move gitea to rx300

This commit is contained in:
Franzi 2021-07-09 15:56:26 +02:00
parent 95c5e0b6ea
commit c2cb5a2546
Signed by: kunsi
GPG key ID: 12E3D2136B818350
6 changed files with 53 additions and 32 deletions

View file

@ -13,6 +13,8 @@ chat IN AAAA 2a01:4f8:10b:2a5f::2
dimension IN A 94.130.52.224
dimension IN AAAA 2a01:4f8:10b:2a5f::2
git IN CNAME rx300.kunbox.net.
matrix IN A 94.130.52.224
matrix IN AAAA 2a01:4f8:10b:2a5f::2
@ -24,7 +26,6 @@ sewfile IN CNAME sewfile.htz-cloud.kunbox.net.
rss IN CNAME rx300.kunbox.net.
status IN CNAME icinga2.ovh.kunbox.net.
travelynx IN CNAME rx300.kunbox.net.
unicornsden IN CNAME rx300.kunbox.net.

View file

@ -10,9 +10,6 @@ $ORIGIN kunsmann.eu.
dav IN A 94.130.52.224
dav IN AAAA 2a01:4f8:10b:2a5f::2
git IN A 94.130.52.224
git IN AAAA 2a01:4f8:10b:2a5f::2
grafana IN CNAME influxdb.htz-cloud.kunbox.net.
icinga IN CNAME icinga2.ovh.kunbox.net.
influxdb IN CNAME influxdb.htz-cloud.kunbox.net.
@ -29,9 +26,6 @@ luther-ps IN CNAME luther.htz-cloud.kunbox.net.
paste IN A 94.130.52.224
paste IN AAAA 2a01:4f8:10b:2a5f::2
rss IN A 94.130.52.224
rss IN AAAA 2a01:4f8:10b:2a5f::2
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_mta-sts IN TXT "v=STSv1;id=20201111;"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"

View file

@ -2,7 +2,7 @@ nodes['htz.ex42-1048908'] = {
'bundles': {
'dovecot',
'element-web',
'gitea',
# 'gitea',
'jenkins-ci',
'lm-sensors',
'matrix-media-repo',
@ -113,27 +113,27 @@ nodes['htz.ex42-1048908'] = {
},
},
},
'gitea': {
'version': '1.14.3',
'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2',
'domain': 'git.kunsmann.eu',
'email_domain_blocklist': {
'gmail.com',
'yahoo.com',
'aol.com',
'comcast.net',
'verizon.net',
'hotmail.com',
'cox.net',
'msn.com',
},
'enable_git_hooks': True,
'install_ssh_key': True,
'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
},
# 'gitea': {
# 'version': '1.14.3',
# 'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2',
# 'domain': 'git.kunsmann.eu',
# 'email_domain_blocklist': {
# 'gmail.com',
# 'yahoo.com',
# 'aol.com',
# 'comcast.net',
# 'verizon.net',
# 'hotmail.com',
# 'cox.net',
# 'msn.com',
# },
# 'enable_git_hooks': True,
# 'install_ssh_key': True,
# 'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
# 'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
# 'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
# 'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
# },
'icinga_options': {
'pretty_name': 'kunsmann.eu',
},

View file

@ -7,6 +7,7 @@
nodes['rx300'] = {
'hostname': '31.47.232.106',
'bundles': {
'gitea',
'lm-sensors',
'miniflux',
'postgresql',
@ -33,6 +34,11 @@ nodes['rx300'] = {
'apt': {
'packages': {
'ipmitool': {},
# for franzi.business deployment
'jekyll': {},
'ruby-jekyll-feed': {},
'ruby-jekyll-paginate-v2': {},
},
# XXX remove this once nginx.org has packages for debian bullseye
'repos': {
@ -43,6 +49,27 @@ nodes['rx300'] = {
},
},
},
'gitea': {
'version': '1.14.3',
'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2',
'domain': 'git.franzi.business',
'email_domain_blocklist': {
'gmail.com',
'yahoo.com',
'aol.com',
'comcast.net',
'verizon.net',
'hotmail.com',
'cox.net',
'msn.com',
},
'enable_git_hooks': True,
'install_ssh_key': True,
'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
},
'icinga_options': {
'pretty_name': 'franzi.business',
},
@ -51,9 +78,8 @@ nodes['rx300'] = {
},
'nginx': {
'vhosts': {
'miniflux': {
'ssl': '_.franzi.business',
},
'gitea': {'ssl': '_.franzi.business'},
'miniflux': {'ssl': '_.franzi.business'},
'unicornsden': {
'domain': 'unicornsden.franzi.business',
'ssl': '_.franzi.business',