Add role gitea-apache2

2022-04-09 12:12:43 +02:00 · 2022-04-09 12:12:43 +02:00 · 9616ab751b
commit 9616ab751b
parent ecdb15c942
5 changed files with 57 additions and 0 deletions
--- a/roles/gitea-apache2/meta/main.yml
+++ b/roles/gitea-apache2/meta/main.yml
@ -0,0 +1,3 @@
+dependencies:
+  - role: setup-apache2
+  - role: certbot
--- a/roles/gitea-apache2/tasks/main.yml
+++ b/roles/gitea-apache2/tasks/main.yml
@ -0,0 +1,23 @@
+- name: Enable proxy modules
+  become: true
+  apache2_module:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - proxy
+    - proxy_http
+  notify: Reload apache2 service
+
+- name: Copy vHost conf
+  become: true
+  template:
+    src: git.tunuifranken.info.conf.j2
+    dest: /etc/apache2/sites-available/git.tunuifranken.info.conf
+  notify: Reload apache2 service
+
+- name: Activate vHost
+  become: true
+  command: a2ensite git.tunuifranken.info.conf
+  register: result
+  changed_when: "'already enabled' not in result.stdout"
+  notify: Reload apache2 service
--- a/roles/gitea-apache2/templates/git.tunuifranken.info.conf.j2
+++ b/roles/gitea-apache2/templates/git.tunuifranken.info.conf.j2
@ -0,0 +1,28 @@
+<VirtualHost *:80>
+    ServerName git.tunuifranken.info
+    ServerAdmin {{ server_admin_email_gitea }}
+    DocumentRoot /var/www/empty
+
+    RewriteEngine on
+    RewriteCond %{SERVER_NAME} =git.tunuifranken.info
+    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+
+    ErrorLog ${APACHE_LOG_DIR}/git.tunuifranken.info.error.log
+    CustomLog ${APACHE_LOG_DIR}/git.tunuifranken.info.access.log combined
+</VirtualHost>
+<VirtualHost *:443>
+    ServerName git.tunuifranken.info
+    ServerAdmin {{ server_admin_email_gitea }}
+
+    ProxyPreserveHost On
+    ProxyRequests off
+    AllowEncodedSlashes NoDecode
+    ProxyPass / http://localhost:3000/ nocanon
+    ProxyPassReverse / http://localhost:3000/
+
+    ErrorLog ${APACHE_LOG_DIR}/git.tunuifranken.info.error.log
+    CustomLog ${APACHE_LOG_DIR}/git.tunuifranken.info.access.log combined
+
+    #SSLCertificateFile /etc/letsencrypt/live/git.tunuifranken.info/fullchain.pem
+    #SSLCertificateKeyFile /etc/letsencrypt/live/git.tunuifranken.info/privkey.pem
+</VirtualHost>
--- a/roles/gitea-apache2/vars/main.yml
+++ b/roles/gitea-apache2/vars/main.yml
@ -0,0 +1,2 @@
+---
+server_admin_email_gitea: tfranken@protonmail.com
--- a/roles/gitea/meta/main.yml
+++ b/roles/gitea/meta/main.yml
@ -1,3 +1,4 @@
 dependencies:
  - role: gitea-fail2ban
  - role: gitea-mariadb
+  - role: gitea-apache2