Merge branch 'master' of ssh://git.shockrah.xyz:2222/shockrah/infra

2024-12-08 13:41:47 -08:00 · 2024-12-08 13:41:47 -08:00 · c50deddf53
commit c50deddf53
parent 6ab49d1b28 d483f5ed72
8 changed files with 65 additions and 37 deletions
--- a/.gitea/workflows/ansible-lint.yaml
+++ b/.gitea/workflows/ansible-lint.yaml
@ -0,0 +1,15 @@
 name: Ansible Linting
 on:
  - push
 jobs:
  ansible-lint:
    runs-on: ubuntu-latest
    container:
      image: shockrah/ansible
    steps:
      - name: Checkout repo content
        uses: actions/checkout@v4
      - run: ansible-lint
        working-directory: ansible/
--- a/.gitea/workflows/demo.yaml
+++ b/.gitea/workflows/demo.yaml
@ -1,21 +0,0 @@
 name: Actions demo
 run-name: ${{ gitea.actor }} is testing the actions
 on:
  - push
 jobs:
  simple-echo:
    runs-on: gitea-main
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
      - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v4
      - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ gitea.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@ -0,0 +1,3 @@
 [defaults]
 stdout_callback = yaml
--- a/ansible/playbooks/pull-s3-buckets.yml
+++ b/ansible/playbooks/pull-s3-buckets.yml
@ -1,14 +0,0 @@
 ---
 - hosts: webhost
  remote_user: root
  tasks:
    - name: Copy pull script
      copy:
        src: ../scripts/pull-down-s3.sh
        dest: /opt/nginx/pull-down-s3.sh
    - name: Pull down all sites from S3
      shell: bash /opt/nginx/pull-down-s3.sh {{ item }}
      loop:
        - shockrah.xyz
        - resume.shockrah.xyz
        - temper.tv
--- a/ansible/playbooks/setup-git-web-deployer.yml
+++ b/ansible/playbooks/setup-git-web-deployer.yml
@ -0,0 +1,25 @@
 ---
 - name: Setup all attributes of the html-deployer user for static website CI
  hosts: webhost
  vars:
    username: html-deployer
  remote_user: webadmin
  tasks:
    - name: Create user for git actions to deploy html
      become: true
      ansible.builtin.user:
        name: "{{ username }}"
        comment: Used for deploying html from Gitea Actions
        group: nginx
    - name: Set the authorized keys
      become: true
      ansible.posix.authorized_key:
        user: "{{ username }}"
        state: present
        key: "{{ lookup('file', '~/.ssh/vultr/html-deployer.pem.pub') }}"
    - name: Ensure /opt/nginx website folders are owned by html-deployer
      ansible.builtin.file:
        path: "/opt/nginx/{{ item }}"
        recurse: true
        owner: "{{ username }}"
        group: "nginx"
--- a/ansible/playbooks/update.yml
+++ b/ansible/playbooks/update.yml
@ -0,0 +1,20 @@
 # Purpose: General update to the system to keep packages up to date
 ---
 - hosts: webhost
  remote_user: webadmin
  tasks:
    - name: Informational Dump of what is upgradeable
      ansible.builtin.command: apt list --upgradable
      register: pkg
    - name: Show list of packages to upgrade
      ansible.builtin.debug:
        msg: "{{ pkg.stdout_lines }}"
    - name: Update the packages at the system level to the latest versions
      become: true
      ansible.builtin.apt:
        name: "*"
        state: latest
--- a/infra/containers/docker-compose.yaml
+++ b/infra/containers/docker-compose.yaml
@ -5,7 +5,7 @@ networks:
 services:
  gitea:
-    image: gitea/gitea:latest
+    image: gitea/gitea:latest-rootless
    container_name: gitea
    environment:
      - USER_UID=1000