chore: Fix trailing whitespace across project files

Automated fix from pre-commit hooks (trailing-whitespace, end-of-file-fixer).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-02-18 12:45:32 +01:00
parent 654e03dc71
commit 1637782273
15 changed files with 61 additions and 61 deletions
+2 -2
View File
@@ -1,7 +1,7 @@
# Gitea Stack Deployment Summary # Gitea Stack Deployment Summary
**Date**: 2026-02-16 **Date**: 2026-02-16
**Target**: bigbox (via SSH) **Target**: bigbox (via SSH)
**Status**: Ready for deployment **Status**: Ready for deployment
## What Was Done ## What Was Done
@@ -105,15 +105,15 @@ Developer Machine
``` ```
Public (via Caddy on terraphim.cloud): Public (via Caddy on terraphim.cloud):
git.terraphim.cloud ───────▶ localhost:3000 (Gitea Web) git.terraphim.cloud ───────▶ localhost:3000 (Gitea Web)
Tailscale Network Only (100.106.66.7): Tailscale Network Only (100.106.66.7):
100.106.66.7:9000 ─────────▶ Prometheus 100.106.66.7:9000 ─────────▶ Prometheus
100.106.66.7:8333 ─────────▶ SeaweedFS S3 API 100.106.66.7:8333 ─────────▶ SeaweedFS S3 API
Internal Docker Network Only: Internal Docker Network Only:
SeaweedFS Master, Volume, Filer (no external ports) SeaweedFS Master, Volume, Filer (no external ports)
PostgreSQL (no external ports) PostgreSQL (no external ports)
SSH (Port 222): SSH (Port 222):
All interfaces - for Git over SSH All interfaces - for Git over SSH
``` ```
@@ -452,7 +452,7 @@ services:
# Gitea Web Interface - Public via terraphim.cloud domain # Gitea Web Interface - Public via terraphim.cloud domain
git.terraphim.cloud { git.terraphim.cloud {
reverse_proxy localhost:3000 reverse_proxy localhost:3000
# Logging # Logging
log { log {
output file /var/log/caddy/gitea-access.log output file /var/log/caddy/gitea-access.log
@@ -649,7 +649,7 @@ curl -s http://localhost:2019/config/apps/http/servers/srv0/routes | grep -q "gi
# Alternative: If API fails, backup to updating Caddyfile and reloading # Alternative: If API fails, backup to updating Caddyfile and reloading
# echo "Adding Gitea configuration to Caddyfile..." # echo "Adding Gitea configuration to Caddyfile..."
# sudo tee -a /etc/caddy/Caddyfile > /dev/null << 'EOF' # sudo tee -a /etc/caddy/Caddyfile > /dev/null << 'EOF'
# #
# # Gitea Web Interface # # Gitea Web Interface
# git.terraphim.cloud { # git.terraphim.cloud {
# reverse_proxy localhost:3000 # reverse_proxy localhost:3000
@@ -659,7 +659,7 @@ curl -s http://localhost:2019/config/apps/http/servers/srv0/routes | grep -q "gi
# } # }
# } # }
# EOF # EOF
# #
# # Validate and reload # # Validate and reload
# sudo caddy validate --config /etc/caddy/Caddyfile && sudo caddy reload --config /etc/caddy/Caddyfile # sudo caddy validate --config /etc/caddy/Caddyfile && sudo caddy reload --config /etc/caddy/Caddyfile
+1 -1
View File
@@ -123,7 +123,7 @@ Internet ──▶ Caddy (:443/:80)
- **SeaweedFS**: Uses "latest" tag (chrislusf/seaweedfs) - **SeaweedFS**: Uses "latest" tag (chrislusf/seaweedfs)
- **1Password CLI**: Must be available and authenticated via service account - **1Password CLI**: Must be available and authenticated via service account
- **Caddy**: Installed but needs configuration - **Caddy**: Installed but needs configuration
- **Port Requirements**: - **Port Requirements**:
- 80/443 (Caddy - external) - 80/443 (Caddy - external)
- 3000 (Gitea HTTP - internal) - 3000 (Gitea HTTP - internal)
- 222 (Gitea SSH - external) - 222 (Gitea SSH - external)
+3 -3
View File
@@ -16,16 +16,16 @@ jobs:
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/terraphim/gitea-infrastructure/commits/main" | \ "https://api.github.com/repos/terraphim/gitea-infrastructure/commits/main" | \
jq -r '.sha') jq -r '.sha')
# Get latest commit from Gitea # Get latest commit from Gitea
GITEA_SHA=$(curl -s \ GITEA_SHA=$(curl -s \
-H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \ -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \
