-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathTaskfile.yml
110 lines (99 loc) · 3.37 KB
/
Taskfile.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
version: "3"
vars:
RUNNER_IMAGE_NAME: gaiax-runner
RUNNER_ALIAS: gaia-x
# Create a dotenv .env file in the root folder
# to override the default values defined in .env.default
dotenv: [.env, .env.default]
includes:
common:
taskfile: Taskfile.common.yml
flatten: true
tasks:
check-sudo:
internal: true
desc: Check if the user is root
cmds:
- >
if [ "$(id -u)" != "0" ]; then
echo "This task must be run as root. Please use sudo."
exit 1
fi
chown-certs:
internal: true
desc: Change the owner of the certs and static root folders to the current user
deps:
- check-sudo
cmds:
- chown -R $(logname):$(id -gn $(logname)) {{.CERTS_DIR}}
- chown -R $(logname):$(id -gn $(logname)) {{.STATIC_ROOT}}
get-certs:
desc: Get the SSL certificates from Let's Encrypt
deps:
- check-sudo
cmds:
- >
docker run -it --rm -p 80:80
-v "/etc/letsencrypt:/etc/letsencrypt"
-v "/var/lib/letsencrypt:/var/lib/letsencrypt"
{{.CERTBOT_IMAGE}}
--preferred-chain="ISRG Root X1"
certonly
--standalone -n --agree-tos --key-type rsa --email {{.CERTBOT_EMAIL}} -d {{.CERTBOT_DOMAIN}}
- task: append-root-cert
- task: chown-certs
start-webserver:
internal: true
desc: Start the NGINX web server
cmds:
- cmd: docker stop {{.NGINX_CONTAINER_NAME}}
ignore_error: true
- cmd: docker rm -f {{.NGINX_CONTAINER_NAME}}
ignore_error: true
- >
docker run -d -p 443:443
--restart unless-stopped
--name {{.NGINX_CONTAINER_NAME}}
-v {{.ROOT_DIR}}/ssl.conf:/etc/nginx/conf.d/ssl.conf
-v {{.CERTS_DIR}}/privkey.pem:/etc/nginx/certs/key.pem
-v {{.CERTS_DIR}}/fullchain.pem:/etc/nginx/certs/cert.pem
-v {{.STATIC_ROOT}}:/usr/share/nginx/html/
nginx:{{.NGINX_IMAGE_TAG}}
stop-webserver:
internal: true
desc: Stop the NGINX web server
cmds:
- docker stop {{.NGINX_CONTAINER_NAME}}
- docker rm -f {{.NGINX_CONTAINER_NAME}}
build-credential-server-image:
desc: Build an image that serves the Gaia-X Self-Descriptions and refreshes the compliance proofs on startup
cmds:
- docker build -f Dockerfile.server -t {{.CREDENTIAL_SERVER_IMAGE_NAME}} .
- |
printf 'Run the container with:\n\n'
printf 'docker run -it --rm -p 443:443 {{.CREDENTIAL_SERVER_IMAGE_NAME}}'
build-runner-image:
desc: Build a container image with all required dependencies to run the tasks
cmds:
- docker build -f {{.ROOT_DIR}}/Dockerfile -t {{.RUNNER_IMAGE_NAME}} {{.ROOT_DIR}}
build-show-runner-alias:
desc: Print a shell alias command for the task runner container
silent: true
deps:
- build-runner-image
vars:
VOLUMES:
- "{{.ROOT_DIR}}/.env:/app/.env"
- "{{.STATIC_ROOT}}:/app/htdocs"
- "{{.CERTS_DIR}}:/app/certs"
- "{{.ROOT_DIR}}:/out"
VOLUMES_ARGS:
sh: |
{{- range .VOLUMES }}
printf " -v '{{.}}'"
{{- end }}
cmds:
# Ensure the .env file exists
- test -f {{.ROOT_DIR}}/.env || touch {{.ROOT_DIR}}/.env
- printf "📋 Copy and paste the following command to create the alias:\n\n"
- printf "alias {{.RUNNER_ALIAS}}='docker run --rm -it -p 80:80 -p 443:443 {{.VOLUMES_ARGS}} {{.RUNNER_IMAGE_NAME}}'"