diff options
| author | Jesse Luehrs <doy@tozt.net> | 2020-04-28 01:14:09 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2020-04-28 01:14:09 -0400 |
| commit | fd5d17c628344c3697d85cb14ed01fa52df38aff (patch) | |
| tree | 017773afcbe772c43187f10e1ad64b5ddd67615c | |
| parent | 5f8bbd65198ddebc6004a92d87d94456f68f201c (diff) | |
| download | puppet-tozt-fd5d17c628344c3697d85cb14ed01fa52df38aff.tar.gz puppet-tozt-fd5d17c628344c3697d85cb14ed01fa52df38aff.zip | |
try out gitea
| -rw-r--r-- | manifests/tozt.pp | 3 | ||||
| -rw-r--r-- | modules/gitea/files/override.conf | 2 | ||||
| -rw-r--r-- | modules/gitea/manifests/init.pp | 78 | ||||
| -rw-r--r-- | modules/gitea/templates/app.ini | 22 | ||||
| -rw-r--r-- | modules/tozt/files/nginx/gitea-tls.conf | 14 | ||||
| -rw-r--r-- | modules/tozt/manifests/gitea.pp | 13 |
6 files changed, 131 insertions, 1 deletions
diff --git a/manifests/tozt.pp b/manifests/tozt.pp index 79294fb..9271f33 100644 --- a/manifests/tozt.pp +++ b/manifests/tozt.pp @@ -14,7 +14,8 @@ node 'tozt', 'tozt.localdomain' { include tozt::backups include tozt::bitwarden - include tozt::git + # include tozt::git + include tozt::gitea include tozt::metabase include tozt::monitoring include tozt::munin diff --git a/modules/gitea/files/override.conf b/modules/gitea/files/override.conf new file mode 100644 index 0000000..7ccc03b --- /dev/null +++ b/modules/gitea/files/override.conf @@ -0,0 +1,2 @@ +[Service] +Environment=USER=gitea HOME=/media/persistent/gitea/home GITEA_WORK_DIR=/media/persistent/gitea/work GITEA_CUSTOM=/media/persistent/gitea/custom diff --git a/modules/gitea/manifests/init.pp b/modules/gitea/manifests/init.pp new file mode 100644 index 0000000..a0a4447 --- /dev/null +++ b/modules/gitea/manifests/init.pp @@ -0,0 +1,78 @@ +class gitea { + include systemd + + package { "gitea": + ensure => installed; + } + + service { "gitea": + ensure => running, + enable => true, + require => [ + Package['gitea'], + File['/etc/systemd/system/gitea.service.d/override.conf'], + Exec["/usr/bin/systemctl daemon-reload"], + File['/media/persistent/gitea/home'], + File['/media/persistent/gitea/work'], + File['/media/persistent/gitea/custom/conf/app.ini'], + File['/media/persistent/gitea/repos'], + ]; + } + + $secret_key = secret::value('gitea_secret_key') + $jwt_secret = secret::value('gitea_jwt_secret') + + file { + '/media/persistent/gitea': + ensure => directory; + '/media/persistent/gitea/home': + ensure => directory, + user => 'gitea', + group => 'gitea', + require => [ + Package['gitea'], + File['/media/persistent/gitea'], + ]; + '/media/persistent/gitea/work': + ensure => directory, + user => 'gitea', + group => 'gitea', + require => [ + Package['gitea'], + File['/media/persistent/gitea'], + ]; + '/media/persistent/gitea/custom': + ensure => directory, + user => 'gitea', + group => 'gitea', + require => [ + Package['gitea'], + File['/media/persistent/gitea'], + ]; + '/media/persistent/gitea/custom/conf': + ensure => directory, + user => 'gitea', + group => 'gitea', + require => [ + Package['gitea'], + File['/media/persistent/gitea'], + ]; + '/media/persistent/gitea/custom/conf/app.ini': + content => template('gitea/app.ini'), + require => File['/media/persistent/gitea/custom/conf']; + '/media/persistent/gitea/repos': + ensure => directory, + user => 'gitea', + group => 'gitea', + require => [ + Package['gitea'], + File['/media/persistent/gitea'], + ]; + '/etc/systemd/system/gitea.service.d': + ensure => directory; + '/etc/systemd/system/gitea.service.d/override.conf': + source => 'puppet:///modules/gitea/override.conf', + notify => Exec["/usr/bin/systemctl daemon-reload"], + require => File["/etc/systemd/system/gitea.service.d"]; + } +} diff --git a/modules/gitea/templates/app.ini b/modules/gitea/templates/app.ini new file mode 100644 index 0000000..3ba8f0b --- /dev/null +++ b/modules/gitea/templates/app.ini @@ -0,0 +1,22 @@ +APP_NAME = git.tozt.net + +[repository] +ROOT = /media/persistent/gitea/repos + +[server] +PROTOCOL = unix +DOMAIN = git.tozt.net +ROOT_URL = https://git.tozt.net/ +HTTP_ADDR = /run/gitea/gitea.sock +DISABLE_SSH = true + +[database] +DB_TYPE = sqlite3 +PATH = /media/persistent/gitea/gitea.sqlite + +[security] +INSTALL_LOCK = true +SECRET_KEY = <%= @secret_key %> + +[oauth2] +JWT_SECRET = <%= @jwt_secret %> diff --git a/modules/tozt/files/nginx/gitea-tls.conf b/modules/tozt/files/nginx/gitea-tls.conf new file mode 100644 index 0000000..4649ba5 --- /dev/null +++ b/modules/tozt/files/nginx/gitea-tls.conf @@ -0,0 +1,14 @@ +server { + listen 443; + server_name git.tozt.net; + + access_log /var/log/nginx/git.access.log; + error_log /var/log/nginx/git.error.log; + + include ssl; + + location / { + proxy_pass http://127.0.0.1:3000/; + } +} +# vim:ft=nginx diff --git a/modules/tozt/manifests/gitea.pp b/modules/tozt/manifests/gitea.pp new file mode 100644 index 0000000..4a2a6be --- /dev/null +++ b/modules/tozt/manifests/gitea.pp @@ -0,0 +1,13 @@ +class tozt::gitea { + include gitea + include tozt::certbot + include tozt::persistent + + nginx::site { + "git-tls": + source => 'puppet:///modules/tozt/nginx/gitea-tls.conf', + require => Class['certbot']; + "git": + source => 'puppet:///modules/tozt/nginx/git.conf'; + } +} |