what the hell am i doing

.envrc

@@ -0,0 +1,3 @@
+use flake
+
+export NOMAD_ADDR=http://apps2:4646

.gitignore

@@ -1,2 +1,3 @@
 terraform.tfvars.json
 .terraform
+.direnv

.terraform.lock.hcl

@@ -1,38 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/nomad" {
-  version = "2.0.0"
-  hashes = [
-    "h1:lIHIxA6ZmfyTGL3J9YIddhxlfit4ipSS09BLxkwo6L0=",
-    "zh:09b897d64db293f9a904a4a0849b11ec1e3fff5c638f734d82ae36d8dc044b72",
-    "zh:435cc106799290f64078ec24b6c59cb32b33784d609088638ed32c6d12121199",
-    "zh:7073444bd064e8c4ec115ca7d9d7f030cc56795c0a83c27f6668bba519e6849a",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:79d238c35d650d2d83a439716182da63f3b2767e72e4cbd0b69cb13d9b1aebfc",
-    "zh:7ef5f49344278fe0bbc5447424e6aa5425ff1821d010d944a444d7fa2c751acf",
-    "zh:92179091638c8ba03feef371c4361a790190f9955caea1fa59de2055c701a251",
-    "zh:a8a34398851761368eb8e7c171f24e55efa6e9fdbb5c455f6dec34dc17f631bc",
-    "zh:b38fd5338625ebace5a4a94cea1a28b11bd91995d834e318f47587cfaf6ec599",
-    "zh:b71b273a2aca7ad5f1e07c767b25b5a888881ba9ca93b30044ccc39c2937f03c",
-    "zh:cd14357e520e0f09fb25badfb4f2ee37d7741afdc3ed47c7bcf54c1683772543",
-    "zh:e05e025f4bb95138c3c8a75c636e97cd7cfd2fc1525b0c8bd097db8c5f02df6e",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/template" {
-  version = "2.2.0"
-  hashes = [
-    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
-    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
-    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
-    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
-    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
-    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
-    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
-    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
-    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
-    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
-    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
-  ]
-}

README.md

@@ -1,13 +0,0 @@
-## How to add new tailscale client
-
-On client:
-
-```
-tailscale up --login-server https://mzhang.io:15851
-```
-
-On server:
-
-```
-sudo /path/to/headscale nodes register --user michael --key <key>
-```

flake.lock

@@ -0,0 +1,58 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1694529238,
+        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "type": "github"
+      },
+      "original": {
+        "id": "flake-utils",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1701040486,
+        "narHash": "sha256-vawYwoHA5CwvjfqaT3A5CT9V36Eq43gxdwpux32Qkjw=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "45827faa2132b8eade424f6bdd48d8828754341a",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -0,0 +1,10 @@
+{
+  description = "A very basic flake";
+
+  outputs = { self, nixpkgs, flake-utils }:
+    flake-utils.lib.eachSystem [ "x86_64-linux" "aarch64-darwin" ] (system:
+      let pkgs = import nixpkgs { inherit system; }; in {
+        devShell = pkgs.mkShell { packages = with pkgs; [ dhall nodePackages.zx ]; };
+      }
+    );
+}

main.tf

@@ -1,12 +0,0 @@
-module "gitea" {
-  source = "./services/gitea"
-
-  gitea_secret_key = var.gitea_secret_key
-  gitea_internal_token = var.gitea_internal_token
-  gitea_lfs_jwt_secret = var.gitea_lfs_jwt_secret
-  gitea_oauth2_jwt_secret = var.gitea_oauth2_jwt_secret
-
-  providers = {
-    nomad = nomad
-  }
-}

misc/gitea.nomad

@@ -0,0 +1,97 @@
+job "gitea" {
+  region      = "global"
+  datacenters = ["dc1"]
+  type        = "service"
+
+  group "svc" {
+    count = 1
+    network {
+      port "http" { static = 3000 }
+      port "ssh_pass" { static = 2222 }
+      port "db" {}
+    }
+
+    volume "gitea-data" {
+      type      = "host"
+      source    = "gitea-data"
+      read_only = false
+    }
+
+    volume "gitea-db" {
+      type      = "host"
+      source    = "gitea-db"
+      read_only = false
+    }
+
+    restart {
+      attempts = 5
+      delay    = "30s"
+    }
+
+    task "app" {
+      driver = "docker"
+      volume_mount {
+        volume      = "gitea-data"
+        destination = "/data"
+        read_only   = false
+      }
+
+      config {
+        image = "codeberg.org/forgejo/forgejo:1.20.6-0"
+        ports = ["http", "ssh_pass"]
+      }
+
+      env = {
+        "APP_NAME"   = "Gitea: Git with a cup of tea"
+        "RUN_MODE"   = "prod"
+        "SSH_DOMAIN" = "git.example.com"
+        "SSH_PORT"   = "22"
+        "ROOT_URL"   = "http://git.example.com/"
+        "USER_UID"   = "1002"
+        "USER_GID"   = "1002"
+        "DB_TYPE"    = "postgres"
+        "DB_HOST"    = "${NOMAD_ADDR_db_db}"
+        "DB_NAME"    = "gitea"
+        "DB_USER"    = "gitea"
+        "DB_PASSWD"  = "gitea"
+      }
+
+      resources {
+        cpu    = 200
+        memory = 256
+      }
+
+      service {
+        name     = "gitea-gui"
+        port     = "http"
+        provider = "nomad"
+      }
+    }
+
+    task "db" {
+      driver = "docker"
+
+      volume_mount {
+        volume      = "gitea-db"
+        destination = "/var/lib/postgresql/data"
+        read_only   = false
+      }
+
+      config {
+        image = "postgres:10-alpine"
+        ports = ["db"]
+      }
+
+      env {
+        POSTGRES_USER     = "gitea"
+        POSTGRES_PASSWORD = "gitea"
+        POSTGRES_DB       = "gitea"
+      }
+
+      resources {
+        cpu    = 200
+        memory = 128
+      }
+    }
+  }
+}

providers.tf

@@ -1,4 +0,0 @@
-provider "nomad" {
-  address = "http://apps2.tail98468.ts.net:4646"
-  region  = "global"
-}

scripts/deploy.mjs

@@ -0,0 +1 @@
+#!/usr/bin/env zx

services/caddy/conf/caddy.nomad.hcl

@@ -1,5 +0,0 @@
-job "caddy" {
-  group "proxy" {
-
-  }
-}

services/caddy/job.tf

@@ -1,6 +0,0 @@
-resource "nomad_job" "app" {
-  jobspec = templatefile("${path.module}/conf/caddy.nomad.hcl", {
-    # caddyfile_internal = data.template_file.caddyfile-internal.rendered
-    caddyfile_public = data.template_file.caddyfile-public.rendered
-  })
-}

