feat: literate IaC with tangle-deploy pipeline
Some checks failed
Tangle and Deploy / tangle (push) Failing after 12s
Some checks failed
Tangle and Deploy / tangle (push) Failing after 12s
- Converted Traefik section to tangle blocks with absolute paths - Created .gitea/workflows/tangle.yaml Gitea Action - tangle-deploy.sh: tangles org → writes files → restarts services
This commit is contained in:
Hermes
23
.gitea/workflows/tangle.yaml
Normal file
23
.gitea/workflows/tangle.yaml
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
name: Tangle and Deploy
|
||||||
|
on: [push]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
tangle:
|
||||||
|
runs-on: debian-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Tangle infrastructure.org
|
||||||
|
run: |
|
||||||
|
docker run --rm \
|
||||||
|
-v /:/host \
|
||||||
|
-v $(pwd):/workspace:ro \
|
||||||
|
debian:stable-slim \
|
||||||
|
bash -c "cp -r /workspace /host/tmp/infra-tangle && chroot /host /usr/local/bin/tangle-deploy /tmp/infra-tangle"
|
||||||
|
|
||||||
|
- name: Restart affected services
|
||||||
|
run: |
|
||||||
|
docker run --rm \
|
||||||
|
-v /:/host \
|
||||||
|
debian:stable-slim \
|
||||||
|
bash -c "chroot /host bash -c 'cd /docker/compose && docker compose up -d traefik 2>&1'"
|
||||||
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
*.yaml.bak
|
||||||
|
*.yaml.bak2
|
||||||
|
*~
|
||||||
1023
infrastructure.org
1023
infrastructure.org
File diff suppressed because it is too large
Load Diff
55
tangle-deploy.sh
Normal file
55
tangle-deploy.sh
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# tangle-deploy — Tangle infrastructure.org and restart affected services
|
||||||
|
# Called by Gitea Action runner after git push, or directly from CLI.
|
||||||
|
#
|
||||||
|
# Usage:
|
||||||
|
# tangle-deploy # uses /docker/compose/infrastructure
|
||||||
|
# tangle-deploy /path/to/repo # uses provided path (e.g., from Gitea Action)
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
REPO_DIR="${1:-/docker/compose/infrastructure}"
|
||||||
|
ORG_FILE="${REPO_DIR}/infrastructure.org"
|
||||||
|
|
||||||
|
# If called with a workspace path from Gitea Action, use it as-is.
|
||||||
|
# Otherwise, ensure we have the latest from git.
|
||||||
|
if [ -z "${1:-}" ]; then
|
||||||
|
if [ ! -d "$REPO_DIR" ]; then
|
||||||
|
git clone ssh://git@10.10.10.201:2222/amr/infrastructure.git "$REPO_DIR"
|
||||||
|
else
|
||||||
|
cd "$REPO_DIR" && git pull
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -f "$ORG_FILE" ]; then
|
||||||
|
echo "ERROR: $ORG_FILE not found in $REPO_DIR"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "=== Tangling $ORG_FILE ==="
|
||||||
|
emacs --batch -Q --load /usr/share/emacs/site-lisp/org/org-loaddefs.el \
|
||||||
|
--eval "(require 'org)" \
|
||||||
|
--eval "(org-babel-tangle-file \"$ORG_FILE\")" 2>&1
|
||||||
|
|
||||||
|
echo "=== Restarting services ==="
|
||||||
|
cd /docker/compose
|
||||||
|
|
||||||
|
# Detect what changed and restart only what's needed
|
||||||
|
if [ -f /docker/compose/traefik-internal-noauth.yaml ] || \
|
||||||
|
[ -f /docker/compose/traefik-static.yaml ] || \
|
||||||
|
[ -f /docker/compose/traefik-internal.yaml ] || \
|
||||||
|
[ -f /docker/compose/traefik-dynamic.yaml ]; then
|
||||||
|
echo "Traefik config changed — restarting..."
|
||||||
|
docker compose up -d traefik
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f /docker/compose/unbound/unbound.conf ]; then
|
||||||
|
echo "Unbound config changed — restarting..."
|
||||||
|
docker compose up -d unbound
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f /docker/compose/docker-compose.yaml ]; then
|
||||||
|
echo "Docker compose changed — restarting all services"
|
||||||
|
docker compose up -d 2>&1 | tail -5
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "=== Deploy complete ==="
|
||||||
Reference in New Issue
Block a user