From f0b9ebc5e831bb8a2b2c0f7b3d88319e220db7d9 Mon Sep 17 00:00:00 2001 From: Henrique Goncalves Date: Wed, 19 May 2021 04:27:23 -0300 Subject: [PATCH] Add DigitalOcean Builder (#706) * add github actions workflows * add marketplace placeholders * minor changes * increment build number * fix yaml * fix build version * make main step uppercase * Update dev.yml * use cache instead of docker hub * load image to docker client * change cache key * minor changes * missing quote * add digitalocean packer * add release version in packer builds * add do secret Co-authored-by: Sebastian Stehle --- .github/workflows/marketplace-aws.yml | 17 +++-- .github/workflows/marketplace-azure.yml | 17 +++-- .../workflows/marketplace-digitalocean.yml | 20 +++--- .github/workflows/marketplace-gcp.yml | 17 +++-- .github/workflows/marketplace-heroku.yml | 17 +++-- .github/workflows/marketplace-kubernetes.yml | 17 +++-- .github/workflows/marketplace-render.yml | 17 +++-- .github/workflows/marketplace-vultr.yml | 17 +++-- packer/ansible/playbook.yml | 69 +++++++++++++++++++ packer/ansible/templates/99-squidex | 6 ++ packer/ansible/templates/docker-compose.yml | 57 +++++++++++++++ packer/ansible/templates/setup-squidex.sh | 66 ++++++++++++++++++ packer/digitalocean.pkr.hcl | 45 ++++++++++++ 13 files changed, 324 insertions(+), 58 deletions(-) create mode 100644 packer/ansible/playbook.yml create mode 100644 packer/ansible/templates/99-squidex create mode 100644 packer/ansible/templates/docker-compose.yml create mode 100644 packer/ansible/templates/setup-squidex.sh create mode 100644 packer/digitalocean.pkr.hcl diff --git a/.github/workflows/marketplace-aws.yml b/.github/workflows/marketplace-aws.yml index 985d04f7e..c08f17e26 100644 --- a/.github/workflows/marketplace-aws.yml +++ b/.github/workflows/marketplace-aws.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/aws.pkr.hcl + target: aws.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/aws.pkr.hcl + target: aws.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-azure.yml b/.github/workflows/marketplace-azure.yml index abd68677c..3a439029b 100644 --- a/.github/workflows/marketplace-azure.yml +++ b/.github/workflows/marketplace-azure.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/azure.pkr.hcl + target: azure.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/azure.pkr.hcl + target: azure.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-digitalocean.yml b/.github/workflows/marketplace-digitalocean.yml index 673275a05..1083e7dee 100644 --- a/.github/workflows/marketplace-digitalocean.yml +++ b/.github/workflows/marketplace-digitalocean.yml @@ -11,18 +11,14 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template - if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/digitalocean.pkr.hcl + target: digitalocean.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +26,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build - if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/digitalocean.pkr.hcl + target: digitalocean.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + DIGITALOCEAN_API_TOKEN: "${{ secrets.DIGITALOCEAN_API_TOKEN }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-gcp.yml b/.github/workflows/marketplace-gcp.yml index e585ec7d5..5979c3475 100644 --- a/.github/workflows/marketplace-gcp.yml +++ b/.github/workflows/marketplace-gcp.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/gcp.pkr.hcl + target: gcp.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/gcp.pkr.hcl + target: gcp.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-heroku.yml b/.github/workflows/marketplace-heroku.yml index f2cae0d94..e5ee6dbe3 100644 --- a/.github/workflows/marketplace-heroku.yml +++ b/.github/workflows/marketplace-heroku.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/heroku.pkr.hcl + target: heroku.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/heroku.pkr.hcl + target: heroku.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-kubernetes.yml b/.github/workflows/marketplace-kubernetes.yml index 30ab0c8c3..a8cb60240 100644 --- a/.github/workflows/marketplace-kubernetes.yml +++ b/.github/workflows/marketplace-kubernetes.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/kubernetes.pkr.hcl + target: kubernetes.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/kubernetes.pkr.hcl + target: kubernetes.