-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ATOR-173 - Bandwidth authority setup, docker support and CI
- Loading branch information
Showing
17 changed files
with
645 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
name: Build and Push Docker Image | ||
inputs: | ||
docker-username: | ||
required: true | ||
docker-password: | ||
required: true | ||
docker-tag: | ||
required: true | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Log in to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ inputs.docker-username }} | ||
password: ${{ inputs.docker-password }} | ||
|
||
- name: Build and push Docker image of scanner | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
file: ./docker/Dockerfile | ||
push: true | ||
tags: ${{ inputs.docker-username }}/sbws-scanner:${{ github.sha }},${{ inputs.docker-username }}/sbws-scanner:${{ inputs.docker-tag }} | ||
|
||
- name: Build and push Docker image of destination | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: ./docker/destination | ||
file: ./docker/destination/Dockerfile | ||
push: true | ||
tags: ${{ inputs.docker-username }}/sbws-destination:${{ github.sha }},${{ inputs.docker-username }}/sbws-destination:${{ inputs.docker-tag }} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
name: 'Deploy new version' | ||
inputs: | ||
environment: | ||
required: true | ||
nomad-cacert: | ||
required: true | ||
nomad-token: | ||
required: true | ||
nomad-addr: | ||
required: true | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Deploy new version | ||
shell: bash | ||
env: | ||
NOMAD_CACERT: ${{ inputs.nomad-cacert }} | ||
NOMAD_TOKEN: ${{ inputs.nomad-token }} | ||
NOMAD_ADDR: ${{ inputs.nomad-addr }} | ||
run: | | ||
curl -L https://releases.hashicorp.com/nomad/1.6.3/nomad_1.6.3_linux_amd64.zip -o nomad.zip | ||
unzip nomad.zip | ||
./nomad job run operations/deploy-${{ inputs.environment }}.hcl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
name: Build and Push Docker Image | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- development | ||
workflow_dispatch: | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Check out the repo | ||
uses: actions/checkout@v4 | ||
- name: Build and push | ||
uses: ./.github/actions/build-and-push | ||
with: | ||
docker-username: ${{ secrets.DOCKER_HUB_USERNAME }} | ||
docker-password: ${{ secrets.DOCKER_HUB_PASSWORD }} | ||
docker-tag: latest-dev | ||
# - name: Deploy | ||
# uses: ./.github/actions/deploy | ||
# with: | ||
# environment: dev | ||
# nomad-cacert: operations/admin-ui-ca.crt | ||
# nomad-token: ${{ secrets.NOMAD_TOKEN_SBWS_DEPLOY }} | ||
# nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
name: Build and Push Docker Image | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
workflow_dispatch: | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Check out the repo | ||
uses: actions/checkout@v4 | ||
- name: Build and push | ||
uses: ./.github/actions/build-and-push | ||
with: | ||
docker-username: ${{ secrets.DOCKER_HUB_USERNAME }} | ||
docker-password: ${{ secrets.DOCKER_HUB_PASSWORD }} | ||
docker-tag: latest | ||
- name: Deploy | ||
uses: ./.github/actions/deploy | ||
with: | ||
environment: stage | ||
nomad-cacert: operations/admin-ui-ca.crt | ||
nomad-token: ${{ secrets.NOMAD_TOKEN_SBWS_DEPLOY }} | ||
nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,3 +13,4 @@ dist | |
build | ||
*.lockfile | ||
chutney | ||
