GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → revolunet → gitlab-docker-rancher-letsencrypt-setup

revolunet / gitlab-docker-rancher-letsencrypt-setup

Licence: other
Automated private dev environment with docker, gitlab CI/CD...

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

letsencryptdockernginxgitlabrancher

Projects that are alternatives of or similar to gitlab-docker-rancher-letsencrypt-setup

Crane
⬆ A GitLab CI ready image to upgrade services in Rancher
Stars: ✭ 90 (+500%)
Mutual labels:  gitlab, rancher
Rancher Lets Encrypt
Automatically create and manage certificates in Rancher using Let's Encrypt webroot verification via a minimal service
Stars: ✭ 88 (+486.67%)
Mutual labels:  letsencrypt, rancher
Rancher Letsencrypt
🐮 Rancher service that obtains and manages free SSL certificates from the Let's Encrypt CA
Stars: ✭ 318 (+2020%)
Mutual labels:  letsencrypt, rancher
Gitlab Ci Stack
Full CI pipeline project based on Gitlab & Gitlab CI running Docker, completely automated setup by Vagrant & Ansible, providing Let´s Encrypt certificates for private Servers, multiple Gitlab-Runners and the Gitlab Container Registry, incl. GitLab Pages
Stars: ✭ 146 (+873.33%)
Mutual labels:  letsencrypt, gitlab
Gitlab Docker Letsencrypt
Gitlab CE + Docker Compose + Let's Encrypt (auto generate/renew)
Stars: ✭ 22 (+46.67%)
Mutual labels:  letsencrypt, gitlab
mypaas
MyPaas is an Ansible playbook for startups or small companies which want to build a modern and fully automated infrastructure.
Stars: ✭ 24 (+60%)
Mutual labels:  letsencrypt, gitlab
letsencrypt-dcos
Let's Encrypt DC/OS!
Stars: ✭ 39 (+160%)
Mutual labels:  letsencrypt
hej
Hej! is a simple authentication boilerplate for Socialite.
Stars: ✭ 111 (+640%)
Mutual labels:  gitlab
godot-cpp-ci
Docker image and Github Actions to automatically compile Godot C++ GDNative libraries.
Stars: ✭ 21 (+40%)
Mutual labels:  gitlab
Attribouter
A lightweight "about screen" library to allow quick but customizable attribution in Android apps.
Stars: ✭ 117 (+680%)
Mutual labels:  gitlab
k8s-knative-gitlab-harbor
Build container images with Knative + Gitlab + Harbor inside Kops cluster running on AWS
Stars: ✭ 23 (+53.33%)
Mutual labels:  gitlab
gitlab-configuration-as-code
Manage GitLab configuration as code to make GitLab easily managable, traceable and reproducible.
Stars: ✭ 31 (+106.67%)
Mutual labels:  gitlab
monitoring-rancher
🤠How to Set up Rancher Server Monitoring with TIG Stack?
Stars: ✭ 22 (+46.67%)
Mutual labels:  rancher
munin-plugins-gitlab
Munin-plugins for monitoring a GitLab instance
Stars: ✭ 27 (+80%)
Mutual labels:  gitlab
acme
Go client library implementation for ACME v2 (RFC8555)
Stars: ✭ 77 (+413.33%)
Mutual labels:  letsencrypt
gitlab-panorama
Visualize the latest pipeline-states for your repositories and branches
Stars: ✭ 24 (+60%)
Mutual labels:  gitlab
certbot-dns-ovh
Certbot plugin to respond to DNS-01 challenges by updating the zone.
Stars: ✭ 20 (+33.33%)
Mutual labels:  letsencrypt
letsencrypt-manual-hook
Allows you to use dehydrated (a Let's Encrypt/Acme Client) and DNS challenge response with a DNS provider that requires manual intervention
Stars: ✭ 61 (+306.67%)
Mutual labels:  letsencrypt
shards-info
Source code of https://shards.info/
Stars: ✭ 32 (+113.33%)
Mutual labels:  gitlab
infraverse
Infrastructure Platforms and Applications Comparison
Stars: ✭ 77 (+413.33%)
Mutual labels:  gitlab
View All Similar Projects ➔

GitLab + docker + LetsEncrypt CI/CD

This guide will help you setup a full automated private dev environment with continuous integration and deployment infrastructure, using open-source tools.

The host machine just needs docker, in which all containers will be instantiated.

You'll need a wildcard domain alias pointing to your host machine, so your apps can be deployed on *.your.domain.com.

⚠️ if you want to deploy your apps with https, the main host must be accessible from the internet via http to allow the initial LetsEncrypt ACME challenge verification.

⚠️ we assume this is a private infra so the setup security is not addressed. Please do submit issues if you have suggestions.

Features

  • GitLab : store your code, run pipelines
  • Docker : runs all containers
  • Rancher : docker infrastructure supervision
  • LetsEncrypt : automagically get SSL certs for your deployments when needed
  • nginx : ReverseProxy for your published containers

Sample project

We'll use the sample NodeJS application in the app folder.

The app has a .gitlab-ci.yml that use GitLab CI :

  • run JEST tests on the code
  • run prettier-check
  • run code coverage
  • build a docker image
  • publish docker image to registry
  • deploy the docker image in our infra for review
  • optionnaly generate LetsEncrypt SSL certs

./pipeline.png

Initial Setup

I broke the infra in several containers groups

nginx RP

Use docker-compose-nginx.yml to create containers for the nginx proxy. We use letsencrypt-nginx-proxy-companion that automate the nginx vhosts configuration and create SSL certs as needed.

Once the containers are ready, you can add containers to your infra just like this :

docker run -d \
  --name example-app \
  -e "VIRTUAL_HOST=whoami.test.revolunet.com" \
  -e "VIRTUAL_PORT=8000" \
  -e "LETSENCRYPT_HOST=whoami.test.revolunet.com" \
  -e "[email protected]" \
  --network="nginx-proxy" \
  jwilder/whoami

This will make https://whoami.test.revolunet.com available, with SSL certs from LetsEncrypt. Just remove the LETSENCRYPT_* variables if you dont need SSL.

You need to have nginx.tmpl file in the host /root/docker/nginx.tmpl.

gitlab

Use docker-compose-gitlab.yml to create containers for GitLab, gitlab-runner and a docker registry.

You then need to register the gitlab runner :

  • open GitLab admin page to get the runner endpoint and token
  • register the runner to GitLab from the host : docker exec -it gitlab-runner gitlab-runner register

⚠️ as our main host may have port 22 used for its own SSH, we need to use another port for the GitLab ssh, where devs will push their code. Here we use port 24, so devs needs to add this to their ~/ssh/config :

host gitlab.your.domain.nom
  hostname gitlab.your.domain.nom
  user git
  port 24

now, a single git push will hit GitLab and trigger CI/CD when .gitlab-ci.yml is present.

rancher

Use docker-compose-rancher.yml to create the rancher container.

You can then use the Rancher UI to monitor your infrastructure, deploy new containers...

Todo :

  • add prometheus performance regression monitoring
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].