??
This commit is contained in:
5
ops/cookbooks/app/recipes/default.rb
Normal file
5
ops/cookbooks/app/recipes/default.rb
Normal file
@ -0,0 +1,5 @@
|
||||
#
|
||||
# Cookbook:: hosting
|
||||
# Recipe:: default
|
||||
#
|
||||
# Copyright:: 2019, The Authors, All Rights Reserved.
|
46
ops/cookbooks/app/recipes/gitea.rb
Normal file
46
ops/cookbooks/app/recipes/gitea.rb
Normal file
@ -0,0 +1,46 @@
|
||||
remote_file '/opt/theta42/bin/gitea' do
|
||||
source 'https://github.com/go-gitea/gitea/releases/download/v1.8.1/gitea-1.8.1-linux-amd64'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
template '/opt/theta42/gitea/conf/app.ini' do
|
||||
source 'app.ini.erb'
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
end
|
||||
|
||||
systemd_unit 'gitea.service' do
|
||||
content <<-EOU.gsub(/^\s+/, '')
|
||||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
After=postgresql.service
|
||||
|
||||
|
||||
[Service]
|
||||
# Modify these two values and uncomment them if you have
|
||||
# repos with lots of files and get an HTTP error 500 because
|
||||
# of that
|
||||
###
|
||||
#LimitMEMLOCK=infinity
|
||||
#LimitNOFILE=65535
|
||||
RestartSec=10s
|
||||
Type=simple
|
||||
User=gitea
|
||||
Group=gitea
|
||||
WorkingDirectory=/opt/theta42/gitea
|
||||
ExecStart=/opt/theta42/bin/gitea web --config /opt/theta42/gitea/conf/app.ini
|
||||
Restart=always
|
||||
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/opt/theta42/gitea GITEA_CUSTOM=/opt/theta42/gitea/custom
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
|
||||
EOU
|
||||
|
||||
action [:create, :enable, :start]
|
||||
end
|
48
ops/cookbooks/app/recipes/mkdir.rb
Normal file
48
ops/cookbooks/app/recipes/mkdir.rb
Normal file
@ -0,0 +1,48 @@
|
||||
directory '/opt/theta42' do
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/opt/theta42/bin' do
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/home/gitea' do
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/opt/theta42/gitea' do
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/opt/theta42/gitea/conf' do
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/opt/theta42/gitea/data' do
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/opt/theta42/gitea/custom' do
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
62
ops/cookbooks/app/recipes/nginx.rb
Normal file
62
ops/cookbooks/app/recipes/nginx.rb
Normal file
@ -0,0 +1,62 @@
|
||||
# apt_repository 'open resty repo' do
|
||||
# uri 'http://openresty.org/package/ubuntu'
|
||||
# key 'https://openresty.org/package/pubkey.gpg'
|
||||
# components ['main']
|
||||
# end
|
||||
|
||||
apt_package 'software-properties-common'
|
||||
|
||||
execute 'add key' do
|
||||
command 'wget -qO - https://openresty.org/package/pubkey.gpg | sudo apt-key add -'
|
||||
end
|
||||
|
||||
execute 'add repo' do
|
||||
command 'add-apt-repository -y "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main"; apt update'
|
||||
end
|
||||
|
||||
apt_package 'openresty'
|
||||
|
||||
apt_package 'luarocks'
|
||||
|
||||
execute 'install lua-resty-auto-ssl' do
|
||||
command 'luarocks install lua-resty-auto-ssl'
|
||||
end
|
||||
|
||||
directory '/etc/ssl' do
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
execute 'defualt ssl' do
|
||||
command "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj '/CN=sni-support-required-for-valid-ssl' -keyout /etc/ssl/resty-auto-ssl-fallback.key -out /etc/ssl/resty-auto-ssl-fallback.crt"
|
||||
end
|
||||
|
||||
execute 'defualt ssl' do
|
||||
command "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj '/CN=sni-support-required-for-valid-ssl' -keyout /etc/ssl/resty-auto-ssl-fallback.key -out /etc/ssl/resty-auto-ssl-fallback.crt"
|
||||
end
|
||||
|
||||
template '/etc/openresty/nginx.conf' do
|
||||
source 'nginx.conf.erb'
|
||||
end
|
||||
|
||||
template '/etc/openresty/autossl.conf' do
|
||||
source 'autossl.conf.erb'
|
||||
end
|
||||
|
||||
directory '/etc/openresty/sites-enabled' do
|
||||
mode '0755'
|
||||
action :create
|
||||
end
|
||||
|
||||
directory '/var/log/nginx/' do
|
||||
mode '0775'
|
||||
action :create
|
||||
end
|
||||
|
||||
template '/etc/openresty/sites-enabled/host.conf' do
|
||||
source 'host.conf.erb'
|
||||
end
|
||||
|
||||
systemd_unit 'openresty' do
|
||||
action :reload
|
||||
end
|
53
ops/cookbooks/app/recipes/postgress.rb
Normal file
53
ops/cookbooks/app/recipes/postgress.rb
Normal file
@ -0,0 +1,53 @@
|
||||
postgresql_server_install 'My PostgreSQL Server install' do
|
||||
initdb_locale 'en_US.utf8'
|
||||
action :install
|
||||
end
|
||||
|
||||
postgresql_server_install 'Setup my PostgreSQL 9.6 server' do
|
||||
initdb_locale 'en_US.utf8'
|
||||
action :create
|
||||
end
|
||||
|
||||
postgresql_access 'local_postgres_superuser' do
|
||||
comment 'Local postgres superuser access'
|
||||
access_type 'local'
|
||||
access_db 'all'
|
||||
access_user 'postgres'
|
||||
access_addr nil
|
||||
access_method 'ident'
|
||||
end
|
||||
|
||||
postgresql_user 'gitea' do
|
||||
password node['db-password']
|
||||
# createrole true
|
||||
end
|
||||
|
||||
# Hack for creating a database, this cook book is broken with debian...
|
||||
|
||||
execute 'add database' do
|
||||
command 'createdb gitea'
|
||||
user 'postgres'
|
||||
not_if 'psql -lqt | cut -d \| -f 1 | grep -qw gitea', :user => 'postgres'
|
||||
end
|
||||
|
||||
execute 'Grant gitea user' do
|
||||
command 'echo "grant all privileges on database gitea to gitea ;" | psql'
|
||||
user 'postgres'
|
||||
end
|
||||
|
||||
template '/home/gitea/dump.sql' do
|
||||
source 'gitea_postgres.sql.erb'
|
||||
owner 'gitea'
|
||||
group 'gitea'
|
||||
mode '0755'
|
||||
end
|
||||
|
||||
execute 'base DB' do
|
||||
command 'psql gitea < /home/gitea/dump.sql'
|
||||
user 'postgres'
|
||||
end
|
||||
|
||||
# postgresql_database 'gitea' do
|
||||
# locale 'en_US.utf8'
|
||||
# owner 'gitea'
|
||||
# end
|
10
ops/cookbooks/app/recipes/user.rb
Normal file
10
ops/cookbooks/app/recipes/user.rb
Normal file
@ -0,0 +1,10 @@
|
||||
user 'gitea system user' do
|
||||
comment 'gitea system user'
|
||||
username 'gitea'
|
||||
home '/home/gitea'
|
||||
shell '/bin/bash'
|
||||
end
|
||||
|
||||
group 'gitea' do
|
||||
members 'gitea'
|
||||
end
|
Reference in New Issue
Block a user