services/gitea/conf/app.ini.tpl

@@ -1,122 +0,0 @@
-; This file lists the default values used by Gitea
-; Sample file: https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini
-; Docs: https://docs.gitea.io/en-us/config-cheat-sheet/
-
-APP_NAME = Michael's Forge
-RUN_MODE = prod
-RUN_USER = git
-
-[repository]
-ROOT = /data/git/repositories
-
-[repository.local]
-LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
-
-[repository.upload]
-TEMP_PATH = /data/gitea/uploads
-
-[server]
-APP_DATA_PATH    = /data/gitea
-DOMAIN           = git2.mrkaran.dev
-SSH_DOMAIN       = koadings.mrkaran.dev
-HTTP_PORT        = 3000
-ROOT_URL         = https://git2.mrkaran.dev/
-DISABLE_SSH      = false
-SSH_PORT         = 4222
-SSH_LISTEN_PORT  = 22
-LFS_START_SERVER = true
-LFS_CONTENT_PATH = /data/git/lfs
-LFS_JWT_SECRET   = "${gitea_lfs_jwt_secret}"
-OFFLINE_MODE     = true
-LANDING_PAGE     = explore
-
-[ui]
-THEME_COLOR_META_TAG = "#6B46C1"
-
-[ui.meta]
-AUTHOR = Karan
-DESCRIPTION = Karan's self-hosted Gitea instance
-KEYWORDS = git, gitea, karan, git.mrkaran.dev, mrkaran
-
-[database]
-PATH     = /data/gitea/gitea.db
-DB_TYPE  = sqlite3
-HOST     = localhost:3306
-NAME     = gitea
-USER     = root
-PASSWD   = 
-SCHEMA   = 
-SSL_MODE = disable
-CHARSET  = utf8
-
-[indexer]
-ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
-
-[session]
-PROVIDER_CONFIG = /data/gitea/sessions
-PROVIDER        = file
-COOKIE_SECURE = true
-
-[picture]
-AVATAR_UPLOAD_PATH            = /data/gitea/avatars
-REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
-DISABLE_GRAVATAR              = false
-ENABLE_FEDERATED_AVATAR       = true
-
-[attachment]
-PATH = /data/gitea/attachments
-
-[log]
-ROOT_PATH = /data/gitea/log
-MODE      = file
-LEVEL     = info
-
-[security]
-INSTALL_LOCK   = true
-SECRET_KEY     = "${gitea_secret_key}"
-INTERNAL_TOKEN = "${gitea_internal_token}"
-
-[service]
-DISABLE_REGISTRATION              = true
-REQUIRE_SIGNIN_VIEW               = false
-REGISTER_EMAIL_CONFIRM            = false
-ENABLE_NOTIFY_MAIL                = false
-ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
-ENABLE_CAPTCHA                    = false
-DEFAULT_KEEP_EMAIL_PRIVATE        = false
-DEFAULT_ALLOW_CREATE_ORGANIZATION = true
-DEFAULT_ENABLE_TIMETRACKING       = true
-NO_REPLY_ADDRESS                  = noreply.localhost
-
-[oauth2]
-JWT_SECRET = "${gitea_oauth2_jwt_secret}"
-
-[mailer]
-ENABLED = false
-
-[openid]
-ENABLE_OPENID_SIGNIN = true
-ENABLE_OPENID_SIGNUP = true
-
-[metrics]
-ENABLED = true
-
-[cron]
-ENABLED = true
-RUN_AT_START = false
-
-[cron.archive_cleanup]
-RUN_AT_START = true
-SCHEDULE = @every 24h
-OLDER_THAN = 24h
-
-[cron.update_mirrors]
-SCHEDULE = @every 3h
-
-[cron.repo_health_check]
-SCHEDULE = @every 24h
-TIMEOUT = 60s
-
-[cron.check_repo_stats]
-RUN_AT_START = true
-SCHEDULE = @every 24h

services/gitea/conf/gitea.nomad.hcl

@@ -1,13 +0,0 @@
-job "gitea" {
-  group "app" {
-    network {
-      port "http" {
-        to = 3000
-      }
-    }
-
-    task "web" {
-      driver = "docker"
-    }
-  }
-}

services/gitea/data.tf

@@ -1,9 +0,0 @@
-data "template_file" "gitea-config" {
-  template = file("${path.module}/conf/app.ini.tpl")
-  vars = {
-    gitea_secret_key        = var.gitea_secret_key
-    gitea_internal_token    = var.gitea_internal_token
-    gitea_lfs_jwt_secret    = var.gitea_lfs_jwt_secret
-    gitea_oauth2_jwt_secret = var.gitea_oauth2_jwt_secret
-  }
-}

services/gitea/job.tf

@@ -1,5 +0,0 @@
-resource "nomad_job" "app" {
-  jobspec = templatefile("${path.module}/conf/gitea.nomad.hcl", {
-    gitea_config = data.template_file.gitea-config.rendered
-  })
-}

services/gitea/providers.tf

@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nomad = {
-      source = "hashicorp/nomad"
-    }
-  }
-}

services/gitea/variables.tf

@@ -1,11 +0,0 @@
-variable "gitea_secret_key" {
-}
-
-variable "gitea_internal_token" {
-}
-
-variable "gitea_lfs_jwt_secret" {
-}
-
-variable "gitea_oauth2_jwt_secret" {
-}

