feat: enable external access to gitea (#344)

- add git.unkin.net to certbot
- export haproxy resources for gitea
- add be_gitea to haproxy, import the certbot cert
- update the ROOT_URL for gitea instances

Reviewed-on: #344
This commit was merged in pull request #344.
This commit is contained in:
2025-07-06 13:47:56 +10:00
parent 372d99893a
commit 0063f68bc6
4 changed files with 53 additions and 2 deletions
+8 -2
View File
@@ -3,6 +3,7 @@ hiera_include:
- profiles::sql::postgresdb
- profiles::nginx::simpleproxy
- profiles::gitea::user
- profiles::gitea::haproxy
- gitea
# additional altnames
@@ -70,10 +71,15 @@ profiles::nginx::simpleproxy::proxy_port: 3000
profiles::nginx::simpleproxy::proxy_path: '/'
nginx::client_max_body_size: 1024M
# enable external access via haproxy
profiles::gitea::haproxy::enable: true
# manage a pgsql database + user
profiles::sql::postgresdb::cluster_name: "patroni-shared-%{facts.environment}"
profiles::sql::postgresdb::dbname: gitea
profiles::sql::postgresdb::dbuser: gitea
# deploy gitea
gitea::ensure: '1.22.4'
gitea::checksum: 'd549104f55067e6fb156e7ba060c9af488f36e12d5e747db7563fcc99eaf8532'
gitea::manage_user: false
@@ -96,11 +102,11 @@ gitea::custom_configuration:
server:
PROTOCOL: 'http'
DOMAIN: 'git.unkin.net'
ROOT_URL: 'https://git.query.consul'
ROOT_URL: 'https://git.unkin.net'
HTTP_ADDR: '0.0.0.0'
HTTP_PORT: 3000
START_SSH_SERVER: false
SSH_DOMAIN: 'git.query.consul'
SSH_DOMAIN: 'git.unkin.net'
SSH_PORT: 2222
SSH_LISTEN_HOST: '0.0.0.0'
OFFLINE_MODE: true
+1
View File
@@ -13,3 +13,4 @@ certbot::domains:
- prowlarr.main.unkin.net
- nzbget.main.unkin.net
- fafflix.unkin.net
- git.unkin.net