From 577178b0fe66475e4c8a5b3623420f265c41d404 Mon Sep 17 00:00:00 2001 From: nervo Date: Tue, 28 Jan 2020 15:25:06 +0100 Subject: [PATCH] [Elao - App] Docker applications --- elao.app/.manala.yaml | 2 + elao.app/.manala/Dockerfile.tmpl | 20 +++-- elao.app/.manala/Jenkinsfile.tmpl | 2 +- .../ansible/inventories/system.yaml.tmpl | 87 ++++++++++--------- .../ansible/templates/docker/audiowaveform.j2 | 8 ++ elao.app/.manala/docker/bin/entrypoint.sh | 3 + elao.app/.manala/docker/make.mk.tmpl | 1 + elao.app/.manala/jenkins/Jenkinsfile.tmpl | 2 +- 8 files changed, 74 insertions(+), 51 deletions(-) create mode 100755 elao.app/.manala/ansible/templates/docker/audiowaveform.j2 diff --git a/elao.app/.manala.yaml b/elao.app/.manala.yaml index 72d00adf..ad8cdaf1 100644 --- a/elao.app/.manala.yaml +++ b/elao.app/.manala.yaml @@ -109,6 +109,8 @@ system: docker: # @schema {"items": {"type": "object"}} containers: [] + # @schema {"items": {"type": "object"}} + applications: [] ############### # Integration # diff --git a/elao.app/.manala/Dockerfile.tmpl b/elao.app/.manala/Dockerfile.tmpl index 63c8d1f4..7bba69bb 100644 --- a/elao.app/.manala/Dockerfile.tmpl +++ b/elao.app/.manala/Dockerfile.tmpl @@ -34,7 +34,8 @@ RUN \ && mkdir -p /srv \ && chmod 777 /srv \ # User - && adduser --disabled-password --gecos "" docker \ + && addgroup --system docker \ + && adduser --disabled-password --ingroup docker --gecos docker docker \ # Bash && sed -i 's/^#force_color_prompt=yes/force_color_prompt=yes/' \ /home/docker/.bashrc \ @@ -59,10 +60,6 @@ RUN \ ansible python3 python3-apt {{- end }} -COPY docker/bin/entrypoint.sh /usr/local/bin/entrypoint.sh - -ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] - ########## # System # ########## @@ -73,6 +70,7 @@ COPY ansible/templates /tmp/ansible/templates/ COPY ansible/ansible.cfg ansible/system.yaml /tmp/ansible/ RUN \ + # Ansible cd /tmp/ansible \ && ansible-galaxy collection install \ --requirements-file roles/system/requirements.yaml \ @@ -80,13 +78,17 @@ RUN \ && ansible-playbook system.yaml \ --inventory-file inventories \ --limit integration \ - && rm -Rf /tmp/ansible - -RUN \ + && rm -Rf /tmp/ansible \ + # Cleanup docker + && rm -Rf /var/lib/docker \ # NodeJs - mkdir -p /usr/etc \ + && mkdir -p /usr/etc \ && echo "cache=\${XDG_CACHE_HOME}/npm" > /usr/etc/npmrc +COPY docker/bin/entrypoint.sh /usr/local/bin/entrypoint.sh + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] + WORKDIR /srv/app USER docker diff --git a/elao.app/.manala/Jenkinsfile.tmpl b/elao.app/.manala/Jenkinsfile.tmpl index 7eccaaf8..258e66fc 100644 --- a/elao.app/.manala/Jenkinsfile.tmpl +++ b/elao.app/.manala/Jenkinsfile.tmpl @@ -289,7 +289,7 @@ podTemplate( } try { - appImage.inside("--network container:${hostContainerId} --env XDG_CACHE_HOME=${appCacheHome}/app") { + appImage.inside("--privileged --network container:${hostContainerId} --env XDG_CACHE_HOME=${appCacheHome}/app") { {{- include "node" (dict "node" $integration) | trim | nindent 16 }} } } finally { diff --git a/elao.app/.manala/ansible/inventories/system.yaml.tmpl b/elao.app/.manala/ansible/inventories/system.yaml.tmpl index 51747a14..c1cb08d5 100644 --- a/elao.app/.manala/ansible/inventories/system.yaml.tmpl +++ b/elao.app/.manala/ansible/inventories/system.yaml.tmpl @@ -8,10 +8,19 @@ system: ############### development: + # Ansible ansible_connection: local + # Accounts manala_accounts_enabled: true + manala_accounts_groups: + - group: docker + system: true + manala_accounts_users: + - user: vagrant + group: vagrant + groups: ['docker'] # Motd manala_motd_enabled: true # Timezone @@ -73,7 +82,38 @@ system: # Elasticsearch manala_elasticsearch_enabled: {{ not (empty .elasticsearch.version) | ternary "true" "false" }} # Docker - manala_docker_enabled: true + manala_docker_containers: + - name: mailhog + image: mailhog/mailhog:v1.0.1 + state: started + restart_policy: unless-stopped + ports: + - 25:1025 + - 8025:8025 + - name: phpmyadmin + image: phpmyadmin/phpmyadmin + state: {{ or (not (empty .mysql.version)) (not (empty .mariadb.version)) | ternary "started" "absent" }} + restart_policy: unless-stopped + env: + PMA_USER: root + # Default docker host ip + PMA_HOST: 172.17.0.1 + UPLOAD_LIMIT: 64M + ports: + - 1979:80 + - name: phpredisadmin + image: erikdubbelboer/phpredisadmin + state: {{ not (empty .redis.version) | ternary "started" "absent" }} + restart_policy: unless-stopped + env: + # Default docker host ip + REDIS_1_HOST: 172.17.0.1 + ports: + - 1981:80 + {{- if .docker.containers }} + # App + {{- .docker.containers | toYaml | nindent 10 }} + {{- end }} # Gomplate manala_gomplate_enabled: true @@ -82,8 +122,10 @@ system: ############### integration: + # Ansible ansible_connection: local + # Apt manala_apt_enabled: true manala_apt_packages: @@ -120,15 +162,6 @@ system: # All # ####### - # Accounts - manala_accounts_groups: - - group: docker - system: true - manala_accounts_users: - - user: vagrant - group: vagrant - groups: ['docker'] - # Motd manala_motd_scripts_exclusive: true manala_motd_scripts: @@ -423,37 +456,11 @@ system: {{- end }} # Docker - manala_docker_containers: - - name: mailhog - image: mailhog/mailhog:v1.0.1 - state: started - restart_policy: unless-stopped - ports: - - 25:1025 - - 8025:8025 - - name: phpmyadmin - image: phpmyadmin/phpmyadmin - state: {{ or (not (empty .mysql.version)) (not (empty .mariadb.version)) | ternary "started" "absent" }} - restart_policy: unless-stopped - env: - PMA_USER: root - # Default docker host ip - PMA_HOST: 172.17.0.1 - UPLOAD_LIMIT: 64M - ports: - - 1979:80 - - name: phpredisadmin - image: erikdubbelboer/phpredisadmin - state: {{ not (empty .redis.version) | ternary "started" "absent" }} - restart_policy: unless-stopped - env: - # Default docker host ip - REDIS_1_HOST: 172.17.0.1 - ports: - - 1981:80 - {{- if .docker.containers }} + manala_docker_enabled: true + {{- if .docker.applications }} + manala_docker_applications: # App - {{- .docker.containers | toYaml | nindent 10 }} + {{- .docker.applications | toYaml | nindent 10 }} {{- end }} {{- end }} diff --git a/elao.app/.manala/ansible/templates/docker/audiowaveform.j2 b/elao.app/.manala/ansible/templates/docker/audiowaveform.j2 new file mode 100755 index 00000000..c3d3ad62 --- /dev/null +++ b/elao.app/.manala/ansible/templates/docker/audiowaveform.j2 @@ -0,0 +1,8 @@ +#!/usr/bin/env sh + +docker run \ + --rm \ + --user 1000 \ + --volume /srv:/srv \ + elao/audiowaveform:{{ item.version|mandatory }} \ + "$@" diff --git a/elao.app/.manala/docker/bin/entrypoint.sh b/elao.app/.manala/docker/bin/entrypoint.sh index f384c070..e16b92f5 100755 --- a/elao.app/.manala/docker/bin/entrypoint.sh +++ b/elao.app/.manala/docker/bin/entrypoint.sh @@ -2,6 +2,9 @@ set -e +# Docker +sudo /etc/init.d/docker start + # Cache (Composer and Yarn both follows XDG Base Directory Specification. For # the others, related environment variables must be expanded at runtime) if [ -n "${XDG_CACHE_HOME}" ]; then diff --git a/elao.app/.manala/docker/make.mk.tmpl b/elao.app/.manala/docker/make.mk.tmpl index 66d0dbbd..32fc4a6e 100644 --- a/elao.app/.manala/docker/make.mk.tmpl +++ b/elao.app/.manala/docker/make.mk.tmpl @@ -25,6 +25,7 @@ define docker_run --rm \ --tty \ --interactive \ + --privileged \ --hostname {{ .Vars.system.hostname }} \ --mount 'type=bind,consistency=delegated,source=$(realpath $(_ROOT_DIR)),target=/srv/app' \ --workdir /srv/app/$(_DIR) \ diff --git a/elao.app/.manala/jenkins/Jenkinsfile.tmpl b/elao.app/.manala/jenkins/Jenkinsfile.tmpl index 7eccaaf8..258e66fc 100644 --- a/elao.app/.manala/jenkins/Jenkinsfile.tmpl +++ b/elao.app/.manala/jenkins/Jenkinsfile.tmpl @@ -289,7 +289,7 @@ podTemplate( } try { - appImage.inside("--network container:${hostContainerId} --env XDG_CACHE_HOME=${appCacheHome}/app") { + appImage.inside("--privileged --network container:${hostContainerId} --env XDG_CACHE_HOME=${appCacheHome}/app") { {{- include "node" (dict "node" $integration) | trim | nindent 16 }} } } finally {