0
0
Fork 0
mirror of https://codeberg.org/forgejo/docs.git synced 2024-11-25 18:19:26 -05:00

developer: infrastructure: no need for Enough, use ssh instead

It lowers the learning curve a little more for future sysadmins.

Also remove the obsolete hardware paragraph in the code.forgejo.org
page.
This commit is contained in:
Earl Warren 2024-02-25 18:43:23 +01:00 committed by Earl Warren
parent 09dfcc4ec0
commit 7dee6e6060
2 changed files with 8 additions and 38 deletions

View file

@ -15,27 +15,3 @@ To make these repositories easier to find, the following push mirrors are in pla
- https://code.forgejo.org/forgejo/runner => https://codeberg.org/forgejo/runner
- https://code.forgejo.org/forgejo/act => https://codeberg.org/forgejo/act
## Hardware
https://code.forgejo.org runs on the `code` LXC container hosted on the [hetzner{02,03}.forgejo.org LXC hypervisor](../infrastructure).
It is deployed and upgraded using the following [Enough command line](https://enough-community.readthedocs.io):
```shell
$ mkdir -p ~/.enough
$ git clone https://forgejo.octopuce.forgejo.org/forgejo/enough-code ~/.enough/code.forgejo.org
$ enough --domain code.forgejo.org service create --host bind-host forgejo
```
Upgrading only Forgejo:
```shell
$ enough --domain code.forgejo.org playbook -- --limit bind-host,localhost --private-key ~/.enough/code.forgejo.org/infrastructure_key venv/share/enough/playbooks/forgejo/forgejo-playbook.yml
```
Login in the machine hosting the Forgejo instance for debugging purposes:
```shell
enough --domain code.forgejo.org ssh bind-host
```

View file

@ -3,20 +3,16 @@ title: Hardware infrastructure
license: 'CC-BY-SA-4.0'
---
## Codeberg
Codeberg provides a LXC container with 48GB RAM, 24 threads and SSD drive to be used for the CI. A Forgejo Runner is installed in `/opt/runner` and registered with a token obtained from https://codeberg.org/forgejo. It does not allow running privileged containers or LXC containers for security reasons. The runner is intended to be used for pull requests, for instance in https://codeberg.org/forgejo/forgejo.
## Octopuce
[Octopuce provides hardware](https://codeberg.org/forgejo/sustainability) managed by [the devops team](https://codeberg.org/forgejo/governance/src/branch/main/TEAMS.md#devops). It can be accessed via a VPN.
[Octopuce provides hardware](https://codeberg.org/forgejo/sustainability) managed by [the devops team](https://codeberg.org/forgejo/governance/src/branch/main/TEAMS.md#devops). It can only be accessed via SSH.
The VPN is deployed and upgraded using the following [Enough command line](https://enough-community.readthedocs.io):
To access the services hosted on the LXC containers, ssh port forwarding to the private IPs can be used. For instance:
```shell
$ mkdir -p ~/.enough
$ git clone https://forgejo.octopuce.forgejo.org/forgejo/enough-octopuce ~/.enough/octopuce.forgejo.org
$ enough --domain octopuce.forgejo.org service create openvpn
```sh
echo 127.0.0.1 private.forgejo.org >> /etc/hosts
sudo ssh -i ~/.ssh/id_rsa -L 80:10.77.0.128:80 debian@forgejo01.octopuce.fr
firefox http://private.forgejo.org
```
### Containers
@ -25,7 +21,7 @@ It hosts LXC containers setup with [lxc-helpers](https://code.forgejo.org/forgej
- `fogejo-host`
Dedicated to https://private.forgejo.org (`ssh -p 2222 debian@private.forgejo.org`)
Dedicated to http://private.forgejo.org
- LXC creation
```sh
@ -46,9 +42,7 @@ It hosts LXC containers setup with [lxc-helpers](https://code.forgejo.org/forgej
- `fogejo-runner-host`
Dedicated to https://private-runner.forgejo.org (`ssh debian@private-runner.forgejo.org`)
Has runners installed as explained elsewhere in this document.
Has runners installed to run against private.forgejo.org
- LXC creation
```sh