From 9fec52cfb9a2fca2e6ad2aa505075de47e930165 Mon Sep 17 00:00:00 2001 From: Cullum Smith Date: Thu, 14 Nov 2024 20:40:35 -0500 Subject: more updates for git server --- files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server | 9 ++++++--- files/usr/local/etc/nginx/vhosts.conf.git_server | 5 +++++ files/usr/local/etc/ssh/sshd_config.freebsd | 2 -- 3 files changed, 11 insertions(+), 5 deletions(-) (limited to 'files/usr/local/etc') diff --git a/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server b/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server index 116fe44..ce08657 100644 --- a/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server +++ b/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server @@ -263,7 +263,8 @@ apply Service "http" { || "xmpp-servers" in host.groups || "znc-servers" in host.groups || "icinga-servers" in host.groups - || "bitwarden-servers" in host.groups) + || "bitwarden-servers" in host.groups + || "git-servers" in host.groups) } // Expect HTTP 302 @@ -304,7 +305,8 @@ apply Service "https" { vars.http_critical_time = ${icinga_response_time_crit} assign where ("pkg-repositories" in host.groups || "znc-servers" in host.groups - || "bitwarden-servers" in host.groups) + || "bitwarden-servers" in host.groups + || "git-servers" in host.groups) } // Expect HTTPS 404 @@ -350,7 +352,8 @@ apply Service "https-cert" { || "smtp-servers" in host.groups || "icinga-servers" in host.groups || "web-servers" in host.groups - || "ttrss-servers" in host.groups) + || "ttrss-servers" in host.groups + || "git-servers" in host.groups) && !host.vars.https_vhosts) } diff --git a/files/usr/local/etc/nginx/vhosts.conf.git_server b/files/usr/local/etc/nginx/vhosts.conf.git_server index fdd5f53..0d24050 100644 --- a/files/usr/local/etc/nginx/vhosts.conf.git_server +++ b/files/usr/local/etc/nginx/vhosts.conf.git_server @@ -39,6 +39,11 @@ $(printf ' deny %s;\n' $kerberized_cidrs) fastcgi_pass unix:${gitolite_fcgiwrap_socket}; } + location /custom-style.css { + add_header Cache-Control "public"; + expires 1d; + } + location @cgit { include fastcgi_params; fastcgi_param SCRIPT_FILENAME ${cgit_webroot}/cgit.cgi; diff --git a/files/usr/local/etc/ssh/sshd_config.freebsd b/files/usr/local/etc/ssh/sshd_config.freebsd index 0e0d730..eca2276 100644 --- a/files/usr/local/etc/ssh/sshd_config.freebsd +++ b/files/usr/local/etc/ssh/sshd_config.freebsd @@ -13,6 +13,4 @@ GSSAPICleanupCredentials yes UsePAM yes UseDNS no -# TODO: require group to login? - Subsystem sftp /usr/local/libexec/sftp-server -- cgit v1.2.3