--- /dev/null
+{
+ "run_list": [
+ "role[aptly-on-docker]"
+ ]
+}
--- /dev/null
+{
+ "run_list": [
+ "role[concourse-on-docker]"
+ ]
+}
+++ /dev/null
-{
- "run_list": [
- "role[concourse]"
- ]
-}
--- /dev/null
+{
+ "run_list": [
+ "role[devops-suite-on-docker]"
+ ]
+}
--- /dev/null
+{
+ "run_list": [
+ "role[devops-suite-with-ssl-on-docker]"
+ ]
+}
--- /dev/null
+{
+ "run_list": [
+ "role[nexus2-on-docker]"
+ ]
+}
--- /dev/null
+{
+ "run_list": [
+ "role[nexus3-on-docker]"
+ ]
+}
--- /dev/null
+name 'aptly-on-docker'
+description 'aptly on Docker'
+
+#aptly_cn = 'aptly.io.example.com'
+#aptly_port = '7080' # default: 8080
+#aptly_api_port = '7081' # default: 8081
+
+run_list(
+ 'role[docker]',
+ 'recipe[apt_utils::aptly-docker-compose]',
+)
+
+#env_run_lists()
+
+#default_attributes()
+
+override_attributes(
+ 'docker-grid' => {
+ 'engine' => {
+ 'skip_setup' => false,
+ },
+ 'compose' => {
+ 'skip_setup' => false,
+ },
+ },
+ 'apt_utils' => {
+ 'aptly' => {
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ #"#{aptly_port}:8080",
+ #"#{aptly_api_port}:8081",
+ ],
+ },
+ 'aptly' => {
+ },
+ },
+ },
+ },
+ },
+ },
+)
-name 'concourse'
-description 'Concourse'
+name 'concourse-on-docker'
+description 'Concourse on Docker'
+
+image = 'concourse/concourse'
+#port = '8080' # '8443' (for https)
+#concourse_cn = 'concourse.io.example.com'
run_list(
#'recipe[ssl_cert::server_key_pairs]', # for https
'role[docker]',
+ 'recipe[concourse-ci::docker-compose]',
#'recipe[concourse-ci::fly]',
)
#default_attributes()
-image = 'concourse/concourse' # of 'concourse/concourse:2.6.0',...
-port = '8080' # '8443' (for https)
-concourse_cn = 'concourse.io.example.com'
-
override_attributes(
# for https
'ssl_cert' => {
'common_names' => [
- concourse_cn,
+ #concourse_cn,
],
},
'docker-grid' => {
'engine' => {
'skip_setup' => false,
- 'storage-driver_on_centos' => 'overlay',
- 'storage-driver_on_ubuntu' => 'aufs', # default: aufs
},
'compose' => {
'skip_setup' => false,
'concourse-ci' => {
'with_ssl_cert_cookbook' => false, # or true (for https)
'ssl_cert' => {
- 'common_name' => concourse_cn,
+ #'common_name' => concourse_cn,
},
'docker-compose' => {
'config' => {
# Version 1 docker-compose format
'concourse-web' => {
'image' => image,
- #'ports' => [
- # #"#{port}:8080", # If you sepecify no value, Chef will sets '8080:8080'.
- # #"#{port}:8443", # for https
- #],
+ 'ports' => [
+ #"#{port}:8080", # If you sepecify no value, Chef will sets '8080:8080'.
+ #"#{port}:8443", # for https
+ ],
'environment' => {
# If you sepecify no value, Chef will sets "http://#{node['ipaddress']}:8080".
#'CONCOURSE_EXTERNAL_URL' => "http://192.168.1.3:#{port}", # or "https://192.168.1.3:#{port}"
#'CONCOURSE_TLS_CERT' => '/root/server.crt',
#'CONCOURSE_TLS_KEY' => '/root/server.key',
},
- #'volumes' => [
- # # These volumes will be set by the concourse-ci::docker-compose recipe automatically.
- # #"#{server_cert_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.crt:ro",
- # #"#{server_key_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.key:ro",
- #],
+ 'volumes' => [
+ # These volumes will be set by the concourse-ci::docker-compose recipe automatically.
+ #"#{server_cert_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.crt:ro",
+ #"#{server_key_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.key:ro",
+ ],
},
'concourse-worker' => {
'image' => image,
--- /dev/null
+name 'devops-suite-on-docker'
+description 'DevOps Suite on Docker'
+
+aptly_port = '7080' # default: 8080
+aptly_api_port = '7081' # default: 8081
+concourse_port = '8080'
+gitlab_http_port = '80' # default: 80, and 8080 already in use.
