# vim: ft=yaml.ansible
---
- name: set up drone with docker runner
  docker_compose:
    project_name: drone
    pull: yes
    definition:
      version: "3.6"
      services:
        drone:
          container_name: "drone"
          image: "drone/drone:{{ services.drone.version }}"
          restart: unless-stopped
          networks:
            - external_services
            - drone
          volumes:
            - "{{ services.drone.volume_folder }}:/data"
            - "/var/run/docker.sock:/var/run/docker.sock"
          environment:
            DRONE_GITEA_SERVER: "https://{{ services.gitea.domain }}"
            DRONE_GITEA_CLIENT_ID: "{{ drone_secrets.oauth_client_id }}"
            DRONE_GITEA_CLIENT_SECRET: "{{ drone_secrets.oauth_client_secret }}"
            DRONE_GIT_ALWAYS_AUTH: "true"
            DRONE_SERVER_HOST: "{{ services.drone.domain }}"
            DRONE_SERVER_PROTO: "https"
            DRONE_RPC_SECRET: "{{ drone_secrets.rpc_shared_secret }}"
            PLUGIN_CUSTOM_DNS: "91.239.100.100"
            VIRTUAL_HOST: "{{ services.drone.domain }}"
            LETSENCRYPT_HOST: "{{ services.drone.domain }}"
            LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"

        drone-runner-docker:
          container_name: "drone-runner-docker"
          image: "drone/drone-runner-docker:{{ services.drone.version }}"
          restart: unless-stopped
          networks:
            - drone
          volumes:
            - "/var/run/docker.sock:/var/run/docker.sock"
          environment:
            DRONE_RPC_HOST: "{{ services.drone.domain }}"
            DRONE_RPC_PROTO: "https"
            DRONE_RPC_SECRET: "{{ drone_secrets.rpc_shared_secret }}"
            DRONE_RUNNER_CAPACITY: 2
            DRONE_RUNNER_NAME: "data.coop_drone_runner"

      networks:
        drone:
        external_services:
          external:
            name: external_services