--- hiera_include: - profiles::sql::postgresdb - profiles::nginx::simpleproxy - profiles::gitea::user - gitea # additional altnames profiles::pki::vault::alt_names: - git.unkin.net - git.main.unkin.net - git.service.consul - git.query.consul - "git.service.%{facts.country}-%{facts.region}.consul" profiles::ssh::sign::principals: - git.unkin.net - git.main.unkin.net - git.service.consul - git.query.consul consul::services: git: service_name: 'git' address: "%{facts.networking.ip}" port: 443 checks: - id: 'gitea_https_check' name: 'Gitea HTTPS Check' http: "https://%{facts.networking.fqdn}:443" method: 'GET' tls_skip_verify: true interval: '10s' timeout: '1s' gitea-metrics: service_name: 'gitea-metrics' address: "%{facts.networking.ip}" port: 3000 tags: - metrics checks: - id: 'gitea_metrics_http_check' name: 'Gitea Metrics HTTP Check' http: "http://%{facts.networking.fqdn}:3000/metrics" method: 'GET' tls_skip_verify: true interval: '10s' timeout: '1s' profiles::consul::client::node_rules: - resource: service segment: git disposition: write - resource: service segment: gitea-metrics disposition: write # manage the gitea user profiles::gitea::user::manage: true # manage a simple nginx reverse proxy profiles::nginx::simpleproxy::nginx_vhost: 'git.query.consul' profiles::nginx::simpleproxy::nginx_aliases: - git.unkin.net - git.main.unkin.net - git.service.consul - git.query.consul - "git.service.%{facts.country}-%{facts.region}.consul" profiles::nginx::simpleproxy::proxy_port: 3000 profiles::nginx::simpleproxy::proxy_path: '/' nginx::client_max_body_size: 1024M profiles::sql::postgresdb::cluster_name: "patroni-shared-%{facts.environment}" profiles::sql::postgresdb::dbname: gitea profiles::sql::postgresdb::dbuser: gitea gitea::ensure: '1.22.4' gitea::checksum: 'd549104f55067e6fb156e7ba060c9af488f36e12d5e747db7563fcc99eaf8532' gitea::manage_user: false gitea::manage_group: false gitea::manage_home: false gitea::custom_configuration: '': APP_NAME: 'Gitea' RUN_USER: 'git' RUN_MODE: 'prod' repository: ROOT: '/shared/apps/gitea/repos' FORCE_PRIVATE: false MAX_CREATION_LIMIT: -1 DISABLE_HTTP_GIT: false DEFAULT_BRANCH: 'main' DEFAULT_PRIVATE: 'last' ui: SHOW_USER_EMAIL: false server: PROTOCOL: 'http' DOMAIN: 'git.unkin.net' ROOT_URL: 'https://git.query.consul' HTTP_ADDR: '0.0.0.0' HTTP_PORT: 3000 START_SSH_SERVER: false SSH_DOMAIN: 'git.query.consul' SSH_PORT: 2222 SSH_LISTEN_HOST: '0.0.0.0' OFFLINE_MODE: true APP_DATA_PATH: '/shared/apps/gitea' SSH_LISTEN_PORT: 22 LFS_START_SERVER: true database: DB_TYPE: 'postgres' HOST: "master.%{hiera('profiles::sql::postgresdb::cluster_name')}.service.%{facts.country}-%{facts.region}.consul:5432" NAME: "%{hiera('profiles::sql::postgresdb::dbname')}" USER: "%{hiera('profiles::sql::postgresdb::dbuser')}" PASSWD: "%{hiera('profiles::sql::postgresdb::dbpass')}" SSL_MODE: 'disable' LOG_SQL: false lfs: PATH: '/shared/apps/gitea/lfs' session: PROVIDER: db metrics: ENABLED: true ENABLED_ISSUE_BY_REPOSITORY: true ENABLED_ISSUE_BY_LABEL: true queue: TYPE: redis CONN_STR: "redis+sentinel://gitea-redis-replica-prod.service.consul:26379/0?master_name=au-syd1&password=%{hiera('gitea_redis_pass')}&sentinel_password=%{hiera('gitea_redis_pass')}" cache: ADAPTER: redis HOST: "redis+sentinel://gitea-redis-replica-prod.service.consul:26379/1?master_name=au-syd1&password=%{hiera('gitea_redis_pass')}&sentinel_password=%{hiera('gitea_redis_pass')}" indexer: ISSUE_INDEXER_TYPE: db