fix various configs

.local-dev/ext-builder/README.md

@@ -4,10 +4,10 @@ Join external builder instance from outside the production (cluster) deployment
 
 ## Usage
 
-1. Set `./id_ed25519` (ns default private key for fetching repository) and config `./config.yaml` accordingly
-    - Fetch configuration from production if necessary
-2. Set secret information in `.env` file according to `compose.yaml`
-3. `ssh -L 0.0.0.0:3306:private.kmbk.tokyotech.org:3306 -L 0.0.0.0:10000:10.43.193.98:10000 c1-203`
-    - Do this if some ports are unreachable from outside the deployment stack
+1. Set config `./config.yaml` accordingly
+   - Fetch configuration from production if necessary
+2. Set token (`NS_COMPONENTS_CONTROLLER_TOKEN`) in `.env` file
+3. Prepare local forward if controller port is unreachable from the internet
+   - `ssh -L 0.0.0.0:10000:10.43.193.98:10000 c1-203`
 4. `docker compose pull`
 5. `docker compose up -d`

.local-dev/ext-builder/compose.yaml

@@ -4,30 +4,31 @@ services:
     command: --debug --loglevel=trace --config=/config.yaml
     restart: always
     environment:
-      NS_DB_PASSWORD:
-      NS_STORAGE_S3_ACCESSKEY:
-      NS_STORAGE_S3_ACCESSSECRET:
-      NS_IMAGE_REGISTRY_PASSWORD:
+      NS_COMPONENTS_CONTROLLER_TOKEN:
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock # for buildpack docker backend
-      - ./id_ed25519:/keys/id_ed25519
       - ./config.yaml:/config.yaml
       - ~/.ssh/known_hosts:/root/.ssh/known_hosts
     depends_on:
       buildkitd:
         condition: service_started
     extra_hosts:
       - host.docker.internal:host-gateway
+      - registry.local:host-gateway
 
   buildpack:
     image: paketobuildpacks/builder-jammy-full:latest
     restart: always
     entrypoint:
       - sleep
       - infinity
+    extra_hosts:
+      - registry.local:host-gateway
 
   buildkitd:
     image: moby/buildkit:latest
     restart: always
     privileged: true
     command: --addr tcp://0.0.0.0:1234
+    extra_hosts:
+      - registry.local:host-gateway

.local-dev/ext-builder/config.yaml

@@ -1,30 +1,3 @@
-privateKeyFile: /keys/id_ed25519
-adminerURL: https://adminer.ns.trap.jp/
-
-db:
-  host: host.docker.internal
-  port: 3306
-  username: service_neoshowcase
-  # password: <env secret>
-  database: service_neoshowcase
-
-storage:
-  type: s3
-  s3:
-    bucket: neoshowcase
-    # accessKey: <env secret>
-    # accessSecret: <env secret>
-    region: ap-northeast-1
-    endpoint: https://s3.ap-northeast-1.wasabisys.com
-
-image:
-  registry:
-    scheme: https
-    addr: registry.ns.trap.jp
-    username: "robot$neoshowcase"
-    # password: <env secret>
-  namePrefix: ns-apps/
-
 components:
   builder:
     buildkit:

compose.yaml

@@ -10,6 +10,7 @@ services:
       - ./.local-dev/config/ns.yaml:/config.yaml
       - ./.local-dev/local-storage:/data
       - ./.local-dev/keys:/keys
+      - ~/.ssh/known_hosts:/root/.ssh/known_hosts
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.ns-gateway.rule=Host(`ns.local.trapti.tech`) && PathPrefix(`/neoshowcase.protobuf.APIService`)"