badblocks/pkmntrade.club
1
1
Fork 0
Code Issues 14 Pull requests Projects 1 Releases Packages Wiki Activity

Major refactoring of build_deploy action, along with docker building and packaging improvements. Added no_signups and other .env improvements. There is no longer a separate .env.dev, both use .env now.

Browse source
This commit is contained in:
badblocks 2025-05-18 11:27:59 -07:00
parent 76b2becc24
commit 6f57699c8d
28 changed files with 795 additions and 328 deletions
Download patch file Download diff file Expand all files Collapse all files

76
server/docker-compose_core.yml Normal file
View file

@ -0,0 +1,76 @@
services:
db-healthcheck:
image: stephenc/postgresql-cli:latest
command:
- "sh"
- "-c"
- >-
apk --no-cache add curl;
sleep 30;
while true; do
pg_output=$$(pg_isready -d ${DJANGO_DATABASE_URL} 2>&1);
exit_code=$$?;
if [ $$exit_code -eq 0 ]; then
success="true";
error="";
else
success="false";
error="$$pg_output";
fi;
curl -s -f -X POST \
--connect-timeout 10 \
--max-time 15 \
--header "Authorization: Bearer ${GATUS_TOKEN}" \
http://health:8080/api/v1/endpoints/db_pg-isready/external?success=$$success&error=$$error;
if [ "$$success" = "true" ]; then
echo " Database is OK";
sleep 60;
else
echo "Database is not OK: $$pg_output";
exit 1;
fi;
done
env_file:
- .env
loba:
image: haproxy:3.1
stop_signal: SIGTERM
restart: always
ports:
- 443:443
env_file:
- .env
volumes:
- ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
- ./certs:/certs
feedback:
restart: always
image: getfider/fider:stable
env_file:
- .env
volumes:
- ./certs:/certs
cadvisor:
volumes:
- /:/rootfs:ro
- /var/run:/var/run:ro
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /dev/disk/:/dev/disk:ro
privileged: true
devices:
- /dev/kmsg
image: gcr.io/cadvisor/cadvisor:v0.52.1
health:
image: twinproduction/gatus:latest
restart: always
env_file:
- .env
environment:
- GATUS_DELAY_START_SECONDS=30
volumes:
- ./gatus/config.yaml:/config/config.yaml
- ./certs:/certs
# secrets:
# env_file_base64:
# environment: ENV_FILE_BASE64

20
server/docker-compose_staging.yml Normal file
View file

@ -0,0 +1,20 @@
services:
web-staging:
image: badbl0cks/pkmntrade-club:edge
restart: always
env_file:
- .env
environment:
- DEBUG=True
- DISABLE_SIGNUPS=True
- PUBLIC_HOST=staging.pkmntrade.club
- ALLOWED_HOSTS=staging.pkmntrade.club,127.0.0.1
deploy:
mode: replicated
replicas: 2
# healthcheck:
# test: ["CMD", "curl", "-f", "http://127.0.0.1:8000"]
# interval: 30s
# timeout: 10s
# retries: 3
# start_period: 30s

28
server/docker-compose_web.yml Normal file
View file

@ -0,0 +1,28 @@
services:
web:
image: ghcr.io/xe/x/httpdebug
entrypoint: ["/ko-app/httpdebug", "--bind", ":8000"]
#image: badbl0cks/pkmntrade-club:edge
#command: ["granian", "--interface", "wsgi", "pkmntrade_club.django_project.wsgi:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "1", "--workers-kill-timeout", "180", "--access-log"]
# env_file:
# - .env
# environment:
# - DEBUG=False
# - DISABLE_SIGNUPS=True
# - PUBLIC_HOST=pkmntrade.club
# - ALLOWED_HOSTS=pkmntrade.club,127.0.0.1
restart: always
deploy:
mode: replicated
replicas: 4
# healthcheck:
# test: ["CMD", "curl", "-f", "http://127.0.0.1:8000"]
# interval: 30s
# timeout: 10s
# retries: 3
# start_period: 30s
# secrets:
# - env_file_base64
# secrets:
# env_file_base64:
# environment: ENV_FILE_BASE64

