aboutsummaryrefslogtreecommitdiffstats
path: root/roles/srht/templates
diff options
context:
space:
mode:
authorbinary <me@rgoncalves.se>2021-01-18 08:51:43 +0100
committerbinary <me@rgoncalves.se>2021-01-18 08:51:43 +0100
commit3d2f89b3bdda212c57975cc261ea8c9040aee159 (patch)
tree3c0b4e5818f8a036ced87790e37269b5c1cb7f96 /roles/srht/templates
parentf83652e0e723af7afbeb3494ed888db76d5efa82 (diff)
downloadinfrastructure-3d2f89b3bdda212c57975cc261ea8c9040aee159.tar.gz
Refactor srht role with vars
Diffstat (limited to 'roles/srht/templates')
-rw-r--r--roles/srht/templates/config.ini.j220
-rw-r--r--roles/srht/templates/git.srht.conf.j222
-rw-r--r--roles/srht/templates/meta.srht.conf.j233
3 files changed, 52 insertions, 23 deletions
diff --git a/roles/srht/templates/config.ini.j2 b/roles/srht/templates/config.ini.j2
index e3bca6a..26e167a 100644
--- a/roles/srht/templates/config.ini.j2
+++ b/roles/srht/templates/config.ini.j2
@@ -43,7 +43,7 @@ network-key={{ srht_key_network.stdout_lines[0] }}
# be shared between nodes (e.g. git1.sr.ht and git2.sr.ht), but need not be
# shared between services. It may be shared between services, however, with no
# ill effect, if this better suits your infrastructure.
-redis-host=redis://localhost
+redis-host=
[objects]
#
@@ -91,7 +91,8 @@ private-key={{ srht_key_webhook.stdout_lines[0] }}
[meta.sr.ht]
#
# URL meta.sr.ht is being served at (protocol://domain)
-origin=http://meta.git.{{ global.domain_name }}
+#origin=http://meta.git.{{ global.domain_name }}
+origin=http://192.168.5.61:81
#
# Address and port to bind the debug server to
debug-host=0.0.0.0
@@ -104,7 +105,7 @@ connection-string=postgresql://postgres@localhost/meta.sr.ht?sslmode=disable
migrate-on-upgrade=yes
#
# The redis connection used for the webhooks worker
-webhooks=redis://localhost:6379/1?sslmode=disable
+webhooks=redis://localhost:6379/1
#
# If "yes", the user will be sent the stock sourcehut welcome emails after
# signup (requires cron to be configured properly). These are specific to the
@@ -166,7 +167,7 @@ stripe-secret-key=
# What authentication method to use.
# builtin: use sr.ht builtin authentication
# unix-pam: use Unix PAM authentication
-#auth-method=builtin
+auth-method=builtin
[meta.sr.ht::auth::unix-pam]
#
@@ -195,12 +196,14 @@ user-group=
# sourcehut even if they are not in the group specified in user-group.
# If unset, administrator status can be manually assigned from the web
# interface.
-admin-group={{ group_root }}
+#admin-group={{ group_root }}
+admin-group=
[git.sr.ht]
#
# URL git.sr.ht is being served at (protocol://domain)
-origin=http://git.{{ global.domain_name }}
+#origin=http://git.{{ global.domain_name }}
+origin=http://192.168.5.61:82
#
# Address and port to bind the debug server to
debug-host=0.0.0.0
@@ -213,7 +216,7 @@ connection-string=postgresql://postgres@localhost/git.sr.ht?sslmode=disable
migrate-on-upgrade=yes
#
# The redis connection used for the webhooks worker
-webhooks=redis://localhost:6379/1?sslmode=disable
+webhooks=redis://localhost:6379/1
#
# A post-update script which is installed in every git repo.
post-update-script=/usr/bin/gitsrht-update-hook
@@ -269,7 +272,8 @@ internal-ipnet=127.0.0.0/8,::1/128,192.168.0.0/16,10.0.0.0/8
#/usr/bin/buildsrht-keys=builds:builds
[hub.sr.ht]
-origin=http://git.{{ global.domain_name }}
+#origin=http://git.{{ global.domain_name }}
+origin=http://192.168.5.61:80
oauth-client-id=CHANGEME
oauth-client-secret=CHANGEME
connection-string=postgresql://postgres@localhost/hub.sr.ht?sslmode=disable
diff --git a/roles/srht/templates/git.srht.conf.j2 b/roles/srht/templates/git.srht.conf.j2
new file mode 100644
index 0000000..1b42ef2
--- /dev/null
+++ b/roles/srht/templates/git.srht.conf.j2
@@ -0,0 +1,22 @@
+server {
+ listen 82;
+ server_name git.{{ global.domain_name }};
+ client_max_body_size 100M;
+
+ location / {
+ proxy_pass http://127.0.0.1:{{ srht_git_port }};
+ }
+
+ location /static {
+ root /usr/lib/python3.8/site-packages/hubsrht;
+ }
+
+ location /query {
+ proxy_pass http://127.0.0.1:{{ srht_git_api_port }};
+ }
+
+ location = /robots.txt {
+ root /var/www;
+ }
+}
+
diff --git a/roles/srht/templates/meta.srht.conf.j2 b/roles/srht/templates/meta.srht.conf.j2
index f5a3a2c..6c3abec 100644
--- a/roles/srht/templates/meta.srht.conf.j2
+++ b/roles/srht/templates/meta.srht.conf.j2
@@ -1,22 +1,25 @@
server {
- listen 81;
- server_name meta.git.{{ global.domain_name }};
- client_max_body_size 100M;
+ listen 81;
+ server_name meta.git.{{ global.domain_name }};
+ client_max_body_size 100M;
- location / {
- proxy_pass http://127.0.0.1:{{ srht_meta_port }};
- }
+ gzip on;
+ gzip_types text/css text/html;
- location /static {
- root /usr/lib/python3.8/site-packages/metasrht;
- }
+ location / {
+ proxy_pass http://127.0.0.1:{{ srht_meta_port }};
+ }
- location /query {
- proxy_pass http://127.0.0.1:{{ srht_meta_api_port }};
- }
+ location /static {
+ root /usr/lib/python3.8/site-packages/hubsrht;
+ }
- location = /robots.txt {
- root /var/www;
- }
+ location /query {
+ proxy_pass http://127.0.0.1:{{ srht_meta_api_port }};
+ }
+
+ location ^~ /.well-known {
+ root /var/www;
+ }
}
remember that computers suck.