terraform.tfstate

@@ -1,94 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "1.2.9",
-  "serial": 3,
-  "lineage": "982c6c19-fa46-60f6-9bd4-6b6de2547c19",
-  "outputs": {},
-  "resources": [
-    {
-      "module": "module.gitea",
-      "mode": "data",
-      "type": "template_file",
-      "name": "gitea-config",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "44895969c3920c5743b8218f5e7657f7e3fd45d1ca58709c21c5c90116d2344c",
-            "rendered": "; This file lists the default values used by Gitea\n; Sample file: https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini\n; Docs: https://docs.gitea.io/en-us/config-cheat-sheet/\n\nAPP_NAME = Michael's Forge\nRUN_MODE = prod\nRUN_USER = git\n\n[repository]\nROOT = /data/git/repositories\n\n[repository.local]\nLOCAL_COPY_PATH = /data/gitea/tmp/local-repo\n\n[repository.upload]\nTEMP_PATH = /data/gitea/uploads\n\n[server]\nAPP_DATA_PATH    = /data/gitea\nDOMAIN           = git2.mrkaran.dev\nSSH_DOMAIN       = koadings.mrkaran.dev\nHTTP_PORT        = 3000\nROOT_URL         = https://git2.mrkaran.dev/\nDISABLE_SSH      = false\nSSH_PORT         = 4222\nSSH_LISTEN_PORT  = 22\nLFS_START_SERVER = true\nLFS_CONTENT_PATH = /data/git/lfs\nLFS_JWT_SECRET   = \"lG3Td9dp0FdJEh4uF5rM6E61bfprQ5nYR0GcEiqlVg0\"\nOFFLINE_MODE     = true\nLANDING_PAGE     = explore\n\n[ui]\nTHEME_COLOR_META_TAG = \"#6B46C1\"\n\n[ui.meta]\nAUTHOR = Karan\nDESCRIPTION = Karan's self-hosted Gitea instance\nKEYWORDS = git, gitea, karan, git.mrkaran.dev, mrkaran\n\n[database]\nPATH     = /data/gitea/gitea.db\nDB_TYPE  = sqlite3\nHOST     = localhost:3306\nNAME     = gitea\nUSER     = root\nPASSWD   = \nSCHEMA   = \nSSL_MODE = disable\nCHARSET  = utf8\n\n[indexer]\nISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve\n\n[session]\nPROVIDER_CONFIG = /data/gitea/sessions\nPROVIDER        = file\nCOOKIE_SECURE = true\n\n[picture]\nAVATAR_UPLOAD_PATH            = /data/gitea/avatars\nREPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars\nDISABLE_GRAVATAR              = false\nENABLE_FEDERATED_AVATAR       = true\n\n[attachment]\nPATH = /data/gitea/attachments\n\n[log]\nROOT_PATH = /data/gitea/log\nMODE      = file\nLEVEL     = info\n\n[security]\nINSTALL_LOCK   = true\nSECRET_KEY     = \"iQ6uuM31wWOwDlqxHmrwf5snlwMI9dPOZjKFHlWqwwft1Ha2Qf5zFOFobzg2J68d\"\nINTERNAL_TOKEN = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDA4NjI0NjJ9.uglR1_7UrSL_gaZaqvT_fWUGl3RBQnZlgxhBRwZtayo\"\n\n[service]\nDISABLE_REGISTRATION              = true\nREQUIRE_SIGNIN_VIEW               = false\nREGISTER_EMAIL_CONFIRM            = false\nENABLE_NOTIFY_MAIL                = false\nALLOW_ONLY_EXTERNAL_REGISTRATION  = false\nENABLE_CAPTCHA                    = false\nDEFAULT_KEEP_EMAIL_PRIVATE        = false\nDEFAULT_ALLOW_CREATE_ORGANIZATION = true\nDEFAULT_ENABLE_TIMETRACKING       = true\nNO_REPLY_ADDRESS                  = noreply.localhost\n\n[oauth2]\nJWT_SECRET = \"BkJmF4wMkkUmxI89jSmbbrHeBBqvDTSVfVISmK-UpYE\"\n\n[mailer]\nENABLED = false\n\n[openid]\nENABLE_OPENID_SIGNIN = true\nENABLE_OPENID_SIGNUP = true\n\n[metrics]\nENABLED = true\n\n[cron]\nENABLED = true\nRUN_AT_START = false\n\n[cron.archive_cleanup]\nRUN_AT_START = true\nSCHEDULE = @every 24h\nOLDER_THAN = 24h\n\n[cron.update_mirrors]\nSCHEDULE = @every 3h\n\n[cron.repo_health_check]\nSCHEDULE = @every 24h\nTIMEOUT = 60s\n\n[cron.check_repo_stats]\nRUN_AT_START = true\nSCHEDULE = @every 24h",
-            "template": "; This file lists the default values used by Gitea\n; Sample file: https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini\n; Docs: https://docs.gitea.io/en-us/config-cheat-sheet/\n\nAPP_NAME = Michael's Forge\nRUN_MODE = prod\nRUN_USER = git\n\n[repository]\nROOT = /data/git/repositories\n\n[repository.local]\nLOCAL_COPY_PATH = /data/gitea/tmp/local-repo\n\n[repository.upload]\nTEMP_PATH = /data/gitea/uploads\n\n[server]\nAPP_DATA_PATH    = /data/gitea\nDOMAIN           = git2.mrkaran.dev\nSSH_DOMAIN       = koadings.mrkaran.dev\nHTTP_PORT        = 3000\nROOT_URL         = https://git2.mrkaran.dev/\nDISABLE_SSH      = false\nSSH_PORT         = 4222\nSSH_LISTEN_PORT  = 22\nLFS_START_SERVER = true\nLFS_CONTENT_PATH = /data/git/lfs\nLFS_JWT_SECRET   = \"${gitea_lfs_jwt_secret}\"\nOFFLINE_MODE     = true\nLANDING_PAGE     = explore\n\n[ui]\nTHEME_COLOR_META_TAG = \"#6B46C1\"\n\n[ui.meta]\nAUTHOR = Karan\nDESCRIPTION = Karan's self-hosted Gitea instance\nKEYWORDS = git, gitea, karan, git.mrkaran.dev, mrkaran\n\n[database]\nPATH     = /data/gitea/gitea.db\nDB_TYPE  = sqlite3\nHOST     = localhost:3306\nNAME     = gitea\nUSER     = root\nPASSWD   = \nSCHEMA   = \nSSL_MODE = disable\nCHARSET  = utf8\n\n[indexer]\nISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve\n\n[session]\nPROVIDER_CONFIG = /data/gitea/sessions\nPROVIDER        = file\nCOOKIE_SECURE = true\n\n[picture]\nAVATAR_UPLOAD_PATH            = /data/gitea/avatars\nREPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars\nDISABLE_GRAVATAR              = false\nENABLE_FEDERATED_AVATAR       = true\n\n[attachment]\nPATH = /data/gitea/attachments\n\n[log]\nROOT_PATH = /data/gitea/log\nMODE      = file\nLEVEL     = info\n\n[security]\nINSTALL_LOCK   = true\nSECRET_KEY     = \"${gitea_secret_key}\"\nINTERNAL_TOKEN = \"${gitea_internal_token}\"\n\n[service]\nDISABLE_REGISTRATION              = true\nREQUIRE_SIGNIN_VIEW               = false\nREGISTER_EMAIL_CONFIRM            = false\nENABLE_NOTIFY_MAIL                = false\nALLOW_ONLY_EXTERNAL_REGISTRATION  = false\nENABLE_CAPTCHA                    = false\nDEFAULT_KEEP_EMAIL_PRIVATE        = false\nDEFAULT_ALLOW_CREATE_ORGANIZATION = true\nDEFAULT_ENABLE_TIMETRACKING       = true\nNO_REPLY_ADDRESS                  = noreply.localhost\n\n[oauth2]\nJWT_SECRET = \"${gitea_oauth2_jwt_secret}\"\n\n[mailer]\nENABLED = false\n\n[openid]\nENABLE_OPENID_SIGNIN = true\nENABLE_OPENID_SIGNUP = true\n\n[metrics]\nENABLED = true\n\n[cron]\nENABLED = true\nRUN_AT_START = false\n\n[cron.archive_cleanup]\nRUN_AT_START = true\nSCHEDULE = @every 24h\nOLDER_THAN = 24h\n\n[cron.update_mirrors]\nSCHEDULE = @every 3h\n\n[cron.repo_health_check]\nSCHEDULE = @every 24h\nTIMEOUT = 60s\n\n[cron.check_repo_stats]\nRUN_AT_START = true\nSCHEDULE = @every 24h",
-            "vars": {
-              "gitea_internal_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDA4NjI0NjJ9.uglR1_7UrSL_gaZaqvT_fWUGl3RBQnZlgxhBRwZtayo",
-              "gitea_lfs_jwt_secret": "lG3Td9dp0FdJEh4uF5rM6E61bfprQ5nYR0GcEiqlVg0",
-              "gitea_oauth2_jwt_secret": "BkJmF4wMkkUmxI89jSmbbrHeBBqvDTSVfVISmK-UpYE",
-              "gitea_secret_key": "iQ6uuM31wWOwDlqxHmrwf5snlwMI9dPOZjKFHlWqwwft1Ha2Qf5zFOFobzg2J68d"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.gitea",
-      "mode": "managed",
-      "type": "nomad_job",
-      "name": "app",
-      "provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "allocation_ids": [],
-            "consul_token": null,
-            "datacenters": [
-              "*"
-            ],
-            "deployment_id": null,
-            "deployment_status": null,
-            "deregister_on_destroy": true,
-            "deregister_on_id_change": true,
-            "detach": true,
-            "hcl1": false,
-            "hcl2": [],
-            "id": "gitea",
-            "jobspec": "job \"gitea\" {\n  group \"app\" {\n    network {\n      port \"http\" {\n        to = 3000\n      }\n    }\n\n    task \"web\" {\n      driver = \"docker\"\n    }\n  }\n}\n",
-            "json": null,
-            "modify_index": "1278",
-            "name": "gitea",
-            "namespace": "default",
-            "policy_override": null,
-            "purge_on_destroy": null,
-            "read_allocation_ids": false,
-            "region": "global",
-            "task_groups": [
-              {
-                "count": 1,
-                "meta": {},
-                "name": "app",
-                "task": [
-                  {
-                    "driver": "docker",
-                    "meta": {},
-                    "name": "web",
-                    "volume_mounts": null
-                  }
-                ],
-                "volumes": null
-              }
-            ],
-            "timeouts": null,
-            "type": "service",
-            "vault_token": null
-          },
-          "sensitive_attributes": [],
-          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0=",
-          "dependencies": [
-            "module.gitea.data.template_file.gitea-config"
-          ]
-        }
-      ]
-    }
-  ]
-}

