WIP Migrate Gitea proxy to openresty

TODO: Make nginx_ssh stream resource work with openresty cookbook

site-cookbooks/kosmos_gitea/recipes/nginx.rb

@@ -3,14 +3,8 @@
 # Recipe:: nginx
 #
 
-include_recipe "kosmos-nginx"
-
 domain = node["gitea"]["domain"]
 
-# upstream_ip_addresses = []
-# search(:node, "role:gitea").each do |n|
-#   upstream_ip_addresses << n["knife_zero"]["host"]
-# end
 begin
   upstream_ip_address = search(:node, "role:gitea").first["knife_zero"]["host"]
 rescue
@@ -18,35 +12,16 @@ rescue
   return
 end
 
-nginx_certbot_site domain
+tls_cert_for domain do
+  auth "gandi_dns"
+  action :create
+end
 
-template "#{node['nginx']['dir']}/sites-available/#{domain}" do
-  source "nginx_conf_web.erb"
-  owner 'www-data'
-  mode 0640
+openresty_site domain do
+  template "nginx_conf_web.erb"
   variables server_name:   domain,
             ssl_cert:      "/etc/letsencrypt/live/#{domain}/fullchain.pem",
             ssl_key:       "/etc/letsencrypt/live/#{domain}/privkey.pem",
             upstream_host: upstream_ip_address,
             upstream_port: node["gitea"]["port"]
-
-  notifies :reload, 'service[nginx]', :delayed
-end
-
-nginx_site domain do
-  action :enable
-end
-
-template "#{node['nginx']['dir']}/streams-available/ssh" do
-  source "nginx_conf_ssh.erb"
-  owner 'www-data'
-  mode 0640
-  variables domain: domain,
-            upstream_host: upstream_ip_address
-
-  notifies :reload, 'service[nginx]', :delayed
-end
-
-nginx_stream "ssh" do
-  action :enable
 end

site-cookbooks/kosmos_gitea/recipes/nginx_ssh.rb

@@ -0,0 +1,18 @@
+#
+# Cookbook:: kosmos_gitea
+# Recipe:: nginx_ssh
+#
+
+template "#{node['nginx']['dir']}/streams-available/ssh" do
+  source "nginx_conf_ssh.erb"
+  owner 'www-data'
+  mode 0640
+  variables domain: domain,
+            upstream_host: upstream_ip_address
+
+  notifies :reload, 'service[nginx]', :delayed
+end
+
+nginx_stream "ssh" do
+  action :enable
+end