kazu634
/
itamae
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Set up `go-mmproxy`.

This commit is contained in:
Kazuhiro MUSASHI 2020-11-01 14:50:37 +09:00
parent 49b4326aa1
commit 2228abd12a
3 changed files with 68 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cookbooks/gitea/files/etc/consul.d/service-go-mmproxy.json Normal file
View File

@ -0,0 +1,12 @@
{
"service": {
"name": "go-mmproxy",
"port": 50021,
"check":{
"tcp": "localhost:50021",
"interval": "60s",
"timeout": "1s",
"success_before_passing": 3
}
}
}

17
cookbooks/gitea/files/etc/systemd/system/go-mmproxy.service Normal file
View File

@ -0,0 +1,17 @@
[Unit]
Description=go-mmproxy
After=network.target
[Service]
Type=simple
LimitNOFILE=65535
ExecStartPost=/sbin/ip rule add from 127.0.0.1/8 iif lo table 123
ExecStartPost=/sbin/ip route add local 0.0.0.0/0 dev lo table 123
ExecStart=/usr/local/bin/go-mmproxy -l 0.0.0.0:50021 -4 127.0.0.1:10022 -v 2
ExecStopPost=/sbin/ip rule del from 127.0.0.1/8 iif lo table 123
ExecStopPost=/sbin/ip route del local 0.0.0.0/0 dev lo table 123
Restart=on-failure
RestartSec=10s
[Install]
WantedBy=multi-user.target

39
cookbooks/gitea/setup-go-mmproxy.rb Normal file
View File

@ -0,0 +1,39 @@
# Deploy `supervisord` config`:
remote_file '/etc/systemd/system/go-mmproxy.service' do
owner 'root'
group 'root'
mode '644'
notifies :restart, 'service[go-mmproxy]'
end
service 'go-mmproxy' do
action [ :enable, :restart ]
end
# Depoy `consul` service configuration for `gitea`:
remote_file '/etc/consul.d/service-go-mmproxy.json' do
owner 'root'
group 'root'
mode '644'
notifies :restart, 'service[supervisor]'
end
# Firewall settings here:
%w( 50021/tcp ).each do |p|
execute "ufw allow #{p}" do
user 'root'
not_if "LANG=c ufw status | grep #{p}"
notifies :run, 'execute[ufw reload-or-enable]'
end
end
execute 'ufw reload-or-enable' do
user 'root'
command 'LANG=C ufw reload | grep skipping && ufw --force enable || exit 0'
action :nothing
end