greyn/deployment
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Page: 1 click service
Pages
1 click service Home Requirements
1 1 click service
adam edited this page 2024-11-13 22:59:52 -05:00
Unescape Escape
Table of Contents
This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

1-click service

  1. decide project name
  2. decide target system
  3. create Gitea project (from Service template)
  4. jenkinsfile in gitea project - deploy on target system
  5. create service account on target system. hint: loginctl enable-linger $USER
  6. create/enable/start user service. hint: https://superuser.com/a/1028180/144827, you'll want WantedBy=default.target

a systemd unit

[Unit]
Description=Transmission BitTorrent Daemon
After=network-online.target

[Service]
Type=simple
ExecStart=/usr/local/bin/transmission-daemon --config-dir /path/to/config/transmission-daemon -f --log-error
ExecReload=/bin/kill -s HUP $MAINPID
NoNewPrivileges=true

[Install]
WantedBy=default.target

create a user with bash

create_user() {
    username=$1
    password=$2

    # Create the user with the specified username
    sudo useradd -m -s /bin/bash $username

    # Set the user's password
    echo "$username:$password" | sudo chpasswd

    echo "User '$username' has been created with the password '$password'"
}

fyi: you will need sudo. it's creating a new account on the system, of course you do.

jenkins creds

CRUMB=$(curl -s 'http://admin:[APITOKEN]@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
echo $CRUMB
curl -H $CRUMB -X POST 'http://admin:[APITOKEN]@alloces.lan:8080/job/gitea.arg.rip/job/franz/credentials/store/folder/domain/greyn%20services/createCredentials' \
--data-urlencode 'json={
  "": "0",
  "credentials": {
    "scope": "GLOBAL",
    "id": "identification",
    "username": "manu",
    "password": "bar",
    "description": "linda",
    "$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
  }
}'

fyi, let's break down the url: http://admin:[APITOKEN]@alloces.lan:8080/job/gitea.arg.rip/credentials/store/folder/domain/greyn%20services/createCredentials

  • APITOKEN - there's one in keepass
  • http://user:token@jenkinshost:8080/ I think that's curl basic auth. fear dot jay peg.
  • the fuck is a crumb? idk, extra authorization. Jenkins wants it.
  • /job/gitea.arg.rip/job/franz - you could use the above for a global credential, if you want. This way it's stored specifically under franz, which is under gitea.arg.rip
  • /credentials/store jenkins API shit generally isn't under like, jenkinsshit.gre.yn/api; it's the same as where you view the web page. head explodes sarcastically what a concept. Automatic documentation since before Swagger was a thing. that's hilarious *pats self on back*, but fuck knows how I was supposed to find the word (and spelling) createCredentials.
  • /folder/domain/greyn%20services/ - imo ought to be with /job/gitea.arg.rip. it's like another parameter, this is the "domain". what is a domain? fuck knows, tbh.
  • createCredentials - found via google search. no idea what others would be. https://stackoverflow.com/a/38314286

jenkinsfile deployment hints

stage (Deploy) {
    sh ssh user@server rm -rf /var/www/temp_deploy/dist/
    sh ssh user@server mkdir -p /var/www/temp_deploy
    sh scp -r dist user@server:/var/www/temp_deploy/dist/
    sh ssh user@server “rm -rf /var/www/example.com/dist/ && mv /var/www/temp_deploy/dist/ /var/www/example.com/”’
}