.idea |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
FROM nginx | ||
|
||
WORKDIR /app/destination | ||
|
||
COPY docker-entrypoint.sh /app/destination | ||
|
||
#COPY default.conf /etc/nginx/conf.d/default.conf | ||
|
||
ENTRYPOINT [ "sh", "docker-entrypoint.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
server { | ||
|
||
root /app/destination/data; | ||
|
||
autoindex on; | ||
|
||
listen 0.0.0.0:80; | ||
|
||
location / { | ||
try_files $uri $uri/ =404; | ||
} | ||
|
||
location ~/\.ht { | ||
deny all; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
mkdir -p data && cd data | ||
|
||
head -c $((1024*1024*1024)) /dev/urandom > 1GiB | ||
|
||
nginx -g 'daemon off;' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
version: '2.2' | ||
services: | ||
sbws-scanner: | ||
image: sbws-scanner | ||
restart: always | ||
volumes: | ||
- ./scanner/.sbws.ini:/root/.sbws.ini | ||
- ./scanner/data/:/app/scanner/data | ||
sbws-destination: | ||
image: sbws-destination | ||
restart: always | ||
ports: | ||
- "8888:80" | ||
volumes: | ||
- ./destination/default.conf:/etc/nginx/conf.d/default.conf | ||
- ./destination/data/:/app/destination/data |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
# Minimum configuration that needs to be customized | ||
[scanner] | ||
# ISO 3166-1 alpha-2 country code where the scanner is located. | ||
# Default AA, to detect it was not edited. | ||
country = DE | ||
# A human-readable string with chars in a-zA-Z0-9 to identify the dirauth | ||
# nickname that will publish the BandwidthFiles generated from this scanner. | ||
# Default to a non existing dirauth_nickname to detect it was not edited. | ||
dirauth_nickname = Anon | ||
|
||
[destinations] | ||
# With several destinations, the scanner can continue even if some of them | ||
# fail, which can be caused by a network problem on their side. | ||
# If all of them fail, the scanner will stop, which | ||
# will happen if there is network problem on the scanner side. | ||
|
||
# A destination can be disabled changing `on` by `off` | ||
foo = on | ||
|
||
[destinations.foo] | ||
# the domain and path to the 1GB file or POST URL. | ||
url = http://host.docker.internal:8888/1GiB | ||
# Whether to verify or not the TLS certificate. Default True | ||
verify = False | ||
# ISO 3166-1 alpha-2 country code where the Web server destination is located. | ||
# Default AA, to detect it was not edited. | ||
# Use ZZ if the location is unknown (for instance, a CDN). | ||
country = ZZ | ||
|
||
## The following logging options are set by default. | ||
## There is no need to change them unless other options are preferred. | ||
; [logging] | ||
; # Whether or not to log to a rotating file the directory paths.log_dname | ||
; to_file = yes | ||
; # Whether or not to log to stdout | ||
; to_stdout = yes | ||
; # Whether or not to log to syslog | ||
; # NOTE that when sbws is launched by systemd, stdout goes to journal and | ||
; # syslog. | ||
; to_syslog = no | ||
|
||
; # Level to log at. Debug, info, warning, error, critical. | ||
; # `level` must be set to the lower of all the handler levels. | ||
; level = debug | ||
; to_file_level = debug | ||
; to_stdout_level = info | ||
; to_syslog_level = info | ||
; # Format string to use when logging | ||
; format = %(module)s[%(process)s]: <%(levelname)s> %(message)s | ||
; # verbose formatter useful for debugging | ||
