Build

    docker build -t offtopic/open-pod:<TAG> .

Deploy su zaphoda

O accediamo come root, o l'utente con cui fate ssh deve essere nel gruppo docker:

    docker save offtopic/open-pod:<TAG> | ssh root@abbiamoundominio.org docker load

Modificare la configurazione di nginx

Creare un certificato per openpod.abbiamoundominio.org. Per farlo ho spento nginx con

systemctl stop nginx

e poi ho ottenuto il nuovo certificato

certbot certonly --standalone -d openpod.abbiamoundominio.org

e riacceso nginx

systemctl start nginx

Poi ho aggiunto il la seguente configurazione in /etc/nginx/sites-available/openpod.abbiamoundominio.org.conf

   1 server {
   2     listen       80;
   3     server_name  openpod.abbiamoundominio.org;
   4 
   5     access_log  /var/log/nginx/openpod.abbiamoundominio.org-access.log;
   6     error_log   /var/log/nginx/openpod.abbiamoundominio.org-error.log  error;
   7 
   8     root  /var/www/openpod.abbiamoundominio.org;
   9 
  10     location / {
  11         return  301 https://$server_name$request_uri;
  12     }
  13 
  14     include  common/robots.conf;
  15     include  common/letsencrypt.conf;
  16 }
  17 
  18 server {
  19     listen       443 ssl;
  20     server_name  openpod.abbiamoundominio.org;
  21 
  22     access_log  /var/log/nginx/openpod.abbiamoundominio.org-access.log;
  23     error_log   /var/log/nginx/openpod.abbiamoundominio.org-error.log error;
  24 
  25     error_page 404 /404.html;
  26 
  27     include  common/ssl.conf;
  28     ssl_certificate      /etc/letsencrypt/live/openpod.abbiamoundominio.org/fullchain.pem;
  29     ssl_certificate_key  /etc/letsencrypt/live/openpod.abbiamoundominio.org/privkey.pem;
  30 
  31     location / {
  32         proxy_pass http://127.0.0.1:8080;
  33         proxy_set_header Host $http_host;
  34         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  35 
  36         # WebSocket settings
  37         proxy_http_version 1.1;
  38         proxy_set_header Upgrade $http_upgrade;
  39         proxy_set_header Connection "upgrade";
  40         proxy_read_timeout 1h;
  41     }
  42 
  43     include  common/robots.conf;
  44     include  common/letsencrypt.conf;
  45 }

Con lo script messo in /usr/local/bin/openpod รจ possibile maneggiare il servizio:

openpod start <versione>
openpod logs -f
openpod stop
openpod replace

Lo script:

   1 #!/usr/bin/env bash
   2 
   3 function help_fun() {
   4   case ${1} in
   5     start)
   6       help_start_service
   7       ;;
   8     stop)
   9       help_stop_service
  10       ;;
  11     replace)
  12       help_replace_service
  13       ;;
  14     logs)
  15       help_logs
  16       ;;
  17     *)
  18       help_general
  19       ;;
  20   esac
  21 }
  22 
  23 function help_general() {
  24   cat << EOH
  25 openpod: Manage openpod service
  26 openpod [subcommand] [opts]
  27 
  28 subcommands:
  29   start
  30   stop
  31   logs
  32   help
  33 EOH
  34 }
  35 
  36 function help_start_service() {
  37   cat << EOH
  38 start [VERSION]
  39 EOH
  40 }
  41 
  42 function start_service() {
  43   local version
  44   if [ "z${1}" = "z" ]; then
  45     version=latest
  46   else
  47     version=${1}
  48   fi
  49   docker run \
  50     -e APP_HOST=localhost \
  51     -e APP_PORT=8080 \
  52     -e SECRET_KEY_BASE="SWl0xVj8AVXoc2G0eUk6VfeOd/lppjkaKbiHWs4ucxAUJ8+wzAEa4bMo0ZVjtVVk" \
  53     -p 8080:8080 \
  54     --restart always \
  55     --name openpod \
  56     --detach \
  57     offtopic/open-pod:${version}
  58 }
  59 
  60 function help_stop_service() {
  61   cat << EOH
  62 stop
  63 EOH
  64 }
  65 
  66 function stop_service() {
  67   docker stop openpod
  68 }
  69 
  70 function help_replace_service() {
  71   cat << EOH
  72 replace [VERSION]
  73 EOH
  74 }
  75 
  76 function replace_service() {
  77   docker stop openpod || true
  78   docker rm openpod || true
  79   start_service ${@}
  80 }
  81 
  82 function help_logs() {
  83   cat << EOH
  84 logs [OPTS]
  85 OPTS: all docker-logs options
  86 EOH
  87 }
  88 
  89 function logs() {
  90   docker logs ${@} openpod
  91 }
  92 
  93 function main() {
  94   case ${1} in
  95     start)
  96       shift
  97       start_service ${@}
  98       ;;
  99     stop)
 100       stop_service
 101       ;;
 102     replace)
 103       shift
 104       replace_service ${@}
 105       ;;
 106     logs)
 107       shift
 108       logs ${@}
 109       ;;
 110     help)
 111       help_fun ${2}
 112       exit 0
 113       ;;
 114     -h|--help)
 115       help_general
 116       exit 0
 117       ;;
 118     *)
 119       help_fun
 120       exit 1
 121       ;;
 122   esac
 123 }
 124 
 125 main ${@}
 126 
 127 # vim: set ft=sh et sw=0 ts=2 sts=0:
 128