+gitlab_ssh_port = '2022'
+nexus_ver = '3'
+nexus_port = nexus_ver == '3' ? '8081' : '8071'
+
+run_list(
+ 'role[docker]',
+ 'role[aptly-on-docker]',
+ 'role[concourse-on-docker]',
+ 'role[gitlab-on-docker]',
+ 'role[gitlab-runner]',
+ "role[nexus#{nexus_ver}-on-docker]",
+)
+
+#env_run_lists()
+
+#default_attributes()
+
+override_attributes(
+ 'docker-grid' => {
+ 'engine' => {
+ 'skip_setup' => false,
+ 'daemon_extra_options' => [
+ '-H fd://',
+ '--bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
+ ].join(' '),
+ },
+ 'compose' => {
+ 'skip_setup' => false,
+ },
+ },
+ 'apt_utils' => {
+ 'aptly' => {
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ "#{aptly_port}:8080",
+ "#{aptly_api_port}:8081",
+ ],
+ # 'network_mode' => 'bridge',
+ # 'links' => [
+ # 'aptly',
+ # ],
+ },
+ 'aptly' => {
+ # 'network_mode' => 'bridge',
+ },
+ },
+ },
+ },
+ },
+ },
+ 'concourse-ci' => {
+ 'docker-compose' => {
+ 'config' => {
+ # Version 1 docker-compose format
+ 'concourse-db' => {
+ },
+ 'concourse-web' => {
+ 'ports' => [
+ "#{concourse_port}:8080",
+ ],
+ 'environment' => {
+ # If you sepecify no value, Chef will sets "http://#{node['ipaddress']}:8080".
+ #'CONCOURSE_EXTERNAL_URL' => "http://#{node['ipaddress']}:#{concourse_port}",
+ },
+ },
+ 'concourse-worker' => {
+ 'environment' => {
+ },
+ },
+ },
+ },
+ },
+ 'gitlab-grid' => {
+ 'gitlab.rb' => {
+ #'external_url' => "http://#{gitlab_cn}:#{gitlab_http_port}",
+ 'gitlab_rails' => {
+ #'time_zone' => 'Asia/Tokyo',
+ 'gitlab_shell_ssh_port' => gitlab_ssh_port.to_i,
+ },
+ },
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'gitlab' => {
+ #'hostname' => gitlab_cn,
+ 'ports' => [
+ "#{gitlab_http_port}:#{gitlab_http_port}",
+ "#{gitlab_ssh_port}:22",
+ ],
+ 'network_mode' => 'bridge', # for the Container Registry feature.
+ },
+ },
+ },
+ },
+ 'runner-docker-compose' => {
+ 'import_ca' => false,
+ },
+ },
+ 'nexus-grid' => {
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ "#{nexus_port}:8081",
+ ],
+ # 'network_mode' => 'bridge',
+ # 'links' => [
+ # 'nexus',
+ # ],
+ },
+ 'nexus' => {
+ #'image' => 'sonatype/nexus3', # => role[nexus2/3-on-docker]
+ # 'network_mode' => 'bridge',
+ },
+ },
+ },
+ },
+ },
+)
--- /dev/null
+name 'devops-suite-with-ssl-on-docker'
+description 'DevOps Suite with SSL on Docker'
+
+ca_name = 'grid_ca'
+import_ca = false
+host_cn = 'devops.io.example.com'
+aptly_cn = host_cn # 'aptly.io.example.com'
+concourse_cn = host_cn # 'concourse.io.example.com'
+concourse_port = '8443'
+docker_reg_cn = host_cn # 'registry.docker.example.com'
+docker_reg_port = '5000'
+gitlab_cn = host_cn # 'gitlab.io.example.com' # default: node['fqdn']
+gitlab_https_port = '443'
+nexus_cn = host_cn # 'nexus.io.example.com'
+
+common_names = [
+ aptly_cn,
+ concourse_cn,
+ docker_reg_cn,
+ gitlab_cn,
+ nexus_cn,
+].uniq
+
+run_list(
+ 'role[devops-suite-on-docker]',
+ 'recipe[docker-grid::registry]',
+)
+
+#env_run_lists()
+
+#default_attributes()
+
+override_attributes(
+ 'ssl_cert' => {
+ 'ca_names' => [
+ ca_name,
+ ],
+ 'common_names' => common_names,
+ },
+ 'docker-grid' => {
+ 'engine' => {
+ 'skip_setup' => false,
+ },
+ 'compose' => {
+ 'skip_setup' => false,
+ },
+ 'registry' => {
+ 'with_ssl_cert_cookbook' => true,
+ 'ssl_cert' => {
+ 'common_name' => docker_reg_cn,
+ },
+ 'docker-compose' => {
+ 'config' => {
+ 'registry' => {
+ 'ports' => [
+ "#{docker_reg_port}:5000",
+ ],
+ 'environment' => {
+ #'REGISTRY_AUTH' => 'htpasswd',
+ #'REGISTRY_AUTH_HTPASSWD_PATH' => '/auth/.htpasswd',
+ #'REGISTRY_AUTH_HTPASSWD_REALM' => 'Registry Realm',
+ # proxy cache only.
