--- # additional altnames profiles::pki::vault::alt_names: - git.main.unkin.net - git.service.consul - git.query.consul - "git.service.%{facts.country}-%{facts.region}.consul" profiles::ssh::sign::principals: - git.main.unkin.net - git.service.consul - git.query.consul consul::services: git: service_name: 'git' tags: - 'git' - 'gitea' address: "%{facts.networking.ip}" port: 443 checks: - id: 'gitea_https_check' name: 'Gitea HTTPS Check' http: "https://%{facts.networking.fqdn}:443" method: 'GET' tls_skip_verify: true interval: '10s' timeout: '1s' profiles::consul::client::node_rules: - resource: service segment: git disposition: write # manage a simple nginx reverse proxy profiles::nginx::simpleproxy::nginx_vhost: 'git.query.consul' profiles::nginx::simpleproxy::nginx_aliases: - git.main.unkin.net - git.service.consul - git.query.consul - "git.service.%{facts.country}-%{facts.region}.consul" profiles::nginx::simpleproxy::proxy_port: 3000 profiles::nginx::simpleproxy::proxy_path: '/' nginx::client_max_body_size: 1024M profiles::gitea::init::root: APP_NAME: 'Gitea' RUN_USER: 'git' RUN_MODE: 'prod' profiles::gitea::init::repository: ROOT: '/data/gitea/repos' FORCE_PRIVATE: false MAX_CREATION_LIMIT: -1 DISABLE_HTTP_GIT: false DEFAULT_BRANCH: 'main' DEFAULT_PRIVATE: 'last' profiles::gitea::init::ui: SHOW_USER_EMAIL: false profiles::gitea::init::server: PROTOCOL: 'http' DOMAIN: 'git.query.consul' ROOT_URL: 'https://git.query.consul' HTTP_ADDR: '0.0.0.0' HTTP_PORT: 3000 START_SSH_SERVER: false SSH_DOMAIN: 'git.query.consul' SSH_PORT: 2222 SSH_LISTEN_HOST: '0.0.0.0' OFFLINE_MODE: true APP_DATA_PATH: '/data/gitea' SSH_LISTEN_PORT: 22 LFS_START_SERVER: true profiles::gitea::init::database: DB_TYPE: 'mysql' HOST: 'mariadb-prod.service.au-syd1.consul:3306' NAME: 'gitea' USER: 'gitea' PASSWD: "%{hiera('profiles::gitea::mysql_pass')}" SSL_MODE: 'disable' LOG_SQL: false profiles::gitea::init::lfs: PATH: '/data/gitea/lfs' profiles::gitea::init::session: PROVIDER: db