Compare commits

..

No commits in common. "fbe3d2f24080d7bcdb07b6251e7fc3d06c9f7a5f" and "d012f5ab523cc210ec8430584888023526bf09cd" have entirely different histories.

3 changed files with 12 additions and 83 deletions

View file

@ -1,10 +1,10 @@
--- ---
title: "Services" title: "Services"
weight: 1 weight: 1
# bookFlatSection: true bookFlatSection: true
# bookToc: true # bookToc: true
# bookHidden: false # bookHidden: false
bookCollapseSection: true # bookCollapseSection: false
# bookComments: false # bookComments: false
# bookSearchExclude: false # bookSearchExclude: false
--- ---

View file

@ -1,55 +0,0 @@
---
title: "Cockpit"
weight: 1
# bookFlatSection: false
# bookToc: true
# bookHidden: false
# bookCollapseSection: false
# bookComments: false
# bookSearchExclude: false
---
# Cockpit
## Installation
Installer la paquet `cockpit`.
### Dépendances optionnelles
- `cockpit-pcp`: monitoring,
- `cockpit-storaged`: gestion du stockage,
- `cockpit-podman`: gestion de containers `podman`,
- `cockpit-machines`: gestion de machines virtuelles avec `libvirt`,
- `networkmanager`: gestion de la connexion réseau,
- `firewalld`: gestion du pare-feu,
## Configuration
### Configuration du reverse proxy
```
[WebService]
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
```
#### Configuration Nginx
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cockpit.edgarpierre.fr;
include conf/00-hsts.conf;
location / {
include conf/50-proxy.conf;
include conf/50-ws-proxy.conf;
proxy_pass http://localhost:9090;
}
}
```
### Mise-à-jour des certificats
#### Script de déploiement certbot
```
/usr/bin/install -o cockpit-ws -g cockpit-ws -m 600 /etc/letsencrypt/live/huascaran.burkhart.ovh/privkey.pem /etc/cockpit/ws-certs.d/50-certbot.key
/usr/bin/install -o cockpit-ws -g cockpit-ws -m 600 /etc/letsencrypt/live/huascaran.burkhart.ovh/fullchain.pem /etc/cockpit/ws-certs.d/50-certbot.cert
/usr/bin/systemctl restart cockpit
```

View file

@ -12,13 +12,14 @@ weight: 1
# Gitea # Gitea
## Installation ## Installation
Installer le paquet `gitea`. Install `gitea` package.
## Configuration ## Configuration
La configuration se fait dans le fichier `/etc/gitea/app.ini`. Configuration takes place in `/etc/gitea/app.ini`. Examples are provided at
Un exemple est fourni dans `/etc/gitea/app.example.ini`. `/etc/gitea/app.example.ini`.
### Serveur ### Server
Server configuration.
``` ```
[server] [server]
PROTOCOL = unix PROTOCOL = unix
@ -34,15 +35,14 @@ ALLOW_GRACEFUL_RESTARTS = true
#### LFS #### LFS
``` ```
[server]
LFS_START_SERVER = true LFS_START_SERVER = true
LFS_JWT_SECRET = LFS_JWT_SECRET =
``` ```
### Base de donnée ### Database
Créer un utilisateur et une base de donnée `gitea` avec postgres. Create user and database for `gitea` using postgres.
Pour utiliser une connection par socket unix, la configuration est la suivante : To use a unix socket connection to postgres, configuration should be :
``` ```
[database] [database]
DB_TYPE = postgres DB_TYPE = postgres
@ -51,7 +51,7 @@ NAME = gitea
USER = gitea USER = gitea
``` ```
### Securité ### Security
``` ```
[security] [security]
INSTALL_LOCK = true INSTALL_LOCK = true
@ -103,20 +103,4 @@ ALLOWED_HOST_LIST = loopback,edgarpierre.fr,*.edgarpierre.fr
``` ```
## Service ## Service
Gitea est démarré avec le service systemd `gitea.service`. Gitea is started using systemd service `gitea.service`.
## Configuration Nginx
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name git.edgarpierre.fr;
include conf/00-hsts.conf;
location / {
include conf/50-proxy.conf;
proxy_pass http://unix:/run/gitea/gitea.socket;
}
}
```