136
server/gatus/config.yaml Normal file
View file

@ -0,0 +1,136 @@
storage:
type: postgres
path: "${GATUS_DATABASE_URL}"
web:
read-buffer-size: 32768
connectivity:
checker:
target: 1.1.1.1:53
interval: 60s
external-endpoints:
- name: pg_isready
group: db
token: "${GATUS_TOKEN}"
alerts:
- type: email
endpoints:
- name: Domain
group: expirations
url: "https://pkmntrade.club"
interval: 1h
conditions:
- "[DOMAIN_EXPIRATION] > 720h"
alerts:
- type: email
- name: Certificate
group: expirations
url: "https://pkmntrade.club"
interval: 1h
conditions:
- "[CERTIFICATE_EXPIRATION] > 240h"
alerts:
- type: email
- name: Cloudflare
group: dns
url: "1.1.1.1"
interval: 60s
dns:
query-name: "pkmntrade.club"
query-type: "A"
conditions:
- "[DNS_RCODE] == NOERROR"
alerts:
- type: email
- name: Google
group: dns
url: "8.8.8.8"
interval: 60s
dns:
query-name: "pkmntrade.club"
query-type: "A"
conditions:
- "[DNS_RCODE] == NOERROR"
alerts:
- type: email
- name: Quad9
group: dns
url: "9.9.9.9"
interval: 60s
dns:
query-name: "pkmntrade.club"
query-type: "A"
conditions:
- "[DNS_RCODE] == NOERROR"
alerts:
- type: email
- name: HAProxy
group: loadbalancer
url: "http://loba/"
interval: 60s
conditions:
- "[STATUS] == 200"
- "[BODY] == OK/HEALTHY"
alerts:
- type: email
- name: Feedback
group: backends
url: "http://feedback:3000/"
interval: 60s
conditions:
- "[STATUS] == 200"
alerts:
- type: email
- name: Web Worker 1
group: backends
url: "http://pkmntrade-club-web-1:8000/health/"
interval: 60s
conditions:
- "[STATUS] == 200"
#- "[BODY] == OK/HEALTHY"
#- [BODY].database == UP
# must return json like {"database": "UP"} first
alerts:
- type: email
- name: Web Worker 2
group: backends
url: "http://pkmntrade-club-web-2:8000/health/"
interval: 60s
conditions:
- "[STATUS] == 200"
#- "[BODY] == OK/HEALTHY"
alerts:
- type: email
- name: Web Worker 3
group: backends
url: "http://pkmntrade-club-web-3:8000/health/"
interval: 60s
conditions:
- "[STATUS] == 200"
#- "[BODY] == OK/HEALTHY"
alerts:
- type: email
- name: Web Worker 4
group: backends
url: "http://pkmntrade-club-web-4:8000/health/"
interval: 60s
conditions:
- "[STATUS] == 200"
#- "[BODY] == OK/HEALTHY"
alerts:
- type: email
# todo: add cadvisor checks via api https://github.com/google/cadvisor/blob/master/docs/api.md
alerting:
email:
from: noreply@pkmntrade.club
username: dd2cd354-de6d-4fa4-bfe8-31c961cb4e90
password: 1622e8a1-9a45-4a7f-8071-cccca29d8675
host: smtp.tem.scaleway.com
port: 465
to: rob@badblocks.email
client:
insecure: false
default-alert:
enabled: true
failure-threshold: 3
success-threshold: 2
send-on-resolved: true

50
server/haproxy.cfg Normal file
View file

@ -0,0 +1,50 @@
# https://docs.haproxy.org/3.1/configuration.html
global
log stdout format raw local0 # Send logs to Docker's stdout
master-worker
resolvers docker_resolver
nameserver docker_dns 127.0.0.11:53 # Docker's internal DNS
resolve_retries 3
timeout resolve 1s
timeout retry 1s
hold valid 10s
hold obsolete 30s
accepted_payload_size 8192 # Optional: Increase if you have many replicas
defaults
mode http
log global
timeout client 120s
timeout connect 120s
timeout server 120s
timeout http-request 120s
option httplog
frontend web_frontend
bind :443 ssl crt /certs/crt.pem verify required ca-file /certs/ca.pem
use_backend %[req.hdr(host),lower,word(1,:)] # strip out port from host
frontend checks
bind :80
default_backend basic_check
backend basic_check
http-request return status 200 content-type "text/plain" lf-string "OK/HEALTHY"
backend pkmntrade.club
balance leastconn
server-template web- 10 web:8000 check resolvers docker_resolver init-addr libc,none
backend staging.pkmntrade.club
balance leastconn
server-template web-staging- 10 web-staging:8000 check resolvers docker_resolver init-addr libc,none
backend feedback.pkmntrade.club
server feedback-1 feedback:3000
backend health.pkmntrade.club
server health-1 health:8080
#EOF - trailing newline required