From 93cb5640910546d577e1115c322a5b23d1092433 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 15:28:35 -0400 Subject: [PATCH 01/14] OVOS Docker stuff. --- .gitea/workflows/pr-docker-deploy.yml | 23 ++++++++++++----------- .gitignore | 1 + 2 files changed, 13 insertions(+), 11 deletions(-) create mode 100644 .gitignore diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index f91f39b..581194a 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -166,10 +166,10 @@ jobs: needs: [generate-service-list] runs-on: ubuntu-latest env: - VAULT_ADDR: ${{ secrets.RIKKU_VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} VAULT_NAMESPACE: "" - RIKKU_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }} + REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }} DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }} steps: @@ -178,7 +178,7 @@ jobs: - name: Login to Gitea Container Registry run: | - docker login -u gitea-sonarqube-bot -p ${RIKKU_REGISTRY_PASSWORD} git.trez.wtf + docker login -u gitea-sonarqube-bot -p ${REGISTRY_PASSWORD} git.trez.wtf - name: Cache Vault install id: cache-vault @@ -196,8 +196,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' notification_message: 'Starting Docker Compose dry run...' @@ -206,6 +206,7 @@ jobs: vault kv get -format=json benedikta-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env - name: Get list of Compose files + id: compose_file_list run: | compose_list=$(find . -type f -name "docker-compose*.yml" -a ! -name "*windows*" -a ! -name "*gui*" -a ! -name "*macos*" -a ! -name "*hivemind*" -a ! -name "*server*" | sed -e ':a;N;$!ba;s/[\r\n]/ -f /g') echo "$compose_list" >> "$GITHUB_OUTPUT" @@ -214,11 +215,11 @@ jobs: uses: cssnr/stack-deploy-action@v1.3.2 with: mode: compose - file: docker-compose.yml - name: 'rikku' + file: $ {{ steps.compose_file_list.outputs.compose_list }} + name: 'ovosmisc' host: 192.168.1.252 - user: pi - ssh_key: ${{ secrets.RIKKU_SSH_PRIVATE_KEY }} + user: ovos + ssh_key: ${{ secrets.BENEDIKTA_SSH_PRIVATE_KEY }} args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }} env_file: '.env' registry_host: 'ghcr.io' @@ -229,7 +230,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' notification_message: 'Docker Compose dry run completed successfully.' \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5966c57 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +**/.env -- 2.52.0 From 9be611679e0ed881d4145b4705f779e2b14e5ea0 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 15:55:19 -0400 Subject: [PATCH 02/14] Beszel, Docker Socket Proxy, and Portainer-Agent. --- docker-compose.misc.yml | 64 ++++++++++++++++++++++++++++++----------- 1 file changed, 47 insertions(+), 17 deletions(-) diff --git a/docker-compose.misc.yml b/docker-compose.misc.yml index be31933..9ecb75d 100644 --- a/docker-compose.misc.yml +++ b/docker-compose.misc.yml @@ -1,20 +1,55 @@ name: ovosmisc services: beszel-agent: - image: henrygd/beszel-agent container_name: beszel-agent - restart: unless-stopped - network_mode: host - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - # monitor other disks / partitions by mounting a folder in /extra-filesystems - # - /mnt/disk/.beszel:/extra-filesystems/sda1:ro environment: LISTEN: 45876 - KEY: ${BEZEL_AGENT_KEY} + KEY: '${BESZEL_RIKKU_AGENT_KEY}' + TOKEN: ${BESZEL_BENEDIKTA_TOKEN} + HUB_URL: http://192.168.1.254:22220 + expose: + - 45876 + image: henrygd/beszel-agent + network_mode: host + restart: unless-stopped + volumes: + - beszel-agent-data:/var/lib/beszel-agent + - /var/run/docker.sock:/var/run/docker.sock:ro + - /dev/mmcblk0:/extra-filesystems/dev/mmcblk0:ro + docker-socket-proxy: + container_name: dockerproxy + environment: + AUTH: 0 + BUILD: 0 + COMMIT: 0 + CONFIGS: 0 + CONTAINERS: 1 + DISTRIBUTION: 0 + EVENTS: 0 + EXEC: 0 + GPRC: 0 + IMAGES: 1 + INFO: 1 + NETWORKS: 1 + NODES: 0 + POST: 0 + PLUGINS: 0 + SERVICES: 0 + SESSION: 0 + SYSTEM: 0 + TASKS: 0 + VOLUMES: 0 + LOG_LEVEL: debug + image: ghcr.io/tecnativa/docker-socket-proxy:latest + ports: + - 2375:2375 + privileged: true + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock portainer-agent: container_name: portainer_agent - image: portainer/agent:2.27.0 + image: portainer/agent:latest volumes: - /:/host - /var/lib/docker/volumes:/var/lib/docker/volumes @@ -22,11 +57,6 @@ services: restart: always ports: - 9001:9001 - ovos_config: - container_name: ovos_config - image: ghcr.io/oscillatelabsllc/ovos-skill-config-tool:latest - ports: - - 14152:8000 - user: $(id -u):$(id -g) - volumes: - - $HOME/.config:/home/appuser/.config \ No newline at end of file +volumes: + beszel-agent-data: + name: beszel-agent-data \ No newline at end of file -- 2.52.0 From b00c5ba16609bd27c677b88343b07b39b54a4a7b Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 15:55:52 -0400 Subject: [PATCH 03/14] Testing out passing multiple Compose files to action. --- .gitea/workflows/pr-docker-deploy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 581194a..251ac1b 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -165,6 +165,8 @@ jobs: name: Docker Compose Dry Run needs: [generate-service-list] runs-on: ubuntu-latest + outputs: + compose_file_list: ${{ steps.compose_file_list.outputs.compose_list }} env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} -- 2.52.0 From 7dca2acd3f128b00b8a98790edc790a485b09a6d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:12:06 -0400 Subject: [PATCH 04/14] Secrets and vars corrections. --- .gitea/workflows/pr-docker-deploy.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 251ac1b..1cd2c94 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -8,7 +8,7 @@ on: paths: - 'docker-compose.misc.yml' - 'compose/docker-compose*.yml' - - 'compose/.env*' + - '**/pr-docker-deploy.yml' env: HC_VAULT_VERSION: '1.20.0' @@ -42,8 +42,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: PR Check' notification_message: 'Checking for existing PR... 🔍' @@ -51,7 +51,7 @@ jobs: id: check-opened-pr-step continue-on-error: true run: | - tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + tea login add --name gitea-rinoa --url "${{ secrets.BDIKTA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep '\[DOCKER\].*${{ github.ref_name }}' | tail -1 | wc -l) echo "exists=$pr_exists" >> $GITHUB_OUTPUT @@ -66,8 +66,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: PR Check' notification_message: 'PR Created 🎟️' @@ -89,8 +89,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Services TBD' notification_message: 'Generating list of services to deploy...' @@ -217,11 +217,11 @@ jobs: uses: cssnr/stack-deploy-action@v1.3.2 with: mode: compose - file: $ {{ steps.compose_file_list.outputs.compose_list }} + file: ${{ steps.compose_file_list.outputs.compose_list }} name: 'ovosmisc' host: 192.168.1.252 user: ovos - ssh_key: ${{ secrets.BENEDIKTA_SSH_PRIVATE_KEY }} + ssh_key: ${{ secrets.BDIKTA_GITEA_PRIVATE_SSH_KEY }} args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }} env_file: '.env' registry_host: 'ghcr.io' -- 2.52.0 From f0019169931602e7928e205ac4e0615a704c7b9f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:16:41 -0400 Subject: [PATCH 05/14] Tshooting detect modded services step... --- .gitea/workflows/pr-docker-deploy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 1cd2c94..4cb8497 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -108,6 +108,8 @@ jobs: # Temp files to store all services touch services_main_all.txt services_head_all.txt + pwd + for f in "${COMPOSE_FILES[@]}"; do echo "Processing $f" -- 2.52.0 From c943008ad15072e91d4c513856a495a1eeeaf8d8 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:31:18 -0400 Subject: [PATCH 06/14] Tshooting detect modded services step... --- .gitea/workflows/pr-docker-deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 4cb8497..52a7c8d 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -108,11 +108,11 @@ jobs: # Temp files to store all services touch services_main_all.txt services_head_all.txt - pwd - for f in "${COMPOSE_FILES[@]}"; do echo "Processing $f" + safe_f=$(echo "$f" | sed 's|[./]|_|g') + # Fetch main version git show origin/main:"$f" > "main_$f" 2>/dev/null || touch "main_$f" cp "$f" "head_$f" -- 2.52.0 From 229f71fa9c1aab7582d4bb53a55c2ab249318cbe Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:32:15 -0400 Subject: [PATCH 07/14] Tshooting detect modded services step... --- .gitea/workflows/pr-docker-deploy.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 52a7c8d..b76f79d 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -111,15 +111,16 @@ jobs: for f in "${COMPOSE_FILES[@]}"; do echo "Processing $f" + # Create a safe filename by replacing slashes with underscores safe_f=$(echo "$f" | sed 's|[./]|_|g') # Fetch main version - git show origin/main:"$f" > "main_$f" 2>/dev/null || touch "main_$f" - cp "$f" "head_$f" + git show origin/main:"$f" > "main_${safe_f}" 2>/dev/null || touch "main_${safe_f}" + cp "$f" "head_${safe_f}" # Extract services and append to global list - yq '.services | keys | .[]' "main_$f" >> services_main_all.txt 2>/dev/null || true - yq '.services | keys | .[]' "head_$f" >> services_head_all.txt 2>/dev/null || true + yq '.services | keys | .[]' "main_${safe_f}" >> services_main_all.txt 2>/dev/null || true + yq '.services | keys | .[]' "head_${safe_f}" >> services_head_all.txt 2>/dev/null || true done # Sort and deduplicate @@ -139,8 +140,9 @@ jobs: service="{}" modified=0 for f in "${COMPOSE_FILES[@]}"; do - yq ".services[\"$service\"]" "main_$f" > tmp_main.yml 2>/dev/null || continue - yq ".services[\"$service\"]" "head_$f" > tmp_head.yml 2>/dev/null || continue + safe_f=$(echo "$f" | sed "s|[./]|_|g") + yq ".services[\"$service\"]" "main_${safe_f}" > tmp_main.yml 2>/dev/null || continue + yq ".services[\"$service\"]" "head_${safe_f}" > tmp_head.yml 2>/dev/null || continue if ! diff -q tmp_main.yml tmp_head.yml > /dev/null; then modified=1 break -- 2.52.0 From a377b3d1eed7107fc392a0b9e858612e8cadb15d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:34:21 -0400 Subject: [PATCH 08/14] Tshooting detect modded services step... --- .gitea/workflows/pr-docker-deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index b76f79d..e762324 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -215,6 +215,7 @@ jobs: id: compose_file_list run: | compose_list=$(find . -type f -name "docker-compose*.yml" -a ! -name "*windows*" -a ! -name "*gui*" -a ! -name "*macos*" -a ! -name "*hivemind*" -a ! -name "*server*" | sed -e ':a;N;$!ba;s/[\r\n]/ -f /g') + echo ${compose_list} echo "$compose_list" >> "$GITHUB_OUTPUT" - name: Docker Compose Dry Run -- 2.52.0 From 88fe3fdc9a0919ca5f6edc49f97e4c87d93ce1fd Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:41:06 -0400 Subject: [PATCH 09/14] Adjusting Docker Compose dry run step... --- .gitea/workflows/pr-docker-deploy.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index e762324..5495322 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -214,9 +214,16 @@ jobs: - name: Get list of Compose files id: compose_file_list run: | - compose_list=$(find . -type f -name "docker-compose*.yml" -a ! -name "*windows*" -a ! -name "*gui*" -a ! -name "*macos*" -a ! -name "*hivemind*" -a ! -name "*server*" | sed -e ':a;N;$!ba;s/[\r\n]/ -f /g') - echo ${compose_list} - echo "$compose_list" >> "$GITHUB_OUTPUT" + compose_list=$(find . -type f -name "docker-compose*.yml" \ + -a ! -name "*windows*" \ + -a ! -name "*gui*" \ + -a ! -name "*macos*" \ + -a ! -name "*hivemind*" \ + -a ! -name "*server*" \ + | sed -e ':a;N;$!ba;s/[\r\n]/ -f /g') + + echo "compose_list=$compose_list" >> "$GITHUB_OUTPUT" + echo "Compose files: $compose_list" - name: Docker Compose Dry Run uses: cssnr/stack-deploy-action@v1.3.2 -- 2.52.0 From b5c564b6ed33fb0cfef2a89a2b5ca0863e1cc635 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:46:58 -0400 Subject: [PATCH 10/14] Adjusting Docker Compose dry run step... --- .gitea/workflows/pr-docker-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 5495322..06d876b 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -231,7 +231,7 @@ jobs: mode: compose file: ${{ steps.compose_file_list.outputs.compose_list }} name: 'ovosmisc' - host: 192.168.1.252 + host: 192.168.1.250 user: ovos ssh_key: ${{ secrets.BDIKTA_GITEA_PRIVATE_SSH_KEY }} args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }} -- 2.52.0 From a6e0535cdf57fc35d5c5d78fb19455a8be737a77 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 16:53:06 -0400 Subject: [PATCH 11/14] Adjusting Docker Compose dry run step... --- .gitea/workflows/pr-docker-deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 06d876b..1a72c35 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -236,9 +236,9 @@ jobs: ssh_key: ${{ secrets.BDIKTA_GITEA_PRIVATE_SSH_KEY }} args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }} env_file: '.env' - registry_host: 'ghcr.io' - registry_user: TrezOne - registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }} + # registry_host: 'ghcr.io' + # registry_user: TrezOne + # registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }} summary: true - name: Gotify Notification -- 2.52.0 From 292365d4d2e348cbb355e5dc3987bc92d5576b59 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 17:53:44 -0400 Subject: [PATCH 12/14] Testing new Docker Compose deploy action. --- .gitea/workflows/pr-docker-deploy.yml | 4 +- docker-compose.misc.yml | 94 +++++++++++++++++++++++++++ 2 files changed, 96 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 1a72c35..66915bf 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -220,13 +220,13 @@ jobs: -a ! -name "*macos*" \ -a ! -name "*hivemind*" \ -a ! -name "*server*" \ - | sed -e ':a;N;$!ba;s/[\r\n]/ -f /g') + | sed -e ':a;N;$!ba;s/[\r\n]/ /g') echo "compose_list=$compose_list" >> "$GITHUB_OUTPUT" echo "Compose files: $compose_list" - name: Docker Compose Dry Run - uses: cssnr/stack-deploy-action@v1.3.2 + uses: cssnr/stack-deploy-action@files with: mode: compose file: ${{ steps.compose_file_list.outputs.compose_list }} diff --git a/docker-compose.misc.yml b/docker-compose.misc.yml index 9ecb75d..d3314eb 100644 --- a/docker-compose.misc.yml +++ b/docker-compose.misc.yml @@ -1,4 +1,8 @@ name: ovosmisc + +x-watchtower-monitor: &watchtower-monitor + labels: + com.centurylinklabs.watchtower.monitor-only: true services: beszel-agent: container_name: beszel-agent @@ -47,6 +51,68 @@ services: restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock + ovos_audio: + <<: *watchtower-monitor + ovos_cli: + <<: *watchtower-monitor + ovos_core: + <<: *watchtower-monitor + ovos_listener: + <<: *watchtower-monitor + ovos_messagebus: + <<: *watchtower-monitor + ovos_phal: + <<: *watchtower-monitor + ovos_phal_admin: + <<: *watchtower-monitor + ovos_plugin_ggwave: + <<: *watchtower-monitor + ovos_skill_alerts: + <<: *watchtower-monitor + ovos_skill_camera: + <<: *watchtower-monitor + ovos_skill_date_time: + <<: *watchtower-monitor + ovos_skill_duckduckgo: + <<: *watchtower-monitor + ovos_skill_easter_eggs: + <<: *watchtower-monitor + ovos_skill_fallback_unknown: + <<: *watchtower-monitor + ovos_skill_ggwave: + <<: *watchtower-monitor + ovos_skill_hello_world: + <<: *watchtower-monitor + ovos_skill_jokes: + <<: *watchtower-monitor + ovos_skill_parrot: + <<: *watchtower-monitor + ovos_skill_personal: + <<: *watchtower-monitor + ovos_skill_randomness: + <<: *watchtower-monitor + ovos_skill_volume: + <<: *watchtower-monitor + ovos_skill_weather: + <<: *watchtower-monitor + ovos_skill_wikihow: + <<: *watchtower-monitor + ovos_skill_wikipedia: + <<: *watchtower-monitor + ovos_skill_wolfie: + <<: *watchtower-monitor + ovos_skill_wordnet: + <<: *watchtower-monitor + signoz-logspout: + command: signoz://192.168.1.254:8082 + container_name: signoz-logspout + environment: + ENV: prod + SIGNOZ_LOG_ENDPOINT: http://192.168.1.254:8082 + image: pavanputhra/logspout-signoz + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock portainer-agent: container_name: portainer_agent image: portainer/agent:latest @@ -57,6 +123,34 @@ services: restart: always ports: - 9001:9001 + watchtower: + container_name: watchtower + environment: + REPO_PASS: + REPO_USER: + TZ: ${TZ} + WATCHTOWER_CLEANUP: true + WATCHTOWER_INCLUDE_STOPPED: false + WATCHTOWER_MONITOR_ONLY: false + WATCHTOWER_NOTIFICATIONS: gotify + WATCHTOWER_NOTIFICATIONS_LEVEL: info + WATCHTOWER_NOTIFICATION_TEMPLATE: '{{range .}}{{.Message}}{{println}}{{end}}' + WATCHTOWER_NOTIFICATION_URL: + WATCHTOWER_SCHEDULE: 0 0 4 * * * + WATCHTOWER_TIMEOUT: 30s + WATCHTOWER_HTTP_API_METRICS: true + WATCHTOWER_HTTP_API_TOKEN: ${WATCHTOWER_HTTP_API_TOKEN} + WATCHTOWER_NOTIFICATION_GOTIFY_URL: ${WATCHTOWER_NOTIFICATION_GOTIFY_URL} + WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN: ${WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN} + WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY: true + expose: + - 8080 + hostname: Rikku + image: ghcr.io/containrrr/watchtower:latest + restart: unless-stopped + volumes: + - /etc/localtime:/etc/localtime:ro + - /var/run/docker.sock:/var/run/docker.sock:ro volumes: beszel-agent-data: name: beszel-agent-data \ No newline at end of file -- 2.52.0 From 8ae7e6917ee2b59b55dcc17fcbb863ebddbff53c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 18:04:40 -0400 Subject: [PATCH 13/14] Testing new Docker Compose deploy action. --- .gitea/workflows/pr-docker-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index 66915bf..b4432ce 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -156,7 +156,7 @@ jobs: echo "Detected service changes:" cat service_changes.txt - mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq) + mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq | tr '\n' ' ' | sed 's/ *$//') echo "docker_svc_list<> "$GITHUB_OUTPUT" echo "$mod_svcs" >> "$GITHUB_OUTPUT" echo "EOF" >> "$GITHUB_OUTPUT" -- 2.52.0 From 17e9ebf06a1218f41123ca509b0775b1127107f9 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 1 Sep 2025 18:24:37 -0400 Subject: [PATCH 14/14] Adding the rest of the Docker deploy workflow. --- .gitea/workflows/pr-docker-deploy.yml | 117 +++++++++++++++++++++++++- 1 file changed, 114 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/pr-docker-deploy.yml b/.gitea/workflows/pr-docker-deploy.yml index b4432ce..c8e8553 100644 --- a/.gitea/workflows/pr-docker-deploy.yml +++ b/.gitea/workflows/pr-docker-deploy.yml @@ -204,7 +204,7 @@ jobs: with: gotify_api_base: '${{ secrets.GOTIFY_URL }}' gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' - notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' + notification_title: 'GITEA: Docker Compose Dry Run @ Benedikta' notification_message: 'Starting Docker Compose dry run...' - name: Generate .env file for Docker Compose @@ -246,5 +246,116 @@ jobs: with: gotify_api_base: '${{ secrets.GOTIFY_URL }}' gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' - notification_title: 'GITEA: Docker Compose Dry Run @ Rikku' - notification_message: 'Docker Compose dry run completed successfully.' \ No newline at end of file + notification_title: 'GITEA: Docker Compose Dry Run @ Benedikta' + notification_message: 'Docker Compose dry run completed successfully.' + + pr-merge: + name: PR Merge + needs: [generate-service-list, docker-compose-dry-run] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Cache tea CLI + id: cache-tea + uses: actions/cache@v4 + with: + path: /opt/hostedtoolcache/tea/${{ env.TEA_VERSION }}/x64 + key: tea-${{ runner.os }}-${{ env.TEA_VERSION }} + + - name: Install tea + uses: supplypike/setup-bin@v4 + with: + uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64 + name: tea + version: ${{ env.TEA_VERSION }} + + - name: PR Merge + id: pr_merge + run: | + tea login add --name gitea-rinoa --url ${{ secrets.BDIKTA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + tea login default gitea-rinoa + echo "Merging PR..." + pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g') + tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" ${pr_index} + echo "pr_index=${pr_index}" >> $GITHUB_OUTPUT + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: PR Merge Successful' + notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.' + + docker-compose-deploy: + name: Docker Compose Deployment + runs-on: ubuntu-latest + needs: [pr-merge] + env: + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} + REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }} + DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }} + COMPOSE_FILE_LIST: ${{ needs.docker-compose-dry-run.outputs.compose_file_list }} + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: main + + - name: Cache Vault install + id: cache-vault + uses: actions/cache@v4 + with: + path: /opt/hostedtoolcache/vault/${{ env.HC_VAULT_VERSION }}/x64 + key: vault-${{ runner.os }}-${{ env.HC_VAULT_VERSION }} + + - name: Install Vault (only if not cached) + if: steps.cache-vault.outputs.cache-hit != 'true' + uses: cpanato/vault-installer@main + with: + version: ${{ env.HC_VAULT_VERSION }} + + - name: Login to Gitea Container Registry + run: | + docker login -u gitea-sonarqube-bot -p ${REGISTRY_PASSWORD} git.trez.wtf + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Docker Compose Deployment @ Benedikta' + notification_message: 'Starting Docker Compose run...' + + - name: Generate .env file for deployment + run: | + vault kv get -format=json benedikta-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env + echo ${DOCKER_SVC_LIST} + echo ${COMPOSE_FILE_LIST} + + - name: Docker Compose Deployment + uses: cssnr/stack-deploy-action@v1.3.2 + with: + mode: compose + file: ${{ needs.docker-compose-dry-run.outputs.compose_file_list }} + name: 'ovosmisc' + host: 192.168.1.250 + user: ovos + ssh_key: ${{ secrets.BDIKTA_GITEA_PRIVATE_SSH_KEY }} + args: --remove-orphans -d ${{ needs.generate-service-list.outputs.svc_deploy_list }} + env_file: '.env' + # registry_host: 'ghcr.io' + # registry_user: TrezOne + # registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }} + summary: true + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Docker Compose Deployment @ Benedikta' + notification_message: 'Deployment completed successfully.' \ No newline at end of file -- 2.52.0