; to_file_format = %(asctime)s %(levelname)s %(threadName)s %(filename)s:%(lineno)s - %(funcName)s - %(message)s | ||
; # Not adding %(asctime)s to to stdout since it'll go to syslog when using | ||
; # systemd, and it'll have already the date. | ||
; to_stdout_format = ${format} | ||
; to_syslog_format = ${format} | ||
|
||
# To disable certificate validation, uncomment the following | ||
# verify = False |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
FROM debian:bookworm | ||
|
||
RUN apt update && \ | ||
DEBIAN_FRONTEND=noninteractive apt install -y \ | ||
python3-dateutil python3-stem pip cron | ||
# pip install requests | ||
|
||
WORKDIR /app/scanner | ||
|
||
ADD ../.. /app/scanner/temp | ||
|
||
RUN cd temp && ls -la && \ | ||
pip install . --break-system-packages && \ | ||
cp docker/scanner/docker-entrypoint.sh .. && \ | ||
cd .. && \ | ||
rm -rf temp | ||
|
||
ENTRYPOINT [ "sh", "docker-entrypoint.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
mkdir -p /app/scanner/data/logs | ||
|
||
crontab -l | { cat; echo "*/5 * * * * sbws generate >> /app/scanner/data/logs/generate.log 2>&1"; } | crontab - | ||
crontab -l | { cat; echo "30 0 * * * sbws cleanup >> /app/scanner/data/logs/cleanup.log 2>&1"; } | crontab - | ||
|
||
cron -f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
-----BEGIN CERTIFICATE----- | ||
MIIFVzCCAz+gAwIBAgIUdUo5LO+M2vEiSyfvDSOhKxVBko0wDQYJKoZIhvcNAQEL | ||
BQAwOzELMAkGA1UEBhMCTk8xETAPBgNVBAoMCEF0b3IgTExDMRkwFwYDVQQDDBBB | ||
dG9yIEFkbWluIFVJIENBMB4XDTIzMDUxMDE0NTk0M1oXDTQzMDIyNDE0NTk0M1ow | ||
OzELMAkGA1UEBhMCTk8xETAPBgNVBAoMCEF0b3IgTExDMRkwFwYDVQQDDBBBdG9y | ||
IEFkbWluIFVJIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1gcK | ||
cqC81T4YHcu3DfoSA2ghART6ImQSStXhuJfWqJPjJG0PtT58t3OJ6jS84zxTWPoZ | ||
e2gfcA4VunW5+gTTQVra8gBdNthT4jOZJ9TYS54kSRJ9st7ZPctOYzD97NXeMeWp | ||
TCgtkoGhaVLBeFE2z8xI2V+coIs00WG+GyC1St4DlmbezKUrpODWdfiRZfYa3lNy | ||
uamPLY3nsDq8APVq4BKrauAxfnVmeItIdjC82KhCykeWyVVOrj7PeXbfWus79YON | ||
KuXsLbFnSR1xO5QEtaYk3A3XXN81Xe0i5qNoWJAczYIrPLAsjIo+fDw/8ENoC9+j | ||
SfS6gNdgd0A2Le31J5Bd76QZipDBa9+5EhZNGK/19qfypTzayRT4JpErAa8zKGIy | ||
V9csdacobuQ+0UuU+li8EavWl8vFUSb1Uh1cnhudhr2NbAiuqjwwffOmgcTnOESg | ||
cbAXPUhGWSQU2DyrFiDebo/HbiFZGzKxL7FcoK1j08gqcMzc+3gIF4uCKkMM+rk0 | ||
5GWNsp3VoQv9E5ytYYbN8Lk1yxRY3KWhISiDmK/cS3FW4LRrcS2H+Se+hWLNyHDN | ||
P0yQXQh068DdCjZAQYOeXcQWKBAI1kcwu6KyidOpZKwhCZKbMGHsoURhKsfL9NEh | ||
HDjQXrPXJ7d++Akmek2Eu9tXz7sVFJE7mB3SE0cCAwEAAaNTMFEwHQYDVR0OBBYE | ||
FJAGJ5Vj7nX/cRLIKorIuudZoHcbMB8GA1UdIwQYMBaAFJAGJ5Vj7nX/cRLIKorI | ||
uudZoHcbMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAFk8SYO0 | ||
w0RHpCfrytF/rFTZUtIPNnol3/PRMq6WYT/fmTLhpt8S8+Yuz6YykRzVf4JI4LT8 | ||
Y5nbZV/5fynbCfOP3pBWl/C7npdQtVsGVGVX7Hh1M+8Q9RKl+NA8gyHxKYfXJtEr | ||
c6sSewBJ62eARP4dztbO8T/ydvfI6VJyKbJhGeO7vU+p13qbYAVMYeQ3sUjpazKZ | ||
haqtTRp2lNDKK4SJ2mxW+pnac8S8E88+LP1O8U0hZphddfRgmwjuzeu+remwjkF8 | ||
obreQRk2BR58v+tGTxfxHT0XJSK9b+G7QRmEKy+V4hXZPcynF5Xbdqu8fT7cVF6s | ||
TfL9dCDMQoBsiWElFllSmBruWvp5gv086fwObFeQfw94Y3qvFawLMPUdI76uYPlR | ||
3VuAs5MFncohOL12+/2o4nST2v4WKDLoWxcze49r6iCFMe2UEhhuydEXnQHp7el9 | ||
w1NMfXxH6PzOAvMG1WtlkyT45agAIETW76/SSJH8e9j21m6cXcaaK6kJvhPga1X7 | ||
Cd3XaiTg1r39S7Nxm/g8xDmVV738lguuj3TN5RwbNfR/rNcVUG5VUNDGea/bzQLl | ||
eyjkXk1rFn5mYTf8tCcFfvu7pcH0Ds902zZvdysvaMGCxQu3bVpdkSn+3/6dUNCA | ||
FFWzsbx0wrWxCyFPedz8OWgtdYu1TMtvXrWE | ||
-----END CERTIFICATE----- |
Oops, something went wrong.