infrastructure/ansible-gitea-management
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add httpd and other fun stuff

Browse Source
This commit is contained in:
nazunalika 2022-06-03 19:33:48 -07:00
parent 10e220d550
commit 2d6d4a125c
Signed by: label
GPG Key ID: 6735C0E1BD65D048
4 changed files with 73 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
handlers/main.yml
View File

@ -4,4 +4,14 @@
service: service:
name: gitea name: gitea
state: restarted state: restarted
- name: restart_httpd
service:
name: httpd
state: restarted
- name: restart_nginx
service:
name: nginx
state: restarted
... ...

30
tasks/gitea/install.yml
View File

@ -30,6 +30,36 @@
# - gitea_web_install == "caddy" # - gitea_web_install == "caddy"
# - gitea_web_config|bool # - gitea_web_config|bool
- name: "Install httpd"
dnf:
name: httpd
state: present
when:
- gitea_web_install == "httpd"
- gitea_web_config|bool
- name: "Start and enable httpd"
ansible.builtin.systemd:
name: httpd.service
enabled: true
state: started
when:
- gitea_web_install == "httpd"
- gitea_web_config|bool
- name: "Deploy httpd"
ansible.builtin.template:
src: etc/httpd/conf.d/gitea.conf.j2
dest: /etc/httpd/conf.d/gitea.conf
owner: root
group: root
mode: '0644'
when:
- gitea_web_install == "httpd"
- gitea_web_config|bool
notify:
- restart_httpd
# Setup CSS Themes # Setup CSS Themes
- name: - name:
ansible.builtin.file: ansible.builtin.file:

30
templates/etc/httpd/conf.d/gitea.conf.j2 Normal file
View File

@ -0,0 +1,30 @@
<VirtualHost *:80>
ServerName {{ gitea_basename }}
ServerAlias {{ gitea_basename }}
ProxyPreserveHost On
ProxyRequests Off
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:3000/ nocanon
ProxyPassReverse / http://localhost:3000/ nocanon
ServerAdmin {{ gitea_server_admin }}
</VirtualHost>
<VirtualHost *:443>
Protocols h2 http/1.1
SSLEngine On
ServerName {{ gitea_basename }}
ServerAlias {{ gitea_basename }}
ProxyPreserveHost On
ProxyRequests Off
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:3000/ nocanon
ProxyPassReverse / http://localhost:3000/ nocanon
SSLEngine on
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
SSLCertificateFile /etc/pki/tls/certs/{{ gitea_basename }}.crt
SSLCertificateKeyFile /etc/pki/tls/private/{{ gitea_basename }}.key
ServerAdmin {{ gitea_server_admin }}
</VirtualHost>

3
vars/common.yml
View File

@ -7,6 +7,9 @@ gitea_web_config_certs_external: "false"
gitea_themes: "auto,gitea,arc-green,gitea-blue,gitea-modern,carbonred,darkred,pitchblack" gitea_themes: "auto,gitea,arc-green,gitea-blue,gitea-modern,carbonred,darkred,pitchblack"
gitea_basename: "git.resf.org" gitea_basename: "git.resf.org"
gitea_automation_user: "rockyautomation" gitea_automation_user: "rockyautomation"
gitea_raise_memlock_nofile_limits: "true"
gitea_net_cap: "true"
gitea_server_admin: "infrastructure@rockylinux.org"
# Certs issued by FreeIPA Only # Certs issued by FreeIPA Only
ipa_getcert_requested_hostnames: ipa_getcert_requested_hostnames: