Add reverse proxy settings for Gitea and Bitwarden

This commit is contained in:
Kris Lamoureux 2022-05-28 00:18:15 -04:00
parent 3a92921932
commit eccd6b7874
Signed by: kris
GPG Key ID: 3EDA9C3441EDA925
7 changed files with 22 additions and 0 deletions

View File

@ -1,5 +1,6 @@
bitwarden_name: bitwarden
bitwarden_root: "/var/lib/{{ bitwarden_name }}"
bitwarden_database: "{{ bitwarden_name }}"
bitwarden_realips: "172.16.0.0/12"
bitwarden_standalone: false
bitwarden_production: false

View File

@ -65,6 +65,12 @@
when: not bitwarden_standalone
notify: rebuild_bitwarden
- name: Define reverse proxy servers
lineinfile:
path: "{{ bitwarden_root }}/bwdata/config.yml"
line: "- {{ bitwarden_realips }}"
insertafter: "^real_ips"
- name: Install Bitwarden systemd service
template:
src: bitwarden.service.j2

View File

@ -14,5 +14,9 @@ gitea_dbhost: host.docker.internal
gitea_dbname: "{{ gitea_name }}"
gitea_dbuser: "{{ gitea_name }}"
# proxy settings
gitea_proxy_limit: "1"
gitea_trusted_proxies: "172.16.0.0/12"
# host
gitea_root: "{{ docker_compose_root }}/{{ gitea_name }}"

View File

@ -0,0 +1,5 @@
- name: Restart Gitea
service:
name: "{{ docker_compose_service }}@{{ gitea_name }}"
state: restarted
listen: restart_gitea

View File

@ -73,11 +73,13 @@
template:
src: docker-compose.yml.j2
dest: "{{ gitea_root }}/docker-compose.yml"
notify: restart_gitea
- name: Install Gitea's docker-compose variables
template:
src: compose-env.j2
dest: "{{ gitea_root }}/.env"
notify: restart_gitea
- name: Start and enable Gitea service
service:

View File

@ -10,6 +10,8 @@ gitea_dbhost={{ gitea_dbhost }}
gitea_dbname={{ gitea_dbname }}
gitea_dbuser={{ gitea_dbuser }}
gitea_dbpass={{ gitea_dbpass }}
gitea_proxy_limit={{ gitea_proxy_limit }}
gitea_trusted_proxies={{ gitea_trusted_proxies }}
{% if not gitea_signup %}
gitea_disable_registration=true
{% else %}

View File

@ -20,6 +20,8 @@ services:
- GITEA__database__NAME=${gitea_dbname}
- GITEA__database__USER=${gitea_dbuser}
- GITEA__database__PASSWD=${gitea_dbpass}
- GITEA__security__REVERSE_PROXY_LIMIT=${gitea_proxy_limit}
- GITEA__security__REVERSE_PROXY_TRUSTED_PROXIES=${gitea_trusted_proxies}
- GITEA__service__DISABLE_REGISTRATION=${gitea_disable_registration}
volumes:
- {{ gitea_volume }}:/data