feat: ci\cd sutup

.gitlab-ci.yml

@@ -0,0 +1,45 @@
+include:
+  - project: "devops/pena-continuous-integration"
+    file: "/templates/docker/build-template.gitlab-ci.yml"
+  - project: "devops/pena-continuous-integration"
+    file: "/templates/docker/clean-template.gitlab-ci.yml"
+  - project: "devops/pena-continuous-integration"
+    file: "/templates/docker/deploy-template.gitlab-ci.yml"
+stages:
+  - clean
+  - build
+  - deploy
+clear-old-images:
+  extends: .clean_template
+  variables:
+    STAGING_BRANCH: "main"
+    PRODUCTION_BRANCH: "main"
+  image:
+    name: docker/compose:1.28.0
+    entrypoint: [""]
+  before_script:
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker images
+  script:
+    - docker system prune -af
+build-app:
+  extends: .build_template
+  variables:
+    DOCKER_BUILD_PATH: "./Dockerfile"
+    STAGING_BRANCH: "main"
+    PRODUCTION_BRANCH: "main"
+  script:
+    - mkdir -p /kaniko/.docker
+    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
+    - |
+      /kaniko/executor --context $CI_PROJECT_DIR \
+      --cache=true --cache-repo=$CI_REGISTRY_IMAGE \
+      --dockerfile $CI_PROJECT_DIR/$DOCKER_BUILD_PATH --use-new-run --snapshotMode=redo \
+      --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID
+
+deploy-to-staging:
+  extends: .deploy_template
+  variables:
+    DEPLOY_TO: "staging"
+    BRANCH: "main"
+

Dockerfile

@@ -0,0 +1,5 @@
+FROM nginx:latest
+
+COPY privkey.pem /etc/nginx/
+COPY fullchain.pem /etc/nginx/
+COPY default.conf /etc/nginx/conf.d/

compose.yml

@@ -0,0 +1,34 @@
+services:
+  router:
+    image: nginx-proxy
+    ports:
+      - 80:80
+      - 443:443
+    expose:
+      - 80
+      - 443
+    networks:
+      - penahub_frontend
+      - default
+    depends_on:
+      - hub
+      - docs
+  hub:
+    image: hub_front
+    networks:
+      - penahub_frontend
+    hostname: hub
+    restart: always
+    container_name: hub_front
+  docs:
+    image: tmplategen_front
+    networks:
+      - penahub_frontend
+    hostname: docs
+    restart: always
+    container_name: tmplategen_front
+networks:
+  penahub_frontend:
+    driver: bridge
+    attachable:  true
+    internal: true

default.conf

@@ -0,0 +1,27 @@
+server {
+	root /usr/share/nginx/html;
+
+	index index.html index.htm index.nginx-debian.html;
+  server_name _; # managed by Certbot
+	
+  location / {
+    if ($host = hub.pena.digital) {
+        proxy_pass http://hub;
+    }
+    if ($host = docs.pena.digital) {
+        proxy_pass http://docs;
+    }
+	}
+
+  listen [::]:443 ssl ipv6only=on; # managed by Certbot
+  listen 443 ssl; # managed by Certbot
+  ssl_certificate /etc/nginx/fullchain.pem; # managed by Certbot
+  ssl_certificate_key /etc/nginx/privkey.pem; # managed by Certbot
+
+}
+server {
+	listen 80 ;
+	listen [::]:80 ;
+  server_name _;
+  return 301 https://$host$request_uri;
+}

deployments/staging/docker-compose.yaml

@@ -0,0 +1,16 @@
+services:
+  router:
+    container_name: router
+    hostname: router
+    tty: true
+    restart: unless-stopped
+    image: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF.$CI_PIPELINE_ID
+    networks:
+      - marketplace_penahub_frontend
+      - default
+    expose:
+      - 80
+      - 443
+    ports:
+      - 80:80
+      - 443:443

fullchain.pem

@@ -0,0 +1,89 @@
+-----BEGIN CERTIFICATE-----
+MIIExDCCA6ygAwIBAgISBEjYlqTw5ajPvkTWEzM0yeTJMA0GCSqGSIb3DQEBCwUA
+MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
+EwJSMzAeFw0yMzA0MTQxNDMyMzlaFw0yMzA3MTMxNDMyMzhaMBwxGjAYBgNVBAMT
+EWRvY3MucGVuYS5kaWdpdGFsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4I3G
+vaYvMIBRRZlKsATABqpv4wkD2Nxi9i22g2zTgjrIN87aofBZRIWCTVjy8toLHRL3
+HeoOSfmdhrMjvGZh16OCArMwggKvMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU5xYV
+UqcxZzfSiT5quFkAwVdWyLUwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
+wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
+ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgYEGA1Ud
+EQR6MHiCEmFkbWluLnBlbmEuZGlnaXRhbIIRZG9jcy5wZW5hLmRpZ2l0YWyCEGh1
+Yi5wZW5hLmRpZ2l0YWyCEmxpbmtzLnBlbmEuZGlnaXRhbIISb2F1dGgucGVuYS5k
+aWdpdGFsghVzZXJ2aWNlcy5wZW5hLmRpZ2l0YWwwTAYDVR0gBEUwQzAIBgZngQwB
+AgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRz
+ZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwB6MoxU2LcttiDq
+OOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYeAZawHAAAEAwBIMEYCIQDSGIfwMfEp
+pyZ6li2JGf4WR4di3WA1yersp9qe3+uXDgIhANQctG9Tu7c7ChFqObBF87AduNSy
+5eF2m1qIj2YNLmJPAHYA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A
+AAGHgGWr9AAABAMARzBFAiEAs/XbORK5G+MjRTPXJ3C/I9WtRn4kEnuxo/WD4D17
+6W8CIAodR5M1Qva7cTv0znF7+RC5mM99XihDg3lcjLdmYOx1MA0GCSqGSIb3DQEB
+CwUAA4IBAQAAZAWOJ+SfY4PwTszQpHoZ3Wpxg1uG3ZaYVWJJUZDdpGJXtVXF/X8d
+sM86wC5pApdkSFiFK1L/reUmEh5Gp2NmovaFYSq0I5l4cUlkocDeNdTgEqMaMT/c
+PavM6nsS5xtaRPm6znzBMVMcIZfcSeDCOtwLlmPYTv+/FB6MxvRRvh1nnoHio78M
+fFHRx905jFPObRL+Q+10OfXhIesJYl6q+5ujd0CUhLPwRXwZWKn8CrP+iHwsg7FY
+04s+xRqxUnD27Bt2tr3p32DAEUuyiAmJxG5rvQ9+9NKZH630e28SIxz4KxFaYNSG
+1NsEnZuJaFpPYyhgw2qh4ce8KowxnNKY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
+WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
+R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
+sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
+NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
+Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
+/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
+FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
+AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
+Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
+gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
+PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
+ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
+CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
+lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
+avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
+yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
+yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
+hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
+MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
+nLRbwHOoq7hHwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
+ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
+wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
+LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
+4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
+bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
+sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
+Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
+FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
+SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
+PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
+TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
+c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
++tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
+ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
+b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
+U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
+MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
+5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
+9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
+WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
+he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
+Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
+-----END CERTIFICATE-----

privkey.pem

@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNXo5IgUTHYAB8RS9
+b4zCMJ/KLe9BEldFisu1I/f/r9yhRANCAATgjca9pi8wgFFFmUqwBMAGqm/jCQPY
+3GL2LbaDbNOCOsg3ztqh8FlEhYJNWPLy2gsdEvcd6g5J+Z2GsyO8ZmHX
+-----END PRIVATE KEY-----