Deployment to yuca
This explains how deployment to yuca works.
❓ Who is this page for?
This information is for people who are involved in managing the server and deployment setup for:
- Karrot development
- our hosted instance (karrot.world)
You do not need to know about this if:
- you are self-hosting Karrot
- you are developing features for Karrot
- you are using Karrot
What is yuca?
It's a server where we run various bits of karrot infrastructure:
- https://dev.karrot.world - deployment of karrot for trying out latest dev version
- https://karrot.world - our main hosted instance
- this docs website, and various other things
There is an ansible project to configure it that lives over at https://codeberg.org/karrot/yuca
Maybe one day we deploy it using the co-op cloud setup, but for now at least it has a different way of deploying things.
🔑 Who has server access?
The people that have access to the server are generally those that did server stuff from the yunity days, e.g.: nick, tilmann, matthias, chandi
Deployment plugin
We have a plugin for Codeberg CI (plugin-karrot-deploy) that can deploy Karrot using the yuca ansible config.
Why write a plugin and not just use a script?
One nice thing about Woodpecker CI plugins is that you can declare secrets that are only available to certain plugins.
This prevents people that have code access (but not CI admin rights) from extracting the secrets using a script.
It also includes all the right dependencies and python setup for faster start time.
dev.karrot.world
This is automatically deployed from the main branch from using Codeberg CI.
Frontend and backend are deployed independently as changes are pushed to their respective repos main branch.
You can view the CI status over at:
karrot.world
🚧 Under construction
This is currently not deployable to, whilst we undergo the migration to codeberg.
Manual deployment
Using deployment plugin
🐱 You can currently only deploy dev.karrot.world using this method.
You can run the plugin on your own computer via docker/podman, and deploy both the frontend and backend in one command.
As everything is run from inside a docker container, it's quite safe and independent from the environment on your machine.
😕 docker or podman?
I tend to use podman where possible, and you can just swap docker for podman in the commands below.
They are written here with docker as I guess that is more common still.
First pull the latest version of the plugin:
docker pull codeberg.org/karrot/plugin-karrot-deployThen run it with your desired settings:
docker run \
-e PLUGIN_SSH_KEY="$(cat ~/.ssh/id_ed25519)" \
-e PLUGIN_KARROT_VERSION=v14.0.0 \
-e PLUGIN_DEPLOY_FRONTEND=true \
-e PLUGIN_DEPLOY_BACKEND=true \
codeberg.org/karrot/plugin-karrot-deploy🔑 Which SSH key should that be?
Currently, it must be the deploy key for the karrot-dev-deploy user
🚧 In the future you would be able to use your own yuca user account to deploy it, if you have sufficient rights.
Using ansible directly
You can use ansible directly on your computer to deploy Karrot too.
This requires deploying frontend and backend separately (although no reason you couldn't make a playback that does both).
See https://codeberg.org/karrot/yuca for more info.
Running commands
For running karrot.cli there are wrapper scripts that will call podman with the correct arguments:
/var/www/karrot-dev/www/backend/scripts/karrotSo, to run the shell you can do:
/var/www/karrot-dev/www/backend/scripts/karrot shellOr from your local machine, if you have sufficient access:
ssh -t yuca.yunity.org sudo /var/www/karrot-dev/www/backend/scripts/karrot shell