init-repo

4 years ago · 4a9174cf54
9 changed files with 100 additions and 2 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,37 @@
+---
+kind: pipeline
+type: docker
+name: pull_request
+image_pull_secrets:
+  - dockerconfigjson
+steps:
+  - name: lint yaml
+    image: registry.fedy95.com/baseimage-yamllint:latest
+    commands:
+      - yamllint -c /yamllint/relaxed.yaml docker-compose.yml
+    when:
+      event: pull_request
+---
+kind: pipeline
+type: ssh
+name: master_push
+clone:
+  disable: true
+server:
+  host:
+    from_secret: host
+  user:
+    from_secret: user
+  password:
+    from_secret: password
+steps:
+  - name: deploy
+    commands:
+      - cd /home/fedy95/infra/autossl-esxi
+      - git pull
+trigger:
+  branch:
+    - master
+  event:
+    - push
+...
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+/env/instance.env
--- a/10
+++ b/10
@ -0,0 +1,10 @@
+FROM registry.fedy95.com/baseimage-autossl:latest
+ARG EMAIL
+ARG DOMAIN
+ARG GD_Key
+ARG GD_Secret
+
+RUN export ${GD_Key} && export ${GD_Secret}
+
+COPY init.sh .
+ENTRYPOINT ["./init.sh"]
--- a/12
+++ b/12
@ -0,0 +1,12 @@
+MAKEFLAGS += --silent
+.PHONY: *
+
+REGISTRY=registry.fedy95.com
+YAMLLINT_TAG=baseimage-yamllint:latest
+
+LINT-YAML-CMD=docker run --rm -it -v $(PWD):/data ${REGISTRY}/${YAMLLINT_TAG}
+lint-yaml:
+	docker pull ${REGISTRY}/${YAMLLINT_TAG}
+	$(LINT-YAML-CMD) docker-compose.yml
+
+.DEFAULT_GOAL := lint-yaml
--- a/README.md
+++ b/README.md
@ -1,3 +1,12 @@
-### template [![Build Status](https://drone.fedy95.com/api/badges/infra/template/status.svg)](https://drone.fedy95.com/infra/template)
+### autossl-synology [![Build Status](https://drone.fedy95.com/api/badges/infra/autossl-synology/status.svg)](https://drone.fedy95.com/infra/autossl-synology)

-Base repository for new infra-repos
+### how it works
+
+- https://github.com/acmesh-official/acme.sh
+- https://github.com/acmesh-official/acme.sh/wiki/dnsapi#4-use-godaddycom-domain-api-to-automatically-issue-cert
+
+---
+
+### services
+
+- https://gitea.fedy95.com/baseimage/autossl
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,16 @@
+---
+version: "3"
+services:
+  instance:
+    build:
+      context: .
+    container_name: autossl-esxi
+    hostname: autossl-esxi
+
+    env_file: env/instance.env
+    volumes:
+      - ./etc/instance/cert.pem:/etc/vmware/ssl/cert.pem
+      - ./etc/instance/fullchain.pem:/etc/vmware/ssl/fullchain.pem
+      - ./etc/instance/privkey.pem:/etc/vmware/ssl/privkey.pem
+      - ./etc/instance/syno-ca-cert.pem:/etc/vmware/ssl/syno-ca-cert.pem
+...
--- a/env/instance.env-dist
+++ b/env/instance.env-dist
@ -0,0 +1,4 @@
+EMAIL=
+DOMAIN=
+GD_Key=
+GD_Secret=
--- a/etc/instance/.gitignore
+++ b/etc/instance/.gitignore
@ -0,0 +1,2 @@
+*
+!.gitignore
--- a/init.sh
+++ b/init.sh
@ -0,0 +1,7 @@
+#!/bin/sh
+./acme.sh --install -m "${EMAIL}"
+./acme.sh --issue --debug --dns dns_gd -d "${DOMAIN}" \
+ --cert-file /usr/syno/etc/ssl/cert.pem \
+ --key-file /usr/syno/etc/ssl/privkey.pem \
+ --fullchain-file /usr/syno/etc/ssl/fullchain.pem \
+ --capath /usr/syno/etc/ssl/syno-ca-cert.pem