Add Template to deploy forgejo.
This template allows deploying a forgejo en either Scaleway or Hetzner (untested) without much knowledge about them. It DOES require knowledge about Terragrunt and ansible. A wizard of sorts is provided but it will not guarantee success without some knowledge about the underlying technology.
This commit is contained in:
parent
a9f546f92a
commit
822e42dbb8
48 changed files with 6846 additions and 2 deletions
29
ansible/roles/forgejo/tasks/ssl.yml
Normal file
29
ansible/roles/forgejo/tasks/ssl.yml
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
# SSL/TLS setup for Caddy
|
||||
# Note: Caddy handles Let's Encrypt certificates automatically!
|
||||
# This file only sets up log directories and verifies configuration.
|
||||
|
||||
- name: Create Caddy log directory
|
||||
ansible.builtin.file:
|
||||
path: /var/log/caddy
|
||||
state: directory
|
||||
owner: caddy
|
||||
group: caddy
|
||||
mode: '0755'
|
||||
become: yes
|
||||
|
||||
- name: Verify Caddy is configured for HTTPS
|
||||
ansible.builtin.debug:
|
||||
msg: >
|
||||
Caddy will automatically obtain and renew TLS certificates for {{ forgejo_domain }}
|
||||
using Let's Encrypt. The email {{ letsencrypt_email }} will be used for renewal
|
||||
notifications. No manual certificate management is required.
|
||||
|
||||
- name: Ensure Caddy data directory exists (for certificates)
|
||||
ansible.builtin.file:
|
||||
path: /var/lib/caddy/.local/share/caddy
|
||||
state: directory
|
||||
owner: caddy
|
||||
group: caddy
|
||||
mode: '0700'
|
||||
become: yes
|
||||
Loading…
Add table
Add a link
Reference in a new issue