"https://git.terraphim.cloud/api/v1/repos/terraphim/gitea-infrastructure/commits/main" | \ "https://git.terraphim.cloud/api/v1/repos/terraphim/gitea-infrastructure/commits/main" | \
jq -r '.sha') jq -r '.sha')
echo "GitHub: ${GITHUB_SHA:0:7}" echo "GitHub: ${GITHUB_SHA:0:7}"
echo "Gitea: ${GITEA_SHA:0:7}" echo "Gitea: ${GITEA_SHA:0:7}"
if [ "$GITHUB_SHA" == "$GITEA_SHA" ]; then if [ "$GITHUB_SHA" == "$GITEA_SHA" ]; then
echo "✅ Repositories are in sync" echo "✅ Repositories are in sync"
exit 0 exit 0
+1 -1
View File
@@ -21,7 +21,7 @@ jobs:
git remote add gitea https://git.terraphim.cloud/terraphim/gitea-infrastructure.git git remote add gitea https://git.terraphim.cloud/terraphim/gitea-infrastructure.git
git config user.name "GitHub Actions" git config user.name "GitHub Actions"
git config user.email "actions@github.com" git config user.email "actions@github.com"
# Push to Gitea with token authentication # Push to Gitea with token authentication
# If using HTTPS with token: https://token@url # If using HTTPS with token: https://token@url
git push https://oauth2:${GITEA_TOKEN}@git.terraphim.cloud/terraphim/gitea-infrastructure.git main git push https://oauth2:${GITEA_TOKEN}@git.terraphim.cloud/terraphim/gitea-infrastructure.git main
+5 -5
View File
@@ -1,7 +1,7 @@
# Deploying Gitea with 1Password Secrets Management and Caddy on Bigbox # Deploying Gitea with 1Password Secrets Management and Caddy on Bigbox
**Date:** February 16, 2026 **Date:** February 16, 2026
**Author:** Infrastructure Team **Author:** Infrastructure Team
**Tags:** gitea, 1password, caddy, docker, tailscale, devops **Tags:** gitea, 1password, caddy, docker, tailscale, devops
## Executive Summary ## Executive Summary
@@ -200,13 +200,13 @@ services:
db: db:
networks: networks:
- gitea # No external ports - gitea # No external ports
master: master:
# No ports exposed - internal only # No ports exposed - internal only
volume: volume:
# No ports exposed - internal only # No ports exposed - internal only
filer: filer:
# No ports exposed - internal only # No ports exposed - internal only
``` ```
+1 -1
View File
@@ -6,7 +6,7 @@
# Gitea Web Interface - Public via terraphim.cloud domain # Gitea Web Interface - Public via terraphim.cloud domain
git.terraphim.cloud { git.terraphim.cloud {
reverse_proxy localhost:3000 reverse_proxy localhost:3000
# Logging # Logging
log { log {
output file /var/log/caddy/gitea-access.log output file /var/log/caddy/gitea-access.log
+1 -1
View File
@@ -4,7 +4,7 @@
Self-hosted Gitea instance running on bigbox server with S3 storage, PostgreSQL, and Prometheus monitoring. Self-hosted Gitea instance running on bigbox server with S3 storage, PostgreSQL, and Prometheus monitoring.
**URL:** https://git.terraphim.cloud **URL:** https://git.terraphim.cloud
**GitHub Mirror:** https://github.com/terraphim/gitea-infrastructure **GitHub Mirror:** https://github.com/terraphim/gitea-infrastructure
## Architecture ## Architecture
+2 -2
View File
@@ -177,7 +177,7 @@ Developer A → Gitea ←→ GitHub ← Developer B
@app.route('/github-webhook', methods=['POST']) @app.route('/github-webhook', methods=['POST'])
def github_hook(): def github_hook():
# Trigger Gitea pull # Trigger Gitea pull
subprocess.run(['curl', '-X', 'POST', subprocess.run(['curl', '-X', 'POST',
'https://git.terraphim.cloud/api/v1/repos/terraphim/repo/mirror-sync']) 'https://git.terraphim.cloud/api/v1/repos/terraphim/repo/mirror-sync'])
return 'OK' return 'OK'
@@ -451,7 +451,7 @@ Document your mirroring strategy:
## Recommended Setup for Your Use Case ## Recommended Setup for Your Use Case
**Primary: Gitea (self-hosted, private)** **Primary: Gitea (self-hosted, private)**
**Mirror: GitHub (backup, CI/CD)** **Mirror: GitHub (backup, CI/CD)**
1. Use **Method 2 (Push Mirror)** from Gitea to GitHub 1. Use **Method 2 (Push Mirror)** from Gitea to GitHub
+1 -1
View File
@@ -4,7 +4,7 @@ Your repository is now on **GitHub** and ready for mirroring!
