1.8 KiB
Container
This project contains my personal docker compose configurations.
Operating principle:
Changes in this repo get pushed to a bare repo on dmeiburg.de. Whenever a push is received a post-receive hook runs.
The post-receive hook then:
- deploys the code into a working directory
- decrypts .env.gpg files
- restarts stacks with changed compose files
The env files are encrypted for key@dmeiburg.de and server@dmeiburg.de.
Server setup
# create bare repo on dm@dmeiburg.de
mkdir -p git/container.git
cd git/container.git
git init --bare
# create and checkout working dir
cd && git clone ~/git/container.git
cd ~/container && git checkout main # might not be needed or needs to be master
# install the post receive hook, by using this command on the local machine
# whenever the hook is edited, this command has to be used again
scp post-receive dm@dmeiburg:~/git/container.git/hooks/
Local setup
# add bare repo as remote on local machine
git remote add dmeiburg ssh://dm@dmeiburg.de:/dm/git/container.git
Encrypting .env files
To encrypt an .env files, the following command is used:
$ gpg -er key@dmeiburg.de -r dm@dmeiburg.de .env
It's assumed dm@dmeiburg.de is a public gpg key for the server.
Deployment
git push dmeiburg
If necessary the post-receive hook has to be updated via scp.
Troubleshooting
If this setup is recreated there might be an issue with the bare repo on the
server assuming that we are using a master branch, when we instead have a
main branch. This issue might present itself, if the post-receive hook outputs
remote: fatal: You are on a branch yet to be born
We can fix this by editing the HEAD file in the bare repo to contain this line:
ref: refs/heads/main > HEAD