-
Notifications
You must be signed in to change notification settings - Fork 3
/
cloud-config.yaml
148 lines (131 loc) · 4.21 KB
/
cloud-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
#cloud-config
bootcmd:
- fsck.ext4 -tvy /dev/sdb1
- fsck.ext4 -tvy /dev/sdb2
- mkdir -p /mnt/disks/certs
- mkdir -p /mnt/disks/data
- mount -t ext4 -o ro,nosuid,nodev,relatime,commit=30,data=ordered /dev/sdb1 /mnt/disks/certs
- mount -t ext4 -o rw,nosuid,nodev,noexec,relatime,commit=30,data=ordered /dev/sdb2 /mnt/disks/data
write_files:
- path: /etc/default/docker
permissions: 0644
owner: root
content: |
DOCKER_OPTS="-H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --tlsverify --tlscacert=/mnt/disks/certs/ca.pem --tlscert=/mnt/disks/certs/instance-ptpb-aio.pem --tlskey=/mnt/disks/certs/instance-ptpb-aio-key.pem"
- path: /etc/systemd/system/docker-network@.service
permissions: 0644
owner: root
content: |
[Unit]
Description=ptpb user-defined service network
After=docker.service
Requires=docker.service
[Service]
Type=oneshot
RemainAfterExit=true
ExecStartPre=-/usr/bin/docker network rm %i
ExecStart=/usr/bin/docker network create %i
ExecStop=/usr/bin/docker network rm %i
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/openresty.service
permissions: 0644
owner: root
content: |
[Unit]
Description=openresty (Docker)
After=docker-network@ptpb.service
After=varnish.service
Requires=docker-network@ptpb.service
Requires=varnish.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill openresty
ExecStartPre=-/usr/bin/docker rm openresty
#ExecStartPre=-/usr/bin/docker pull ptpb/openresty
ExecStart=/usr/bin/docker run --rm \
--name openresty \
--network ptpb \
-p 80:80 -p 443:443 \
-v /mnt/disks/data/letsencrypt:/etc/letsencrypt \
-v /mnt/disks/data/resty-auto-ssl:/etc/resty-auto-ssl \
ptpb/openresty
ExecStop=/usr/bin/docker stop openresty
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/mongo.service
permissions: 0644
owner: root
content: |
[Unit]
Description=mongo (Docker)
After=docker-network@ptpb.service
Requires=docker-network@ptpb.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill mongo
ExecStartPre=-/usr/bin/docker rm mongo
#ExecStartPre=-/usr/bin/docker pull mongo:4
ExecStart=/usr/bin/docker run --rm \
--name mongo \
--network ptpb \
-v /mnt/disks/data/mongo:/data/db \
mongo:4
ExecStop=/usr/bin/docker stop mongo
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/pb.service
permissions: 0644
owner: root
content: |
[Unit]
Description=pb (Docker)
After=docker-network@ptpb.service
After=mongo.service
Requires=docker-network@ptpb.service
Requires=mongo.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill pb
ExecStartPre=-/usr/bin/docker rm pb
#ExecStartPre=-/usr/bin/docker pull ptpb/pb
ExecStart=/usr/bin/docker run --rm \
--name pb \
--network ptpb \
ptpb/pb
ExecStop=/usr/bin/docker stop pb
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/varnish.service
permissions: 0644
owner: root
content: |
[Unit]
Description=pb (Docker)
After=docker-network@ptpb.service
After=pb.service
Requires=docker-network@ptpb.service
Requires=pb.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill varnish
ExecStartPre=-/usr/bin/docker rm varnish
#ExecStartPre=-/usr/bin/docker pull ptpb/varnish
ExecStart=/usr/bin/docker run --rm \
--name varnish \
--network ptpb \
ptpb/varnish
ExecStop=/usr/bin/docker stop varnish
[Install]
WantedBy=multi-user.target
runcmd:
- systemctl daemon-reload
- systemctl start docker-network@ptpb.service
- systemctl start mongo.service
- systemctl start pb.service
- systemctl start openresty.service
- systemctl start varnish.service