From 4c443d67d1576d23d73fcd33271c490de310421d Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Thu, 30 Mar 2023 22:43:14 +0100 Subject: [PATCH 1/4] Move website to gitlab.com This means I can shut down my GitLab, without having to rewrite the CI quite yet --- ansible/roles/website/files/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/website/files/docker-compose.yml b/ansible/roles/website/files/docker-compose.yml index 6255601..3f3b03a 100644 --- a/ansible/roles/website/files/docker-compose.yml +++ b/ansible/roles/website/files/docker-compose.yml @@ -1,7 +1,7 @@ version: "2.3" x-website: &website - image: registry.git.theorangeone.net/repos/website:latest + image: registry.gitlab.com/realorangeone/website:latest user: "{{ docker_user.id }}" restart: unless-stopped init: true -- 2.45.2 From d52f0bc8b2d3bb29db4e5e6d89dcefacef918cf1 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Thu, 30 Mar 2023 22:56:35 +0100 Subject: [PATCH 2/4] Remove gitlab configuration --- ansible/galaxy-requirements.yml | 2 - ansible/group_vars/all/pve.yml | 4 -- ansible/host_vars/pve-docker/main.yml | 1 - ansible/hosts | 2 - ansible/main.yml | 9 --- .../forrest/files/prometheus/prometheus.yml | 1 - ansible/roles/forrest/vars/main.yml | 1 - ansible/roles/gitea/files/app.ini | 6 +- ansible/roles/gitea/files/docker-compose.yml | 2 +- .../gitea_runner/files/docker-compose.yml | 2 +- .../roles/gitlab/files/gitlab-override.conf | 3 - ansible/roles/gitlab/files/gitlab.rb | 64 ------------------- ansible/roles/gitlab/tasks/main.yml | 30 --------- ansible/roles/gitlab/vars/main.yml | 7 -- ansible/roles/gitlab/vars/vault.yml | 21 ------ ansible/roles/gitlab_runner/files/config.toml | 20 ------ ansible/roles/gitlab_runner/handlers/main.yml | 5 -- ansible/roles/gitlab_runner/tasks/main.yml | 21 ------ ansible/roles/gitlab_runner/vars/main.yml | 1 - ansible/roles/gitlab_runner/vars/vault.yml | 8 --- ansible/roles/traefik/defaults/main.yml | 1 - .../traefik/files/file-provider-gitlab.yml | 30 --------- ansible/roles/traefik/files/traefik.yml | 4 -- ansible/roles/traefik/tasks/main.yml | 10 --- terraform/jakehoward.tech.tf | 7 -- terraform/theorangeone.net.tf | 32 ---------- 26 files changed, 5 insertions(+), 289 deletions(-) delete mode 100644 ansible/roles/gitlab/files/gitlab-override.conf delete mode 100644 ansible/roles/gitlab/files/gitlab.rb delete mode 100644 ansible/roles/gitlab/tasks/main.yml delete mode 100644 ansible/roles/gitlab/vars/main.yml delete mode 100644 ansible/roles/gitlab/vars/vault.yml delete mode 100644 ansible/roles/gitlab_runner/files/config.toml delete mode 100644 ansible/roles/gitlab_runner/handlers/main.yml delete mode 100644 ansible/roles/gitlab_runner/tasks/main.yml delete mode 100644 ansible/roles/gitlab_runner/vars/main.yml delete mode 100644 ansible/roles/gitlab_runner/vars/vault.yml delete mode 100644 ansible/roles/traefik/files/file-provider-gitlab.yml diff --git a/ansible/galaxy-requirements.yml b/ansible/galaxy-requirements.yml index e3d2b36..185e0fb 100644 --- a/ansible/galaxy-requirements.yml +++ b/ansible/galaxy-requirements.yml @@ -14,8 +14,6 @@ roles: - src: ironicbadger.proxmox_nag_removal version: 1.0.1 - src: chmduquesne.iptables_persistent - - src: geerlingguy.gitlab - version: 3.2.0 - src: dokku_bot.ansible_dokku version: v2021.11.28 - src: ironicbadger.snapraid diff --git a/ansible/group_vars/all/pve.yml b/ansible/group_vars/all/pve.yml index 9463acb..ba8d67c 100644 --- a/ansible/group_vars/all/pve.yml +++ b/ansible/group_vars/all/pve.yml @@ -11,10 +11,6 @@ pve_hosts: ip: 10.23.1.101 docker: ip: 10.23.1.103 - gitlab: - ip: 10.23.1.106 - gitlab_runner: - ip: 10.23.1.107 ingress: ip: 10.23.1.10 external_ip: 192.168.2.201 diff --git a/ansible/host_vars/pve-docker/main.yml b/ansible/host_vars/pve-docker/main.yml index 3da7c38..a28220b 100644 --- a/ansible/host_vars/pve-docker/main.yml +++ b/ansible/host_vars/pve-docker/main.yml @@ -3,7 +3,6 @@ private_ip: "{{ pve_hosts.docker.ip }}" traefik_provider_jellyfin: true traefik_provider_homeassistant: true traefik_provider_grafana: true -traefik_provider_gitlab: true with_fail2ban: true diff --git a/ansible/hosts b/ansible/hosts index eaa561c..594edbd 100644 --- a/ansible/hosts +++ b/ansible/hosts @@ -12,7 +12,5 @@ jellyfin forrest qbittorrent restic -pve-gitlab -pve-gitlab-runner renovate gitea-runner diff --git a/ansible/main.yml b/ansible/main.yml index 72dbec8..34b0f5e 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -31,7 +31,6 @@ - pve-docker - forrest - walker - - pve-gitlab-runner - grimes - renovate - gitea-runner @@ -117,14 +116,6 @@ roles: - restic -- hosts: pve-gitlab - roles: - - gitlab - -- hosts: pve-gitlab-runner - roles: - - gitlab_runner - - hosts: gitea-runner roles: - gitea_runner diff --git a/ansible/roles/forrest/files/prometheus/prometheus.yml b/ansible/roles/forrest/files/prometheus/prometheus.yml index 547caba..4a3e6da 100644 --- a/ansible/roles/forrest/files/prometheus/prometheus.yml +++ b/ansible/roles/forrest/files/prometheus/prometheus.yml @@ -50,7 +50,6 @@ scrape_configs: static_configs: - targets: - https://bin.theorangeone.net - - https://git.theorangeone.net/-/liveness?token={{ gitlab_liveness_access_token }} - https://grafana.jakehoward.tech/api/health - https://homeassistant.jakehoward.tech - https://intersect.jakehoward.tech diff --git a/ansible/roles/forrest/vars/main.yml b/ansible/roles/forrest/vars/main.yml index f4edac7..3c7738c 100644 --- a/ansible/roles/forrest/vars/main.yml +++ b/ansible/roles/forrest/vars/main.yml @@ -2,7 +2,6 @@ grafana_smtp_password: "{{ vault_grafana_smtp_password }}" grafana_smtp_user: "{{ vault_grafana_smtp_user }}" grafana_from_email: "{{ vault_grafana_from_email }}" homeassistant_token: "{{ vault_homeassistant_token }}" -gitlab_liveness_access_token: "{{ vault_gitlab_liveness_access_token }}" prometheus_healthcheck_uuid: "{{ vault_prometheus_healthcheck_uuid }}" healthchecks_project_uuid: "{{ vault_healthchecks_project_uuid }}" healthcheck_api_token: "{{ vault_healthcheck_api_token }}" diff --git a/ansible/roles/gitea/files/app.ini b/ansible/roles/gitea/files/app.ini index 4b67a8a..99453df 100644 --- a/ansible/roles/gitea/files/app.ini +++ b/ansible/roles/gitea/files/app.ini @@ -6,14 +6,14 @@ DEFAULT_BRANCH = master DISABLE_STARS = true [server] -SSH_DOMAIN = gitea.theorangeone.net -ROOT_URL = https://gitea.theorangeone.net/ +SSH_DOMAIN = git.theorangeone.net +ROOT_URL = https://git.theorangeone.net/ START_SSH_SERVER = true SSH_PORT = 22 # Makes the SSH URLs look sane SSH_LISTEN_PORT = 2222 BUILTIN_SSH_SERVER_USER = git LFS_START_SERVER = true -DOMAIN = gitea.theorangeone.net +DOMAIN = git.theorangeone.net PROTOCOL = http # TLS termination done by Traefik ENABLE_GZIP = true OFFLINE_MODE = true diff --git a/ansible/roles/gitea/files/docker-compose.yml b/ansible/roles/gitea/files/docker-compose.yml index 0748cdd..14a91ce 100644 --- a/ansible/roles/gitea/files/docker-compose.yml +++ b/ansible/roles/gitea/files/docker-compose.yml @@ -23,7 +23,7 @@ services: - redis labels: - traefik.enable=true - - traefik.http.routers.gitea.rule=Host(`gitea.theorangeone.net`) + - traefik.http.routers.gitea.rule=Host(`git.theorangeone.net`) - traefik.http.services.gitea-gitea.loadbalancer.server.port=3000 