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-render.yml b/.github/workflows/marketplace-render.yml index c8c4a1004..e838f7cb6 100644 --- a/.github/workflows/marketplace-render.yml +++ b/.github/workflows/marketplace-render.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/render.pkr.hcl + target: render.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/render.pkr.hcl + target: render.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/.github/workflows/marketplace-vultr.yml b/.github/workflows/marketplace-vultr.yml index 743448e3f..8a0470bd6 100644 --- a/.github/workflows/marketplace-vultr.yml +++ b/.github/workflows/marketplace-vultr.yml @@ -11,18 +11,15 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 - - name: Fix Template - if: false - uses: hashicorp/packer-github-actions@master - with: - command: fix + - name: Validate Template if: false uses: hashicorp/packer-github-actions@master with: command: validate arguments: -syntax-only - target: packer/vultr.pkr.hcl + target: vultr.pkr.hcl + working-directory: packer/ publish: needs: validate @@ -30,12 +27,18 @@ jobs: steps: - name: Checkout Repository uses: actions/checkout@v2 + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v3.x + - name: Build if: false uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: packer/vultr.pkr.hcl + target: vultr.pkr.hcl env: PACKER_LOG: 1 + PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" + working-directory: packer/ diff --git a/packer/ansible/playbook.yml b/packer/ansible/playbook.yml new file mode 100644 index 000000000..08baabf1c --- /dev/null +++ b/packer/ansible/playbook.yml @@ -0,0 +1,69 @@ +--- +- name: "Build Squidex Image" + hosts: default + become: true + + tasks: + - name: "Install Requirements" + apt: + name: + - apt-transport-https + - ca-certificates + - curl + - gnupg + - lsb-release + - python3-pip + - python3-setuptools + - software-properties-common + state: latest + update_cache: true + + - name: "Add Docker GPG Key" + apt_key: + url: "https://download.docker.com/linux/ubuntu/gpg" + state: "present" + + - name: "Add Docker Repository" + apt_repository: + repo: "deb https://download.docker.com/linux/ubuntu bionic stable" + state: present + mode: 0644 + + - name: "Install Docker" + apt: + name: + - containerd.io + - docker-ce + - docker-ce-cli + - docker-compose + state: latest + update_cache: true + + - name: "Install Docker Python Package" + pip: + name: + - docker + + - name: "Copy docker-compose.yml" + template: + src: "docker-compose.yml" + dest: "/opt/squidex/" + mode: 0644 + + - name: "Copy setup-squidex.sh" + template: + src: "setup-squidex.sh" + dest: "/opt/squidex/" + mode: 0755 + + - name: "Create /etc/squidex" + file: + path: "/etc/squidex" + state: "directory" + mode: 0755 + + - name: "Create MOTD" + template: + src: "99-squidex" + dest: "/etc/update-motd.d/" + mode: 0755 \ No newline at end of file diff --git a/packer/ansible/templates/99-squidex b/packer/ansible/templates/99-squidex new file mode 100644 index 000000000..12b0bebc1 --- /dev/null +++ b/packer/ansible/templates/99-squidex @@ -0,0 +1,6 @@ +#!/bin/bash +echo -e "\033[0m" +echo -e "Welcome to \033[0;36mSquidex\033[0m!" +echo +echo -e "Please run \033[1;32m/opt/squidex/setup-squidex.sh\033[0m to get started." +echo diff --git a/packer/ansible/templates/docker-compose.yml b/packer/ansible/templates/docker-compose.yml new file mode 100644 index 000000000..ffad5f313 --- /dev/null +++ b/packer/ansible/templates/docker-compose.yml @@ -0,0 +1,57 @@ +version: '2.3' +services: + squidex_mongo: + image: mongo + volumes: + - /etc/squidex/mongo/db:/data/db + networks: + - internal + restart: unless-stopped + + squidex_squidex: + image: "squidex/squidex:{{ squidex_version }}" + environment: + - URLS__BASEURL=https://${SQUIDEX_DOMAIN} + - EVENTSTORE__TYPE=MongoDB + - EVENTSTORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo + - STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo + - IDENTITY__ADMINEMAIL=${SQUIDEX_ADMINEMAIL} + - IDENTITY__ADMINPASSWORD=${SQUIDEX_ADMINPASSWORD} + - IDENTITY__GOOGLECLIENT=${SQUIDEX_GOOGLECLIENT} + - IDENTITY__GOOGLESECRET=${SQUIDEX_GOOGLESECRET} + - IDENTITY__GITHUBCLIENT=${SQUIDEX_GITHUBCLIENT} + - IDENTITY__GITHUBSECRET=${SQUIDEX_GITHUBSECRET} + - IDENTITY__MICROSOFTCLIENT=${SQUIDEX_MICROSOFTCLIENT} + - IDENTITY__MICROSOFTSECRET=${SQUIDEX_MICROSOFTSECRET} + - ASPNETCORE_URLS=http://+:5000 + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:5000/healthz"] + start_period: 60s + depends_on: + - squidex_mongo + volumes: + - /etc/squidex/assets:/app/Assets + networks: + - internal + restart: unless-stopped + + squidex_proxy: + image: squidex/caddy-proxy + ports: + - "80:80" + - "443:443" + environment: + - SITE_ADDRESS=${SQUIDEX_DOMAIN} + - SITE_SERVER="squidex_squidex:5000" + volumes: + - /etc/squidex/caddy/data:/data + - /etc/squidex/caddy/config:/config + depends_on: + - squidex_squidex + networks: + - internal + restart: unless-stopped + +networks: + internal: + driver: bridge \ No newline at end of file diff --git a/packer/ansible/templates/setup-squidex.sh b/packer/ansible/templates/setup-squidex.sh new file mode 100644 index 000000000..c84e6bf4f --- /dev/null +++ b/packer/ansible/templates/setup-squidex.sh @@ -0,0 +1,66 @@ +#!/bin/bash +set -e + +cd /opt/squidex + +# Prompt user to enter config. + +echo "> This script will setup a basic configuration of Squidex" +echo "> using docker-compose that is suitable for the most use cases." +echo "> Please go to https://docs.squidex.io for advanced configuration." +echo +echo "> Please enter the host name. You need a public DNS entry," +echo "> because Squidex will get a certificate using lets encrypt." +echo + +read -p "Enter Host Name (required): " hostName +while [ -z "$hostName" ]; do + read -p "Enter Host Name (required): " hostName +done + +echo +echo "> You can also configure external authentication providers if you want." +echo "> If no external provider is configured you can later setup an account." +echo + +read -p "Enter Google Client ID (optional): " googleClientId +read -p "Enter Google Client Secret (optional): " googleSecret + +read -p "Enter Github Client ID (optional): " githubClientId +read -p "Enter Github Client Secret (optional): " githubSecret + +read -p "Enter Microsoft Client ID (optional): " microsoftClientId +read -p "Enter Microsoft Client Secret (optional)": microsoftSecret + +echo +echo "SUMMARY" + +echo "Hostname: $hostName" +echo "Google Client ID: $googleClientId" +echo "Google Client Secret: $googleSecret" +echo "Github Client ID: $githubClientId" +echo "Github Client Secret: $githubSecret" +echo "Microsoft Client ID: $microsoftClientId" +echo "Microsoft Client Secret: $microsoftSecret" + +envFile=".env" + +[ -f $envFile ] && rm $envFile + +echo "SQUIDEX_DOMAIN=$hostName" >> $envFile +echo "SQUIDEX_ADMINEMAIL=" >> $envFile +echo "SQUIDEX_ADMINPASSWORD=" >> $envFile +echo "SQUIDEX_GOOGLECLIENT=$googleClientId" >> $envFile +echo "SQUIDEX_GOOGLESECRET=$googleSecret" >> $envFile +echo "SQUIDEX_GITHUBCLIENT=$githubClientId" >> $envFile +echo "SQUIDEX_GITHUBSECRET=$githubSecret" >> $envFile +echo "SQUIDEX_MICROSOFTCLIENT=$microsoftClientId" >> $envFile +echo "SQUIDEX_MICROSOFTSECRET=$microsoftSecret" >> $envFile +echo "UI__ONLYADMINSCANCREATEAPPS=true" >> $envFile + +echo +echo "Waiting 10 seconds. You may press Ctrl+C now to abort this script." + +( set -x; sleep 10 ) + +docker-compose up -d \ No newline at end of file diff --git a/packer/digitalocean.pkr.hcl b/packer/digitalocean.pkr.hcl new file mode 100644 index 000000000..362117a3e --- /dev/null +++ b/packer/digitalocean.pkr.hcl @@ -0,0 +1,45 @@ +variable "squidex_version" { + type = string + default = "5.7.0" +} + +source "digitalocean" "do" { + image = "ubuntu-20-04-x64" + region = "sfo3" + droplet_name = "squidex-${replace(var.squidex_version, ".", "-")}-build-{{ timestamp }}" + snapshot_name = "squidex-${replace(var.squidex_version, ".", "-")}" + snapshot_regions = [ + "nyc1", + "sfo1", + "nyc2", + "ams2", + "sgp1", + "lon1", + "nyc3", + "ams3", + "fra1", + "tor1", + "sfo2", + "blr1", + "sfo3", + ] + size = "s-2vcpu-2gb" + ssh_username = "root" +} + +build { + sources = [ + "source.digitalocean.do" + ] + + provisioner "ansible" { + ansible_env_vars = [ + "ANSIBLE_HOST_KEY_CHECKING=False", + "ANSIBLE_SSH_ARGS='-F /dev/null -o ForwardAgent=no -o ControlMaster=auto -o ControlPersist=60s'", + "ANSIBLE_NOCOLOR=True" + ] + extra_arguments = ["--extra-vars", "squidex_version=${var.squidex_version}"] + playbook_file = "./ansible/playbook.yml" + use_proxy = false + } +} \ No newline at end of file