Compare commits
71 Commits
Author | SHA1 | Date |
---|---|---|
Michael Grote | 65dc8f43a1 | |
Michael Grote | fe223d75e6 | |
Michael Grote | 8bbb9a6a9c | |
Michael Grote | 4086efea9e | |
Michael Grote | cb49bb51c8 | |
Michael Grote | dabf332abd | |
Michael Grote | 574f9c7338 | |
Michael Grote | 2283b3efe7 | |
Michael Grote | 44f006ee7c | |
Michael Grote | cf6d9d53b1 | |
Michael Grote | 9a4b2f8a0f | |
Michael Grote | add939d434 | |
Michael Grote | fd311282f0 | |
Michael Grote | d049b8db4c | |
Michael Grote | 956d0bc6ed | |
Michael Grote | 2a2c20478e | |
Michael Grote | 41e7e7371c | |
Michael Grote | 65a50a3033 | |
Michael Grote | 07894c2300 | |
Michael Grote | 2ebaed8551 | |
Michael Grote | 59d0e13f05 | |
Michael Grote | 2e183480fe | |
Michael Grote | 0ad6b6ccf4 | |
Michael Grote | ea053bf386 | |
Michael Grote | bb25b39a05 | |
Michael Grote | d0de5a5a4b | |
Michael Grote | 78d47c0319 | |
Michael Grote | d173d12982 | |
Michael Grote | 86e53fe7a2 | |
Michael Grote | 3a8899e9c0 | |
Michael Grote | 82758c84e8 | |
Michael Grote | 910f035529 | |
Michael Grote | 63d2abc3c7 | |
Michael Grote | d92af3101f | |
Michael Grote | 9f69e9e0bd | |
Michael Grote | c18716a9eb | |
Michael Grote | 4ba62a4550 | |
Michael Grote | 49fddb443d | |
Michael Grote | ffbe5713b8 | |
Michael Grote | a651bfbdfc | |
Michael Grote | 5b541db6d3 | |
Michael Grote | 32103dc55c | |
Michael Grote | 0d9fc50863 | |
Michael Grote | 8f27c81b6c | |
Michael Grote | 0df26403ca | |
Michael Grote | 9ca53e02f6 | |
Michael Grote | 8e87c4cfee | |
Michael Grote | 8601b7a6b9 | |
Michael Grote | fd2229d998 | |
Michael Grote | d803a2982f | |
Michael Grote | 51b69a1500 | |
Michael Grote | 292f8f4edb | |
Michael Grote | 6187a3b3a7 | |
Michael Grote | 96d8958bf1 | |
Michael Grote | 138ce9ac17 | |
Michael Grote | 2f373d09fb | |
Michael Grote | a00e9fa892 | |
Michael Grote | 95b7e24488 | |
Michael Grote | 97107c62d3 | |
Michael Grote | 92930e20cb | |
Michael Grote | 1efc46ce05 | |
Michael Grote | 124713bb39 | |
Michael Grote | 96abd42788 | |
Michael Grote | 060449c82a | |
Michael Grote | 2adc529cd3 | |
Michael Grote | 3e6213458b | |
Michael Grote | bb2964e13a | |
Michael Grote | 57b3ebe75e | |
Michael Grote | 5df65653d2 | |
Michael Grote | 0bc5ebea1a | |
Michael Grote | e80c3a2f8d |
|
@ -6,21 +6,3 @@ skip_list:
|
|||
- name[play]
|
||||
- var-naming[no-role-prefix]
|
||||
quiet: true
|
||||
exclude_paths:
|
||||
- .cache/ # implicit unless exclude_paths is defined in config
|
||||
- collections/
|
||||
- .gitlab-ci.yml
|
||||
- friedhof/
|
||||
- playbooks/on-off
|
||||
- roles/geerlingguy-ansible-role-pip
|
||||
- roles/pyratlabs-ansible-role-k3s
|
||||
- roles/robertdebock-ansible-role-bootstrap
|
||||
- roles/gantsign-ansible-role-ctop
|
||||
- roles/geerlingguy-ansible-role-docker
|
||||
- roles/geerlingguy-ansible-role-helm
|
||||
- roles/geerlingguy-ansible-role-nfs
|
||||
- roles/hifis-net-ansible-role-unattended-upgrades
|
||||
- roles/mrlesmithjr-ansible-manage-lvm
|
||||
- roles/oefenweb-ansible-ufw
|
||||
- roles/pandemonium1986-ansible-role-k9s
|
||||
- roles/pyratlabs-ansible-role-gitea
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
name: lint
|
||||
on:
|
||||
push
|
||||
|
||||
jobs:
|
||||
clone:
|
||||
steps:
|
||||
- name: Check out repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
gitleaks:
|
||||
container:
|
||||
image: zricethezav/gitleaks:latest
|
||||
steps:
|
||||
- run: ls -lah
|
||||
- name: gitleaks
|
||||
run: gitleaks detect --no-git --verbose --source $GITHUB_WORKSPACE
|
||||