networks: - default diff --git a/ansible/roles/gitea_runner/files/docker-compose.yml b/ansible/roles/gitea_runner/files/docker-compose.yml index e38c157..79f4ef7 100644 --- a/ansible/roles/gitea_runner/files/docker-compose.yml +++ b/ansible/roles/gitea_runner/files/docker-compose.yml @@ -9,7 +9,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:ro environment: - TZ={{ timezone }} - - GITEA_INSTANCE_URL=https://gitea.theorangeone.net + - GITEA_INSTANCE_URL=https://git.theorangeone.net - GITEA_RUNNER_REGISTRATION_TOKEN={{ gitea_runner_registration_token }} - GITEA_RUNNER_NAME={{ ansible_hostname }} restart: unless-stopped diff --git a/ansible/roles/gitlab/files/gitlab-override.conf b/ansible/roles/gitlab/files/gitlab-override.conf deleted file mode 100644 index 0c49dcf..0000000 --- a/ansible/roles/gitlab/files/gitlab-override.conf +++ /dev/null @@ -1,3 +0,0 @@ -# Reconfigure GitLab before start. Mostly to ensure log directories exist -[Service] -ExecStartPre=/usr/bin/gitlab-ctl reconfigure diff --git a/ansible/roles/gitlab/files/gitlab.rb b/ansible/roles/gitlab/files/gitlab.rb deleted file mode 100644 index a17e955..0000000 --- a/ansible/roles/gitlab/files/gitlab.rb +++ /dev/null @@ -1,64 +0,0 @@ -external_url 'https://git.theorangeone.net' -nginx['redirect_http_to_https'] = false -alertmanager['enable'] = false -prometheus_monitoring['enable'] = false -grafana['enable'] = false -nginx['status'] = { - 'enable' => false -} - -nginx['ssl_certificate'] = "/etc/ssl/certs/ssl-cert-snakeoil.pem" -nginx['ssl_certificate_key'] = "/etc/ssl/private/ssl-cert-snakeoil.key" -letsencrypt['enable'] = false - -gitlab_rails['time_zone'] = '{{ timezone }}' - -# https://docs.gitlab.com/omnibus/settings/memory_constrained_envs.html -puma['worker_processes'] = 2 -sidekiq['max_concurrency'] = 5 - -gitlab_rails['gitlab_default_theme'] = 2 - -nginx['real_ip_header'] = 'X-Forwarded-For' -nginx['real_ip_trusted_addresses'] = ['{{ pve_hosts.docker.ip }}/32'] -gitlab_rails['trusted_proxies'] = ['{{ pve_hosts.docker.ip }}/32'] - -# SMTP -gitlab_rails['smtp_enable'] = true -gitlab_rails['smtp_address'] = "smtp.eu.mailgun.org" -gitlab_rails['smtp_port'] = 465 -gitlab_rails['smtp_user_name'] = "{{ gitlab_smtp_user }}" -gitlab_rails['smtp_password'] = "{{ gitlab_smtp_password }}" -gitlab_rails['smtp_enable_starttls_auto'] = true -gitlab_rails['smtp_tls'] = true -gitlab_rails['smtp_openssl_verify_mode'] = 'peer' -gitlab_rails['gitlab_email_from'] = "{{ gitlab_from_email }}" - -gitlab_rails['artifacts_path'] = "/mnt/gitlab-bulk/artifacts" -gitlab_rails['backup_path'] = "/mnt/gitlab-bulk/backups" -gitlab_rails['backup_keep_time'] = 60 * 60 * 24 * 14 # 14 days - -# Registry -registry_external_url "https://registry.git.theorangeone.net" -registry_nginx['redirect_http_to_https'] = false -registry_nginx['ssl_certificate'] = "/etc/ssl/certs/ssl-cert-snakeoil.pem" -registry_nginx['ssl_certificate_key'] = "/etc/ssl/private/ssl-cert-snakeoil.key" -registry['storage'] = { - 's3' => { - 'accesskey' => '{{ gitlab_registry_access_key }}', - 'secretkey' => '{{ gitlab_registry_secret_key }}', - 'bucket' => '0rng-registry', - 'region' => 'eu-central-003', - 'regionendpoint' => 'https://s3.eu-central-003.backblazeb2.com' - } -} - -# https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6895 -nginx['worker_processes'] = "auto" - -# GitLab Pages -pages_external_url "https://gitlab-pages.theorangeone.net" -gitlab_pages["external_http"] = [":8008"] -gitlab_pages["access_control"] = true -pages_nginx["enable"] = false -gitlab_rails["pages_path"] = "/mnt/gitlab-bulk/pages" diff --git a/ansible/roles/gitlab/tasks/main.yml b/ansible/roles/gitlab/tasks/main.yml deleted file mode 100644 index 6b48212..0000000 --- a/ansible/roles/gitlab/tasks/main.yml +++ /dev/null @@ -1,30 +0,0 @@ -- name: Include vault - include_vars: vault.yml - -- name: Install and configure GitLab - import_role: - name: geerlingguy.gitlab - become: true - -- name: Create dir for service override - file: - path: /usr/lib/systemd/system/gitlab-runsvdir.service.d/ - state: directory - mode: "0755" - become: true - -- name: Create override.conf - copy: - src: files/gitlab-override.conf - dest: /usr/lib/systemd/system/gitlab-runsvdir.service.d/gitlab-override.conf - owner: root - group: root - mode: "0644" - become: true - -# https://theorangeone.net/posts/gitlab-dater/ -- name: Install gitlab-dater - git: - repo: https://git.theorangeone.net/sys/gitlab-dater - dest: "{{ home }}/gitlab-dater" - depth: 1 diff --git a/ansible/roles/gitlab/vars/main.yml b/ansible/roles/gitlab/vars/main.yml deleted file mode 100644 index 69a3108..0000000 --- a/ansible/roles/gitlab/vars/main.yml +++ /dev/null @@ -1,7 +0,0 @@ -gitlab_config_template: files/gitlab.rb -gitlab_create_self_signed_cert: false -gitlab_smtp_password: "{{ vault_gitlab_smtp_password }}" -gitlab_smtp_user: "{{ vault_gitlab_smtp_user }}" -gitlab_from_email: "{{ vault_gitlab_from_email }}" -gitlab_registry_access_key: "{{ vault_gitlab_registry_access_key }}" -gitlab_registry_secret_key: "{{ vault_gitlab_registry_secret_key }}" diff --git a/ansible/roles/gitlab/vars/vault.yml b/ansible/roles/gitlab/vars/vault.yml deleted file mode 100644 index 0054c5e..0000000 --- a/ansible/roles/gitlab/vars/vault.yml +++ /dev/null @@ -1,21 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -32383930626639373231366430616531633532333639376431383065373566376238313264633231 -6537363863336466646330333566396365613538646665650a636633363933326530353834376335 -31666535316239306136353436353038323466353130373433343533323562356534386664663130 -6431306465336435390a643661383137666535366463633634633866623263323837376664353262 -38333636336639663632343130663635376262646130613065633233663562383631626665373036 -65316563643831303561636536663230623462326233393838663031393135613263333739623038 -35653739346134396336613163346530653834333138653865366330643037653638653732326633 -34656632353931626362316663353639633631303636373066343131366538656662653738623134 -31633636313233363663313939333264333461376630356461303637326438306536343136393132 -39393734393564366239666662356439336561366238353637373835353761633234333763396133 -36373635393332613835363631363733613835336132353164633266396136313838366435616239 -31373662663835666134306438653732653366396564663133653937383434663961386663343833 -36343434346630623233363862386237343432616237643232643861623234643835306432376236 -32313063656639346166666435636265383232336166663966633462383331393936646566383637 -62306663373763323062643935383565383338386639313131636162316366616530636634346462 -30313438306435656639303165633461623064313938303162663534666431633533366331383061 -31376535356163383131653339313832653165343531633063633536623061623831333436646138 -63313739316436306436313965636633326466313137626161623139633736303331633538636263 -66396339346437633130616135333931373032393139313035623861643039343035313662626136 -35333263346466323361 diff --git a/ansible/roles/gitlab_runner/files/config.toml b/ansible/roles/gitlab_runner/files/config.toml deleted file mode 100644 index 313778f..0000000 --- a/ansible/roles/gitlab_runner/files/config.toml +++ /dev/null @@ -1,20 +0,0 @@ -concurrent = {{ ansible_processor_nproc }} -log_level = "warning" -check_interval = 10 - -[session_server] - session_timeout = 1800 - -[[runners]] - name = "runner" - url = "https://git.theorangeone.net" - token = "{{ gitlab_runner_token }}" - limit = 0 - executor = "docker" - - [runners.docker] - image = "alpine" - privileged = true - disable_cache = false - volumes = ["/cache", "/certs/client"] - pull_policy = "if-not-present" diff --git a/ansible/roles/gitlab_runner/handlers/main.yml b/ansible/roles/gitlab_runner/handlers/main.yml deleted file mode 100644 index a4b720d..0000000 --- a/ansible/roles/gitlab_runner/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: restart gitlab-runner - service: - name: gitlab-runner - state: restarted - become: true diff --git a/ansible/roles/gitlab_runner/tasks/main.yml b/ansible/roles/gitlab_runner/tasks/main.yml deleted file mode 100644 index d2f2a37..0000000 --- a/ansible/roles/gitlab_runner/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ -- name: Include vault - include_vars: vault.yml - -- name: Install runner - package: - name: gitlab-runner - become: true - -- name: Install config - template: - src: files/config.toml - dest: /etc/gitlab-runner/config.toml - mode: "0600" - become: true - notify: restart gitlab-runner - -- name: Enable runner - service: - name: gitlab-runner - enabled: true - become: true diff --git a/ansible/roles/gitlab_runner/vars/main.yml b/ansible/roles/gitlab_runner/vars/main.yml deleted file mode 100644 index 5e4d04c..0000000 --- a/ansible/roles/gitlab_runner/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -gitlab_runner_token: "{{ vault_gitlab_runner_token }}" diff --git a/ansible/roles/gitlab_runner/vars/vault.yml b/ansible/roles/gitlab_runner/vars/vault.yml deleted file mode 100644 index 43b42fe..0000000 --- a/ansible/roles/gitlab_runner/vars/vault.yml +++ /dev/null @@ -1,8 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -61313533333239316433623837616239346461393538356665363034663533343165366434316137 -3837376330386436656265356637343166643465616534390a666634323334383831306336613636 -36623630646235386661633266633533396664656464333561623036313865343036653734643132 -6333393739383764340a646361383961373434303936383131326364626439353262623965643564 -31343631656234666464383935306434383363316362666263323165613939663736326435313966 -35373466333937636633383138636434333765646235633630616539343464343237383236613739 -313038366164653662616461626661363832 diff --git a/ansible/roles/traefik/defaults/main.yml b/ansible/roles/traefik/defaults/main.yml index cabb6be..184e9c8 100644 --- a/ansible/roles/traefik/defaults/main.yml +++ b/ansible/roles/traefik/defaults/main.yml @@ -1,6 +1,5 @@ traefik_provider_jellyfin: false traefik_provider_homeassistant: false traefik_provider_grafana: false -traefik_provider_gitlab: false with_fail2ban: false diff --git a/ansible/roles/traefik/files/file-provider-gitlab.yml b/ansible/roles/traefik/files/file-provider-gitlab.yml deleted file mode 100644 index 2685a89..0000000 --- a/ansible/roles/traefik/files/file-provider-gitlab.yml +++ /dev/null @@ -1,30 +0,0 @@ -http: - routers: - router-gitlab: - rule: Host(`git.theorangeone.net`) - service: service-gitlab - router-gitlab-registry: - rule: Host(`registry.git.theorangeone.net`) - service: service-gitlab - router-gitlab-pages: - rule: HostRegexp(`gitlab-pages.theorangeone.net`, `{subdomain:[a-z]+}.gitlab-pages.theorangeone.net`) - service: service-gitlab-pages - router-slides: - rule: Host(`slides.jakehoward.tech`) - service: service-slides - services: - service-gitlab: - loadBalancer: - servers: - - url: https://{{ pve_hosts.gitlab.ip }} - service-gitlab-pages: - loadBalancer: - servers: - - url: http://{{ pve_hosts.gitlab.ip }}:8008 - - # HACK: GitLab doesn't support `_redirects` with domains in - service-slides: - loadBalancer: - passHostHeader: false - servers: - - url: https://slides.gitlab-pages.theorangeone.net diff --git a/ansible/roles/traefik/files/traefik.yml b/ansible/roles/traefik/files/traefik.yml index b126e57..d78a853 100644 --- a/ansible/roles/traefik/files/traefik.yml +++ b/ansible/roles/traefik/files/traefik.yml @@ -26,10 +26,6 @@ entryPoints: sans: "*.jakehoward.tech" - main: 0rng.one sans: "*.0rng.one" -{% if traefik_provider_gitlab %} - - main: gitlab-pages.theorangeone.net - sans: "*.gitlab-pages.theorangeone.net" -{% endif %} proxyProtocol: trustedIPs: - "{{ wireguard.cidr }}" diff --git a/ansible/roles/traefik/tasks/main.yml b/ansible/roles/traefik/tasks/main.yml index bb17076..7393812 100644 --- a/ansible/roles/traefik/tasks/main.yml +++ b/ansible/roles/traefik/tasks/main.yml @@ -86,16 +86,6 @@ when: traefik_provider_grafana become: true -- name: Install gitlab provider - template: - src: files/file-provider-gitlab.yml - dest: /opt/traefik/traefik/conf/gitlab.yml - mode: "{{ docker_compose_file_mask }}" - owner: "{{ docker_user.name }}" - notify: restart traefik - when: traefik_provider_gitlab - become: true - - name: logrotate config template: src: files/logrotate.conf diff --git a/terraform/jakehoward.tech.tf b/terraform/jakehoward.tech.tf index 3c911b0..bf7853b 100644 --- a/terraform/jakehoward.tech.tf +++ b/terraform/jakehoward.tech.tf @@ -180,13 +180,6 @@ resource "cloudflare_record" "jakehowardtech_mailgun_dmarc" { ttl = 1 } -resource "cloudflare_record" "jakehowardtech_slides" { - zone_id = cloudflare_zone.jakehowardtech.id - name = "slides" - value = cloudflare_record.theorangeonenet_gitlab_pages.hostname - type = "CNAME" - ttl = 1 -} resource "cloudflare_record" "jakehowardtech_matrix_admin" { zone_id = cloudflare_zone.jakehowardtech.id name = "synapse-admin" diff --git a/terraform/theorangeone.net.tf b/terraform/theorangeone.net.tf index f016034..4cf7aff 100644 --- a/terraform/theorangeone.net.tf +++ b/terraform/theorangeone.net.tf @@ -10,22 +10,6 @@ resource "cloudflare_record" "theorangeonenet_git" { ttl = 1 } -resource "cloudflare_record" "theorangeonenet_gitea" { - zone_id = cloudflare_zone.theorangeonenet.id - name = "gitea" - value = linode_instance.casey.ip_address - type = "A" - ttl = 1 -} - -resource "cloudflare_record" "theorangeonenet_git_registry" { - zone_id = cloudflare_zone.theorangeonenet.id - name = "registry.git" - value = cloudflare_record.theorangeonenet_git.hostname - type = "CNAME" - ttl = 1 -} - resource "cloudflare_record" "theorangeonenet_whoami" { zone_id = cloudflare_zone.theorangeonenet.id name = "whoami" @@ -268,22 +252,6 @@ resource "cloudflare_record" "theorangeonenet_mailgun_dmarc" { ttl = 1 } -resource "cloudflare_record" "theorangeonenet_gitlab_pages" { - zone_id = cloudflare_zone.theorangeonenet.id - name = "gitlab-pages" - value = cloudflare_record.theorangeonenet_git.hostname - type = "CNAME" - ttl = 1 -} - -resource "cloudflare_record" "theorangeonenet_gitlab_pages_wildcard" { - zone_id = cloudflare_zone.theorangeonenet.id - name = "*.gitlab-pages" - value = cloudflare_record.theorangeonenet_gitlab_pages.hostname - type = "CNAME" - ttl = 1 -} - resource "cloudflare_record" "theorangeonenet_mastodon" { zone_id = cloudflare_zone.theorangeonenet.id name = "mastodon" -- 2.45.2 From 5a2311bd8a812cfa11b6950bfea89f88fd8eb51d Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Thu, 30 Mar 2023 23:12:17 +0100 Subject: [PATCH 3/4] Point renovate to gitea --- ansible/roles/renovate/files/config.js | 6 +++--- ansible/roles/renovate/vars/main.yml | 2 +- ansible/roles/renovate/vars/vault.yml | 21 +++++++++++---------- 3 files changed, 15 insertions(+), 14 deletions(-) diff --git a/ansible/roles/renovate/files/config.js b/ansible/roles/renovate/files/config.js index 7d0b643..2f1a9e8 100644 --- a/ansible/roles/renovate/files/config.js +++ b/ansible/roles/renovate/files/config.js @@ -1,7 +1,7 @@ module.exports = { - endpoint: 'https://git.theorangeone.net/api/v4/', - token: '{{ renovate_gitlab_token }}', - platform: 'gitlab', + endpoint: 'https://git.theorangeone.net/', + token: '{{ renovate_gitea_token }}', + platform: 'gitea', //dryRun: true, autodiscover: true, onboarding: false, diff --git a/ansible/roles/renovate/vars/main.yml b/ansible/roles/renovate/vars/main.yml index 9635a1e..8b9f59a 100644 --- a/ansible/roles/renovate/vars/main.yml +++ b/ansible/roles/renovate/vars/main.yml @@ -1,2 +1,2 @@ -renovate_gitlab_token: "{{ vault_renovate_gitlab_token }}" +renovate_gitea_token: "{{ vault_renovate_gitea_token }}" renovate_github_token: "{{ vault_renovate_github_token }}" diff --git a/ansible/roles/renovate/vars/vault.yml b/ansible/roles/renovate/vars/vault.yml index 3f0466d..c80e6d2 100644 --- a/ansible/roles/renovate/vars/vault.yml +++ b/ansible/roles/renovate/vars/vault.yml @@ -1,11 +1,12 @@ $ANSIBLE_VAULT;1.1;AES256 -37666339323131376463616330376335623238363930353938383162623162633665623763626464 -3833623739633363616362643166393538386139373139310a393530323937373938346237633536 -32376237386536633134613438383730323565356164313933376232343866303764643033396237 -6133313835663637660a336162303239636137313339366330323463326339366537343164663336 -61346434383164336138626261663939333265306430316535653062393431646230636162373665 -39386436306534316632376238616332636265303534316366356139303865323631323064303665 -64636565666231643330396164383066623166393339633330363633343639346637343239313936 -37613266393438616166326138313262623837386231393666633361396364313335346238313863 -65383435626335333631326537373366636439306366373235386132393839663063333063383133 -6333613165306462376631326239613864613630363738633331 +39396266373730336338666661383762373535393862653662613034623939353033653738666238 +6666396462326235663833336463613864326635643464610a633863323634363939303133383234 +33663538346230303930343635356365336539393337316235353933366534333832396234633333 +3565353832343432390a326463623733636561366234376331333261353561326361386235313635 +33643834343236346238353233383563636262616366326166343135366439643839323566633766 +66613064396636393462396263636563373633636433623438623336363934353037333138646230 +38623163366636663237356161313563373232396362396239623761653365333931343761313636 +38306664366365383537316531666333643462663466303264656238376634323464373365336364 +39393635326534393661353132353962376531623035303761303236303336363338643936343561 +31623939353863633261343631313530613335643664323233336134306365316662386631396239 +613461636333663533336631303839666665 -- 2.45.2 From c2f9be1e3ec735e7b70d02f10e2b2fe912d1d252 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Thu, 6 Apr 2023 19:19:55 +0100 Subject: [PATCH 4/4] Remove extra host variable for pve-gitlab --- ansible/host_vars/pve-gitlab.yml | 1 - 1 file changed, 1 deletion(-) delete mode 100644 ansible/host_vars/pve-gitlab.yml diff --git a/ansible/host_vars/pve-gitlab.yml b/ansible/host_vars/pve-gitlab.yml deleted file mode 100644 index 22bd4dc..0000000 --- a/ansible/host_vars/pve-gitlab.yml +++ /dev/null @@ -1 +0,0 @@ -ssh_extra_allowed_users: git@{{ pve_hosts.internal_cidr }} -- 2.45.2