terraform.tfstate.backup

@@ -1,34 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "1.2.9",
-  "serial": 1,
-  "lineage": "982c6c19-fa46-60f6-9bd4-6b6de2547c19",
-  "outputs": {},
-  "resources": [
-    {
-      "module": "module.gitea",
-      "mode": "data",
-      "type": "template_file",
-      "name": "gitea-config",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "44895969c3920c5743b8218f5e7657f7e3fd45d1ca58709c21c5c90116d2344c",
-            "rendered": "; This file lists the default values used by Gitea\n; Sample file: https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini\n; Docs: https://docs.gitea.io/en-us/config-cheat-sheet/\n\nAPP_NAME = Michael's Forge\nRUN_MODE = prod\nRUN_USER = git\n\n[repository]\nROOT = /data/git/repositories\n\n[repository.local]\nLOCAL_COPY_PATH = /data/gitea/tmp/local-repo\n\n[repository.upload]\nTEMP_PATH = /data/gitea/uploads\n\n[server]\nAPP_DATA_PATH    = /data/gitea\nDOMAIN           = git2.mrkaran.dev\nSSH_DOMAIN       = koadings.mrkaran.dev\nHTTP_PORT        = 3000\nROOT_URL         = https://git2.mrkaran.dev/\nDISABLE_SSH      = false\nSSH_PORT         = 4222\nSSH_LISTEN_PORT  = 22\nLFS_START_SERVER = true\nLFS_CONTENT_PATH = /data/git/lfs\nLFS_JWT_SECRET   = \"lG3Td9dp0FdJEh4uF5rM6E61bfprQ5nYR0GcEiqlVg0\"\nOFFLINE_MODE     = true\nLANDING_PAGE     = explore\n\n[ui]\nTHEME_COLOR_META_TAG = \"#6B46C1\"\n\n[ui.meta]\nAUTHOR = Karan\nDESCRIPTION = Karan's self-hosted Gitea instance\nKEYWORDS = git, gitea, karan, git.mrkaran.dev, mrkaran\n\n[database]\nPATH     = /data/gitea/gitea.db\nDB_TYPE  = sqlite3\nHOST     = localhost:3306\nNAME     = gitea\nUSER     = root\nPASSWD   = \nSCHEMA   = \nSSL_MODE = disable\nCHARSET  = utf8\n\n[indexer]\nISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve\n\n[session]\nPROVIDER_CONFIG = /data/gitea/sessions\nPROVIDER        = file\nCOOKIE_SECURE = true\n\n[picture]\nAVATAR_UPLOAD_PATH            = /data/gitea/avatars\nREPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars\nDISABLE_GRAVATAR              = false\nENABLE_FEDERATED_AVATAR       = true\n\n[attachment]\nPATH = /data/gitea/attachments\n\n[log]\nROOT_PATH = /data/gitea/log\nMODE      = file\nLEVEL     = info\n\n[security]\nINSTALL_LOCK   = true\nSECRET_KEY     = \"iQ6uuM31wWOwDlqxHmrwf5snlwMI9dPOZjKFHlWqwwft1Ha2Qf5zFOFobzg2J68d\"\nINTERNAL_TOKEN = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDA4NjI0NjJ9.uglR1_7UrSL_gaZaqvT_fWUGl3RBQnZlgxhBRwZtayo\"\n\n[service]\nDISABLE_REGISTRATION              = true\nREQUIRE_SIGNIN_VIEW               = false\nREGISTER_EMAIL_CONFIRM            = false\nENABLE_NOTIFY_MAIL                = false\nALLOW_ONLY_EXTERNAL_REGISTRATION  = false\nENABLE_CAPTCHA                    = false\nDEFAULT_KEEP_EMAIL_PRIVATE        = false\nDEFAULT_ALLOW_CREATE_ORGANIZATION = true\nDEFAULT_ENABLE_TIMETRACKING       = true\nNO_REPLY_ADDRESS                  = noreply.localhost\n\n[oauth2]\nJWT_SECRET = \"BkJmF4wMkkUmxI89jSmbbrHeBBqvDTSVfVISmK-UpYE\"\n\n[mailer]\nENABLED = false\n\n[openid]\nENABLE_OPENID_SIGNIN = true\nENABLE_OPENID_SIGNUP = true\n\n[metrics]\nENABLED = true\n\n[cron]\nENABLED = true\nRUN_AT_START = false\n\n[cron.archive_cleanup]\nRUN_AT_START = true\nSCHEDULE = @every 24h\nOLDER_THAN = 24h\n\n[cron.update_mirrors]\nSCHEDULE = @every 3h\n\n[cron.repo_health_check]\nSCHEDULE = @every 24h\nTIMEOUT = 60s\n\n[cron.check_repo_stats]\nRUN_AT_START = true\nSCHEDULE = @every 24h",
