Completed Runner config

Development/Runners/docker-compose.yml

@@ -1,14 +1,34 @@
 version: "3.8"
 services:
+  # Runner
   runner:
     image: gitea/act_runner:latest
+    container_name: gitea_runner
+    volumes:
+      - ./config.yaml:/config.yaml
+      - ./gitea_runner:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - proxy
     environment:
       CONFIG_FILE: /config.yaml
       GITEA_INSTANCE_URL: "git.luke-else.co.uk"
       GITEA_RUNNER_REGISTRATION_TOKEN: "INSERT REGISTRATION TOKEN"
-      GITEA_RUNNER_NAME: "Action Runner"
+      GITEA_RUNNER_NAME: "CICD"
-      GITEA_RUNNER_LABELS: ""
+    labels:
-    volumes:
+      ## Expose cicd Through Trefik ##
-      - ./config.yaml:/config.yaml
+      - "traefik.enable=true" # <== Enable traefik to proxy this container
-      - ./data:/data
+
-      - /var/run/docker.sock:/var/run/docker.sock
+      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
+      - "traefik.http.routers.cicd-insecure.middlewares=redirect-web-secure"
+      - "traefik.http.routers.cicd-insecure.rule=Host(`cicd.luke-else.co.uk`)"
+      - "traefik.http.routers.cicd-insecure.entrypoints=web"
+
+      - "traefik.http.routers.cicd.rule=Host(`cicd.luke-else.co.uk`)"
+      - "traefik.http.routers.cicd.entrypoints=websecure"
+      - "traefik.http.routers.cicd.tls.certresolver=myresolver"
+    restart: unless-stopped
+
+networks:
+  proxy:
+    external: true

cicd-spindown.sh

@@ -0,0 +1,11 @@
+#Script file for spinning down all CICD relevant docker-containers
+    cd ./Development/Runners/
+    docker-compose down
+    cd ../..
+
+cd ./Traefik/
+docker-compose down
+cd ..
+
+docker rmi $(docker images -q)
+docker system prune

main-spinup.sh

@@ -0,0 +1,25 @@
+#Script file for spinning up all docker-containers
+
+cd ./Traefik/
+docker-compose pull && docker-compose up -d
+cd ..
+
+cd ./Websites/
+docker-compose pull && docker-compose up -d
+cd ..
+
+    cd ./Development/Gitea/
+    docker-compose pull && docker-compose up -d
+    cd ../..
+
+cd ./Database/
+docker-compose pull && docker-compose up -d
+cd ..
+
+cd ./Bitwarden/
+docker-compose pull && docker-compose up -d
+cd ..
+
+cd ./Misc/
+docker-compose pull && docker-compose up -d
+cd ..

todo.md

@@ -1,35 +1,45 @@
 # ToDo Items
 
 ## General
+
 - Setup non root user
 - UFW should be setup to keep VPS secure and only allow for:
-    - https
+   - https
-    - http
+   - http
-    - ssh
+   - ssh
-    - ftp
+   - ftp
-    - 27017
+   - 27017
-    - 3306
+   - 3306
+
 - Install SSH keys
 - Setup unattended upgrades
 - Install docker, docker-compose and apache utils.
 
-
 ## Traefik
-- Setup htaccess -> ``` echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g ```
+
+- Setup htaccess -> `echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g`
 - Ensure email address is correct
 
 ## Gitea
+
 - Ensure that ports are assigned correctly for the system
 
+# Gitea Runner
+
+- Ensure that a registration token has been setup before continuing
+
 ## Websites
+
 - Ensure website files are copied over
 - Ensure that ports are assigned correctly for the system
 
 ## Bitwarden
+
 - Ensure that all data is fully encrypted during transfer.
 - Ensure that ports are assigned correctly for the system
 
 ## Database
+
 - Ensure that mysql root password, user and default database are updated.
 - Ensure that mongo root password, and user are updated.
 - Ensure database ports are correctly assigned and do not have to pass through traefik.