-
Notifications
You must be signed in to change notification settings - Fork 4.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #449 from aws-cloudformation/gitea-config
Gitea config
- Loading branch information
Showing
2 changed files
with
17 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -132,7 +132,7 @@ Resources: | |
| - Key: Name | ||
| Value: gitea-server | ||
| UserData: !Base64 | ||
| Fn::Sub: "#!/bin/bash\n\nset -eou pipefail\n\nlocal_ip=$(ec2-metadata | grep \"^local-ipv4: \" | cut -d \" \" -f 2)\n\n# Get the password from secrets manager\nsecret_string=$(aws secretsmanager get-secret-value --secret-id ${SecretName} | jq -r \".SecretString\")\n\n# Install cfn-signal\nyum install -y aws-cfn-bootstrap\n\n# Install go\nyum install -y go\n\n# Install nodejs\nyum install -y nodejs\n\n# Clone the repo and build Gitea\nsudo -u ec2-user -i <<EOF\ncd /home/ec2-user\nmkdir /home/ec2-user/lib\ntouch /home/ec2-user/gitea.ini\ngit clone https://github.com/go-gitea/gitea\ncd gitea\ngit checkout v1.22.1\nTAGS=\"bindata sqlite sqlite_unlock_notify\" make build\nEOF\n\n\n# Install was failing because of this for some reason\n# This is the default and I think there is code that doesn't check to \n# see that we changed it.\nmkdir /home/git\nchown ec2-user /home/git\n\n# Configure systemd\ntee /etc/systemd/system/gitea.service <<EOF\n[Unit]\nDescription=Gitea (Git with a cup of tea)\nAfter=network.target\n[Service]\nRestartSec=2s\nType=simple\nUser=ec2-user\nGroup=ec2-user\nWorkingDirectory=/home/ec2-user/lib\nExecStart=/home/ec2-user/gitea/gitea web --port 8080 --config /home/ec2-user/gitea.ini\nRestart=always\nEnvironment=USER=ec2-user HOME=/home/git GITEA_WORK_DIR=/home/ec2-user/lib\n[Install]\nWantedBy=multi-user.target\nEOF\n\n# Configure gitea for headless install using the private IP\ntee /home/ec2-user/gitea.ini << EOF\n[server]\nHTTP_ADDR = $local_ip\n\n[security] \nINSTALL_LOCK = true\n\n[database]\nDB_TYPE = sqlite3\nEOF\n\nchown ec2-user /home/ec2-user/gitea.ini\n\nsystemctl daemon-reload\nsystemctl enable --now gitea\n\n# Wait for the server to start up\nsleep 30\n\n# Create the admin user\ncd /home/ec2-user/gitea\nsudo -u ec2-user ./gitea --config /home/ec2-user/gitea.ini admin user create --username admin1 --password $secret_string --email [email protected] --admin --must-change-password=false\n\n# Tell CloudFormation we're ready to go\n# This is a variable for the Sub intrisic function, not a bash variable\ncfn-signal -s true --stack ${AWS::StackName} --resource Server --region ${AWS::Region}" | ||
| Fn::Sub: "#!/bin/bash\n\nset -eou pipefail\n\nlocal_ip=$(ec2-metadata | grep \"^local-ipv4: \" | cut -d \" \" -f 2)\n\n# Get the password from secrets manager\nsecret_string=$(aws secretsmanager get-secret-value --secret-id ${SecretName} | jq -r \".SecretString\")\n\n# Install cfn-signal\nyum install -y aws-cfn-bootstrap\n\n# Install go\nyum install -y go\n\n# Install nodejs\nyum install -y nodejs\n\n# Clone the repo and build Gitea\nsudo -u ec2-user -i <<EOF\ncd /home/ec2-user\nmkdir /home/ec2-user/lib\ntouch /home/ec2-user/gitea.ini\n\ngit clone https://github.com/go-gitea/gitea\ncd gitea\ngit checkout v1.22.1\nTAGS=\"bindata sqlite sqlite_unlock_notify\" make build\nEOF\n\n\n# Install was failing because of this for some reason\n# This is the default and I think there is code that doesn't check to \n# see that we changed it.\nmkdir /home/git\nchown ec2-user /home/git\n\n# Configure systemd\ntee /etc/systemd/system/gitea.service <<EOF\n[Unit]\nDescription=Gitea (Git with a cup of tea)\nAfter=network.target\n[Service]\nRestartSec=2s\nType=simple\nUser=ec2-user\nGroup=ec2-user\nWorkingDirectory=/home/ec2-user/lib\nExecStart=/home/ec2-user/gitea/gitea web --port 8080 --config /home/ec2-user/gitea.ini\nRestart=always\nEnvironment=USER=ec2-user HOME=/home/git GITEA_WORK_DIR=/home/ec2-user/lib\n[Install]\nWantedBy=multi-user.target\nEOF\n\n# Configure gitea for headless install using the private IP\ntee /home/ec2-user/gitea.ini << EOF\n[database]\nDB_TYPE = sqlite3\n\n[security] \nINSTALL_LOCK = true\n\n[server]\nHTTP_ADDR = $local_ip\n\n[service]\nDISABLE_REGISTRATION = true\n\n[service.explore]\nREQUIRE_SIGNIN_VIEW = true\nDISABLE_USERS_PAGE = true\n\n[other]\nENABLE_SITEMAP = false\nENABLE_FEED = false\nEOF\n\nchown ec2-user /home/ec2-user/gitea.ini\n\nsystemctl daemon-reload\nsystemctl enable --now gitea\n\n# Wait for the server to start up\nsleep 30\n\n# Create the admin user\ncd /home/ec2-user/gitea\nsudo -u ec2-user ./gitea --config /home/ec2-user/gitea.ini admin user create --username admin1 --password $secret_string --email [email protected] --admin --must-change-password=false\n\n# Tell CloudFormation we're ready to go\n# This is a variable for the Sub intrisic function, not a bash variable\ncfn-signal -s true --stack ${AWS::StackName} --resource Server --region ${AWS::Region}" | ||
|
|
||
| NetworkVPC: | ||
| Type: AWS::EC2::VPC | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters