github.com
/
plausible-hosting
mirror of https://github.com/plausible/hosting.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity

add swarm deployment

This commit is contained in:
Martin Braun 2022-08-02 12:02:37 +02:00
parent f768205710
commit d12a687f12
7 changed files with 229 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
swarm/README.md Normal file
View File

@ -0,0 +1,35 @@
# How to deploy
This deployment uses docker-stack-deploy to make secret and configuration management easier. See https://github.com/neuroforgede/docker-stack-deploy.
This assumes you have a Docker swarm running. Once set up, you will need a
traefik instance configured to work with constraint `traefik-public` and a network `traefik-public`.
This also expects encryption to be handled outside of docker swarm by a LB that has access to the Swarm.
Also, Geo-IP is not supported yet (but being worked on).
## 1. Adapt passwords in plausible
Admin users are users that are allowed to create new passwords.
To manage these users, simply adapt the file `secrets/admin_users.sh`
## 2. Adapt values in swarm/secrets/plausible_analytics/plausible-conf.env
Replace all variables with `<placeholders>` according to your needs.
## 3. Adapt values in swarm/plausible.yml
Replace all variables with `<placeholders>` according to your needs.
## 4. Run deploy
```
bash deploy.sh
```
## 5. Use it
You can now find your plausible application under the domain you configured in `swarm/secrets/plausible_analytics/plausible-conf.env`.
Creating new passwords will require the login from login from `swarm/secrets/plausible_analytics/plausible-conf.env`.

14
swarm/configs/clickhouse/clickhouse-config.xml Normal file
View File

@ -0,0 +1,14 @@
<yandex>
<logger>
<level>warning</level>
<console>true</console>
</logger>
<!-- Stop all the unnecessary logging -->
<query_thread_log remove="remove"/>
<query_log remove="remove"/>
<text_log remove="remove"/>
<trace_log remove="remove"/>
<metric_log remove="remove"/>
<asynchronous_metric_log remove="remove"/>
</yandex>

8
swarm/configs/clickhouse/clickhouse-user-config.xml Normal file
View File

@ -0,0 +1,8 @@
<yandex>
<profiles>
<default>
<log_queries>0</log_queries>
<log_query_threads>0</log_query_threads>
</default>
</profiles>
</yandex>

2
swarm/deploy.sh Normal file
View File

@ -0,0 +1,2 @@
#!/bin/bash
docker-sdp stack deploy -c plausible.yml plausible

162
swarm/plausible.yml Normal file
View File

@ -0,0 +1,162 @@
version: "3.3"
services:
mail:
image: bytemark/smtp
networks:
- plausible_network
deploy:
mode: replicated
replicas: 1
plausible_db:
image: postgres:12
networks:
plausible_network:
aliases:
- postgres.plausible.local
volumes:
- db-data:/data/postgres
environment:
- POSTGRES_PASSWORD=<postgres-password>
- PGDATA=/data/postgres/pgdata
- POSTGRES_USER=plausible
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.labels.hetzner_location == nbg1
resources:
limits:
cpus: "1.00"
memory: 2048M
reservations:
cpus: "0.25"
memory: 512M
plausible_events_db:
image: clickhouse/clickhouse-server:22.5.3.21
networks:
- plausible_network
configs:
- source: clickhouse_config_xml
target: /etc/clickhouse-server/config.d/logging.xml
uid: "1000"
gid: "1000"
mode: 0444
- source: clickhouse_user_config_xml
target: /etc/clickhouse-server/users.d/logging.xml
uid: "1000"
gid: "1000"
mode: 0444
volumes:
- event-data:/var/lib/clickhouse
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.labels.hetzner_location == nbg1
resources:
limits:
cpus: "1.00"
memory: 2048M
reservations:
cpus: "0.25"
memory: 512M
plausible_init:
image: plausible/analytics:v1.4.4
command: sh -c "source /var/run/secrets/plausible_env && sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin"
secrets:
- source: plausible_env
target: plausible_env
uid: '1000'
gid: '1000'
mode: 0400
networks:
- plausible_network
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: "none"
resources:
limits:
cpus: "0.5"
memory: 512M
plausible:
image: plausible/analytics:v1.4.4
command: sh -c "source /var/run/secrets/plausible_env && exec /entrypoint.sh run"
secrets:
- source: plausible_env
target: plausible_env
uid: '1000'
gid: '1000'
mode: 0400
networks:
- plausible_network
- traefik-public
deploy:
mode: replicated
replicas: 1
resources:
limits:
cpus: "1.00"
memory: 2048M
reservations:
cpus: "0.25"
memory: 512M
placement:
constraints:
- node.labels.hetzner_location == nbg1
labels:
- "traefik.docker.network=traefik-public"
- "traefik.enable=true"
- "traefik.http.routers.plausible-frontend.rule=Host(`<base-domain>`)"
- "traefik.http.routers.plausible-frontend.entrypoints=http"
- "traefik.http.services.plausible-frontend.loadbalancer.server.port=8000"
- "traefik.http.routers.plausible-frontend.service=plausible-frontend"
- "traefik.constraint-label=traefik-public"
secrets:
plausible_env:
file: ./secrets/plausible_analytics/plausible-conf.env
configs:
clickhouse_config_xml:
file: ./configs/clickhouse/clickhouse-config.xml
clickhouse_user_config_xml:
file: ./configs/clickhouse/clickhouse-user-config.xml
networks:
plausible_network:
driver: overlay
attachable: true
driver_opts:
encrypted: ""
traefik-public:
external: true
volumes:
db-data:
driver: hetzner-volume
driver_opts:
size: '20'
fstype: ext4
event-data:
driver: hetzner-volume
driver_opts:
size: '20'
fstype: ext4
geoip:
driver: hetzner-volume
driver_opts:
size: '20'
fstype: ext4

2
swarm/secrets/geoip/geoip.conf Normal file
View File

@ -0,0 +1,2 @@
GEOIPUPDATE_ACCOUNT_ID=<your-account-id>
GEOIPUPDATE_LICENSE_KEY=<your-license-key>

6
swarm/secrets/plausible_analytics/plausible-conf.env Normal file
View File

@ -0,0 +1,6 @@
export ADMIN_USER_EMAIL="<admin-user-email>"
export ADMIN_USER_NAME=admin
export ADMIN_USER_PWD="<admin-user-pwd>"
export BASE_URL="https://<base-domain>"
export SECRET_KEY_BASE="<secret-key-base>"
export DATABASE_URL="postgres://plausible:<postgres-password>@postgres.plausible.local:5432/plausible"