|
||||
ansible-lint:
|
||||
container:
|
||||
image: quay.io/ansible/creator-ee
|
||||
env:
|
||||
VAULT-PASS: ${{ secrets.vault_pass }} # Repo-Secret
|
||||
steps:
|
||||
- run: ansible-lint --version
|
||||
- run: echo $VAULT-PASS > ./vault-pass.yml # nach des Secret in Großschreibung
|
||||
- run: ls -lah
|
||||
|
||||
- run: ansible-galaxy install -r ./requirements.yml
|
||||
- run: ansible-lint --force-color --format pep8
|
|
@ -15,3 +15,4 @@ roles/oefenweb-ansible-ufw
|
|||
roles/pandemonium1986-ansible-role-k9s
|
||||
roles/pyratlabs-ansible-role-gitea
|
||||
collections/
|
||||
plugins/lookup/__pycache__/
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: ansible-lint
|
||||
depends_on:
|
||||
- gitleaks
|
||||
steps:
|
||||
ansible-lint:
|
||||
image: quay.io/ansible/creator-ee
|
||||
commands:
|
||||
- ansible-lint --version
|
||||
- echo $VAULT-PASS > ./vault-pass.yml # nach des Secret in Großschreibung
|
||||
- ansible-galaxy install -r requirements.yml
|
||||
- ansible-lint --force-color --format pep8
|
||||
when:
|
||||
event:
|
||||
exclude:
|
||||
- tag
|
||||
secret: [vault-pass] #dieses Secret darf verwendet werden
|
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: gitleaks
|
||||
steps:
|
||||
gitleaks:
|
||||
image: zricethezav/gitleaks:latest
|
||||
commands:
|
||||
- gitleaks detect --no-git --verbose --source $CI_WORKSPACE
|
||||
when:
|
||||
event:
|
||||
exclude:
|
||||
- tag
|
|
@ -0,0 +1,18 @@
|
|||
version: '3'
|
||||
services:
|
||||
runner:
|
||||
container_name: "gitea-act-runner"
|
||||
image: gitea/act_runner:latest
|
||||
restart: always
|
||||
volumes:
|
||||
- data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
environment:
|
||||
GITEA_INSTANCE_URL: "https://git.mgrote.net"
|
||||
GITEA_RUNNER_REGISTRATION_TOKEN: {{ lookup('keepass', 'gitea_runner_token', 'password') }} # muss für jeden Runner neu generiert werden, wird nur einmal benötigt
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: true
|
||||
|
||||
|
||||
volumes:
|
||||
data:
|
|
@ -50,7 +50,7 @@ docker_users:
|
|||
- mg
|
||||
- docker-user
|
||||
docker_install_compose: true
|
||||
docker_add_repo: false # erstelle kein Repo-Eintrag unter /etc/apt/sources.list.d/, steht explizit unter "repos_override"
|
||||
docker_add_repo: false # erstelle kein Repo-Eintrag unter /etc/apt/sources.list.d/, steht explizit unter "repos_override", wird nur zum installieren benötigt
|
||||
|
||||
### mgrote_docker-compose-deploy
|
||||
docker_compose_base_dir: /home/docker-user
|
||||
|
|
|
@ -54,7 +54,7 @@ gitea_show_user_email: false
|
|||
gitea_disable_gravatar: true
|
||||
gitea_enable_captcha: true
|
||||
gitea_only_allow_external_registration: false
|
||||
gitea_enable_notify_mail: false
|
||||
gitea_enable_notify_mail: true
|
||||
gitea_force_private: false
|
||||
gitea_oauth2_enabled: true
|
||||
gitea_repo_indexer_enabled: true
|
||||
|
@ -96,6 +96,7 @@ gitea_fail2ban_jail_bantime: 600
|
|||
gitea_extra_config: |
|
||||
[webhook]
|
||||
ALLOWED_HOST_LIST = *.mgrote.net
|
||||
|
||||
[actions]
|
||||
ENABLED=true
|
||||
gitea_backup_on_upgrade: false
|
||||
gitea_backup_location: "{{ gitea_home }}/backups/"
|
||||
|
|
|
@ -76,7 +76,9 @@ compose_files:
|
|||
network: traefik
|
||||
- name: statping-ng
|
||||
state: present
|
||||
|
||||
- name: gitea-act-runner
|
||||
state: present
|
||||
|
||||
### oefenweb.ufw
|
||||
ufw_rules:
|
||||
- rule: allow
|
||||
|
|
BIN
keepass_db.kdbx
BIN
keepass_db.kdbx
Binary file not shown.
Loading…
Reference in New Issue