## Current Status ## Current Status
**GitHub Repository:** https://github.com/terraphim/gitea-infrastructure **GitHub Repository:** https://github.com/terraphim/gitea-infrastructure
**Gitea Repository:** Not created yet **Gitea Repository:** Not created yet
## Setup Steps ## Setup Steps
+1 -1
View File
@@ -19,7 +19,7 @@ Self-hosted Git infrastructure with S3-compatible storage, monitoring, and prope
```bash ```bash
op item create --vault="zesticai-non-prod" --category=login \ op item create --vault="zesticai-non-prod" --category=login \
--title="gitea-postgres" --generate-password=20 username=gitea --title="gitea-postgres" --generate-password=20 username=gitea
op item create --vault="zesticai-non-prod" --category=custom \ op item create --vault="zesticai-non-prod" --category=custom \
--title="gitea-s3" access-key="$(openssl rand -hex 20)" \ --title="gitea-s3" access-key="$(openssl rand -hex 20)" \
secret-key="$(openssl rand -hex 40)" secret-key="$(openssl rand -hex 40)"
+7 -7
View File
@@ -8,8 +8,8 @@ Gitea uses a **hybrid storage model** with both local filesystem and S3 (Seaweed
### 1. Git Repositories (Local Only) ### 1. Git Repositories (Local Only)
**Location:** `/data/git/` inside the container **Location:** `/data/git/` inside the container
**Storage Type:** Local filesystem only **Storage Type:** Local filesystem only
**S3 Backup:** Possible via external tools **S3 Backup:** Possible via external tools
``` ```
@@ -39,8 +39,8 @@ docker compose exec server ls -la /data/git/repositories/
### 2. Git LFS (Large File Storage) ### 2. Git LFS (Large File Storage)
**Current Configuration:** Local storage **Current Configuration:** Local storage
**Location:** `/data/lfs/` **Location:** `/data/lfs/`
**Can be moved to:** S3 (SeaweedFS) **Can be moved to:** S3 (SeaweedFS)
**Current Setting:** **Current Setting:**
@@ -59,8 +59,8 @@ docker compose exec server ls -la /data/lfs/
### 3. Attachments & Files (S3 via MinIO) ### 3. Attachments & Files (S3 via MinIO)
**Location:** S3 (SeaweedFS) **Location:** S3 (SeaweedFS)
**Bucket:** `gitea` **Bucket:** `gitea`
**Endpoint:** `http://100.106.66.7:8333` **Endpoint:** `http://100.106.66.7:8333`
**What's stored in S3:** **What's stored in S3:**
@@ -94,7 +94,7 @@ aws --endpoint-url http://100.106.66.7:8333 s3 ls s3://gitea/
### 4. Container Registry ### 4. Container Registry
**Location:** Local by default **Location:** Local by default
**Can be configured for:** S3 storage **Can be configured for:** S3 storage
**Configuration needed:** **Configuration needed:**
+28 -28
View File
@@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# #
# Deploy Gitea Stack to Bigbox with 1Password Secrets Management # Deploy Gitea Stack to Bigbox with 1Password Secrets Management
# #
# Prerequisites: # Prerequisites:
# - SSH access to bigbox configured # - SSH access to bigbox configured
# - 1Password CLI installed locally and on bigbox # - 1Password CLI installed locally and on bigbox
@@ -53,50 +53,50 @@ echo ""
echo -e "${YELLOW}Step 2: Verifying bigbox prerequisites...${NC}" echo -e "${YELLOW}Step 2: Verifying bigbox prerequisites...${NC}"
ssh "$BIGBOX" << 'CHECKSCRIPT' ssh "$BIGBOX" << 'CHECKSCRIPT'
set -e set -e
# Check Docker # Check Docker
if ! command -v docker &> /dev/null; then if ! command -v docker &> /dev/null; then
echo "Error: Docker not installed" echo "Error: Docker not installed"
exit 1 exit 1
fi fi
# Check Docker Compose # Check Docker Compose
if ! docker compose version &> /dev/null; then if ! docker compose version &> /dev/null; then
