fenix-gitea-admin/iac-opentofu-public
1
0
Fork 0
mirror of https://gitea.fenix-dev.com/fenix-gitea-admin/iac-opentofu-private.git synced 2025-10-28 08:02:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: fenix-gitea-admin:fc2b08a458209289faf6977ad3fcd6cd5154c46f
Branches Tags
fenix-gitea-admin:fenix-admin fenix-gitea-admin:dev fenix-gitea-admin:main fenix-gitea-admin:fenix
fenix-gitea-admin:V01-PROXMOX-VAULTWARDEN
...
compare: fenix-gitea-admin:main
Branches Tags
fenix-gitea-admin:dev fenix-gitea-admin:fenix-admin fenix-gitea-admin:main fenix-gitea-admin:fenix
fenix-gitea-admin:V01-PROXMOX-VAULTWARDEN

14 Commits
fc2b08a458 ... main

Author SHA1 Message Date
fenix-gitea-admin
870a07b97e Merge pull request 'dev' (#257) from dev into main 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#257
 2025-09-11 18:54:13 +00:00
fenix-gitea-admin
9e5efb3a90 Merge pull request 'Update README.md' (#256) from fenix-admin into dev 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#256
 2025-09-11 18:53:20 +00:00
fenix-gitea-admin
df4b2d1255 Update README.md 2025-09-11 18:50:32 +00:00
fenix-gitea-admin
54a6b90307 Merge pull request 'fenix-admin' (#255) from fenix-admin into dev 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#255
 2025-09-11 18:50:13 +00:00
fenix-gitea-admin
d8e3ed45b9 README 2025-09-11 18:44:43 +00:00
fenix-gitea-admin
2a61b166b4 Merge pull request 'dev' (#251) from dev into main 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#251
 2025-09-11 18:41:23 +00:00
fenix-gitea-admin
f9a02d0a3b Merge pull request 'dev' (#249) from dev into fenix-admin 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#249
 2025-09-11 18:39:47 +00:00
fenix-gitea-admin
58ec08c79a dev 2025-09-11 18:38:58 +00:00
fenix-gitea-admin
a84c0de09f Merge pull request '[deploy-opentofu]' (#248) from fenix-admin into main 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#248
 2025-09-11 18:33:11 +00:00
fenix-gitea-admin
4d6491ff24 [deploy-opentofu] 2025-09-11 18:32:24 +00:00
fenix-gitea-admin
b5e2fd76a9 Merge pull request '[deploy-opentofu]' (#247) from fenix-admin into main 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#247
 2025-09-10 22:01:59 +00:00
fenix-gitea-admin
d04cc7477c [deploy-opentofu] 2025-09-10 22:01:24 +00:00
fenix-gitea-admin
a9213a040c Merge pull request '[deploy-opentofu]' (#246) from fenix-admin into main 
Reviewed-on: fenix-gitea-admin/iac-opentofu-private#246
 2025-09-10 20:36:09 +00:00
fenix-gitea-admin
0b0e3db854 [deploy-opentofu] 2025-09-10 20:35:02 +00:00
2 changed files with 16 additions and 13 deletions
Expand all files Collapse all files

28
.gitea/workflows/ci-test.yaml
View File

@ -2,7 +2,7 @@ name: IAC
on: on:
push: push:
branches: [ main ] branches: [ dev ]
workflow_dispatch: workflow_dispatch:
jobs: jobs:
@ -17,6 +17,7 @@ jobs:
BW_PASSWORD: ${{ secrets.BW_PASSWORD }} BW_PASSWORD: ${{ secrets.BW_PASSWORD }}
BW_CLIENTID: ${{ secrets.BW_CLIENTID }} BW_CLIENTID: ${{ secrets.BW_CLIENTID }}
BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }} BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }}
VAULTWARDEN_LINK: ${{secrets.VAULTWARDEN_LINK }}
steps: steps:
@ -82,16 +83,27 @@ jobs:
} }
EOF EOF
- name: vaultwarden urls as secrets
working-directory:
run: |
bw config server $VAULTWARDEN_LINK
bw login --apikey
BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
bw get item "iac.proxmox.ssh.link" --session "$BW_SESSION" | jq -r '.notes' > "proxmox-ssh-link.txt"
- name: Start cloudflared Access TCP -> SOCKS5 (background) - name: Start cloudflared Access TCP -> SOCKS5 (background)
env: env:
CF_SVC_ID: ${{ secrets.CF_SVC_ID }} CF_SVC_ID: ${{ secrets.CF_SVC_ID }}
CF_SVC_SECRET: ${{ secrets.CF_SVC_SECRET }} CF_SVC_SECRET: ${{ secrets.CF_SVC_SECRET }}
HOSTNAME: "proxmox-ssh.fenix-dev.com"
run: | run: |
Hostname=$(cat proxmox-ssh-link.txt)
# Inicia cloudflared access tcp/ssh com service token e listener socks local # Inicia cloudflared access tcp/ssh com service token e listener socks local
# O binário 'cloudflared' tem variações de flags entre versões; estes flags funcionam nas versões recentes. # O binário 'cloudflared' tem variações de flags entre versões; estes flags funcionam nas versões recentes.
nohup cloudflared access tcp \ nohup cloudflared access tcp \
--hostname "$HOSTNAME" \ --hostname "$Hostname" \
--listener "tcp://127.0.0.1:1081" \ --listener "tcp://127.0.0.1:1081" \
--service-token-id "$CF_SVC_ID" \ --service-token-id "$CF_SVC_ID" \
--service-token-secret "$CF_SVC_SECRET" \ --service-token-secret "$CF_SVC_SECRET" \
@ -122,20 +134,10 @@ jobs:
sleep 3 sleep 3
cat dante.log cat dante.log
#- name: vaultwarden login
# working-directory: infra/iac
# run: |
# bw config server https://vaultwarden.fenix-dev.com
# #BW_SESSION=$(bw login)
# bw login --apikey
# BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
- name: vaultwarden getsecrets - name: vaultwarden getsecrets
working-directory: infra/iac working-directory: infra/iac
run: | run: |
bw config server https://vaultwarden.fenix-dev.com
bw login --apikey
BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw) BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
# Ler o arquivo de referência # Ler o arquivo de referência

1
README.md Normal file
View File

@ -0,0 +1 @@
the most stable branch is main, dev is where tests are made, and the remaining branches are personal and can undergo changes at any time