Commit graph

17 commits

Author SHA1 Message Date
c2e33fd4cf Replace run.sh with ansible-playbook
I've learned more about Ansible, and that the flags I set by using
`run.sh` are also settable with a `ansible.cfg` file! That's about the
same amount of overhead, but enables everything else to be more
standard. Neat!
2024-06-10 13:05:51 -07:00
24ea2b9de1 Oops, update the README to match the newly-renamed setup-machine.yml 2024-06-10 13:04:56 -07:00
a9db85d7c8 Restart every week, to help ensure SSL certificate renews
Oh right, I dealt with this a few months ago too: I got a notice from
Let's Encrypt that our code.openneo.net SSL certificate was going to
expire soon. And last time, restarting the Forgejo service fixed it and
got a new certificate issued immediately!

My inference is that the logic to check on the certificate status only
happens on startup. So, let's add code to the service file to ensure
that Forgejo will terminate after 7 days of runtime; and the
`Restart=always` setting will ensure that it comes immediately back up.
2024-06-10 13:03:19 -07:00
fcc9a0a3ce Configure machine's hostname as code.openneo.net 2024-06-10 12:55:00 -07:00
7e9ca2023c Upgrade to Forgejo v7.0.3 2024-05-27 13:58:54 -07:00
bf0c5a05c2 Upgrade Forgejo to v1.21.11
Security update: https://forgejo.org/2024-04-release-v1-21-11-0/
2024-04-19 16:04:05 -07:00
091d6f8267 Upgrade Forgejo to v1.21.10
In response to a security update! I didn't bother doing the backup and
doctor and stuff this time, since this upgrade seems minor. And indeed,
just hot-swapping the binary like last time seems to have worked great!
2024-04-05 06:08:10 -07:00
4a3e9d6b3e Upgrade Forgejo to v1.21.6
Security update! https://forgejo.org/2024-02-release-v1-21-6-0/

Love how simple this is. I also followed the upgrade guide:
https://forgejo.org/docs/v1.21/admin/upgrade/

I did the dump (just a single command since we're on SQLite), and also
ran the `doctor`, and I broke the upgrade guidance a bit because it
returned some warnings that seemed pretty plainly non-blocking, e.g.
"orphaned OAuth2 applications belonging to no users" and stuff like
that.
2024-03-01 14:25:58 -08:00
1bac54c132 Copy-edits and comments 2024-01-15 00:38:30 -08:00
a9495c09bf Write a README
I adapted this from the one I wrote last night for the
`openneo-analytics` repo!
2024-01-15 00:08:36 -08:00
695d85cc5b Remove warnings-to-self about secrets
Back when I had secrets just hardcoded into the repo, I added these to
make sure I wouldn't publish the repo without realizing I had left
those in! But now I've gone back and obliterated them from git history,
so we're okay to share! (Not just I committed over them, but they are
*fully gone*.)
2024-01-15 00:02:57 -08:00
8628ab45c8 Extract config secrets into separate files
I'm glad I read the docs and found the canonical way to do this before
inventing some custom thing!!
2024-01-14 23:59:18 -08:00
911966a514 Add license file 2024-01-14 23:59:18 -08:00
e0ffcbdd7f Oops, enable the Forgejo service!
That's a step I've been forgetting with services lately, but yeah, I
ran into this where analytics.openneo.net went down and I wasn't sure
why it didn't get auto-restarted, and I think it being Started But Not
Enabled is why.

So, ta-da! Fix it here before we run into that lol.

Also I refactored the handlers a bit, after seeing how I did it in the
analytics Ansible file and going like. Oh, yeah, that's just better lol
2024-01-14 23:59:18 -08:00
6ca70721ec set /OpenNeo org page as the default landing page 2024-01-14 23:59:18 -08:00
be6391ba91 setup HTTPS!
EDIT: I originally committed the actual secrets into this file, but
since came back in git history and rewrote this commit to redact them!
I wasn't expecting to share this repo, but now I am!
2024-01-14 23:59:18 -08:00
db09f95ac1 initial commit: it runs! 2024-01-13 21:47:50 -08:00