add swarm deployment
This commit is contained in:
parent
f768205710
commit
d12a687f12
|
@ -0,0 +1,35 @@
|
|||
# How to deploy
|
||||
|
||||
This deployment uses docker-stack-deploy to make secret and configuration management easier. See https://github.com/neuroforgede/docker-stack-deploy.
|
||||
|
||||
This assumes you have a Docker swarm running. Once set up, you will need a
|
||||
traefik instance configured to work with constraint `traefik-public` and a network `traefik-public`.
|
||||
|
||||
This also expects encryption to be handled outside of docker swarm by a LB that has access to the Swarm.
|
||||
|
||||
Also, Geo-IP is not supported yet (but being worked on).
|
||||
|
||||
## 1. Adapt passwords in plausible
|
||||
|
||||
Admin users are users that are allowed to create new passwords.
|
||||
To manage these users, simply adapt the file `secrets/admin_users.sh`
|
||||
|
||||
## 2. Adapt values in swarm/secrets/plausible_analytics/plausible-conf.env
|
||||
|
||||
Replace all variables with `<placeholders>` according to your needs.
|
||||
|
||||
## 3. Adapt values in swarm/plausible.yml
|
||||
|
||||
Replace all variables with `<placeholders>` according to your needs.
|
||||
|
||||
## 4. Run deploy
|
||||
|
||||
```
|
||||
bash deploy.sh
|
||||
```
|
||||
|
||||
## 5. Use it
|
||||
|
||||
You can now find your plausible application under the domain you configured in `swarm/secrets/plausible_analytics/plausible-conf.env`.
|
||||
|
||||
Creating new passwords will require the login from login from `swarm/secrets/plausible_analytics/plausible-conf.env`.
|
|
@ -0,0 +1,14 @@
|
|||
<yandex>
|
||||
<logger>
|
||||
<level>warning</level>
|
||||
<console>true</console>
|
||||
</logger>
|
||||
|
||||
<!-- Stop all the unnecessary logging -->
|
||||
<query_thread_log remove="remove"/>
|
||||
<query_log remove="remove"/>
|
||||
<text_log remove="remove"/>
|
||||
<trace_log remove="remove"/>
|
||||
<metric_log remove="remove"/>
|
||||
<asynchronous_metric_log remove="remove"/>
|
||||
</yandex>
|
|
@ -0,0 +1,8 @@
|
|||
<yandex>
|
||||
<profiles>
|
||||
<default>
|
||||
<log_queries>0</log_queries>
|
||||
<log_query_threads>0</log_query_threads>
|
||||
</default>
|
||||
</profiles>
|
||||
</yandex>
|
|
@ -0,0 +1,2 @@
|
|||
#!/bin/bash
|
||||
docker-sdp stack deploy -c plausible.yml plausible
|
|
@ -0,0 +1,162 @@
|
|||
version: "3.3"
|
||||
services:
|
||||
mail:
|
||||
image: bytemark/smtp
|
||||
networks:
|
||||
- plausible_network
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
|
||||
plausible_db:
|
||||
image: postgres:12
|
||||
networks:
|
||||
plausible_network:
|
||||
aliases:
|
||||
- postgres.plausible.local
|
||||
volumes:
|
||||
- db-data:/data/postgres
|
||||
environment:
|
||||
- POSTGRES_PASSWORD=<postgres-password>
|
||||
- PGDATA=/data/postgres/pgdata
|
||||
- POSTGRES_USER=plausible
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
placement:
|
||||
constraints:
|
||||
- node.labels.hetzner_location == nbg1
|
||||
resources:
|
||||
limits:
|
||||
cpus: "1.00"
|
||||
memory: 2048M
|
||||
reservations:
|
||||
cpus: "0.25"
|
||||
memory: 512M
|
||||
|
||||
plausible_events_db:
|
||||
image: clickhouse/clickhouse-server:22.5.3.21
|
||||
networks:
|
||||
- plausible_network
|
||||
configs:
|
||||
- source: clickhouse_config_xml
|
||||
target: /etc/clickhouse-server/config.d/logging.xml
|
||||
uid: "1000"
|
||||
gid: "1000"
|
||||
mode: 0444
|
||||
