Encrypt Gitea data directories #178

New Issue

Closed

opened 2020-06-08 15:11:46 +00:00 by raucao · 2 comments

raucao commented 2020-06-08 15:11:46 +00:00

Owner

Copy Link

We have a working encfs setup now. A service wanting to store data in the encrypted directory can use the node["kosmos_encfs"]["data_directory"] property to locate/configure directories in the mounted volume.

Additionally, in order to start Gitea automatically when the volume is mounted, use this new resource:

encfs_path_activation_unit gitea_service_name

Both the gitea HOME as well as the WORKING_DIR should be encrypted.

We have a working encfs setup now. A service wanting to store data in the encrypted directory can use the `node["kosmos_encfs"]["data_directory"]` property to locate/configure directories in the mounted volume. Additionally, in order to start Gitea automatically when the volume is mounted, use this new resource: ```ruby encfs_path_activation_unit gitea_service_name ``` Both the gitea HOME as well as the WORKING_DIR should be encrypted.

raucao referenced this issue 2020-08-02 19:26:06 +00:00

Gitea uploads are broken #188

raucao commented 2020-08-30 12:20:38 +00:00

Author

Owner

Copy Link

The alternative would be to create an VM with full-disk encryption now.

The alternative would be to create an VM with full-disk encryption now.

raucao added the

feature

security

labels 2020-08-30 12:22:39 +00:00

raucao added the

service

gitea

label 2020-12-09 13:07:04 +00:00

raucao referenced this issue 2020-12-09 13:13:22 +00:00

Upgrade Gitea to 1.13 #253

raucao commented 2021-01-29 12:07:20 +00:00

Author

Owner

Copy Link

Will be done by using normal full-disk encryption for the VM in #300.

Will be done by using normal full-disk encryption for the VM in #300.

raucao closed this issue 2022-03-12 20:54:14 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

feature/500-chef_upgrade_mediawiki

bugfix/499-unattended_upgrades

notes/ejabberd_ldap_photo

feature/akaunting

chore/ejabberd_service_avatar

feature/237-gitea_gpg

jammy_jellyfish

No results found.

Labels

Clear labels

service

accounts

Kosmos Accounts

service

discourse

Kosmos Community Forums

service

drone-ci

Kosmos Drone CI

service

email

mail.kosmos.org

service

garage

S3-compatible object storage

service

gitea

Kosmos Gitea

service

ipfs

Kosmos IPFS

service

mastodon

kosmos.social

service

postgres

Database cluster

service

remotestorage

Portable data storage for the Web

service

wiki

Kosmos Wiki

service

xmpp

Kosmos Chat

bug

Something is not working

design

Graphic/visual design

dev environment

Config, builds, CI, deployment, etc.

docs

Documentation

duplicate

This issue or pull request already exists

enhancement

Improving existing functionality

feature

New functionality

good first issue

Dive in, and start contributing

idea

Something to consider

invalid

Not a bug

kredits-1

Small contribution

kredits-2

Medium contribution

kredits-3

Large contribution

on hold

Currently not actionable

ops

Manual IT ops activities

question

Looking for an answer

release

major

release

minor

release

patch

security

All your base are belong to us

ui/ux

User interface, process design, etc.

wontfix

This won't be fixed

No Label

service

gitea

feature

security

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

bkero bumi fsmanuel galfert greg hueso raucao slvrbckt

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: kosmos/chef#178

No description provided.