Merge pull request 'Gitea fixes' (#174) from bugfix/147-gitea_fixes into master
This commit is contained in:
commit
db4792e836
|
@ -1,30 +1,30 @@
|
|||
{
|
||||
"id": "gitea",
|
||||
"jwt_secret": {
|
||||
"encrypted_data": "qHUcKXEhYWXZziyiI9URzLiyIRVWlVJmAuOyBhTe/xogUzURgCmbcgeEfOkb\n2GT2E2Qot5MDdV2+PgjwkyY=\n",
|
||||
"iv": "LCl4UrlOrhcaHgaW\n",
|
||||
"auth_tag": "UxyCH/obwVyR6fpIdmr/KA==\n",
|
||||
"encrypted_data": "jTNhXpJ1mhUXjfRZ3OAR8lrGgxyyob44kN0TyNec5zO2Wb46hJgYMWwtKlZ9\nohNexOKV+wXCjZNeVw0kNgI=\n",
|
||||
"iv": "NYkJTeTzLilMLptE\n",
|
||||
"auth_tag": "a/PuBmOmhyCx0ooepz7n1w==\n",
|
||||
"version": 3,
|
||||
"cipher": "aes-256-gcm"
|
||||
},
|
||||
"internal_token": {
|
||||
"encrypted_data": "lIeZaN6Dx6Jq+/1m0CzBzDa+/gGE+lA0CfzdMn5c0cKVmISIRfdxDE1PfawL\nFm7zvktC1DdlHnCLPKK03U6Lzy2VWRIn6HCZC8IbeFzf7zmWvHrpjOw5pEqA\nGdQmLZ2IDHcs7VcM7Xml0olH9cvccFCAGahdp5wrwB+14w==\n",
|
||||
"iv": "ZPl9OJkrJAgneqvW\n",
|
||||
"auth_tag": "QwqSj0q+olo811kiN+FbgQ==\n",
|
||||
"encrypted_data": "HbyEfyrupc06vGHhSqKUUT8NAIrlvbK4LbMdqxmJMgeltvDItqGgFa0ZdD51\n0djRqQMrRZ4MEdqVTFSBL+8QVdriKeUcLcummp52Sp9tYZKSQKympJFx3fsS\n49rBJhDKRlc3+jUpejJu4jHY4xR2MMNvWWqkkufTvZHhzg==\n",
|
||||
"iv": "DUSCP7Q3dgjyYXwl\n",
|
||||
"auth_tag": "HkPLLvY8uVNK871OsMshcg==\n",
|
||||
"version": 3,
|
||||
"cipher": "aes-256-gcm"
|
||||
},
|
||||
"secret_key": {
|
||||
"encrypted_data": "z4nxVYGEo/hqSHZ4qa5s+a9wMHUOnms5cOsSd07Nuth8YntyS3KOKfhhjvRe\n5oSDShD6IPIWGjDI481HbiJkLFufyQGHV8oR5HDvel/dKNCrokw=\n",
|
||||
"iv": "xF8mlqQQVC5Senbt\n",
|
||||
"auth_tag": "Un/oE3NxQMtpJQUutH19uw==\n",
|
||||
"encrypted_data": "bvxdPokzagjZkdGG37hbWBi6ywu+1UuOrlJJ4p5zOG03b4PN4N40ztO4fWr5\ncMHfO7FER779fRc+tA2H7L1SKqSvlJThgk7X8R7AGGQmrQy7Jvc=\n",
|
||||
"iv": "0uTGeUjnbvnW2WGp\n",
|
||||
"auth_tag": "Dzfb3Jiim5eYWfwpN3HO5Q==\n",
|
||||
"version": 3,
|
||||
"cipher": "aes-256-gcm"
|
||||
},
|
||||
"postgresql_password": {
|
||||
"encrypted_data": "qflAQFt3eMkODtNP86zjH77Y3fRvc3BWXeV0Zra4Zezkaa6vsZOWePaqSg==\n",
|
||||
"iv": "SrpWet9nSiEeRMma\n",
|
||||
"auth_tag": "SAvgZ5pmwWDsx3uud1EeTg==\n",
|
||||
"encrypted_data": "yv2gQYUxMTa7eeC0GJqE+fujOvM9GIwj/OL/L1wvn7uNTjJE97Xt1gYXRw==\n",
|
||||
"iv": "F6yrDSav9EShCf2N\n",
|
||||
"auth_tag": "08b4vT71g41qu6A6jZ6opw==\n",
|
||||
"version": 3,
|
||||
"cipher": "aes-256-gcm"
|
||||
}
|
||||
|
|
|
@ -47,6 +47,7 @@
|
|||
"kosmos-ejabberd::default",
|
||||
"kosmos-ejabberd::letsencrypt",
|
||||
"kosmos-ejabberd::backup",
|
||||
"kosmos_gitea::pg_db",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
|
@ -108,8 +109,7 @@
|
|||
"kosmos-base::letsencrypt",
|
||||
"git::default",
|
||||
"git::package",
|
||||
"build-essential::default",
|
||||
"poise-git::default"
|
||||
"build-essential::default"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "18.04",
|
||||
|
@ -134,6 +134,7 @@
|
|||
"recipe[kosmos-mediawiki]",
|
||||
"recipe[kosmos-btcpayserver::proxy]",
|
||||
"role[mastodon]",
|
||||
"role[ejabberd]"
|
||||
"role[ejabberd]",
|
||||
