diff --git a/pillars/roles/mount/deluge.sls b/pillars/roles/mount/deluge.sls new file mode 100644 index 0000000..4e41a33 --- /dev/null +++ b/pillars/roles/mount/deluge.sls @@ -0,0 +1,6 @@ +mount: + sshfs: + /mnt/video: + host: host.actcur.com + directory: /mnt/butter/video + user: mount diff --git a/pillars/roles/mount/radarr.sls b/pillars/roles/mount/radarr.sls new file mode 100644 index 0000000..4e41a33 --- /dev/null +++ b/pillars/roles/mount/radarr.sls @@ -0,0 +1,6 @@ +mount: + sshfs: + /mnt/video: + host: host.actcur.com + directory: /mnt/butter/video + user: mount diff --git a/pillars/roles/mount/sonarr.sls b/pillars/roles/mount/sonarr.sls new file mode 100644 index 0000000..4e41a33 --- /dev/null +++ b/pillars/roles/mount/sonarr.sls @@ -0,0 +1,6 @@ +mount: + sshfs: + /mnt/video: + host: host.actcur.com + directory: /mnt/butter/video + user: mount diff --git a/states/roles/build/gitlab/init.sls b/states/roles/build/gitlab/init.sls index f6e832e..f9a1db7 100644 --- a/states/roles/build/gitlab/init.sls +++ b/states/roles/build/gitlab/init.sls @@ -4,9 +4,6 @@ redis-running: service.running: - name: redis - enable: true - - watch: - - file: /etc/redis.conf - - file: /etc/tempfiles.d/redis.conf gitlab_init_db: cmd.run: - name: "bundle-2.3 exec rake gitlab:setup RAILS_ENV=production force=yes" diff --git a/states/roles/maintain/gitlab/conf_files/database.yml b/states/roles/maintain/gitlab/conf_files/database.yml index b117008..c5b2214 100644 --- a/states/roles/maintain/gitlab/conf_files/database.yml +++ b/states/roles/maintain/gitlab/conf_files/database.yml @@ -9,7 +9,7 @@ production: database: gitlab pool: 10 username: gitlab - password: "jMDuAGPf2nfKAyXrOKSM" + password: "{%- include 'secure/gitlab_db_password.txt' -%}" host: sql.actcur.com # socket: /tmp/mysql.sock diff --git a/states/roles/maintain/gitlab/conf_files/gitlab.conf b/states/roles/maintain/gitlab/conf_files/gitlab.conf index 8562780..cda4f4e 100644 --- a/states/roles/maintain/gitlab/conf_files/gitlab.conf +++ b/states/roles/maintain/gitlab/conf_files/gitlab.conf @@ -28,7 +28,7 @@ server { ## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server; listen 0.0.0.0:8000; listen [::]:8000; - server_name git2.actcuricom; ## Replace this with something like gitlab.example.com + server_name git2.actcur.com; ## Replace this with something like gitlab.example.com server_tokens off; ## Don't show the nginx version number, a security best practice ## See app/controllers/application_controller.rb for headers set diff --git a/states/roles/maintain/gitlab/conf_files/gitlab.yml b/states/roles/maintain/gitlab/conf_files/gitlab.yml index 25423ad..233d4e8 100644 --- a/states/roles/maintain/gitlab/conf_files/gitlab.yml +++ b/states/roles/maintain/gitlab/conf_files/gitlab.yml @@ -30,8 +30,8 @@ production: &base gitlab: ## Web server settings (note: host is the FQDN, do not include http://) host: git.actcur.com - port: 8000 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details - https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details + port: 443 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details + https: true # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details # Uncommment this line below if your ssh host is different from HTTP/HTTPS one # (you'd obviously need to replace ssh.host_example.com with your own host). @@ -67,8 +67,8 @@ production: &base # Uncomment and set to false if you need to disable email sending from GitLab (default: true) # email_enabled: true # Email address used in the "From" field in mails sent by GitLab - email_from: git@actcur.com - email_display_name: GitLab + email_from: notifications@actcur.com + email_display_name: Actcur Git email_reply_to: noreply@actcur.com email_subject_suffix: '' diff --git a/states/roles/maintain/gitlab/conf_files/smtp_settings.rb b/states/roles/maintain/gitlab/conf_files/smtp_settings.rb index 687a110..1f28a51 100644 --- a/states/roles/maintain/gitlab/conf_files/smtp_settings.rb +++ b/states/roles/maintain/gitlab/conf_files/smtp_settings.rb @@ -12,13 +12,12 @@ if Rails.env.production? ActionMailer::Base.delivery_method = :smtp ActionMailer::Base.smtp_settings = { + authentication: :plain, address: "smtp.zoho.com", port: 587, - user_name: "gitlab@actcur.com", + user_name: "notifications@actcur.com", password: "{%- include 'secure/gitlab_smtp_password.txt' -%}", - domain: "zoho.com", - authentication: :plain, + domain: "smtp.zoho.com", enable_starttls_auto: true, - openssl_verify_mode: 'peer' # See ActionMailer documentation for other possible options } end diff --git a/states/roles/maintain/gitlab/init.sls b/states/roles/maintain/gitlab/init.sls index 0b45dd3..7725fb0 100644 --- a/states/roles/maintain/gitlab/init.sls +++ b/states/roles/maintain/gitlab/init.sls @@ -19,6 +19,7 @@ gitlab_nginx: - user: root - group: root - mode: 644 + - template: jinja /etc/webapps/gitlab/resque.yml: file.managed: - source: salt://roles/maintain/gitlab/conf_files/resque.yml @@ -36,8 +37,8 @@ gitlab_nginx: - source: salt://roles/maintain/gitlab/conf_files/smtp_settings.rb - user: root - group: root - - template: jinja - mode: 644 + - template: jinja /usr/share/webapps/gitlab/config/environments/production.rb: file.managed: - source: salt://roles/maintain/gitlab/conf_files/production.rb diff --git a/states/roles/maintain/nginx-proxy/init.sls b/states/roles/maintain/nginx-proxy/init.sls index 233123c..78cea2d 100644 --- a/states/roles/maintain/nginx-proxy/init.sls +++ b/states/roles/maintain/nginx-proxy/init.sls @@ -26,6 +26,10 @@ nginx: {##ensure that nginx pillar exists##} {%- if pillar['nginx'] is defined -%} + {%- set resolver = salt['dnsutil.A']('r.actcur.com')[0] -%} + {%- if resolver|string() == "U" -%} + {%- set resolver = "172.16.40.20" -%} + {%- endif -%} {##set up conf files for this server##} {%- for name in pillar['nginx'] %} @@ -57,7 +61,7 @@ nginx: - template: jinja - context: server: {{ name }} - resolver: {{ salt['dnsutil.A']('r.actcur.com')[0] }} + resolver: {{ resolver }} {%- endfor %} {%- endif %} @@ -72,7 +76,7 @@ nginx: - mode: 644 - template: jinja - context: - resolver: {{ salt['dnsutil.A']('r.actcur.com')[0] }} + resolver: {{ resolver }} "/etc/nginx/certs/portal.actcur.com/": file.recurse: