feat(gitea): refactor configuration to use structured app_config and add TLS support
This commit is contained in:
@@ -1,43 +1,39 @@
|
||||
|
||||
locals {
|
||||
gitea_env_vars = {
|
||||
APP_NAME = var.app_name
|
||||
HTTP_PORT = "3000"
|
||||
RUN_MODE = "prod"
|
||||
LFS_START_SERVER = "true"
|
||||
SSH_DOMAIN = var.fqdn
|
||||
DISABLE_REGISTRATION = true
|
||||
INSTALL_LOCK = "true"
|
||||
DB_TYPE = "mysql"
|
||||
DB_NAME = "gitea"
|
||||
DB_HOST = module.gitea_database.host
|
||||
SSH_LISTEN_PORT = 22
|
||||
GITEA__mailer__ENABLED = true
|
||||
GITEA__mailer__FROM = var.from_email
|
||||
GITEA__mailer__SMTP_ADDR = var.smtp_host
|
||||
GITEA__mailer__SMTP_PORT = var.smtp_port
|
||||
GITEA__mailer__PROTOCOL = "smtps"
|
||||
}
|
||||
|
||||
gitea_secrets = {
|
||||
DB_USER = {
|
||||
key = "username"
|
||||
name = module.gitea_database.app_crendentials_name
|
||||
}
|
||||
DB_PASSWD = {
|
||||
key = "password"
|
||||
name = module.gitea_database.app_crendentials_name
|
||||
}
|
||||
GITEA__mailer__USER = {
|
||||
key = "username"
|
||||
name = kubernetes_secret.gitea_mail_credentials.metadata[0].name
|
||||
}
|
||||
GITEA__mailer__PASSWD = {
|
||||
key = "password"
|
||||
name = kubernetes_secret.gitea_mail_credentials.metadata[0].name
|
||||
}
|
||||
}
|
||||
|
||||
gitea_path = "${var.persistent_folder}/gitea"
|
||||
gitea_db_path = "${var.database_folder}/mysql.gitea"
|
||||
|
||||
config = templatefile("${path.module}/resources/app.ini.tpl", {
|
||||
APP_NAME = var.app_config.app_name
|
||||
RUN_MODE = var.app_config.run_mode
|
||||
DOMAIN = var.app_config.domain
|
||||
HTTP_PORT = var.app_config.http_port
|
||||
TLS_ENABLED = var.tls_enabled
|
||||
DISABLE_SSH = var.app_config.disable_ssh
|
||||
SSH_PORT = var.app_config.ssh_port
|
||||
LFS_JWT_SECRET = var.app_config.lfs_jwt_secret
|
||||
DB_HOST = var.app_config.db_host
|
||||
DB_PORT = var.app_config.db_port
|
||||
DB_NAME = var.app_config.db_name
|
||||
DB_USER = var.app_config.db_user
|
||||
DB_PASSWD = var.app_config.db_passwd
|
||||
DB_SSL_MODE = var.tls_enabled ? "skip-verify" : "false"
|
||||
SECRET_KEY = var.app_config.secret_key
|
||||
INTERNAL_TOKEN = var.app_config.internal_token
|
||||
DISABLE_REGISTRATION = var.app_config.disable_registration
|
||||
REQUIRE_SIGNIN_VIEW = var.app_config.require_signin_view
|
||||
REGISTER_EMAIL_CONFIRM = var.app_config.register_email_confirm
|
||||
ENABLE_NOTIFY_MAIL = var.app_config.enable_notify_mail
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = var.app_config.allow_only_external_registration
|
||||
ENABLE_CAPTCHA = var.app_config.enable_captcha
|
||||
NO_REPLY_ADDRESS = var.app_config.no_reply_address
|
||||
JWT_SECRET = var.app_config.jwt_secret
|
||||
MAIL_FROM = var.app_config.mail_from
|
||||
SMTP_USER = var.app_config.smtp_user
|
||||
SMTP_PASSWD = var.app_config.smtp_passwd
|
||||
SMTP_PROTOCOL = var.app_config.smtp_protocol
|
||||
SMTP_HOST = var.app_config.smtp_host
|
||||
SMTP_PORT = var.app_config.smtp_port
|
||||
})
|
||||
config_checksum = sha256(local.config)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user