- source: clickhouse_user_config_xml
|
||||
target: /etc/clickhouse-server/users.d/logging.xml
|
||||
uid: "1000"
|
||||
gid: "1000"
|
||||
mode: 0444
|
||||
volumes:
|
||||
- event-data:/var/lib/clickhouse
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
placement:
|
||||
constraints:
|
||||
- node.labels.hetzner_location == nbg1
|
||||
resources:
|
||||
limits:
|
||||
cpus: "1.00"
|
||||
memory: 2048M
|
||||
reservations:
|
||||
cpus: "0.25"
|
||||
memory: 512M
|
||||
|
||||
plausible_init:
|
||||
image: plausible/analytics:v1.4.4
|
||||
command: sh -c "source /var/run/secrets/plausible_env && sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin"
|
||||
secrets:
|
||||
- source: plausible_env
|
||||
target: plausible_env
|
||||
uid: '1000'
|
||||
gid: '1000'
|
||||
mode: 0400
|
||||
networks:
|
||||
- plausible_network
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
condition: "none"
|
||||
resources:
|
||||
limits:
|
||||
cpus: "0.5"
|
||||
memory: 512M
|
||||
|
||||
plausible:
|
||||
image: plausible/analytics:v1.4.4
|
||||
command: sh -c "source /var/run/secrets/plausible_env && exec /entrypoint.sh run"
|
||||
secrets:
|
||||
- source: plausible_env
|
||||
target: plausible_env
|
||||
uid: '1000'
|
||||
gid: '1000'
|
||||
mode: 0400
|
||||
networks:
|
||||
- plausible_network
|
||||
- traefik-public
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
resources:
|
||||
limits:
|
||||
cpus: "1.00"
|
||||
memory: 2048M
|
||||
reservations:
|
||||
cpus: "0.25"
|
||||
memory: 512M
|
||||
placement:
|
||||
constraints:
|
||||
- node.labels.hetzner_location == nbg1
|
||||
|
||||
labels:
|
||||
- "traefik.docker.network=traefik-public"
|
||||
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.plausible-frontend.rule=Host(`<base-domain>`)"
|
||||
- "traefik.http.routers.plausible-frontend.entrypoints=http"
|
||||
- "traefik.http.services.plausible-frontend.loadbalancer.server.port=8000"
|
||||
- "traefik.http.routers.plausible-frontend.service=plausible-frontend"
|
||||
|
||||
- "traefik.constraint-label=traefik-public"
|
||||
|
||||
secrets:
|
||||
plausible_env:
|
||||
file: ./secrets/plausible_analytics/plausible-conf.env
|
||||
|
||||
configs:
|
||||
clickhouse_config_xml:
|
||||
file: ./configs/clickhouse/clickhouse-config.xml
|
||||
|
||||
clickhouse_user_config_xml:
|
||||
file: ./configs/clickhouse/clickhouse-user-config.xml
|
||||
|
||||
|
||||
networks:
|
||||
plausible_network:
|
||||
driver: overlay
|
||||
attachable: true
|
||||
driver_opts:
|
||||
encrypted: ""
|
||||
traefik-public:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
db-data:
|
||||
driver: hetzner-volume
|
||||
driver_opts:
|
||||
size: '20'
|
||||
fstype: ext4
|
||||
event-data:
|
||||
driver: hetzner-volume
|
||||
driver_opts:
|
||||
size: '20'
|
||||
fstype: ext4
|
||||
geoip:
|
||||
driver: hetzner-volume
|
||||
driver_opts:
|
||||
size: '20'
|
||||
fstype: ext4
|
|
@ -0,0 +1,2 @@
|
|||
GEOIPUPDATE_ACCOUNT_ID=<your-account-id>
|
||||
GEOIPUPDATE_LICENSE_KEY=<your-license-key>
|
|
@ -0,0 +1,6 @@
|
|||
export ADMIN_USER_EMAIL="<admin-user-email>"
|
||||
export ADMIN_USER_NAME=admin
|
||||
export ADMIN_USER_PWD="<admin-user-pwd>"
|
||||
export BASE_URL="https://<base-domain>"
|
||||
export SECRET_KEY_BASE="<secret-key-base>"
|
||||
export DATABASE_URL="postgres://plausible:<postgres-password>@postgres.plausible.local:5432/plausible"
|
Loading…
Reference in New Issue