"recipe[kosmos_gitea::pg_db]"
|
||||
]
|
||||
}
|
|
@ -8,16 +8,20 @@
|
|||
"automatic": {
|
||||
"fqdn": "centaurus.kosmos.org",
|
||||
"os": "linux",
|
||||
"os_version": "4.15.0-96-generic",
|
||||
"os_version": "4.15.0-101-generic",
|
||||
"hostname": "centaurus",
|
||||
"ipaddress": "78.46.59.98",
|
||||
"roles": [
|
||||
"postgresql_replica"
|
||||
"postgresql_replica",
|
||||
"gitea"
|
||||
],
|
||||
"recipes": [
|
||||
"kosmos-base",
|
||||
"kosmos-base::default",
|
||||
"kosmos-postgresql::replica",
|
||||
"kosmos_gitea",
|
||||
"kosmos_gitea::default",
|
||||
"kosmos_gitea::backup",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
|
@ -33,7 +37,19 @@
|
|||
"hostname::default",
|
||||
"firewall::default",
|
||||
"chef-sugar::default",
|
||||
"build-essential::default"
|
||||
"kosmos-nginx::default",
|
||||
"nginx::default",
|
||||
"nginx::package",
|
||||
"nginx::ohai_plugin",
|
||||
"nginx::repo",
|
||||
"nginx::commons",
|
||||
"nginx::commons_dir",
|
||||
"nginx::commons_script",
|
||||
"nginx::commons_conf",
|
||||
"backup::default",
|
||||
"logrotate::default",
|
||||
"build-essential::default",
|
||||
"kosmos-base::letsencrypt"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "18.04",
|
||||
|
@ -51,6 +67,7 @@
|
|||
},
|
||||
"run_list": [
|
||||
"recipe[kosmos-base]",
|
||||
"role[postgresql_replica]"
|
||||
"role[postgresql_replica]",
|
||||
"role[gitea]"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
name "gitea"
|
||||
|
||||
run_list %w(
|
||||
kosmos_gitea::default
|
||||
kosmos_gitea::backup
|
||||
)
|
|
@ -42,6 +42,9 @@ postgresql_server = postgresql_primary_node[:ipaddress]
|
|||
# PostgreSQL is on the same server, connect through localhost
|
||||
postgresql_server = "localhost" if postgresql_primary_node[:hostname] == node[:hostname]
|
||||
|
||||
# Dependency
|
||||
package "git"
|
||||
|
||||
user "git" do
|
||||
manage_home true
|
||||
home "/home/git"
|
||||
|
@ -144,8 +147,7 @@ nginx_site domain do
|
|||
action :enable
|
||||
end
|
||||
|
||||
# Enable when we switch the IP of gitea.kosmos.org
|
||||
# nginx_certbot_site domain
|
||||
nginx_certbot_site domain
|
||||
|
||||
unless node.chef_environment == "development"
|
||||
include_recipe "firewall"
|
||||
|
|
|
@ -31,7 +31,7 @@ SSL_MODE = verify-ca
|
|||
PROVIDER = file
|
||||
PROVIDER_CONFIG = sessions
|
||||
# Enable when TLS is enabled
|
||||
# COOKIE_SECURE = true
|
||||
COOKIE_SECURE = true
|
||||
|
||||
[mailer]
|
||||
ENABLED = true
|
||||
|
|
|
@ -4,7 +4,7 @@ upstream _gitea {
|
|||
}
|
||||
|
||||
server {
|
||||
<% if File.exist?(@ssl_cert) && !File.exist?(@ssl_key) -%>
|
||||
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name <%= @server_name %>;
|
||||
|
@ -16,6 +16,10 @@ server {
|
|||
<% else -%>
|
||||
listen 80;
|
||||
server_name <%= @server_name %>;
|
||||
|
||||
location /.well-known {
|
||||
root "/var/www/<%= @server_name %>";
|
||||
}
|
||||
<% end -%>
|
||||
|
||||
location / {
|
||||
|
|
Loading…
Reference in New Issue