diff options
Diffstat (limited to 'playbooks/roles/ci/templates/stacks/docker-compose.yml')
| -rw-r--r-- | playbooks/roles/ci/templates/stacks/docker-compose.yml | 75 |
1 files changed, 17 insertions, 58 deletions
diff --git a/playbooks/roles/ci/templates/stacks/docker-compose.yml b/playbooks/roles/ci/templates/stacks/docker-compose.yml index e2358e5..38e1b1c 100644 --- a/playbooks/roles/ci/templates/stacks/docker-compose.yml +++ b/playbooks/roles/ci/templates/stacks/docker-compose.yml @@ -1,69 +1,26 @@ -services: - db: - image: postgres - environment: - POSTGRES_DB: concourse - POSTGRES_PASSWORD: concourse_pass - POSTGRES_USER: concourse_user - PGDATA: /database - POSTGRES_HOST_AUTH_METHOD: trust - healthcheck: - test: ["CMD-SHELL", "pg_isready -U concourse_user -d concourse"] - interval: 3s - timeout: 3s - retries: 5 - networks: - - ci - - worker: - image: concourse/concourse - command: worker - privileged: true - depends_on: - web: - condition: service_healthy - volumes: - - {{ ci_base }}/volumes/keys/worker:/concourse-keys - networks: - - ci - stop_signal: SIGUSR2 - environment: - CONCOURSE_TSA_HOST: web:2222 - CONCOURSE_GARDEN_DNS_PROXY_ENABLE: "true" +--- - web: - image: concourse - depends_on: - db: - condition: service_healthy +services: + laminard: + image: oci.liz.coffee/img/laminar-ciworker:latest volumes: - - {{ ci_base }}/volumes/keys/web:/concourse-keys + - {{ ci_base }}/volumes/laminar:/var/lib/laminar + - /var/run/docker.sock:/var/run/docker.sock + healthcheck: + test: ["CMD-SHELL", "/usr/bin/laminarc show-jobs"] + timeout: 15s + interval: 30s + retries: 3 + start_period: 5s environment: + - BW_CLIENTID={{ vaultwarden_client_id }} + - BW_CLIENTSECRET={{ vaultwarden_client_secret }} + - BW_PASSWORD={{ vaultwarden_master_password }} - TZ={{ timezone }} - DEPLOYMENT_TIME={{ deployment_time }} - - CONCOURSE_POSTGRES_HOST: db - - CONCOURSE_POSTGRES_USER: concourse_user - - CONCOURSE_POSTGRES_PASSWORD: concourse_pass - - CONCOURSE_POSTGRES_DATABASE: concourse - - CONCOURSE_EXTERNAL_URL: https://{{ ci_domain }} - - - # instead of relying on the default "detect" - - CONCOURSE_WORKER_BAGGAGECLAIM_DRIVER=overlay - - CONCOURSE_CLUSTER_NAME={{ ci_domain }} - - - CONCOURSE_OIDC_DISPLAY_NAME={{ domain }} <3 - - CONCOURSE_OIDC_CLIENT_ID=concourse - - CONCOURSE_OIDC_CLIENT_SECRET={{ concourse_secret_key }} - - CONCOURSE_OID_ISSUER=https://{{ idm_domain }}/oauth2/openid/concourse/ networks: - ci - proxy - healthcheck: - test: ["CMD-SHELL", "curl", "--fail", "http://localhost:8080"] - timeout: 15s - interval: 30s - retries: 3 - start_period: 5s deploy: mode: replicated update_config: @@ -84,5 +41,7 @@ services: networks: ci: + driver: overlay + attachable: true proxy: external: true |