add swarm deployment
This commit is contained in:
parent
f768205710
commit
d12a687f12
|
@ -0,0 +1,35 @@
|
||||||
|
# How to deploy
|
||||||
|
|
||||||
|
This deployment uses docker-stack-deploy to make secret and configuration management easier. See https://github.com/neuroforgede/docker-stack-deploy.
|
||||||
|
|
||||||
|
This assumes you have a Docker swarm running. Once set up, you will need a
|
||||||
|
traefik instance configured to work with constraint `traefik-public` and a network `traefik-public`.
|
||||||
|
|
||||||
|
This also expects encryption to be handled outside of docker swarm by a LB that has access to the Swarm.
|
||||||
|
|
||||||
|
Also, Geo-IP is not supported yet (but being worked on).
|
||||||
|
|
||||||
|
## 1. Adapt passwords in plausible
|
||||||
|
|
||||||
|
Admin users are users that are allowed to create new passwords.
|
||||||
|
To manage these users, simply adapt the file `secrets/admin_users.sh`
|
||||||
|
|
||||||
|
## 2. Adapt values in swarm/secrets/plausible_analytics/plausible-conf.env
|
||||||
|
|
||||||
|
Replace all variables with `<placeholders>` according to your needs.
|
||||||
|
|
||||||
|
## 3. Adapt values in swarm/plausible.yml
|
||||||
|
|
||||||
|
Replace all variables with `<placeholders>` according to your needs.
|
||||||
|
|
||||||
|
## 4. Run deploy
|
||||||
|
|
||||||
|
```
|
||||||
|
bash deploy.sh
|
||||||
|
```
|
||||||
|
|
||||||
|
## 5. Use it
|
||||||
|
|
||||||
|
You can now find your plausible application under the domain you configured in `swarm/secrets/plausible_analytics/plausible-conf.env`.
|
||||||
|
|
||||||
|
Creating new passwords will require the login from login from `swarm/secrets/plausible_analytics/plausible-conf.env`.
|
|
@ -0,0 +1,14 @@
|
||||||
|
<yandex>
|
||||||
|
<logger>
|
||||||
|
<level>warning</level>
|
||||||
|
<console>true</console>
|
||||||
|
</logger>
|
||||||
|
|
||||||
|
<!-- Stop all the unnecessary logging -->
|
||||||
|
<query_thread_log remove="remove"/>
|
||||||
|
<query_log remove="remove"/>
|
||||||
|
<text_log remove="remove"/>
|
||||||
|
<trace_log remove="remove"/>
|
||||||
|
<metric_log remove="remove"/>
|
||||||
|
<asynchronous_metric_log remove="remove"/>
|
||||||
|
</yandex>
|
|
@ -0,0 +1,8 @@
|
||||||
|
<yandex>
|
||||||
|
<profiles>
|
||||||
|
<default>
|
||||||
|
<log_queries>0</log_queries>
|
||||||
|
<log_query_threads>0</log_query_threads>
|
||||||
|
</default>
|
||||||
|
</profiles>
|
||||||
|
</yandex>
|
|
@ -0,0 +1,2 @@
|
||||||
|
#!/bin/bash
|
||||||
|
docker-sdp stack deploy -c plausible.yml plausible
|
|
@ -0,0 +1,162 @@
|
||||||
|
version: "3.3"
|
||||||
|
services:
|
||||||
|
mail:
|
||||||
|
image: bytemark/smtp
|
||||||
|
networks:
|
||||||
|
- plausible_network
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 1
|
||||||
|
|
||||||
|
plausible_db:
|
||||||
|
image: postgres:12
|
||||||
|
networks:
|
||||||
|
plausible_network:
|
||||||
|
aliases:
|
||||||
|
- postgres.plausible.local
|
||||||
|
volumes:
|
||||||
|
- db-data:/data/postgres
|
||||||
|
environment:
|
||||||
|
- POSTGRES_PASSWORD=<postgres-password>
|
||||||
|
- PGDATA=/data/postgres/pgdata
|
||||||
|
- POSTGRES_USER=plausible
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 1
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.labels.hetzner_location == nbg1
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpus: "1.00"
|
||||||
|
memory: 2048M
|
||||||
|
reservations:
|
||||||
|
cpus: "0.25"
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
|
plausible_events_db:
|
||||||
|
image: clickhouse/clickhouse-server:22.5.3.21
|
||||||
|
networks:
|
||||||
|
- plausible_network
|
||||||
|
configs:
|
||||||
|
- source: clickhouse_config_xml
|
||||||
|
target: /etc/clickhouse-server/config.d/logging.xml
|
||||||
|
uid: "1000"
|
||||||
|
gid: "1000"
|
||||||
|
mode: 0444
|
||||||
|
- source: clickhouse_user_config_xml
|
||||||
|
