aosus · FarisZR · Apr 2, 2023 · Apr 2, 2023 · Apr 2, 2023 · Apr 2, 2023
diff --git a/.github/workflows/aosus-wordpress.yml b/.github/workflows/aosus-wordpress.yml
@@ -33,6 +33,7 @@ jobs:
           MARIADB_PASSWORD: ${{ secrets.aosus_wordpress_mariadb_password }}
           MARIADB_ROOT_PASSWORD: ${{ secrets.aosus_wordpress_mariadb_root_password }}
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: aosus-wordpress/docker-compose.yml

diff --git a/.github/workflows/caddy.yml b/.github/workflows/caddy.yml
@@ -29,6 +29,7 @@ jobs:
         env:
           EMAIL: ${{ secrets.email }}
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: caddy/docker-compose.yml

diff --git a/.github/workflows/docker-mailserver.yml b/.github/workflows/docker-mailserver.yml
@@ -29,6 +29,7 @@ jobs:
       - name: Start Deployment
         uses: FarisZR/docker-compose-gitops-action@v1
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: docker-mailserver/docker-compose.yml

diff --git a/.github/workflows/gnulinuxsa-wordpress.yml b/.github/workflows/gnulinuxsa-wordpress.yml
@@ -32,6 +32,7 @@ jobs:
         env:
           MARIADB_PASSWORD: ${{ secrets.gnulinuxsa_wordpress_mariadb_password }}
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: gnulinuxsa-wordpress/docker-compose.yml

diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml
@@ -97,6 +97,7 @@ jobs:
           MATRIX_HOOKSHOT_GITHUB_PRIVATE_KEY:  ${{ secrets.matrix_hookshot_github_private_key }}
           MATRIX_HOOKSHOT_PASS_KEY:  ${{ secrets.matrix_hookshot_pass_key }}
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: matrix/docker-compose.yml

diff --git a/.github/workflows/plausible.yml b/.github/workflows/plausible.yml
@@ -36,6 +36,7 @@ jobs:
           GOOGLE_CLIENT_SECRET: ${{ secrets.plausible_google_client_secret }}
           POSTGRES_PASSWORD: ${{ secrets.plausible_postgres_password }}
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: plausible/docker-compose.yml

diff --git a/.github/workflows/scribe.yml b/.github/workflows/scribe.yml
@@ -32,6 +32,7 @@ jobs:
         env:
           SECRET_KEY_BASE: ${{ secrets.scribe_secret_key_base }}
         with:
+          docker_swarm: true
           remote_docker_host: ${{ secrets.server_address }}
           tailscale_ssh: true # no need for manual private and public keys
           compose_file_path: scribe/docker-compose.yml

diff --git a/aosus-wordpress/docker-compose.yml b/aosus-wordpress/docker-compose.yml
@@ -22,6 +22,21 @@ services:
     configs:
       - source: custom-ini
         target: /usr/local/etc/php/conf.d/custom.ini
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
   mariadb:
     image: mariadb:10.11.2@sha256:9ff479f244cc596aed9794d035a9f352662f2caed933238c533024df64569853
@@ -35,6 +50,21 @@ services:
       MARIADB_ROOT_PASSWORD:
     volumes:
       - /home/aosus/aosus-wordpress/mariadb:/var/lib/mysql
+    deploy:
+      mode: global
+      update_config:
+        parallelism: 0
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 configs:
   custom-ini:

diff --git a/caddy/docker-compose.yml b/caddy/docker-compose.yml
@@ -27,6 +27,29 @@ services:
     networks:
       web:
       discourse:
+    healthcheck:
+      # https://ryanblunden.com/for-those-looking-for-a-http-health-check-in-alpine-images-wget-is-available-from-the-base-image-a07997be8699
+      test: ["CMD", "wget", "--spider", "-q", "http://localhost"]
+      interval: 5s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 30s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+
 configs:
   Caddyfile:
     file: /home/aosus/caddy/Caddyfile

diff --git a/docker-mailserver/docker-compose.yml b/docker-mailserver/docker-compose.yml
@@ -38,6 +38,21 @@ services:
       retries: 0
     networks:
       discourse:
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 volumes:
   mail-data:

diff --git a/gnulinuxsa-wordpress/docker-compose.yml b/gnulinuxsa-wordpress/docker-compose.yml
@@ -23,6 +23,21 @@ services:
     configs:
       - source: custom-ini
         target: /usr/local/etc/php/conf.d/custom.ini
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
   mariadb:
     image: mariadb:10.11.2@sha256:9ff479f244cc596aed9794d035a9f352662f2caed933238c533024df64569853
@@ -35,6 +50,21 @@ services:
       MARIADB_AUTO_UPGRADE: true
     volumes:
       - /home/aosus/gnulinuxsa-wordpress/mariadb:/var/lib/mysql:rw
+    deploy:
+      mode: global
+      update_config:
+        parallelism: 0
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 configs:
   custom-ini:

diff --git a/matrix/docker-compose.yml b/matrix/docker-compose.yml
@@ -18,6 +18,21 @@ services:
       - /home/aosus/matrix/postgresql:/var/lib/postgresql/data:rw
     networks:
       default:
+    deploy:
+      mode: global
+      update_config:
+        parallelism: 0
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 
   synapse:
@@ -61,6 +76,21 @@ services:
     networks:
       default:
       web:
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 
   synapse-admin:
@@ -81,6 +111,21 @@ services:
     networks:
       default:
       telegram:
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 
   postgres-telegram:
@@ -95,7 +140,21 @@ services:
       - /home/aosus/matrix/telegram/postgresql:/var/lib/postgresql/data:rw
     networks:
       telegram:
-
+    deploy:
+      mode: global
+      update_config:
+        parallelism: 0
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
   matrix-hookshot:
     image: halfshot/matrix-hookshot:3.1.1@sha256:bb3b7c924a6e6b2ee014a3a13347dc44ec72e47876464c507b661be493f35ecc

diff --git a/plausible/docker-compose.yml b/plausible/docker-compose.yml
@@ -11,6 +11,21 @@ services:
       - /home/aosus/plausible/postgresql:/var/lib/postgresql/data
     environment:
       - POSTGRES_PASSWORD
+    deploy:
+      mode: global
+      update_config:
+        parallelism: 0
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
   plausible_events_db:
     restart: unless-stopped
@@ -26,6 +41,21 @@ services:
       nofile:
         soft: 262144
         hard: 262144
+    deploy:
+      mode: global
+      update_config:
+        parallelism: 0
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
   plausible:
     restart: unless-stopped
@@ -53,6 +83,21 @@ services:
     networks:
       default:
       web:
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
 
 volumes:
   geoip:

diff --git a/scribe/docker-compose.yml b/scribe/docker-compose.yml
@@ -19,3 +19,18 @@ services:
       - SECRET_KEY_BASE
     networks:
       web:
+    deploy:
+      # swarm zero-down time deployment
+      update_config:
+        delay: 5s
+        order: start-first
+        monitor: 4s
+        failure_action: rollback
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s