+ 'REGISTRY_PROXY_REMOTEURL' => 'https://registry-1.docker.io',
+ },
+ 'volumes' => [
+ '/var/lib/docker-registry:/var/lib/registry',
+ #'./auth:/auth',
+ ],
+ },
+ },
+ },
+ },
+ },
+ 'apt_utils' => {
+ 'aptly' => {
+ 'with_ssl_cert_cookbook' => true,
+ 'ssl_cert' => {
+ 'common_name' => aptly_cn,
+ },
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ ],
+ # 'network_mode' => 'bridge',
+ # 'links' => [
+ # 'aptly',
+ # ],
+ },
+ 'aptly' => {
+ # 'network_mode' => 'bridge',
+ },
+ },
+ },
+ },
+ },
+ },
+ 'concourse-ci' => {
+ 'with_ssl_cert_cookbook' => true,
+ 'ssl_cert' => {
+ 'ca_names' => [
+ ca_name,
+ ],
+ 'common_name' => concourse_cn,
+ },
+ 'docker-compose' => {
+ 'import_ca' => import_ca,
+ 'config' => {
+ # Version 1 docker-compose format
+ 'concourse-db' => {
+ },
+ 'concourse-web' => {
+ 'ports' => [
+ "#{concourse_port}:8443",
+ ],
+ 'environment' => {
+ 'CONCOURSE_TLS_BIND_PORT' => '8443',
+ 'CONCOURSE_EXTERNAL_URL' => "https://#{concourse_cn}:#{concourse_port}",
+ },
+ },
+ 'concourse-worker' => {
+ 'environment' => {
+ },
+ },
+ },
+ },
+ },
+ 'gitlab-grid' => {
+ 'with_ssl_cert_cookbook' => true,
+ 'ssl_cert' => {
+ 'ca_name' => ca_name,
+ 'common_name' => gitlab_cn,
+ },
+ 'gitlab.rb' => {
+ 'external_url' => "https://#{gitlab_cn}:#{gitlab_https_port}",
+ 'gitlab_rails' => {
+ # 'time_zone' => 'Asia/Tokyo',
+ },
+ },
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'gitlab' => {
+ 'hostname' => gitlab_cn,
+ 'ports' => [
+ "#{gitlab_https_port}:#{gitlab_https_port}",
+ ],
+ # 'network_mode' => 'bridge',
+ },
+ },
+ },
+ },
+ 'runner-docker-compose' => {
+ 'import_ca' => import_ca,
+ },
+ },
+ 'nexus-grid' => {
+ 'with_ssl_cert_cookbook' => true,
+ 'ssl_cert' => {
+ 'common_name' => nexus_cn,
+ },
+ 'docker-compose' => {
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ ],
+ # 'network_mode' => 'bridge',
+ # 'links' => [
+ # 'nexus',
+ # ],
+ },
+ 'nexus' => {
+ # 'network_mode' => 'bridge',
+ },
+ },
+ },
+ },
+ },
+)
'skip_setup' => true, # default: false
},
'engine' => {
+ 'version' => '', # latest
#'skip_setup' => true, # default: false
#'version_on_centos' => '17.03.1.ce-1', # docker-engine
- 'version_on_centos' => '1.13.1-1', # docker-engine
+ #'version_on_centos' => '1.13.1-1', # docker-engine
#'version_on_centos' => '1.12.6-1', # docker-engine
#'version_on_centos' => '1.12.6-11', # docker
#'version_on_centos' => '1.12.5-14', # docker
#'version_on_centos' => '1.11.2-1', # docker-engine
#'version_on_centos' => '1.10.3-1', # docker-engine
- #'version_on_centos' => '1.10.3-59', # docker
+ #'version_on_centos' => '1.10.3-59', # docker
+ #'version_on_ubuntu' => '17.05.0~ce-0', # docker-engine
#'version_on_ubuntu' => '17.03.1~ce-0', # docker-engine
- 'version_on_ubuntu' => '1.13.1-0', # docker-engine
+ #'version_on_ubuntu' => '1.13.1-0', # docker-engine
#'version_on_ubuntu' => '1.12.6-0', # docker-engine
#'version_on_ubuntu' => '1.12.3-0ubuntu4~16.04.2', # docker.io
#'version_on_ubuntu' => '1.11.2-0', # docker-engine
'storage-driver_on_centos' => 'overlay',
'storage-driver_on_ubuntu' => 'overlay', # default: aufs
#'userns-remap' => 'default',
- 'daemon_extra_options' => '-H fd://',
- # for docker >= 1.10, docker-engine >= 1.12 (on rhel family)
- # '-H fd://' option automatically removed by this cookbook.
