ivo/sce
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: ivo:67dad76dad111793539c86a5b840da70435da7cd
Branches Tags
ivo:main
..
compare: ivo:25fb8d345d87c40b8d372598a9537b1a1c80957c
Branches Tags
ivo:main

No commits in common. "67dad76dad111793539c86a5b840da70435da7cd" and "25fb8d345d87c40b8d372598a9537b1a1c80957c" have entirely different histories.
67dad76dad ... 25fb8d345d

7 changed files with 5 additions and 45 deletions
Show stats Expand all files Collapse all files

3
roles/nginx/defaults/main.yml
View file

@ -1,4 +1,3 @@
--- ---
nginx_certificate_path: /etc/sce-certbot nginx_certificate_path: /etc/sce-certbot
nginx_proxy_pass: [] nginx_sites: []
nginx_grpc_pass: []

16
roles/nginx/tasks/grpc-pass.yml
View file

@ -1,16 +0,0 @@
---
- name: Install nginx template
ansible.builtin.template:
src: grpc-pass.j2
dest: /etc/nginx/sites-available/{{ site_name }}
mode: "0644"
notify: Reload nginx
- name: Activate nginx configuration
ansible.builtin.file:
src: /etc/nginx/sites-available/{{ site_name }}
dest: /etc/nginx/sites-enabled/{{ site_name }}
owner: root
group: root
state: link
notify: Reload nginx

14
roles/nginx/tasks/main.yml
View file

@ -24,17 +24,9 @@
path: /etc/nginx/passwdfile path: /etc/nginx/passwdfile
register: htpasswdfile register: htpasswdfile
- name: Iterate over configured nginx sites (proxy pass) - name: Iterate over configured nginx sites
ansible.builtin.include_tasks: proxy-pass.yml ansible.builtin.include_tasks: site.yml
loop: "{{ nginx_proxy_pass }}" loop: "{{ nginx_sites }}"
vars:
site_name: "{{ item['name'] }}"
site_port: "{{ item['port'] }}"
site_cert: "{{ item['cert'] }}"
- name: Iterate over configured nginx sites (grpc pass)
ansible.builtin.include_tasks: grpc-pass.yml
loop: "{{ nginx_grpc_pass }}"
vars: vars:
site_name: "{{ item['name'] }}" site_name: "{{ item['name'] }}"
site_port: "{{ item['port'] }}" site_port: "{{ item['port'] }}"

2
roles/nginx/tasks/proxy-pass.yml → roles/nginx/tasks/site.yml
View file

@ -6,7 +6,7 @@
- name: Install nginx template - name: Install nginx template
ansible.builtin.template: ansible.builtin.template:
src: proxy-pass.j2 src: nginx-server.j2
dest: /etc/nginx/sites-available/{{ site_name }} dest: /etc/nginx/sites-available/{{ site_name }}
mode: "0644" mode: "0644"
vars: vars:

14
roles/nginx/templates/grpc-pass.j2
View file

@ -1,14 +0,0 @@
# {{ ansible_managed }}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ site_name }};
ssl_certificate {{ nginx_certificate_path }}/{{ site_cert }}/fullchain.pem;
ssl_certificate_key {{ nginx_certificate_path }}/{{ site_cert }}/privkey.pem;
location / {
grpc_pass grpc://127.0.0.1:{{ site_port }};
}
}

0
roles/nginx/templates/proxy-pass.j2 → roles/nginx/templates/nginx-server.j2
View file

1
roles/podman_woodpecker_agent/tasks/agents.yml
View file

@ -35,7 +35,6 @@
WOODPECKER_HEALTHCHECK: false WOODPECKER_HEALTHCHECK: false
WOODPECKER_LOG_LEVEL: debug WOODPECKER_LOG_LEVEL: debug
WOODPECKER_BACKEND: docker WOODPECKER_BACKEND: docker
WOODPECKER_GRPC_SECURE: true
WOODPECKER_FILTER_LABELS: "{{ podman_woodpecker_agent_filter_labels }}" WOODPECKER_FILTER_LABELS: "{{ podman_woodpecker_agent_filter_labels }}"
secrets: secrets:
- "woodpecker-agent-secret-{{ workspace_user }},type=env,target=WOODPECKER_AGENT_SECRET" - "woodpecker-agent-secret-{{ workspace_user }},type=env,target=WOODPECKER_AGENT_SECRET"