diff --git a/docker-compose/chaotic-backend/docker-compose.yml b/docker-compose/chaotic-backend/docker-compose.yml new file mode 100644 index 00000000..e565c6cb --- /dev/null +++ b/docker-compose/chaotic-backend/docker-compose.yml @@ -0,0 +1,32 @@ +--- +services: + chaotic-backend: + image: ghcr.io/chaotic-cx/chaotic-next:main + container_name: chaotic-backend + deploy: + restart_policy: + condition: always + delay: 30s + environment: + AUTH0_AUDIENCE: http://localhost:3000/auth/auth0 + AUTH0_CLIENT_ID: ${AUTH0_CLIENT_ID:-?err} + AUTH0_CLIENT_SECRET: ${AUTH0_CLIENT_SECRET:-?err} + AUTH0_DOMAIN: ${AUTH0_DOMAIN:-?err} + CAUR_DB_KEY: ${CAUR_DB_KEY:-?err} + CAUR_GITLAB_ID_CAUR: 54867625 + CAUR_GITLAB_ID_GARUDA: 48461689 + CAUR_GITLAB_TOKEN: ${GITLAB_TOKEN_CX:-?err} + CAUR_GITLAB_WEBHOOK_TOKEN: ${CAUR_GITLAB_WEBHOOK_TOKEN:-?err} + CAUR_JWT_SECRET: ${CAUR_JWT_SECRET:-?err} + CAUR_TRUST_PROXY: 172.18.0.1 + CAUR_USERS: ${CAUR_USERS:-?err} + NODE_ENV: production + PG_DATABASE: chaotic-aur + PG_HOST: 10.0.5.50 + PG_PASSWORD: ${PG_PASSWORD:-?err} + PG_USER: chaotic-aur + REDIS_PASSWORD: ${REDIS_PASSWORD:-?err} + REDIS_SSH_HOST: 10.0.5.140 + REDIS_SSH_USER: package-deployer + ports: [3000:3000] + volumes: [./sshkey:/app/sshkey] diff --git a/docker-compose/chaotic-v4/docker-compose.yml b/docker-compose/chaotic-v4/docker-compose.yml index 94a0adf5..8608bcef 100644 --- a/docker-compose/chaotic-v4/docker-compose.yml +++ b/docker-compose/chaotic-v4/docker-compose.yml @@ -140,45 +140,6 @@ services: extra_hosts: [host.docker.internal:host-gateway] ports: [127.0.0.1:8080:8080, 127.0.0.1:3030:3030] - # Metadata for the Chaotic website - chaotic-backend: - image: ghcr.io/chaotic-cx/chaotic-next:main - container_name: chaotic-backend - deploy: - restart_policy: - condition: always - delay: 60s - environment: - AUTH0_AUDIENCE: http://localhost:3000/auth/auth0 - AUTH0_CLIENT_ID: ${AUTH0_CLIENT_ID:-?err} - AUTH0_CLIENT_SECRET: ${AUTH0_CLIENT_SECRET:-?err} - AUTH0_DOMAIN: ${AUTH0_DOMAIN:-?err} - CAUR_AUTO_COMMIT_AUTHOR: ci@chaotic.cx - CAUR_DB_KEY: ${CAUR_DB_KEY:-?err} - CAUR_DEPLOY_LOG_ID: '-1001402311166' - CAUR_GITLAB_ID_CAUR: 54867625 - CAUR_GITLAB_ID_GARUDA: 48461689 - CAUR_GITLAB_TOKEN: ${GITLAB_TOKEN_CX:-?err} - CAUR_GITLAB_WEBHOOK_TOKEN: ${CAUR_GITLAB_WEBHOOK_TOKEN:-?err} - CAUR_JWT_SECRET: ${CAUR_JWT_SECRET:-?err} - CAUR_NEWS_ID: '-1001293714071' - CAUR_TRUST_PROXY: 172.18.0.1 - CAUR_USERS: ${CAUR_USERS:-?err} - NODE_ENV: production - PG_DATABASE: chaotic-aur - PG_HOST: 10.0.5.50 - PG_PASSWORD: ${PG_PASSWORD:-?err} - PG_USER: chaotic-aur - REDIS_PASSWORD: ${REDIS_PASSWORD:-?err} - REDIS_SSH_HOST: host.docker.internal - REDIS_SSH_USER: package-deployer - TELEGRAM_API_HASH: ${TELEGRAM_API_HASH:-?err} - TELEGRAM_API_ID: ${TELEGRAM_API_ID:-?err} - TELEGRAM_DB_ENCRYPTION_KEY: ${TELEGRAM_DB_ENCRYPTION_KEY:-?err} - ports: [127.0.0.1:3000:3000] - extra_hosts: [host.docker.internal:host-gateway] - volumes: [./tdlib:/app/tdlib, ./sshkey:/app/sshkey] - # Automated container updates watchtower: image: containrrr/watchtower:latest @@ -187,6 +148,5 @@ services: restart_policy: condition: always delay: 60s - command: --cleanup chaotic-builder chaotic-builder-2 chaotic-manager watchtower - caur-backend --interval 3600 + command: --cleanup chaotic-builder chaotic-builder-2 chaotic-manager watchtower --interval 3600 volumes: [/var/run/docker.sock:/var/run/docker.sock] diff --git a/nixos/hosts/chaotic-backend.nix b/nixos/hosts/chaotic-backend.nix new file mode 100644 index 00000000..3deee088 --- /dev/null +++ b/nixos/hosts/chaotic-backend.nix @@ -0,0 +1,13 @@ +{ garuda-lib +, sources +, ... +}: { + imports = sources.defaultModules ++ [ ../modules ]; + + services.docker-compose-runner.chaotic-backend = { + envfile = garuda-lib.secrets.docker-compose.chaotic-backend; + source = ../../docker-compose/chaotic-backend; + }; + + system.stateVersion = "25.05"; +} diff --git a/nixos/hosts/chaotic-v4.nix b/nixos/hosts/chaotic-v4.nix index d01ab98b..603653d6 100644 --- a/nixos/hosts/chaotic-v4.nix +++ b/nixos/hosts/chaotic-v4.nix @@ -193,7 +193,7 @@ proxy_pass http://127.0.0.1:8080/api/; } location /backend/ { - proxy_pass http://127.0.0.1:3000/; + proxy_pass http://10.0.5.30:3000/; } location /logs/ { proxy_pass http://127.0.0.1:8080/; diff --git a/nixos/hosts/immortalis/containers.nix b/nixos/hosts/immortalis/containers.nix index bc820c0d..0f649ab5 100644 --- a/nixos/hosts/immortalis/containers.nix +++ b/nixos/hosts/immortalis/containers.nix @@ -88,6 +88,22 @@ cpuWeight = 20; ioWeight = 20; }; + chaotic-backend = { + config = import ../chaotic-backend.nix; + extraOptions = { + bindMounts = { + "chaotic" = { + hostPath = "/data_1/containers/chaotic-backend/chaotic"; + isReadOnly = false; + mountPoint = "/var/garuda/docker-compose-runner/chaotic-backend"; + }; + }; + enableTun = true; + ephemeral = lib.mkForce true; + }; + ipAddress = "10.0.5.30"; + needsDocker = true; + }; dev-container = { config = import ../dev-container.nix; defaults = false; @@ -111,6 +127,7 @@ protocol = "tcp"; } ]; + enableTun = true; ephemeral = lib.mkForce true; }; ipAddress = "10.0.5.150"; diff --git a/nixos/modules/garuda-lib.nix b/nixos/modules/garuda-lib.nix index 22e6053e..01dc511b 100644 --- a/nixos/modules/garuda-lib.nix +++ b/nixos/modules/garuda-lib.nix @@ -76,6 +76,7 @@ in }; docker-compose = { all-in-one = "/var/garuda/secrets/docker-compose/all-in-one.env"; + chaotic-backend = "/var/garuda/secrets/docker-compose/chaotic-backend.env"; chaotic-v4 = "/var/garuda/secrets/docker-compose/chaotic-v4.env"; chaotic-v4-builder = "/var/garuda/secrets/docker-compose/chaotic-v4-builder.env"; github-runner = "/var/garuda/secrets/docker-compose/github-runner.env"; diff --git a/secrets b/secrets index fe489def..98cf7eba 160000 --- a/secrets +++ b/secrets @@ -1 +1 @@ -Subproject commit fe489defb5e96d7148c58143d6c15d40f6ac79c3 +Subproject commit 98cf7ebaedbb1fede666d03b36d0250033185630