Infrastructure as Code to create and maintain the Forgejo.dev instance
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
Maximilian Kratz b25f1c7ff7
Hotfix: Fixes missing AppArmor bin for newer Docker version
2 days ago
inventory Updates Forgejo to v1.18.3-0 4 days ago
roles Hotfix: Fixes missing AppArmor bin for newer Docker version 2 days ago
vars Init from development repo 3 weeks ago
.ansible-lint Init from development repo 3 weeks ago
.gitignore Init from development repo 3 weeks ago
LICENSE Init from development repo 3 weeks ago
README.md Init from development repo 3 weeks ago
ansible.cfg Init from development repo 3 weeks ago
forgejo-prod.yaml Init from development repo 3 weeks ago
forgejo-staging.yaml Init from development repo 3 weeks ago
infra.yaml Init from development repo 3 weeks ago
main.tf Init from development repo 3 weeks ago
monitoring.yaml Init from development repo 3 weeks ago
playbook.yaml Init from development repo 3 weeks ago
requirements.yml Init from development repo 3 weeks ago
secrets.tfvars.example Init from development repo 3 weeks ago
ssh.yaml Init from development repo 3 weeks ago
user_data.yml.tpl Init from development repo 3 weeks ago

README.md

Forgejo DevOps

Automation to create/configure the infrastructure for all services related to forgejo.dev.

Setup (client/workstation)

  • Install all dependencies:
  • Create a Hetzner Cloud project
    • Create an access token
    • Add the SSH fingerprint to the project
  • Copy secrets.tfvars.example to secrets.tfvars
    • Replace the dummy values with the real ones
  • Copy vars/smtp.yml.example to vars/smtp.yml
    • Replace the dummy values with the real ones
  • Copy vars/woodpecker.yml.example to vars/woodpecker_staging.yml and vars/woodpecker_production.yml
    • Replace the dummy values with the real ones (values are only available after the manual creation of an OAuth2 app)
  • Copy vars/minio.yml.example to vars/minio.yml
    • Replace the dummy values with the real ones

Terraform

Terraform is used to create the infrastructure (VMs) and run a basic provisioning script to install all dependencies for Ansible.

  • To create the infrastructure, run:
    • $ terraform init
    • $ terraform plan -var-file="secrets.tfvars"
    • $ terraform apply -var-file="secrets.tfvars"
  • To destroy the infrastructure, run:
    • $ terraform destroy -var-file="secrets.tfvars"

Ansible

Ansible is used to configure the VMs and create/configure all necessary services.

  • To create/configure/update all services on the VMs, simply run:
    • $ export ANSIBLE_CONFIG=./ansible.cfg
    • $ ansible-galaxy install -r requirements.yml
    • $ ansible-playbook playbook.yml

Ansible Lint

  • Installation: $ pip3 install ansible-lint
  • Usage: $ ansible-lint --offline -p ./*.yml

Manual Steps

Unfortunately, there are currently some manual steps required to complete the initial configuration.

  • Go to the webpage and finish the Forgejo installation including the creation of a root user.
    • Login as root + change the profile picture.
  • Add an OAuth2 application for Woodpecker CI
    • Register the tokens within the Woodpecker config and run the Ansible playbook again.
  • Create the organisation staging.forgejo.dev/forgejo.dev.
    • Set the correct profile picture.
  • Create the org repository in the organisation.
    • Set the correct profile picture.
  • Create user(s) and invite them to the organization.

License

This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for more details.