone_gitea | default(False) | lower }} -DRONE_GITEA_URL={{ drone_gitea_url | default("") }} +DRONE_GITEA_SERVER={{ drone_gitea_server | default("") }} DRONE_GITEA_SKIP_VERIFY={{ drone_gitea_skip_verify | default(False) | lower }}