- # See https://github.com/docker/docker/issues/22847
+ 'daemon_extra_options' => [
+ '-H fd://',
+ #'-H fd:// --bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
+ # for docker >= 1.10, docker-engine >= 1.12 (on rhel family)
+ # '-H fd://' option automatically removed by this cookbook.
+ # See https://github.com/docker/docker/issues/22847
+ ].join(' '),
},
},
)
name 'gitlab-on-docker'
description 'GitLab on Docker'
-gitlab_cn = 'gitlab.io.example.com'
-gitlab_http_port = '8080'
-gitlab_ssh_port = '2022'
+#gitlab_cn = 'gitlab.io.example.com' # default: node['fqdn']
+#gitlab_http_port = '80' # default: 80, and 8080 already in use.
+#gitlab_ssh_port = '2022'
run_list(
'role[docker]',
},
'gitlab-grid' => {
'gitlab.rb' => {
- 'external_url' => "http://#{gitlab_cn}:#{gitlab_http_port}",
+ #'external_url' => "http://#{gitlab_cn}:#{gitlab_http_port}",
'gitlab_rails' => {
- 'time_zone' => 'UTC',
#'time_zone' => 'Asia/Tokyo',
- 'gitlab_shell_ssh_port' => gitlab_ssh_port.to_i,
- },
- 'nginx' => {
- 'redirect_http_to_https' => false,
+ #'gitlab_shell_ssh_port' => gitlab_ssh_port.to_i,
},
},
'docker-compose' => {
'config' => {
- # Version 2 docker-compose format
- 'version' => '2',
'services' => {
'gitlab' => {
- 'restart' => 'always',
- 'image' => 'gitlab/gitlab-ce:latest',
- 'hostname' => gitlab_cn,
+ #'hostname' => gitlab_cn,
'ports' => [
- "#{gitlab_http_port}:#{gitlab_http_port}",
- "#{gitlab_ssh_port}:22",
+ #"#{gitlab_http_port}:#{gitlab_http_port}",
+ #"#{gitlab_ssh_port}:22",
],
},
},
name 'gitlab-runner'
description 'GitLab-runner'
+ca_name = 'grid_ca' # Internal CA
+
run_list(
#'recipe[ssl_cert::ca_certs]',
'role[docker]',
#default_attributes()
-ca_name = 'grid_ca' # Internal CA
-
override_attributes(
'ssl_cert' => {
'ca_names' => [
--- /dev/null
+name 'nexus2-on-docker'
+description 'Nexus2 on Docker'
+
+run_list(
+ 'role[docker]',
+ 'recipe[nexus-grid::docker-compose]',
+)
+
+#env_run_lists
+
+default_attributes(
+)
+
+override_attributes(
+ 'nexus-grid' => {
+ 'docker-compose' => {
+ 'app_dir' => '/opt/docker-compose/app/nexus2',
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ ],
+ },
+ 'nexus' => {
+ 'image' => 'sonatype/nexus',
+ 'volumes' => [
+ ],
+ 'environment' => {
+ },
+ },
+ },
+ },
+ },
+ },
+)
--- /dev/null
+name 'nexus3-on-docker'
+description 'Nexus3 on Docker'
+
+run_list(
+ 'role[docker]',
+ 'recipe[nexus-grid::docker-compose]',
+)
+
+#env_run_lists
+
+default_attributes(
+)
+
+override_attributes(
+ 'nexus-grid' => {
+ 'docker-compose' => {
+ 'app_dir' => '/opt/docker-compose/app/nexus3',
+ 'config' => {
+ 'services' => {
+ 'reverseproxy' => {
+ 'ports' => [
+ ],
+ },
+ 'nexus' => {
+ 'image' => 'sonatype/nexus3',
+ 'volumes' => [
+ ],
+ 'environment' => {
+ },
+ },
+ },
+ },
+ },
+ },
+)