arcodange-org/factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

setup gitea mailer

Browse Source
This commit is contained in:
Gabriel Radureau
2024-08-13 17:28:44 +02:00
parent cb4d679d8b
commit 1b832cbd1d
3 changed files with 34 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
ansible/README.md
View File

@@ -19,7 +19,24 @@ git clone -q --depth 1 --branch master https://github.com/arcodange/ssh-agent.gi
docker run -d --name=ssh-agent docker-ssh-agent:latest docker run -d --name=ssh-agent docker-ssh-agent:latest
docker run --rm --volumes-from=ssh-agent -v ~/.ssh:/.ssh -it docker-ssh-agent:latest ssh-add /root/.ssh/id_rsa docker run --rm --volumes-from=ssh-agent -v ~/.ssh:/.ssh -it docker-ssh-agent:latest ssh-add /root/.ssh/id_rsa
docker run --rm -u root --name test --volumes-from=ssh-agent -v $PWD:/home/arcodange/code arcodange-ansible:0.0.0 \ docker run --rm -u root --name test --volumes-from=ssh-agent -v $PWD:/home/arcodange/code arcodange-ansible:0.0.0 \
ansible-playbook ansible/arcodange/factory/playbooks/setup/01_system.yml -i ansible/arcodange/factory/inventory -vv # -e ANSIBLE_VAULT_PASSWORD_FILE=$ANSIBLE_VAULT_PASSWORD_FILE -v $ANSIBLE_VAULT_PASSWORD_FILE:$ANSIBLE_VAULT_PASSWORD_FILE \ before the arcodange-ansible image name
ansible-playbook ansible/arcodange/factory/playbooks/setup/03cicd.yml -i ansible/arcodange/factory/inventory -vv
```
### use vault with single password
> [!IMPORTANT]
> Required for gitea mailer
> ```sh
> kubectl create secret generic arcodange-ansible-vault --from-literal="pass=<ansible_vault_password>" -n kube-system`
> ```
> to be set as a file variable for gitea runners
```sh
ANSIBLE_VAULT_PASSWORD_FILE=~/.local/bin/read-vault-key.sh;
mkdir -p `dirname $ANSIBLE_VAULT_PASSWORD_FILE`; set +o histexpand;
echo -e "#!/bin/bash\nkubectl get secret -n kube-system arcodange-ansible-vault --template='{{index .data.pass | base64decode}}'" > $ANSIBLE_VAULT_PASSWORD_FILE;
set -o histexpand; chmod +x $ANSIBLE_VAULT_PASSWORD_FILE; echo 'export ANSIBLE_VAULT_PASSWORD_FILE=$ANSIBLE_VAULT_PASSWORD_FILE' >> `find ~ -maxdepth 1 -type f -name '\.*profile' -or -name '\.bashrc' | head -n1`
``` ```
### a tool to reuse a ssh agent (not required) ### a tool to reuse a ssh agent (not required)

8
ansible/arcodange/factory/inventory/group_vars/hard_disk/gitea.yml
View File

@@ -27,11 +27,19 @@ gitea:
environment: environment:
USER_UID: 1000 USER_UID: 1000
USER_GID: 1000 USER_GID: 1000
# https://github.com/go-gitea/gitea/blob/main/contrib/environment-to-ini/README
GITEA__database__DB_TYPE: postgres GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: postgres:5432 GITEA__database__HOST: postgres:5432
GITEA__database__NAME: "{{ gitea_database.db_name }}" GITEA__database__NAME: "{{ gitea_database.db_name }}"
GITEA__database__USER: "{{ gitea_database.db_user }}" GITEA__database__USER: "{{ gitea_database.db_user }}"
GITEA__database__PASSWD: "{{ gitea_database.db_password }}" GITEA__database__PASSWD: "{{ gitea_database.db_password }}"
GITEA__mailer__ENABLED: true
GITEA__mailer__PROTOCOL: smtps
GITEA__mailer__FROM: gitea.arcodange@orange.fr
GITEA__mailer__USER: gitea.arcodange@orange.fr
GITEA__mailer__SMTP_ADDR: smtp.orange.fr
GITEA__mailer__SMTP_PORT: 465
GITEA__mailer__PASSWD: '{{ gitea_vault.GITEA__mailer__PASSWD }}'
networks: networks:
- gitea - gitea
ports: ports:

8
ansible/arcodange/factory/inventory/group_vars/hard_disk/gitea_vault.yml Normal file
View File

@@ -0,0 +1,8 @@
$ANSIBLE_VAULT;1.1;AES256
33313163383239336537323061393666626430633263316637393032346464636561616166633332
3861353632626535336234643561356434653036663165300a363138343731643235666562303564
31633264633966666333656162313533396431396664336232646165626131396665303233393638
3261636464326534630a666332636135643230343636383139306436616238623536373764333434
38363666363039303633353365356236393462393166313539353333386465363163666134393638
35613239653231333639343363303938373139373638663462633864656339336366623862613736
313839346363623535313733613736663462