echo "Error: Docker Compose not installed" echo "Error: Docker Compose not installed"
exit 1 exit 1
fi fi
# Check 1Password CLI # Check 1Password CLI
if ! command -v op &> /dev/null; then if ! command -v op &> /dev/null; then
echo "Error: 1Password CLI not installed" echo "Error: 1Password CLI not installed"
exit 1 exit 1
fi fi
# Check service account script # Check service account script
if [ ! -f "$HOME/op_zesticai_non_prod.sh" ]; then if [ ! -f "$HOME/op_zesticai_non_prod.sh" ]; then
echo "Error: op_zesticai_non_prod.sh not found in home directory" echo "Error: op_zesticai_non_prod.sh not found in home directory"
exit 1 exit 1
fi fi
# Test 1Password authentication # Test 1Password authentication
source "$HOME/op_zesticai_non_prod.sh" source "$HOME/op_zesticai_non_prod.sh"
if ! op vault list &> /dev/null; then if ! op vault list &> /dev/null; then
echo "Error: 1Password authentication failed" echo "Error: 1Password authentication failed"
exit 1 exit 1
fi fi
# Check Caddy is running # Check Caddy is running
if ! pgrep -x caddy > /dev/null; then if ! pgrep -x caddy > /dev/null; then
echo "Error: Caddy is not running" echo "Error: Caddy is not running"
exit 1 exit 1
fi fi
# Check Caddy admin API is accessible # Check Caddy admin API is accessible
if ! curl -s http://localhost:2019/config/ > /dev/null; then if ! curl -s http://localhost:2019/config/ > /dev/null; then
echo "Error: Caddy admin API is not accessible" echo "Error: Caddy admin API is not accessible"
exit 1 exit 1
fi fi
echo "All prerequisites verified" echo "All prerequisites verified"
CHECKSCRIPT CHECKSCRIPT
@@ -128,28 +128,28 @@ echo -e "${YELLOW}Step 4: Injecting secrets and starting services...${NC}"
ssh "$BIGBOX" << DEPLOYSCRIPT ssh "$BIGBOX" << DEPLOYSCRIPT
set -e set -e
cd $REMOTE_DIR cd $REMOTE_DIR
echo "Loading 1Password credentials..." echo "Loading 1Password credentials..."
source ~/op_zesticai_non_prod.sh source ~/op_zesticai_non_prod.sh
echo "Injecting secrets into docker-compose.yml..." echo "Injecting secrets into docker-compose.yml..."
op inject --in-file docker-compose.yml.template --out-file docker-compose.yml op inject --in-file docker-compose.yml.template --out-file docker-compose.yml
echo "Injecting secrets into s3_config.json..." echo "Injecting secrets into s3_config.json..."
op inject --in-file s3_config.json.template --out-file s3_config.json op inject --in-file s3_config.json.template --out-file s3_config.json
echo "Creating data directories..." echo "Creating data directories..."
mkdir -p gitea postgres seaweedfs seaweedfs_filter prometheus mkdir -p gitea postgres seaweedfs seaweedfs_filter prometheus
echo "Setting permissions..." echo "Setting permissions..."
chmod -R 1000:1000 gitea 2>/dev/null || sudo chown -R 1000:1000 gitea 2>/dev/null || true chmod -R 1000:1000 gitea 2>/dev/null || sudo chown -R 1000:1000 gitea 2>/dev/null || true
echo "Starting services with Docker Compose..." echo "Starting services with Docker Compose..."
docker compose up -d docker compose up -d
echo "Waiting for services to start..." echo "Waiting for services to start..."
sleep 30 sleep 30
echo "Service status:" echo "Service status:"
docker compose ps docker compose ps
DEPLOYSCRIPT DEPLOYSCRIPT
@@ -161,10 +161,10 @@ echo ""
echo -e "${YELLOW}Step 5: Adding Gitea route to Caddy...${NC}" echo -e "${YELLOW}Step 5: Adding Gitea route to Caddy...${NC}"
ssh "$BIGBOX" << CADDYSCRIPT ssh "$BIGBOX" << CADDYSCRIPT
set -e set -e
echo "Creating log directory..." echo "Creating log directory..."
