From aa9810d0a8b06fef0a86ff5aa4ed900ca847fd6b Mon Sep 17 00:00:00 2001 From: Max Date: Wed, 12 Feb 2025 15:50:49 -0500 Subject: [PATCH] feat: abstracted all domain instances away to the configuration files --- Taskfile.yml | 14 +++++++++----- gitea/Dockerfile | 1 + gitea/Dockerfile.dev | 1 - gitea/config/app.ini | 22 ++++------------------ gitea/config/dev.app.ini | 6 ------ playbooks/deploy.yml | 4 ++++ terraform/network.tf | 3 --- terraform/output.tf | 6 ++++++ terraform/routing.tf | 4 ++-- terraform/variables.tf | 10 ++++++++++ 10 files changed, 36 insertions(+), 35 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index 095e95c..5a84d35 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -1,5 +1,10 @@ version: 3 -silent: true +# silent: true + +vars: + DOMAIN: { sh: jq -r .domain < config/variables.secret.tf.json } + SUB_DOMAIN: { sh: jq -r .subdomain < config/variables.secret.tf.json } + FULL_DOMAIN: '{{.SUB_DOMAIN}}.{{.DOMAIN}}' includes: tf: { taskfile: terraform, dir: terraform } @@ -26,9 +31,8 @@ tasks: push: dir: gitea vars: - TAG: git.maximhutz.com/web/git/gitea:latest + TAG: '{{.FULL_DOMAIN}}/web/gitea:latest' cmds: - - docker login git.maximhutz.com -u max + - docker login '{{.FULL_DOMAIN}}' -u max - defer: docker logout - - docker build . -t {{.TAG}} -f Dockerfile --platform linux/amd64,linux/arm64 - - docker push {{.TAG}} + - docker buildx build -t {{.TAG}} -f Dockerfile --platform linux/amd64,linux/arm64 --push --provenance=false . diff --git a/gitea/Dockerfile b/gitea/Dockerfile index 8682c7c..17a78c1 100644 --- a/gitea/Dockerfile +++ b/gitea/Dockerfile @@ -2,4 +2,5 @@ FROM gitea/gitea:latest-rootless ADD --chown=git:git config /etc/gitea ADD --chown=git:git custom /etc/gitea-custom + ENV GITEA_CUSTOM=/etc/gitea-custom diff --git a/gitea/Dockerfile.dev b/gitea/Dockerfile.dev index 68851aa..1a43e50 100644 --- a/gitea/Dockerfile.dev +++ b/gitea/Dockerfile.dev @@ -2,7 +2,6 @@ FROM gitea/gitea:latest-rootless ADD --chown=git:git config /etc/gitea ADD --chown=git:git custom /etc/gitea-custom -ENV GITEA_CUSTOM=/etc/gitea-custom RUN rm /etc/gitea/app.ini RUN mv /etc/gitea/dev.app.ini /etc/gitea/app.ini diff --git a/gitea/config/app.ini b/gitea/config/app.ini index 38e2683..80fc288 100644 --- a/gitea/config/app.ini +++ b/gitea/config/app.ini @@ -24,32 +24,18 @@ DISABLE_SSH = false START_SSH_SERVER = true SSH_PORT = 22 SSH_LISTEN_PORT = 22 -SSH_DOMAIN = git.maximhutz.com +# SSH_DOMAIN = %(FULL_DOMAIN)s BUILTIN_SSH_SERVER_USER = git -; --- Signed SSL --- PROTOCOL=https ENABLE_ACME=true ACME_ACCEPTTOS=true ACME_DIRECTORY=https -ACME_EMAIL=proxy@maximhutz.com -DOMAIN = git.maximhutz.com -ROOT_URL = https://git.maximhutz.com/ +# ACME_EMAIL=%(EMAIL)s +# DOMAIN = %(FULL_DOMAIN)s +# ROOT_URL = %(ROOT_URL)s HTTP_PORT = 443 -; --- No SSL --- -; DOMAIN = git.maximhutz.com -; ROOT_URL = http://git.maximhutz.com/ -; HTTP_PORT = 80 - -; --- Self-Signed SSL --- -# PROTOCOL = https -# ROOT_URL = https://git.maximhutz.com/ -# DOMAIN = git.maximhutz.com -# HTTP_PORT = 443 -# CERT_FILE = cert.pem -# KEY_FILE = key.pem - [database] DB_TYPE = sqlite3 diff --git a/gitea/config/dev.app.ini b/gitea/config/dev.app.ini index e311e77..194b865 100644 --- a/gitea/config/dev.app.ini +++ b/gitea/config/dev.app.ini @@ -28,12 +28,6 @@ SSH_LISTEN_PORT = 2222 SSH_DOMAIN = localhost BUILTIN_SSH_SERVER_USER = git -; --- No SSL --- -; DOMAIN = localhost -; ROOT_URL = http://localhost:80/ -; HTTP_PORT = 80 - -; --- Self-Signed Certificate --- PROTOCOL = https ROOT_URL = https://localhost:443/ DOMAIN = localhost diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml index d366242..7330747 100644 --- a/playbooks/deploy.yml +++ b/playbooks/deploy.yml @@ -52,6 +52,10 @@ GITEA__security__INTERNAL_TOKEN: "{{ internal_secret }}" GITEA__server__LFS_JWT_SECRET: "{{ lfs_secret }}" GITEA__oauth2__JWT_SECRET: "{{ jwt_secret }}" + GITEA__server__ACME_EMAIL: "{{ email }}" + GITEA__server__SSH_DOMAIN: "{{ full_domain.value }}" + GITEA__server__DOMAIN: "{{ full_domain.value }}" + GITEA__server__ROOT_URL: "https://{{ full_domain.value }}/" labels: docker-volume-backup.stop-during-backup: "true" volumes: diff --git a/terraform/network.tf b/terraform/network.tf index adbae49..38ac66a 100644 --- a/terraform/network.tf +++ b/terraform/network.tf @@ -1,9 +1,6 @@ locals { # The IP block for the VPC. vpc_cidr = "10.0.0.0/16" - - # Here is the domain name changes. - domain_name = "maximhutz.com" } data "aws_availability_zones" "all" {} diff --git a/terraform/output.tf b/terraform/output.tf index 253a433..065b01c 100644 --- a/terraform/output.tf +++ b/terraform/output.tf @@ -25,3 +25,9 @@ output "boot_secret" { description = "The access secret to manipulate the codebase repository boot." sensitive = true } + +output "full_domain" { + value = "${var.subdomain}.${var.domain}" + description = "The domain of the Gitea instance." + sensitive = true +} diff --git a/terraform/routing.tf b/terraform/routing.tf index 3a202fe..a9bf3df 100644 --- a/terraform/routing.tf +++ b/terraform/routing.tf @@ -1,12 +1,12 @@ # The Route53 DNS zone. data "aws_route53_zone" "main" { - name = local.domain_name + name = var.domain } # Push all domain traffic through the reverse proxy. resource "aws_route53_record" "domain" { zone_id = data.aws_route53_zone.main.zone_id - name = "git.${data.aws_route53_zone.main.name}" + name = "${var.subdomain}.${data.aws_route53_zone.main.name}" type = "A" ttl = "60" records = [aws_eip.public.public_ip] diff --git a/terraform/variables.tf b/terraform/variables.tf index f316d5b..45ee6ed 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -27,3 +27,13 @@ variable "boot_role" { type = string description = "The name of the role for boot access." } + +variable "domain" { + type = string + description = "The name of the domain." +} + +variable "subdomain" { + type = string + description = "The name of the subdomain." +}