added whole content

2025-04-25 02:46:39 +07:00 · 2022-11-03 10:38:11 +06:00 · 2022-11-03 10:38:11 +06:00 · 8b25e0631a
commit 8b25e0631a
parent 1b5df685cb
70 changed files with 5962 additions and 19 deletions
--- a/content/Docker/Building
+++ b/content/Docker/Building
@ -0,0 +1,15 @@
+Sample #Dockerfile for static Typescript builds such a #nextjs, #gatsby or #nuxt:
+
+```Dockerfile
+FROM node:16-alpine as builder
+WORKDIR /app
+COPY package.json yarn.lock ./
+RUN yarn
+COPY . .
+
+# your generate command here
+RUN yarn generate
+
+FROM nginx
+COPY --from=builder /app/dist /usr/share/nginx/html
+```
--- a/content/Docker/Drone-ci.md
+++ b/content/Docker/Drone-ci.md
@ -0,0 +1,98 @@
+Can be used with [Private docker registry](Private%20docker%20registry.md) to deploy things using #docker.
+
+## Pushing to private docker_registry
+
+You should specify `global_docker_login`, `global_docker_password`, `global_docker_registry` organizations variables in your **drone**. And `docker_repo` variable for your repo as `docker.yourdomain.com/your-image`.
+
+This is example of  `.droneci` for [private docker registry](Private%20docker%20registry.md): 
+
+```yaml
+kind: pipeline
+name: build
+type: docker
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+  - name: build-master
+    image: plugins/docker
+    when:
+      branch:
+        - master
+    settings:
+      dockerfile: Dockerfile
+      tag:
+        - ${DRONE_BRANCH}
+      username:
+        from_secret: global_docker_login
+      password:
+        from_secret: global_docker_password
+      registry:
+        from_secret: global_docker_registry
+      repo:
+        from_secret: docker_repo
+```
+
+## Docker-compose file for drone-ci
+
+The `drone` service is ui itself and `drone-agent` is runner for builds, that can be started on different machine (or machines).
+
+Change `secret_id`, `rpc_secret` and `drone.url` to something you like.
+
+```yaml
+version: "3"
+
+services:
+  drone:
+    container_name: drone
+    image: drone/drone:latest
+    environment:
+      - DRONE_GITHUB_CLIENT_ID=secret_id
+      - DRONE_GITHUB_CLIENT_SECRET=client_secret
+      - DRONE_RPC_SECRET=rpc_secret
+      - DRONE_SERVER_HOST=drone.url
+      - DRONE_USER_CREATE="username:user,admin:true"
+      - DRONE_SERVER_PROTO=https
+      - DRONE_TLS_AUTOCERT=false
+      - DRONE_GIT_ALWAYS_AUTH=false
+      - DRONE_LOGS_DEBUG=true
+      - DRONE_LOGS_TRACE=true
+    restart: always
+    volumes:
+      - ./data:/data
+    ports:
+      - 8090:80
+  drone-agent:
+    container_name: drone__agent
+    image: drone/agent:latest
+    command: agent
+    restart: always
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - DRONE_RPC_SERVER=https://drone.url
+      - DRONE_RPC_SECRET=rpc_secret
+```
+
+## Caching builds
+
+Haven't checked that yet, but there's a [manual](https://laszlo.cloud/the-ultimate-droneci-caching-guide) from [Laszlo Fogas](https://laszlo.cloud/) about that.
+
+## Get user info
+
+```shell
+export DRONE_SERVER=https://drone.url
+export DRONE_TOKEN=password
+drone info
+```
+
+## Mark user as trusted
+
+Sometimes it won't help, then connect to drone database with sqlite and change user's trusted flag to `1`.
+
+```shell
+drone repo update $1 --trusted=true && drone repo info $1
+```
+
--- a/content/Docker/Github
+++ b/content/Docker/Github
@ -0,0 +1,44 @@
+To deploy github pages with [Drone-ci](Drone-ci.md) you will need `.drone.yml` as specified below. You also should define secrets  `github_username` and `github_token` (get it [here](https://github.com/settings/tokens)) in your drone's repository setup.
+
+Github repository should be named as `yourname.github.io` and it could be accessed at https://yourname.github.io/. Otherwise it'll be available at https://yourname.github.io/repo-name/, what you might not like.
+
+You should create branch named `gh-pages` in that repo and setup GH Pages at `https://github.com/<yourusername>/<yourusername>.github.io/settings/pages`.
+
+This config will update `gh-pages` branch in your project, which will contain only generated content. I know, that's bad, but there's no better way to do that with generic drone plugins.
+
+```yaml
+kind: pipeline
+name: build
+type: docker
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+  - name: build
+    image: node:16
+    commands:
+      - yarn
+      - yarn generate
+      - rm -rf ./docs
+      - mv ./.output/public ./docs
+      - touch ./docs/.nojekyll
+  - name: publish
+    image: plugins/gh-pages
+    settings:
+      target_branch: gh-pages
+      username:
+        from_secret: github_username
+      password:
+        from_secret: github_token
+```
+
+Here we're moving `./.output/public` to `./docs`, because #nuxt creates symlink for `docs` and git can't work with that.
+
+Also we create `.nojekyll` at the root of repo, so github's internal engine won't [ignore files that start with underscore](https://github.blog/2009-12-29-bypassing-jekyll-on-github-pages/).
+
+## Additional reading
+
+- [Drone Github Pages Documentation](https://plugins.drone.io/plugins/gh-pages)
+- [Bypassing Jekyll on GitHub Pages](https://github.blog/2009-12-29-bypassing-jekyll-on-github-pages/)
--- a/content/Docker/Private
+++ b/content/Docker/Private
@ -0,0 +1,71 @@
+Suitable to work with [Drone-ci](Drone-ci.md) for hosting private #docker images.
+
+## Sample docker-compose for custom docker registry
+
+This one brings up private docker registry with ui. First you'll need to generate password for it:
+
+```shell
+docker run \
+  --entrypoint htpasswd registry:2 \
+  -Bbn user mypassword > auth/registry.password
+```
+
+```yaml
+version: "3"
+services:
+  registry:
+    container_name: docker__registry
+    image: registry:2
+    ports:
+    - 5000:5000
+    restart: always
+    environment:
+      - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/data
+      - REGISTRY_AUTH=htpasswd
+      - REGISTRY_AUTH_HTPASSWD_REALM=Registry
+      - REGISTRY_AUTH_HTPASSWD_PATH=/auth/registry.password
+      - REGISTRY_HTTP_SECRET=password
+      - REGISTRY_STORAGE_DELETE_ENABLED=true
+    volumes:
+      - ./registry/auth:/auth
+      - ./registry/data:/data
+  ui:
+    container_name: docker__ui
+    image: parabuzzle/craneoperator:latest
+    ports:
+    - 80:80
+    restart: always
+    environment:
+      - REGISTRY_HOST=registry
+      - REGISTRY_PORT=5000
+      - REGISTRY_PROTOCOL=http
+      - ALLOW_REGISTRY_LOGIN=true
+      - REGISTRY_ALLOW_DELETE=true
+      - USERNAME=registry
+      - PASSWORD=password
+```
+
+## Squash layers on registry
+
+Sometimes you need to squash all layers in docker registry to free up disk space.
+
+1. Run this command to mark oldest layers
+
+```shell
+# Try this first
+docker run \
+  --rm anoxis/registry-cli \
+  -r https://registry.url \
+  -l user:password \
+  --delete \
+  --num 2
+
+# Then this 
+docker run -it \
+    -v /path/to/registry/data:/registry \
+    -e REGISTRY_URL=https://registry.url \
+    -e DRY_RUN="false" \
+    -e REGISTRY_AUTH="user:password" \
+    mortensrasmussen/docker-registry-manifest-cleanup
+```
+
--- a/content/Docker/Refresh
+++ b/content/Docker/Refresh
@ -0,0 +1,17 @@
+## Setting up watchtower 
+
+[Watchtower](https://containrrr.dev/watchtower/) will automatically pull updated #docker containers. Can be used with [Private docker registry](Private%20docker%20registry.md) and [Drone-ci](Drone-ci.md).
+
+```yaml
+version: "3"
+
+services:
+  watchtower:
+    container_name: docker__watchtower
+    image: v2tec/watchtower
+    restart: always
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /home/user/.docker/config.json:/config.json
+    command: --interval 60 image_1 image_2
+```
--- a/content/Docker/Seed
+++ b/content/Docker/Seed
@ -0,0 +1,15 @@
+If you need to seed `.sql` dump in #docker container, just run this command. Also you can try to [rsync file with SSH](/linux/Rsync%20file%20with%20SSH) to get it from remote host.
+
+```shell
+#####
+# usage: ./script.sh "/path/to/dump.sql"
+#####
+
+DUMP_PATH=$1
+CONTAINER="db"
+USER=root
+PASSWORD=password
+DB=database
+
+cat "$DUMP_PATH" | docker exec -i $CONTAINER mysql -u$USER -p$PASSWORD $DB
+```
--- a/content/Docker/Wait
+++ b/content/Docker/Wait
@ -0,0 +1,29 @@
+[wait-for-it.sh](https://github.com/vishnubob/wait-for-it) doing a great job of waiting for different services to become alive, but on #MacOs #docker is binding port on container start, seconds before #mysql is ready to accept connections
+
+This script waits for first successful query from database or exits with non-zero status after timeout.
+
+Don't forget to change `$query` for the actually working one.
+
+```shell
+# Waits for mysql to become actually available
+wait_for_mysql() {
+  query="SELECT count(*) FROM users"
+  
+  timeout=180 # 3 minutes limit
+  i=0
+  
+  while ! docker exec -it "$1" mysql --user="$2" --password="$3" -e "$query" $4 >/dev/null 2>&1; do
+    sleep 1;
+
+    i=$(($i+1))
+    if [[ ${i} -ge ${timeout} ]]; then
+      echo "[Error] can't properly query MySQL after ${i} secs"
+      exit 1;
+    fi
+  done
+}
+
+# usage: wait_for_mysql miin-mysql-dev root password database
+```
+
+[Wait for redis](Wait%20for%20redis.md)
--- a/content/Docker/Wait
+++ b/content/Docker/Wait
@ -0,0 +1,24 @@
+[wait-for-it.sh](https://github.com/vishnubob/wait-for-it) doing a great job of waiting for different services to become alive, but on #MacOs #docker is binding port on container start, seconds before redis is ready to accept connections
+
+This script waits for first successful ping or exits with non-zero status after 3 minutes.
+
+```shell
+# Waits for redis to become actually available
+wait_for_redis() {
+  timeout=180 # 3 minutes
+  i=0
+  while ! docker exec -it "$1" redis-cli -h localhost -p 6379 -a "$2" ping | grep "PONG" >/dev/null 2>&1; do
+    sleep 1;
+
+    i=$(($i+1))
+    if [[ ${i} -ge ${timeout} ]]; then
+      echo "[Error] can't properly ping Redis container after ${i} secs"
+      exit 1;
+    fi
+  done
+}
+
+# usage: wait_for_redis miin-redis-dev password
+```
+
+[Wait for mysql](Wait%20for%20mysql.md)