From 43aba9bbe09f165d8b53621415ab25a1ca8deb16 Mon Sep 17 00:00:00 2001 From: qpismont Date: Mon, 27 Oct 2025 20:51:44 +0000 Subject: [PATCH] upgrade Dockerfile to Debian 13; update woodpecker and gitea images; add wireguard and prometheus services to docker-compose --- .devcontainer/Dockerfile | 2 +- deploy.sh | 2 +- docker-compose.yml | 67 ++++++++++++++++++++++++++++++++++++---- 3 files changed, 63 insertions(+), 8 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index cd5c62c..e092fd8 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:12 +FROM debian:13 RUN apt update &&\ apt install ca-certificates curl git -y &&\ diff --git a/deploy.sh b/deploy.sh index 8ffce2a..5b70649 100644 --- a/deploy.sh +++ b/deploy.sh @@ -1,3 +1,3 @@ #!/bin/bash -docker --context prod stack deploy -c docker-compose.yml core --with-registry-auth \ No newline at end of file +DATETIME=$(date +%Y%m%d%H%M%S) docker --context prod stack deploy -c docker-compose.yml core --with-registry-auth \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 33df31f..c6b8efb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,9 +15,10 @@ services: - reversecaddyconfig:/config networks: - reverse + - prometheus_network woodpecker_server: - image: woodpeckerci/woodpecker-server:v3.7.0-alpine + image: woodpeckerci/woodpecker-server:v3.11.0-alpine volumes: - woodpeckerdata:/var/lib/woodpecker/ entrypoint: /bin/sh -c "export WOODPECKER_GITEA_CLIENT=$$(cat /run/secrets/woodpecker_gitea_client) && export WOODPECKER_GITEA_SECRET=$$(cat /run/secrets/woodpecker_gitea_secret) && export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-server" @@ -34,7 +35,7 @@ services: - woodpecker_gitea_secret woodpecker_agent: - image: woodpeckerci/woodpecker-agent:v3.7.0-alpine + image: woodpeckerci/woodpecker-agent:v3.11.0-alpine volumes: - /var/run/docker.sock:/var/run/docker.sock entrypoint: /bin/sh -c "export WOODPECKER_AGENT_SECRET=$$(cat /run/secrets/woodpecker_agent_secret) && /bin/woodpecker-agent" @@ -48,7 +49,7 @@ services: - woodpecker_agent_secret gitea: - image: docker.gitea.com/gitea:1.24.2 + image: docker.gitea.com/gitea:1.24.7 environment: - USER_UID=1000 - USER_GID=1000 @@ -60,22 +61,71 @@ services: networks: - reverse - my_cv: - image: tintounn/portfolio:1.4 + wireguard_server: + image: linuxserver/wireguard + cap_add: + - NET_ADMIN + - SYS_MODULE + environment: + PUID: 1000 + PGID: 1000 + TZ: Europe/Paris + SERVEURURL: wireguard.qpismont.fr + SERVERPORT: 51820 + PEERS: 1 + PEERDNS: auto + volumes: + - /home/user/wireguard-config:/config + - /lib/modules:/lib/modules + ports: + - 51820:51820/udp + sysctls: + - net.ipv4.conf.all.src_valid_mark=1 networks: - - reverse + - wireguard_network + + perses: + image: persesdev/perses:latest + networks: + - wireguard_network + - prometheus_network + + prometheus: + image: prom/prometheus:v3.7.2 + configs: + - source: prometheus_config + target: /etc/prometheus/prometheus.yml + networks: + - prometheus_network + + cadvisor: + image: gcr.io/cadvisor/cadvisor:latest + volumes: + - /:/rootfs:ro + - /var/run:/var/run:rw + - /sys:/sys:ro + - /var/lib/docker/:/var/lib/docker:ro + networks: + - prometheus_network secrets: woodpecker_agent_secret: + name: woodpecker_agent_secret_${DATETIME} file: ./secrets/woodpecker_agent_secret woodpecker_gitea_secret: + name: woodpecker_gitea_secret_${DATETIME} file: ./secrets/woodpecker_gitea_secret woodpecker_gitea_client: + name: woodpecker_gitea_client_${DATETIME} file: ./secrets/woodpecker_gitea_client configs: caddy_config: + name: caddy_config_${DATETIME} file: ./Caddyfile + prometheus_config: + name: prometheus_config_${DATETIME} + file: ./prometheus.yml volumes: giteadata: @@ -85,3 +135,8 @@ volumes: networks: reverse: + external: true + wireguard_network: + external: true + prometheus_network: + external: true