sudo mkdir -p /var/log/caddy sudo mkdir -p /var/log/caddy
echo "Adding Gitea route to Caddy via Admin API..." echo "Adding Gitea route to Caddy via Admin API..."
curl -s -X POST http://localhost:2019/config/apps/http/servers/srv0/routes \ curl -s -X POST http://localhost:2019/config/apps/http/servers/srv0/routes \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
@@ -182,7 +182,7 @@ ssh "$BIGBOX" << CADDYSCRIPT
}], }],
"terminal": true "terminal": true
}' }'
# Verify route was added # Verify route was added
if curl -s http://localhost:2019/config/apps/http/servers/srv0/routes | grep -q "git.terraphim.cloud"; then if curl -s http://localhost:2019/config/apps/http/servers/srv0/routes | grep -q "git.terraphim.cloud"; then
echo "✓ Gitea route added successfully to Caddy" echo "✓ Gitea route added successfully to Caddy"
@@ -199,49 +199,49 @@ echo -e "${YELLOW}Step 6: Verifying deployment...${NC}"
ssh "$BIGBOX" << VERIFYSCRIPT ssh "$BIGBOX" << VERIFYSCRIPT
set -e set -e
cd $REMOTE_DIR cd $REMOTE_DIR
echo "" echo ""
echo "=== Service Health Checks ===" echo "=== Service Health Checks ==="
# Check Gitea (direct) # Check Gitea (direct)
if curl -s -o /dev/null -w '%{http_code}' http://localhost:3000/api/healthz | grep -q "200"; then if curl -s -o /dev/null -w '%{http_code}' http://localhost:3000/api/healthz | grep -q "200"; then
echo "✓ Gitea is healthy (localhost:3000)" echo "✓ Gitea is healthy (localhost:3000)"
else else
echo "✗ Gitea is not responding" echo "✗ Gitea is not responding"
fi fi
# Check S3 (Tailscale) # Check S3 (Tailscale)
if curl -s http://${TAILSCALE_IP}:8333 > /dev/null 2>&1; then if curl -s http://${TAILSCALE_IP}:8333 > /dev/null 2>&1; then
echo "✓ SeaweedFS S3 is responding (${TAILSCALE_IP}:8333)" echo "✓ SeaweedFS S3 is responding (${TAILSCALE_IP}:8333)"
else else
echo "✗ SeaweedFS S3 is not responding" echo "✗ SeaweedFS S3 is not responding"
fi fi
# Check Prometheus (Tailscale) # Check Prometheus (Tailscale)
if curl -s http://${TAILSCALE_IP}:9000/-/healthy > /dev/null 2>&1; then if curl -s http://${TAILSCALE_IP}:9000/-/healthy > /dev/null 2>&1; then
echo "✓ Prometheus is healthy (${TAILSCALE_IP}:9000)" echo "✓ Prometheus is healthy (${TAILSCALE_IP}:9000)"
else else
echo "✗ Prometheus is not responding" echo "✗ Prometheus is not responding"
fi fi
# Check SSH port # Check SSH port
if nc -zv localhost 222 2>&1 | grep -q succeeded; then if nc -zv localhost 222 2>&1 | grep -q succeeded; then
echo "✓ SSH port is open (port 222)" echo "✓ SSH port is open (port 222)"
else else
echo "✗ SSH port is not responding" echo "✗ SSH port is not responding"
fi fi
# Check Caddy # Check Caddy
if pgrep -x caddy > /dev/null; then if pgrep -x caddy > /dev/null; then
echo "✓ Caddy is running" echo "✓ Caddy is running"
else else
echo "✗ Caddy is not running" echo "✗ Caddy is not running"
fi fi
echo "" echo ""
echo "=== Container Status ===" echo "=== Container Status ==="
docker compose ps docker compose ps
echo "" echo ""
echo "=== Recent Logs ===" echo "=== Recent Logs ==="
docker compose logs --tail=10 docker compose logs --tail=10
+1 -1
View File
@@ -167,4 +167,4 @@ services:
# - 18080:8080 # - 18080:8080
# environment: # environment:
# - USER_UID=1000 # - USER_UID=1000
# - USER_GID=1000 # - USER_GID=1000
+1 -1
View File
@@ -11,4 +11,4 @@ scrape_configs:
- 'master:9324' - 'master:9324'
- 'volume:9325' - 'volume:9325'
- 'filer:9326' - 'filer:9326'
- 's3:9327' - 's3:9327'