add gateway automatic template and fefan vm

2026-01-19 17:05:38 +01:00
parent d98c7b8bdb
commit f851ead7cd
56 changed files with 1243 additions and 82 deletions
--- a/modules/apps/gateway/lib/scripts/install-traefik.sh
+++ b/modules/apps/gateway/lib/scripts/install-traefik.sh
@@ -0,0 +1,63 @@
+#!/bin/bash
+
+# GATEWAY_REPOSITORY_LOCATION (path on vm)
+# GATEWAY_REPOSITORY (path on gitea)
+# TRAEFIK_USER
+# TRAEFIK_BINARY
+# TRAEFIK_VERSION
+# TRAEFIK_CONF
+
+source /opt/gateway/env.sh
+
+if ! id -u $TRAEFIK_USER >/dev/null 2>&1; then
+    adduser \
+        --system \
+        --shell /bin/bash \
+        --gecos 'Traefik reverse proxy user' \
+        --group \
+        --disabled-password \
+        --home /home/$TRAEFIK_USER \
+        $TRAEFIK_USER
+fi
+
+if [ ! -f $TRAEFIK_BINARY ]; then
+    wget -O /tmp/traefik.tar.gz "https://github.com/traefik/traefik/releases/download/$TRAEFIK_VERSION/traefik_${TRAEFIK_VERSION}_linux_amd64.tar.gz"
+    tar -zxvf /tmp/traefik.tar.gz -C /usr/local/bin traefik
+    chmod +x $TRAEFIK_BINARY
+fi
+
+mkdir -p /etc/traefik/certs
+touch /etc/traefik/acme.json
+chown $TRAEFIK_USER:$TRAEFIK_USER /etc/traefik/acme.json
+chmod 600 /etc/traefik/acme.json
+setcap 'cap_net_bind_service=+ep' /usr/local/bin/traefik
+
+git clone https://gitea.aldon.fr/$GATEWAY_REPOSITORY.git $GATEWAY_REPOSITORY_LOCATION
+
+cat > "$TRAEFIK_CONF" <<EOF
+entryPoints:
+  web:
+    address: ":80"
+  websecure:
+    address: ":443"
+providers:
+  file:
+    directory: $GATEWAY_REPOSITORY_LOCATION
+    watch: true
+api:
+  dashboard: false
+  insecure: false
+log:
+  level: INFO
+accessLog: {}
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      email: julien.aldon@wanadoo.fr
+      storage: /etc/traefik/acme.json
+      httpChallenge:
+        entryPoint: web
+EOF
+
+systemctl enable traefik.service
+systemctl start traefik.service