Compare commits

...

3 commits

Author SHA1 Message Date
fbe3d2f240
Collapse section 2023-02-05 16:35:20 +01:00
ae6cebf75d
Update gitea config 2023-02-05 16:35:12 +01:00
41401725a2
Add cockpit configuration 2023-02-05 16:29:08 +01:00
3 changed files with 83 additions and 12 deletions

View file

@ -1,10 +1,10 @@
--- ---
title: "Services" title: "Services"
weight: 1 weight: 1
bookFlatSection: true # bookFlatSection: true
# bookToc: true # bookToc: true
# bookHidden: false # bookHidden: false
# bookCollapseSection: false bookCollapseSection: true
# bookComments: false # bookComments: false
# bookSearchExclude: false # bookSearchExclude: false
--- ---

View file

@ -0,0 +1,55 @@
---
title: "Cockpit"
weight: 1
# bookFlatSection: false
# bookToc: true
# bookHidden: false
# bookCollapseSection: false
# bookComments: false
# bookSearchExclude: false
---
# Cockpit
## Installation
Installer la paquet `cockpit`.
### Dépendances optionnelles
- `cockpit-pcp`: monitoring,
- `cockpit-storaged`: gestion du stockage,
- `cockpit-podman`: gestion de containers `podman`,
- `cockpit-machines`: gestion de machines virtuelles avec `libvirt`,
- `networkmanager`: gestion de la connexion réseau,
- `firewalld`: gestion du pare-feu,
## Configuration
### Configuration du reverse proxy
```
[WebService]
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
```
#### Configuration Nginx
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cockpit.edgarpierre.fr;
include conf/00-hsts.conf;
location / {
include conf/50-proxy.conf;
include conf/50-ws-proxy.conf;
proxy_pass http://localhost:9090;
}
}
```
### Mise-à-jour des certificats
#### Script de déploiement certbot
```
/usr/bin/install -o cockpit-ws -g cockpit-ws -m 600 /etc/letsencrypt/live/huascaran.burkhart.ovh/privkey.pem /etc/cockpit/ws-certs.d/50-certbot.key
/usr/bin/install -o cockpit-ws -g cockpit-ws -m 600 /etc/letsencrypt/live/huascaran.burkhart.ovh/fullchain.pem /etc/cockpit/ws-certs.d/50-certbot.cert
/usr/bin/systemctl restart cockpit
```

View file

@ -12,14 +12,13 @@ weight: 1
# Gitea # Gitea
## Installation ## Installation
Install `gitea` package. Installer le paquet `gitea`.
## Configuration ## Configuration
Configuration takes place in `/etc/gitea/app.ini`. Examples are provided at La configuration se fait dans le fichier `/etc/gitea/app.ini`.
`/etc/gitea/app.example.ini`. Un exemple est fourni dans `/etc/gitea/app.example.ini`.
### Server ### Serveur
Server configuration.
``` ```
[server] [server]
PROTOCOL = unix PROTOCOL = unix
@ -35,14 +34,15 @@ ALLOW_GRACEFUL_RESTARTS = true
#### LFS #### LFS
``` ```
[server]
LFS_START_SERVER = true LFS_START_SERVER = true
LFS_JWT_SECRET = LFS_JWT_SECRET =
``` ```
### Database ### Base de donnée
Create user and database for `gitea` using postgres. Créer un utilisateur et une base de donnée `gitea` avec postgres.
To use a unix socket connection to postgres, configuration should be : Pour utiliser une connection par socket unix, la configuration est la suivante :
``` ```
[database] [database]
DB_TYPE = postgres DB_TYPE = postgres
@ -51,7 +51,7 @@ NAME = gitea
USER = gitea USER = gitea
``` ```
### Security ### Securité
``` ```
[security] [security]
INSTALL_LOCK = true INSTALL_LOCK = true
@ -103,4 +103,20 @@ ALLOWED_HOST_LIST = loopback,edgarpierre.fr,*.edgarpierre.fr
``` ```
## Service ## Service
Gitea is started using systemd service `gitea.service`. Gitea est démarré avec le service systemd `gitea.service`.
## Configuration Nginx
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name git.edgarpierre.fr;
include conf/00-hsts.conf;
location / {
include conf/50-proxy.conf;
proxy_pass http://unix:/run/gitea/gitea.socket;
}
}
```