target: /etc/clickhouse-server/users.d/logging.xml
|
||||||
|
uid: "1000"
|
||||||
|
gid: "1000"
|
||||||
|
mode: 0444
|
||||||
|
volumes:
|
||||||
|
- event-data:/var/lib/clickhouse
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 1
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.labels.hetzner_location == nbg1
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpus: "1.00"
|
||||||
|
memory: 2048M
|
||||||
|
reservations:
|
||||||
|
cpus: "0.25"
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
|
plausible_init:
|
||||||
|
image: plausible/analytics:v1.4.4
|
||||||
|
command: sh -c "source /var/run/secrets/plausible_env && sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin"
|
||||||
|
secrets:
|
||||||
|
- source: plausible_env
|
||||||
|
target: plausible_env
|
||||||
|
uid: '1000'
|
||||||
|
gid: '1000'
|
||||||
|
mode: 0400
|
||||||
|
networks:
|
||||||
|
- plausible_network
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 1
|
||||||
|
restart_policy:
|
||||||
|
condition: "none"
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpus: "0.5"
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
|
plausible:
|
||||||
|
image: plausible/analytics:v1.4.4
|
||||||
|
command: sh -c "source /var/run/secrets/plausible_env && exec /entrypoint.sh run"
|
||||||
|
secrets:
|
||||||
|
- source: plausible_env
|
||||||
|
target: plausible_env
|
||||||
|
uid: '1000'
|
||||||
|
gid: '1000'
|
||||||
|
mode: 0400
|
||||||
|
networks:
|
||||||
|
- plausible_network
|
||||||
|
- traefik-public
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 1
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpus: "1.00"
|
||||||
|
memory: 2048M
|
||||||
|
reservations:
|
||||||
|
cpus: "0.25"
|
||||||
|
memory: 512M
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.labels.hetzner_location == nbg1
|
||||||
|
|
||||||
|
labels:
|
||||||
|
- "traefik.docker.network=traefik-public"
|
||||||
|
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.plausible-frontend.rule=Host(`<base-domain>`)"
|
||||||
|
- "traefik.http.routers.plausible-frontend.entrypoints=http"
|
||||||
|
- "traefik.http.services.plausible-frontend.loadbalancer.server.port=8000"
|
||||||
|
- "traefik.http.routers.plausible-frontend.service=plausible-frontend"
|
||||||
|
|
||||||
|
- "traefik.constraint-label=traefik-public"
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
plausible_env:
|
||||||
|
file: ./secrets/plausible_analytics/plausible-conf.env
|
||||||
|
|
||||||
|
configs:
|
||||||
|
clickhouse_config_xml:
|
||||||
|
file: ./configs/clickhouse/clickhouse-config.xml
|
||||||
|
|
||||||
|
clickhouse_user_config_xml:
|
||||||
|
file: ./configs/clickhouse/clickhouse-user-config.xml
|
||||||
|
|
||||||
|
|
||||||
|
networks:
|
||||||
|
plausible_network:
|
||||||
|
driver: overlay
|
||||||
|
attachable: true
|
||||||
|
driver_opts:
|
||||||
|
encrypted: ""
|
||||||
|
traefik-public:
|
||||||
|
external: true
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
db-data:
|
||||||
|
driver: hetzner-volume
|
||||||
|
driver_opts:
|
||||||
|
size: '20'
|
||||||
|
fstype: ext4
|
||||||
|
event-data:
|
||||||
|
driver: hetzner-volume
|
||||||
|
driver_opts:
|
||||||
|
size: '20'
|
||||||
|
fstype: ext4
|
||||||
|
geoip:
|
||||||
|
driver: hetzner-volume
|
||||||
|
driver_opts:
|
||||||
|
size: '20'
|
||||||
|
fstype: ext4
|
|
@ -0,0 +1,2 @@
|
||||||
|
GEOIPUPDATE_ACCOUNT_ID=<your-account-id>
|
||||||
|
GEOIPUPDATE_LICENSE_KEY=<your-license-key>
|
|
@ -0,0 +1,6 @@
|
||||||
|
export ADMIN_USER_EMAIL="<admin-user-email>"
|
||||||
|
export ADMIN_USER_NAME=admin
|
||||||
|
export ADMIN_USER_PWD="<admin-user-pwd>"
|
||||||
|
export BASE_URL="https://<base-domain>"
|
||||||
|
export SECRET_KEY_BASE="<secret-key-base>"
|
||||||
|
export DATABASE_URL="postgres://plausible:<postgres-password>@postgres.plausible.local:5432/plausible"
|
Loading…
Reference in New Issue