-            "template": "; This file lists the default values used by Gitea\n; Sample file: https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini\n; Docs: https://docs.gitea.io/en-us/config-cheat-sheet/\n\nAPP_NAME = Michael's Forge\nRUN_MODE = prod\nRUN_USER = git\n\n[repository]\nROOT = /data/git/repositories\n\n[repository.local]\nLOCAL_COPY_PATH = /data/gitea/tmp/local-repo\n\n[repository.upload]\nTEMP_PATH = /data/gitea/uploads\n\n[server]\nAPP_DATA_PATH    = /data/gitea\nDOMAIN           = git2.mrkaran.dev\nSSH_DOMAIN       = koadings.mrkaran.dev\nHTTP_PORT        = 3000\nROOT_URL         = https://git2.mrkaran.dev/\nDISABLE_SSH      = false\nSSH_PORT         = 4222\nSSH_LISTEN_PORT  = 22\nLFS_START_SERVER = true\nLFS_CONTENT_PATH = /data/git/lfs\nLFS_JWT_SECRET   = \"${gitea_lfs_jwt_secret}\"\nOFFLINE_MODE     = true\nLANDING_PAGE     = explore\n\n[ui]\nTHEME_COLOR_META_TAG = \"#6B46C1\"\n\n[ui.meta]\nAUTHOR = Karan\nDESCRIPTION = Karan's self-hosted Gitea instance\nKEYWORDS = git, gitea, karan, git.mrkaran.dev, mrkaran\n\n[database]\nPATH     = /data/gitea/gitea.db\nDB_TYPE  = sqlite3\nHOST     = localhost:3306\nNAME     = gitea\nUSER     = root\nPASSWD   = \nSCHEMA   = \nSSL_MODE = disable\nCHARSET  = utf8\n\n[indexer]\nISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve\n\n[session]\nPROVIDER_CONFIG = /data/gitea/sessions\nPROVIDER        = file\nCOOKIE_SECURE = true\n\n[picture]\nAVATAR_UPLOAD_PATH            = /data/gitea/avatars\nREPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars\nDISABLE_GRAVATAR              = false\nENABLE_FEDERATED_AVATAR       = true\n\n[attachment]\nPATH = /data/gitea/attachments\n\n[log]\nROOT_PATH = /data/gitea/log\nMODE      = file\nLEVEL     = info\n\n[security]\nINSTALL_LOCK   = true\nSECRET_KEY     = \"${gitea_secret_key}\"\nINTERNAL_TOKEN = \"${gitea_internal_token}\"\n\n[service]\nDISABLE_REGISTRATION              = true\nREQUIRE_SIGNIN_VIEW               = false\nREGISTER_EMAIL_CONFIRM            = false\nENABLE_NOTIFY_MAIL                = false\nALLOW_ONLY_EXTERNAL_REGISTRATION  = false\nENABLE_CAPTCHA                    = false\nDEFAULT_KEEP_EMAIL_PRIVATE        = false\nDEFAULT_ALLOW_CREATE_ORGANIZATION = true\nDEFAULT_ENABLE_TIMETRACKING       = true\nNO_REPLY_ADDRESS                  = noreply.localhost\n\n[oauth2]\nJWT_SECRET = \"${gitea_oauth2_jwt_secret}\"\n\n[mailer]\nENABLED = false\n\n[openid]\nENABLE_OPENID_SIGNIN = true\nENABLE_OPENID_SIGNUP = true\n\n[metrics]\nENABLED = true\n\n[cron]\nENABLED = true\nRUN_AT_START = false\n\n[cron.archive_cleanup]\nRUN_AT_START = true\nSCHEDULE = @every 24h\nOLDER_THAN = 24h\n\n[cron.update_mirrors]\nSCHEDULE = @every 3h\n\n[cron.repo_health_check]\nSCHEDULE = @every 24h\nTIMEOUT = 60s\n\n[cron.check_repo_stats]\nRUN_AT_START = true\nSCHEDULE = @every 24h",
-            "vars": {
-              "gitea_internal_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDA4NjI0NjJ9.uglR1_7UrSL_gaZaqvT_fWUGl3RBQnZlgxhBRwZtayo",
-              "gitea_lfs_jwt_secret": "lG3Td9dp0FdJEh4uF5rM6E61bfprQ5nYR0GcEiqlVg0",
-              "gitea_oauth2_jwt_secret": "BkJmF4wMkkUmxI89jSmbbrHeBBqvDTSVfVISmK-UpYE",
-              "gitea_secret_key": "iQ6uuM31wWOwDlqxHmrwf5snlwMI9dPOZjKFHlWqwwft1Ha2Qf5zFOFobzg2J68d"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    }
-  ]
-}

variables.tf

@@ -1,13 +0,0 @@
-# Gitea
-
-variable "gitea_secret_key" {
-}
-
-variable "gitea_internal_token" {
-}
-
-variable "gitea_lfs_jwt_secret" {
-}
-
-variable "gitea_oauth2_jwt_secret" {
-}