From 6add037c5bd93d6a6db79128425ee7160412a9b9 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 15:02:22 -0400 Subject: [PATCH] Configs moved to tar-valon-ansible; Docker Compose files. --- .gitea/workflows/deploy.yml.init | 55 ----- .gitea/workflows/ovos-compose-upstream.yml | 29 +++ .gitea/workflows/pr-docker-deploy.yml | 235 +++++++++++++++++++++ docker-compose.misc.yml | 32 +++ update-sync-ovos-compose.sh | 46 ++++ 5 files changed, 342 insertions(+), 55 deletions(-) delete mode 100644 .gitea/workflows/deploy.yml.init create mode 100644 .gitea/workflows/ovos-compose-upstream.yml create mode 100644 .gitea/workflows/pr-docker-deploy.yml create mode 100644 docker-compose.misc.yml create mode 100755 update-sync-ovos-compose.sh diff --git a/.gitea/workflows/deploy.yml.init b/.gitea/workflows/deploy.yml.init deleted file mode 100644 index 03293e3..0000000 --- a/.gitea/workflows/deploy.yml.init +++ /dev/null @@ -1,55 +0,0 @@ -name: Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment -on: - push: - branches-ignore: - - 'main' -jobs: - check-and-create-pr: - if: github.ref != 'refs/heads/main' - name: Check and Create PR - runs-on: ubuntu-latest - steps: - - name: Checkout Code - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - name: Cache tea CLI - id: cache-tea - uses: actions/cache@v4 - with: - path: /opt/hostedtoolcache/tea/0.9.2/x64 - key: tea-${{ runner.os }}-0.9.2 - - name: Install tea - uses: supplypike/setup-bin@v4 - with: - uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64' - name: 'tea' - version: '0.9.2' - - name: Gotify Notification - uses: eikendev/gotify-action@master - with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' - notification_title: 'GITEA: PR Check' - notification_message: 'Checking for existing PR... 🔍' - - name: Check if open PR exists - id: check-opened-pr-step - continue-on-error: true - run: | - tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} - pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep ${{ github.ref_name }} | tail -1 | wc -l) - echo "exists=$pr_exists" >> $GITHUB_OUTPUT - - name: Create PR - if: ${{ steps.check-opened-pr-step.outputs.exists == '0' }} - run: | - tea login default gitea-rinoa - pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}') - pr_index_new=$(expr ${pr_index_old} + 1) - tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose, Ansible Configs.j2" - - name: Gotify Notification - uses: eikendev/gotify-action@master - with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' - notification_title: 'GITEA: PR Check' - notification_message: 'PR Created 🎟️' diff --git a/.gitea/workflows/ovos-compose-upstream.yml b/.gitea/workflows/ovos-compose-upstream.yml new file mode 100644 index 0000000..b9ef923 --- /dev/null +++ b/.gitea/workflows/ovos-compose-upstream.yml @@ -0,0 +1,29 @@ +name: Sync Compose Directory + +on: + schedule: + # Runs at 2:00 UTC every day; adjust as needed + - cron: "0 2 * * *" + workflow_dispatch: # allows manual trigger + +jobs: + sync-compose: + runs-on: ubuntu-latest + steps: + # Step 1: Checkout the repo + - name: Checkout benedikta-ovos + uses: actions/checkout@v3 + + - name: Sync compose from ovos-docker + run: | + # Make the sync script executable + chmod +x ./update-sync-ovos-compose-compose.sh + # Run the script + ./update-sync-ovos-compose.sh + + - name: Commit & push changes + uses: EndBug/add-and-commit@v9 + with: + add: "compose" + message: "Update compose/ from ovos-docker:dev" + push: true diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml new file mode 100644 index 0000000..f91f39b --- /dev/null +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -0,0 +1,235 @@ +name: Gitea Branch PR & Docker Deployment + +on: + workflow_dispatch: + push: + branches-ignore: + - 'main' + paths: + - 'docker-compose.misc.yml' + - 'compose/docker-compose*.yml' + - 'compose/.env*' + +env: + HC_VAULT_VERSION: '1.20.0' + TEA_VERSION: '0.10.1' + +jobs: + check-and-create-pr: + if: github.ref != 'refs/heads/main' + name: Check and Create PR + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Cache tea CLI + id: cache-tea + uses: actions/cache@v4 + with: + path: /opt/hostedtoolcache/tea/${{ env.TEA_VERSION }}/x64 + key: tea-${{ runner.os }}-${{ env.TEA_VERSION }} + + - name: Install tea + uses: supplypike/setup-bin@v4 + with: + uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64 + name: tea + version: ${{ env.TEA_VERSION }} + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: PR Check' + notification_message: 'Checking for existing PR... 🔍' + + - name: Check if open PR exists + id: check-opened-pr-step + continue-on-error: true + run: | + tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep '\[DOCKER\].*${{ github.ref_name }}' | tail -1 | wc -l) + echo "exists=$pr_exists" >> $GITHUB_OUTPUT + + - name: Create PR + if: ${{ steps.check-opened-pr-step.outputs.exists == '0' }} + run: | + tea login default gitea-rinoa + pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}') + pr_index_new=$(expr ${pr_index_old} + 1) + tea pr c -r ${{ github.repository }} -t "[DOCKER] Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose" + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: PR Check' + notification_message: 'PR Created 🎟️' + + generate-service-list: + name: Generate list of added/modified/deleted services + runs-on: ubuntu-latest + needs: [check-and-create-pr] + outputs: + svc_deploy_list: ${{ steps.detect_services.outputs.docker_svc_list }} + steps: + + - name: Checkout + uses: actions/checkout@v4 + + - name: Fetch base branch + run: | + git fetch origin ${{ github.event.pull_request.base.ref }} + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Services TBD' + notification_message: 'Generating list of services to deploy...' + + - name: Detect added, deleted, and modified services + id: detect_services + run: | + echo "Getting services from main and ${{ github.ref_name }}" + + # Dynamically find all docker-compose YAML files (root + compose folder) + COMPOSE_FILES=($(find . -maxdepth 2 -type f -name 'docker-compose*.yml' | sort)) + + echo "Found Compose files:" + printf '%s\n' "${COMPOSE_FILES[@]}" + + # Temp files to store all services + touch services_main_all.txt services_head_all.txt + + for f in "${COMPOSE_FILES[@]}"; do + echo "Processing $f" + + # Fetch main version + git show origin/main:"$f" > "main_$f" 2>/dev/null || touch "main_$f" + cp "$f" "head_$f" + + # Extract services and append to global list + yq '.services | keys | .[]' "main_$f" >> services_main_all.txt 2>/dev/null || true + yq '.services | keys | .[]' "head_$f" >> services_head_all.txt 2>/dev/null || true + done + + # Sort and deduplicate + sort -u services_main_all.txt -o services_main_all.txt + sort -u services_head_all.txt -o services_head_all.txt + + echo "Creating list of modified services..." + touch service_changes.txt + + # Added services + comm -13 services_main_all.txt services_head_all.txt | while read service; do + echo "$service: added" >> service_changes.txt + done + + # Modified services (parallelized) + comm -12 services_main_all.txt services_head_all.txt | xargs -n1 -P4 -I{} bash -c ' + service="{}" + modified=0 + for f in "${COMPOSE_FILES[@]}"; do + yq ".services[\"$service\"]" "main_$f" > tmp_main.yml 2>/dev/null || continue + yq ".services[\"$service\"]" "head_$f" > tmp_head.yml 2>/dev/null || continue + if ! diff -q tmp_main.yml tmp_head.yml > /dev/null; then + modified=1 + break + fi + done + if [[ $modified -eq 1 ]]; then + echo "$service: modified" >> service_changes.txt + fi + ' + + echo "Detected service changes:" + cat service_changes.txt + + mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq) + echo "docker_svc_list<> "$GITHUB_OUTPUT" + echo "$mod_svcs" >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" + + - name: List of Services for (Re)Deployment + run: | + echo -e "${{ steps.detect_services.outputs.docker_svc_list }}" + + docker-compose-dry-run: + name: Docker Compose Dry Run + needs: [generate-service-list] + runs-on: ubuntu-latest + env: + VAULT_ADDR: ${{ secrets.RIKKU_VAULT_ADDR }} + VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} + VAULT_NAMESPACE: "" + RIKKU_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }} + DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }} + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Login to Gitea Container Registry + run: | + docker login -u gitea-sonarqube-bot -p ${RIKKU_REGISTRY_PASSWORD} git.trez.wtf + + - name: Cache Vault install + id: cache-vault + uses: actions/cache@v4 + with: + path: /opt/hostedtoolcache/vault/${{ env.HC_VAULT_VERSION }}/x64 + key: vault-${{ runner.os }}-${{ env.HC_VAULT_VERSION }} + + - name: Install Vault (only if not cached) + if: steps.cache-vault.outputs.cache-hit != 'true' + uses: cpanato/vault-installer@main + with: + version: ${{ env.HC_VAULT_VERSION }} + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' + notification_message: 'Starting Docker Compose dry run...' + + - name: Generate .env file for Docker Compose + run: | + vault kv get -format=json benedikta-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env + + - name: Get list of Compose files + run: | + compose_list=$(find . -type f -name "docker-compose*.yml" -a ! -name "*windows*" -a ! -name "*gui*" -a ! -name "*macos*" -a ! -name "*hivemind*" -a ! -name "*server*" | sed -e ':a;N;$!ba;s/[\r\n]/ -f /g') + echo "$compose_list" >> "$GITHUB_OUTPUT" + + - name: Docker Compose Dry Run + uses: cssnr/stack-deploy-action@v1.3.2 + with: + mode: compose + file: docker-compose.yml + name: 'rikku' + host: 192.168.1.252 + user: pi + ssh_key: ${{ secrets.RIKKU_SSH_PRIVATE_KEY }} + args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }} + env_file: '.env' + registry_host: 'ghcr.io' + registry_user: TrezOne + registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }} + summary: true + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' + notification_message: 'Docker Compose dry run completed successfully.' \ No newline at end of file diff --git a/docker-compose.misc.yml b/docker-compose.misc.yml new file mode 100644 index 0000000..be31933 --- /dev/null +++ b/docker-compose.misc.yml @@ -0,0 +1,32 @@ +name: ovosmisc +services: + beszel-agent: + image: henrygd/beszel-agent + container_name: beszel-agent + restart: unless-stopped + network_mode: host + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + # monitor other disks / partitions by mounting a folder in /extra-filesystems + # - /mnt/disk/.beszel:/extra-filesystems/sda1:ro + environment: + LISTEN: 45876 + KEY: ${BEZEL_AGENT_KEY} + portainer-agent: + container_name: portainer_agent + image: portainer/agent:2.27.0 + volumes: + - /:/host + - /var/lib/docker/volumes:/var/lib/docker/volumes + - /var/run/docker.sock:/var/run/docker.sock + restart: always + ports: + - 9001:9001 + ovos_config: + container_name: ovos_config + image: ghcr.io/oscillatelabsllc/ovos-skill-config-tool:latest + ports: + - 14152:8000 + user: $(id -u):$(id -g) + volumes: + - $HOME/.config:/home/appuser/.config \ No newline at end of file diff --git a/update-sync-ovos-compose.sh b/update-sync-ovos-compose.sh new file mode 100755 index 0000000..8b2ff45 --- /dev/null +++ b/update-sync-ovos-compose.sh @@ -0,0 +1,46 @@ +#!/usr/bin/env bash +set -euo pipefail + +# Config +OVOS_DOCKER_DIR="../ovos-docker" +OVOS_REMOTE="ovos-docker-local" +SPLIT_BRANCH="compose-split" +PREFIX="compose" + +# Clone ovos-docker if missing +if [ ! -d "$OVOS_DOCKER_DIR/.git" ]; then + echo "Cloning ovos-docker..." + git clone https://github.com/OpenVoiceOS/ovos-docker.git "$OVOS_DOCKER_DIR" +fi + +# Update ovos-docker +echo "Updating ovos-docker..." +cd "$OVOS_DOCKER_DIR" +git fetch origin +git checkout dev +git pull origin dev + +# Create split branch +echo "Splitting compose/ directory..." +git branch -D "$SPLIT_BRANCH" 2>/dev/null || true +git subtree split --prefix=$PREFIX origin/dev -b "$SPLIT_BRANCH" + +# Go back to benedikta-ovos +cd - >/dev/null + +# Add remote if not exists +if ! git remote | grep -q "$OVOS_REMOTE"; then + git remote add "$OVOS_REMOTE" "$OVOS_DOCKER_DIR" +fi +git fetch "$OVOS_REMOTE" + +# Check if compose/ already exists in benedikta-ovos +if [ ! -d "$PREFIX" ]; then + echo "Adding compose/ for the first time..." + git subtree add --prefix=$PREFIX "$OVOS_REMOTE" "$SPLIT_BRANCH" --squash +else + echo "Updating existing compose/ directory..." + git subtree pull --prefix=$PREFIX "$OVOS_REMOTE" "$SPLIT_BRANCH" --squash +fi + +echo "✅ compose/ is synced with ovos-docker:dev"