From fcb4cf5fb050f689ee02aa94df155df01ab16fd9 Mon Sep 17 00:00:00 2001 From: zias Date: Tue, 31 Mar 2026 15:54:58 +0200 Subject: [PATCH] ci:add deployments --- .gitea/workflows/docker-build-api.yml | 55 ++++++++ .gitea/workflows/docker-build-dashboard.yml | 53 +++++++ .gitea/workflows/docker-build-worker.yml | 55 ++++++++ docker-compose.prod.yml | 144 ++++++++++++++++++++ 4 files changed, 307 insertions(+) create mode 100644 .gitea/workflows/docker-build-api.yml create mode 100644 .gitea/workflows/docker-build-dashboard.yml create mode 100644 .gitea/workflows/docker-build-worker.yml create mode 100644 docker-compose.prod.yml diff --git a/.gitea/workflows/docker-build-api.yml b/.gitea/workflows/docker-build-api.yml new file mode 100644 index 00000000..e59efcff --- /dev/null +++ b/.gitea/workflows/docker-build-api.yml @@ -0,0 +1,55 @@ +name: Build and Push API + +on: + push: + branches: ["*"] + tags: ["v*"] + pull_request: + branches: [main] + +env: + REGISTRY: git.zias.be + OWNER: zias + +jobs: + build-api: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ env.OWNER }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-api + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=sha,prefix=sha-,format=short + type=semver,pattern={{version}} + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + file: apps/api/Dockerfile + target: runner + platforms: linux/amd64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + provenance: false + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-api:buildcache + cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-api:buildcache,mode=max,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} + build-args: |- + DATABASE_URL=postgresql://postgres:postgres@localhost:5432/postgres diff --git a/.gitea/workflows/docker-build-dashboard.yml b/.gitea/workflows/docker-build-dashboard.yml new file mode 100644 index 00000000..9ff48e82 --- /dev/null +++ b/.gitea/workflows/docker-build-dashboard.yml @@ -0,0 +1,53 @@ +name: Build and Push Dashboard + +on: + push: + branches: ["*"] + tags: ["v*"] + pull_request: + branches: [main] + +env: + REGISTRY: git.zias.be + OWNER: zias + +jobs: + build-dashboard: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ env.OWNER }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-dashboard + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=sha,prefix=sha-,format=short + type=semver,pattern={{version}} + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + file: apps/start/Dockerfile + target: runner + platforms: linux/amd64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + provenance: false + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-dashboard:buildcache + cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-dashboard:buildcache,mode=max,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} diff --git a/.gitea/workflows/docker-build-worker.yml b/.gitea/workflows/docker-build-worker.yml new file mode 100644 index 00000000..60260252 --- /dev/null +++ b/.gitea/workflows/docker-build-worker.yml @@ -0,0 +1,55 @@ +name: Build and Push Worker + +on: + push: + branches: ["*"] + tags: ["v*"] + pull_request: + branches: [main] + +env: + REGISTRY: git.zias.be + OWNER: zias + +jobs: + build-worker: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ env.OWNER }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-worker + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=sha,prefix=sha-,format=short + type=semver,pattern={{version}} + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + file: apps/worker/Dockerfile + target: runner + platforms: linux/amd64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + provenance: false + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-worker:buildcache + cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-worker:buildcache,mode=max,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} + build-args: |- + DATABASE_URL=postgresql://postgres:postgres@localhost:5432/postgres diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml new file mode 100644 index 00000000..dafbe72f --- /dev/null +++ b/docker-compose.prod.yml @@ -0,0 +1,144 @@ +services: + op-db: + image: postgres:18.3-alpine + restart: always + volumes: + - op-db-data:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres"] + interval: 10s + timeout: 5s + retries: 5 + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-postgres} + logging: + driver: "json-file" + options: + max-size: "10m" + max-file: "3" + + op-kv: + image: redis:8.6.2-alpine + restart: always + volumes: + - op-kv-data:/data + command: ["redis-server", "--maxmemory-policy", "noeviction"] + healthcheck: + test: ["CMD-SHELL", "redis-cli ping"] + interval: 10s + timeout: 5s + retries: 5 + logging: + driver: "json-file" + options: + max-size: "10m" + max-file: "3" + + op-ch: + image: clickhouse/clickhouse-server:26.3.2.3 + restart: always + environment: + - CLICKHOUSE_DEFAULT_PASSWORD=${CLICKHOUSE_PASSWORD:-clickhouse} + volumes: + - op-ch-data:/var/lib/clickhouse + - op-ch-logs:/var/log/clickhouse-server + - ./self-hosting/clickhouse/clickhouse-config.xml:/etc/clickhouse-server/config.d/op-config.xml:ro + - ./self-hosting/clickhouse/clickhouse-user-config.xml:/etc/clickhouse-server/users.d/op-user-config.xml:ro + - ./self-hosting/clickhouse/init-db.sh:/docker-entrypoint-initdb.d/init-db.sh:ro + healthcheck: + test: ["CMD-SHELL", "clickhouse-client --query 'SELECT 1'"] + interval: 10s + timeout: 5s + retries: 5 + ulimits: + nofile: + soft: 262144 + hard: 262144 + logging: + driver: "json-file" + options: + max-size: "10m" + max-file: "3" + + op-api: + image: git.zias.be/zias/openpanel-api:latest + restart: always + ports: + - "3001:3000" + command: > + sh -c " + echo 'Running migrations...' + CI=true pnpm -r run migrate:deploy + + pnpm start + " + healthcheck: + test: ["CMD-SHELL", "curl -f http://localhost:3000/healthcheck || exit 1"] + interval: 10s + timeout: 5s + retries: 5 + depends_on: + op-db: + condition: service_healthy + op-ch: + condition: service_healthy + op-kv: + condition: service_healthy + env_file: + - .env.prod + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "3" + + op-dashboard: + image: git.zias.be/zias/openpanel-dashboard:latest + restart: always + ports: + - "3000:3000" + depends_on: + op-api: + condition: service_healthy + env_file: + - .env.prod + healthcheck: + test: ["CMD-SHELL", "curl -f http://localhost:3000/api/healthcheck || exit 1"] + interval: 10s + timeout: 5s + retries: 5 + logging: + driver: "json-file" + options: + max-size: "20m" + max-file: "3" + + op-worker: + image: git.zias.be/zias/openpanel-worker:latest + restart: always + depends_on: + op-api: + condition: service_healthy + env_file: + - .env.prod + healthcheck: + test: ["CMD-SHELL", "curl -f http://localhost:3000/healthcheck || exit 1"] + interval: 10s + timeout: 5s + retries: 5 + logging: + driver: "json-file" + options: + max-size: "30m" + max-file: "3" + +volumes: + op-db-data: + driver: local + op-kv-data: + driver: local + op-ch-data: + driver: local + op-ch-logs: + driver: local