michael/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

a

Browse source
This commit is contained in:
Michael Zhang 2023-11-24 15:43:17 -06:00
commit 5e5addeac6
11 changed files with 192 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
terraform.tfvars.json
.terraform

13
README.md Normal file
View file

@ -0,0 +1,13 @@
## How to add new tailscale client
On client:
```
tailscale up --login-server https://mzhang.io:15851
```
On server:
```
sudo /path/to/headscale nodes register --user michael --key <key>
```

6
main.tf Normal file
View file

@ -0,0 +1,6 @@
module "gitea" {
source = "./services/gitea"
providers = {
nomad = nomad
}
}

4
providers.tf Normal file
View file

@ -0,0 +1,4 @@
provider "nomad" {
address = "http://apps2.tail98468.ts.net:4646"
region = "us-east-2"
}

5
services/caddy/conf/caddy.nomad.hcl Normal file
View file

@ -0,0 +1,5 @@
job "caddy" {
group "proxy" {
}
}

6
services/caddy/job.tf Normal file
View file

@ -0,0 +1,6 @@
resource "nomad_job" "app" {
jobspec = templatefile("${path.module}/conf/caddy.nomad.hcl", {
# caddyfile_internal = data.template_file.caddyfile-internal.rendered
caddyfile_public = data.template_file.caddyfile-public.rendered
})
}

122
services/gitea/conf/app.ini.tpl Normal file
View file

@ -0,0 +1,122 @@
; This file lists the default values used by Gitea
; Sample file: https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini
; Docs: https://docs.gitea.io/en-us/config-cheat-sheet/
APP_NAME = Michael's Forge
RUN_MODE = prod
RUN_USER = git
[repository]
ROOT = /data/git/repositories
[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
[repository.upload]
TEMP_PATH = /data/gitea/uploads
[server]
APP_DATA_PATH = /data/gitea
DOMAIN = git2.mrkaran.dev
SSH_DOMAIN = koadings.mrkaran.dev
HTTP_PORT = 3000
ROOT_URL = https://git2.mrkaran.dev/
DISABLE_SSH = false
SSH_PORT = 4222
SSH_LISTEN_PORT = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /data/git/lfs
LFS_JWT_SECRET = "${gitea_lfs_jwt_secret}"
OFFLINE_MODE = true
LANDING_PAGE = explore
[ui]
THEME_COLOR_META_TAG = "#6B46C1"
[ui.meta]
AUTHOR = Karan
DESCRIPTION = Karan's self-hosted Gitea instance
KEYWORDS = git, gitea, karan, git.mrkaran.dev, mrkaran
[database]
PATH = /data/gitea/gitea.db
DB_TYPE = sqlite3
HOST = localhost:3306
NAME = gitea
USER = root
PASSWD =
SCHEMA =
SSL_MODE = disable
CHARSET = utf8
[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER = file
COOKIE_SECURE = true
[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[attachment]
PATH = /data/gitea/attachments
[log]
ROOT_PATH = /data/gitea/log
MODE = file
LEVEL = info
[security]
INSTALL_LOCK = true
SECRET_KEY = "${gitea_secret_key}"
INTERNAL_TOKEN = "${gitea_internal_token}"
[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost
[oauth2]
JWT_SECRET = "${gitea_oauth2_jwt_secret}"
[mailer]
ENABLED = false
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
[metrics]
ENABLED = true
[cron]
ENABLED = true
RUN_AT_START = false
[cron.archive_cleanup]
RUN_AT_START = true
SCHEDULE = @every 24h
OLDER_THAN = 24h
[cron.update_mirrors]
SCHEDULE = @every 3h
[cron.repo_health_check]
SCHEDULE = @every 24h
TIMEOUT = 60s
[cron.check_repo_stats]
RUN_AT_START = true
SCHEDULE = @every 24h

13
services/gitea/conf/gitea.nomad.hcl Normal file
View file

@ -0,0 +1,13 @@
job "gitea" {
group "app" {
network {
port "http" {
to = 3000
}
}
task "web" {
driver = "docker"
}
}
}

9
services/gitea/data.tf Normal file
View file

@ -0,0 +1,9 @@
data "template_file" "gitea-config" {
template = file("${path.module}/conf/app.ini.tpl")
vars = {
gitea_secret_key = var.gitea_secret_key
gitea_internal_token = var.gitea_internal_token
gitea_lfs_jwt_secret = var.gitea_lfs_jwt_secret
gitea_oauth2_jwt_secret = var.gitea_oauth2_jwt_secret
}
}

5
services/gitea/job.tf Normal file
View file

@ -0,0 +1,5 @@
resource "nomad_job" "app" {
jobspec = templatefile("${path.module}/conf/gitea.nomad.hcl", {
gitea_config = data.template_file.gitea-config.rendered
})
}

7
services/gitea/providers.tf Normal file
View file

@ -0,0 +1,7 @@
terraform {
required_providers {
nomad = {
source = "hashicorp/nomad"
}
}
}