kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity

move gitea to rx300

Browse source
This commit is contained in:
Franzi 2021-07-09 15:56:26 +02:00
parent 95c5e0b6ea
commit c2cb5a2546
Signed by: kunsi
GPG key ID: 12E3D2136B818350
6 changed files with 53 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
data/gitea/files/ssh-keys/htz.ex42-1048908.key.vault → data/gitea/files/ssh-keys/rx300.key.vault
View file

0
data/gitea/files/ssh-keys/htz.ex42-1048908.pub → data/gitea/files/ssh-keys/rx300.pub
View file

3
data/powerdns/files/bind-zones/franzi.business
View file

@ -13,6 +13,8 @@ chat IN AAAA 2a01:4f8:10b:2a5f::2
dimension IN A 94.130.52.224 dimension IN A 94.130.52.224
dimension IN AAAA 2a01:4f8:10b:2a5f::2 dimension IN AAAA 2a01:4f8:10b:2a5f::2
git IN CNAME rx300.kunbox.net.
matrix IN A 94.130.52.224 matrix IN A 94.130.52.224
matrix IN AAAA 2a01:4f8:10b:2a5f::2 matrix IN AAAA 2a01:4f8:10b:2a5f::2
@ -24,7 +26,6 @@ sewfile IN CNAME sewfile.htz-cloud.kunbox.net.
rss IN CNAME rx300.kunbox.net. rss IN CNAME rx300.kunbox.net.
status IN CNAME icinga2.ovh.kunbox.net. status IN CNAME icinga2.ovh.kunbox.net.
travelynx IN CNAME rx300.kunbox.net. travelynx IN CNAME rx300.kunbox.net.
unicornsden IN CNAME rx300.kunbox.net. unicornsden IN CNAME rx300.kunbox.net.

6
data/powerdns/files/bind-zones/kunsmann.eu
View file

@ -10,9 +10,6 @@ $ORIGIN kunsmann.eu.
dav IN A 94.130.52.224 dav IN A 94.130.52.224
dav IN AAAA 2a01:4f8:10b:2a5f::2 dav IN AAAA 2a01:4f8:10b:2a5f::2
git IN A 94.130.52.224
git IN AAAA 2a01:4f8:10b:2a5f::2
grafana IN CNAME influxdb.htz-cloud.kunbox.net. grafana IN CNAME influxdb.htz-cloud.kunbox.net.
icinga IN CNAME icinga2.ovh.kunbox.net. icinga IN CNAME icinga2.ovh.kunbox.net.
influxdb IN CNAME influxdb.htz-cloud.kunbox.net. influxdb IN CNAME influxdb.htz-cloud.kunbox.net.
@ -29,9 +26,6 @@ luther-ps IN CNAME luther.htz-cloud.kunbox.net.
paste IN A 94.130.52.224 paste IN A 94.130.52.224
paste IN AAAA 2a01:4f8:10b:2a5f::2 paste IN AAAA 2a01:4f8:10b:2a5f::2
rss IN A 94.130.52.224
rss IN AAAA 2a01:4f8:10b:2a5f::2
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r" _dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_mta-sts IN TXT "v=STSv1;id=20201111;" _mta-sts IN TXT "v=STSv1;id=20201111;"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net" _smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"

44
nodes/htz/ex42-1048908.py
View file

@ -2,7 +2,7 @@ nodes['htz.ex42-1048908'] = {
'bundles': { 'bundles': {
'dovecot', 'dovecot',
'element-web', 'element-web',
'gitea', # 'gitea',
'jenkins-ci', 'jenkins-ci',
'lm-sensors', 'lm-sensors',
'matrix-media-repo', 'matrix-media-repo',
@ -113,27 +113,27 @@ nodes['htz.ex42-1048908'] = {
}, },
}, },
}, },
'gitea': { # 'gitea': {
'version': '1.14.3', # 'version': '1.14.3',
'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2', # 'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2',
'domain': 'git.kunsmann.eu', # 'domain': 'git.kunsmann.eu',
'email_domain_blocklist': { # 'email_domain_blocklist': {
'gmail.com', # 'gmail.com',
'yahoo.com', # 'yahoo.com',
'aol.com', # 'aol.com',
'comcast.net', # 'comcast.net',
'verizon.net', # 'verizon.net',
'hotmail.com', # 'hotmail.com',
'cox.net', # 'cox.net',
'msn.com', # 'msn.com',
}, # },
'enable_git_hooks': True, # 'enable_git_hooks': True,
'install_ssh_key': True, # 'install_ssh_key': True,
'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='), # 'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'), # 'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'), # 'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='), # 'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
}, # },
'icinga_options': { 'icinga_options': {
'pretty_name': 'kunsmann.eu', 'pretty_name': 'kunsmann.eu',
}, },

32
nodes/rx300.py
View file

@ -7,6 +7,7 @@
nodes['rx300'] = { nodes['rx300'] = {
'hostname': '31.47.232.106', 'hostname': '31.47.232.106',
'bundles': { 'bundles': {
'gitea',
'lm-sensors', 'lm-sensors',
'miniflux', 'miniflux',
'postgresql', 'postgresql',
@ -33,6 +34,11 @@ nodes['rx300'] = {
'apt': { 'apt': {
'packages': { 'packages': {
'ipmitool': {}, 'ipmitool': {},
# for franzi.business deployment
'jekyll': {},
'ruby-jekyll-feed': {},
'ruby-jekyll-paginate-v2': {},
}, },
# XXX remove this once nginx.org has packages for debian bullseye # XXX remove this once nginx.org has packages for debian bullseye
'repos': { 'repos': {
@ -43,6 +49,27 @@ nodes['rx300'] = {
}, },
}, },
}, },
'gitea': {
'version': '1.14.3',
'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2',
'domain': 'git.franzi.business',
'email_domain_blocklist': {
'gmail.com',
'yahoo.com',
'aol.com',
'comcast.net',
'verizon.net',
'hotmail.com',
'cox.net',
'msn.com',
},
'enable_git_hooks': True,
'install_ssh_key': True,
'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
},
'icinga_options': { 'icinga_options': {
'pretty_name': 'franzi.business', 'pretty_name': 'franzi.business',
}, },
@ -51,9 +78,8 @@ nodes['rx300'] = {
}, },
'nginx': { 'nginx': {
'vhosts': { 'vhosts': {
'miniflux': { 'gitea': {'ssl': '_.franzi.business'},
'ssl': '_.franzi.business', 'miniflux': {'ssl': '_.franzi.business'},
},
'unicornsden': { 'unicornsden': {
'domain': 'unicornsden.franzi.business', 'domain': 'unicornsden.franzi.business',
'ssl': '_.franzi.business', 'ssl': '_.franzi.business',