6.6 KiB
6.6 KiB
CI/CD Infrastructure Plan - Proxmox
ARCH:OVERVIEW
[DEV] → [Git Server] → [CI/CD] → [Registry] → [Portainer] → [MikroTik Bot]
QUICK:START
cd infra/
chmod +x *.sh
./deploy-all.sh
Результат: Полная CI/CD инфраструктура за 10 минут!
VMs/LXC:SETUP
1. Git Server (LXC)
- OS: Ubuntu 22.04 LXC
- Memory: 2GB RAM, 20GB disk
- Service: Gitea (lightweight GitHub alternative)
- Features:
- Web UI для управления репозиториями
- Webhook support для CI/CD
- Built-in Actions (CI/CD)
- Issues, PRs, Wiki
2. CI/CD + Registry (LXC)
- OS: Ubuntu 22.04 LXC
- Memory: 4GB RAM, 50GB disk
- Services:
- GitLab Runner / Gitea Actions Runner
- Docker Registry (private)
- Nexus/Harbor (опционально)
3. Production Environment (LXC)
- OS: Ubuntu 22.04 LXC
- Memory: 2GB RAM, 20GB disk
- Services:
- Portainer CE
- MikroTik Telegram Bot
- Watchtower (автообновление)
NETWORK:CONFIG
Proxmox Bridge (vmbr1): 10.10.0.0/24
├── Git Server: 10.10.0.10
├── CI/CD Registry: 10.10.0.20
├── Production: 10.10.0.30
└── Gateway: 10.10.0.1 (access from home LAN)
SERVICES:STACK
Git Server (Gitea)
version: '3.8'
services:
gitea:
image: gitea/gitea:latest
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=sqlite3
- GITEA__server__DOMAIN=git.home.lab
- GITEA__server__ROOT_URL=http://git.home.lab:3000
volumes:
- gitea_data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:22"
restart: unless-stopped
CI/CD + Registry
version: '3.8'
services:
# Private Docker Registry
registry:
image: registry:2
container_name: docker-registry
environment:
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
volumes:
- registry_data:/data
ports:
- "5000:5000"
restart: unless-stopped
# Gitea Actions Runner
runner:
image: gitea/act_runner:latest
container_name: gitea-runner
environment:
GITEA_INSTANCE_URL: http://10.10.0.10:3000
GITEA_RUNNER_REGISTRATION_TOKEN: "your_token"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- runner_data:/data
restart: unless-stopped
Production (Portainer + Apps)
version: '3.8'
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
command: -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
ports:
- "9000:9000"
restart: unless-stopped
WORKFLOW:CI_CD
1. Development Flow
git push → Gitea → webhook → Actions → build → registry → webhook → Portainer → deploy
2. Gitea Actions Workflow (.gitea/workflows/deploy.yml)
name: Build and Deploy
on:
push:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build Image
run: |
docker build -t 10.10.0.20:5000/mikrotik-bot:${{ github.sha }} .
docker push 10.10.0.20:5000/mikrotik-bot:${{ github.sha }}
docker tag 10.10.0.20:5000/mikrotik-bot:${{ github.sha }} 10.10.0.20:5000/mikrotik-bot:latest
docker push 10.10.0.20:5000/mikrotik-bot:latest
- name: Deploy to Production
run: |
curl -X POST "http://10.10.0.30:9000/api/webhooks/YOUR_WEBHOOK_KEY"
DEPLOY:STEPS
Phase 1: Infrastructure Setup
- Create LXC containers in Proxmox
- Network configuration (vmbr1 bridge)
- Install Docker on all containers
- Configure DNS (local or Pi-hole): git.home.lab, registry.home.lab, portainer.home.lab
Phase 2: Services Deployment
- Deploy Gitea (10.10.0.10:3000)
- Create mikrotik-bot repository
- Deploy Registry (10.10.0.20:5000)
- Setup Gitea Actions Runner
- Deploy Portainer (10.10.0.30:9000)
Phase 3: CI/CD Configuration
- Configure Gitea webhook → Actions
- Setup registry access (insecure for local)
- Create Portainer webhook for auto-deploy
- Test full pipeline
Phase 4: Production Deploy
- Push code to Gitea
- Verify automatic build in registry
- Confirm auto-deploy to Portainer
- Setup monitoring and alerts
SECURITY:CONSIDERATIONS
- Registry: HTTP (internal network only)
- Gitea: HTTP (можно добавить HTTPS с self-signed)
- Firewall: только нужные порты
- Backup: регулярные снапшоты LXC
- Access: VPN или закрытая сеть
MONITORING:STACK (Optional)
# Prometheus + Grafana
prometheus:
image: prom/prometheus:latest
ports: ["9090:9090"]
grafana:
image: grafana/grafana:latest
ports: ["3001:3000"]
# Log aggregation
loki:
image: grafana/loki:latest
ports: ["3100:3100"]
RESOURCES:REQUIREMENTS
- Total RAM: 8GB (2+4+2)
- Total Disk: 90GB (20+50+20)
- Network: 1Gbps internal
- Backup: еженедельные снапшоты
BENEFITS:SELFHOSTED
✅ Полный контроль над кодом и инфраструктурой
✅ Нет зависимости от внешних сервисов
✅ Быстрая локальная сеть (Gigabit)
✅ Бесплатно (кроме электричества)
✅ Легкое масштабирование в Proxmox
✅ Интеграция с домашней сетью
MIGRATION:PATH
Existing code → Gitea → Actions → Registry → Portainer
FILES:CREATED
infra/
├── setup-lxc.sh # Автоматическое создание LXC
├── deploy-all.sh # Полное развертывание
├── gitea-compose.yml # Git сервер + DB
├── registry-compose.yml # Registry + UI + Watchtower
├── production-compose.yml # Portainer + Apps
└── README.md # Подробные инструкции
.gitea/workflows/
└── deploy.yml # CI/CD pipeline
USAGE:SUMMARY
- Один скрипт развертывает всю инфраструктуру
- Настройка заняет 15-20 минут
- Push код → автоматический деплой
- Мониторинг через веб интерфейсы
- Масштабирование добавлением новых LXC