From b923e08e5526046791906e4a4d0361a7f6476491 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sat, 23 Mar 2024 10:09:27 +0200
Subject: monorepo.liw.fi: add

Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author
---
 ansible/hosts               |  1 +
 ansible/monorepo.liw.fi.yml | 64 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 65 insertions(+)
 create mode 100644 ansible/monorepo.liw.fi.yml

(limited to 'ansible')

diff --git a/ansible/hosts b/ansible/hosts
index bcc5040..ad57af3 100644
--- a/ansible/hosts
+++ b/ansible/hosts
@@ -56,6 +56,7 @@ gregvm                  ansible_ssh_host=78.46.87.152
 git.liw.fi
 http.liw.fi
 irc.liw.fi
+monorepo.liw.fi
 shell-shell.vm.liw.fi
 radicle.liw.fi
 seed.liw.fi
diff --git a/ansible/monorepo.liw.fi.yml b/ansible/monorepo.liw.fi.yml
new file mode 100644
index 0000000..1f1797d
--- /dev/null
+++ b/ansible/monorepo.liw.fi.yml
@@ -0,0 +1,64 @@
+- hosts: monorepo.liw.fi
+  remote_user: root
+  roles:
+    - role: sane_debian_system
+    - role: sshd
+    - role: unix_users
+    - role: apache_server
+    - role: self-updating-system
+  tasks:
+    - apt:
+        name:
+          - git
+    - shell: |
+        a2enmod cgi alias env
+    - copy:
+        content: |
+          <VirtualHost *:80>
+                  ServerName monorepo.liw.fi
+                  ServerAdmin liw@liw.fi
+                  DocumentRoot /var/www/html
+
+                  <Directory "/">
+                      AllowOverride None
+                      Order deny,allow
+                      Allow from all
+                  </Directory>
+
+                  <Location "/>
+                      Require all granted
+                  </Location>
+
+                  ErrorLog ${APACHE_LOG_DIR}/error.log
+                  CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+                  SetEnv GIT_PROJECT_ROOT /home/liw/git
+                  SetEnv GIT_HTTP_EXPORT_ALL
+                  ScriptAlias /git/ /usr/lib/git-core/git-http-backend/
+          </VirtualHost>
+        dest: /etc/apache2/sites-enabled/000-default.conf
+    - systemd:
+        name: apache2
+        state: restarted
+
+  vars:
+    sane_debian_system_version: 2
+    sane_debian_system_hostname: monorepo
+    sane_debian_system_codename: bookworm
+    sane_debian_system_mirror: deb.debian.org
+
+    unix_users_version: 2
+    unix_users:
+      - username: liw
+        comment: Lars Wirzenius
+        sudo: yes
+
+    letsencrypt: no
+    letsencrypt_email: liw@liw.fi
+    letsencrypt_main_domain: monorepo.liw.fi
+    certbot_debian_release: bookworm
+
+    sshd_version: 1
+    sshd_host_key: "{{ lookup('pipe', 'sshca host private-key monorepo.liw.fi') }}"
+    sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 monorepo.liw.fi') }}"
+    sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}"
-- 
cgit v1.2.1