eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/ansible
History
Erich Blume d2da346ac0 Harden Forgejo for public access: domain, proxy trust, registration lockdown 
- Set forgejo_domain to forge.eblu.me (public URL in clone URLs)
- Set forgejo_ssh_domain to forge.ops.eblu.me (SSH stays tailnet-only)
- Add REVERSE_PROXY_LIMIT=2, REVERSE_PROXY_TRUSTED_PROXIES=* for
  correct client IP logging through Fly.io + Tailscale proxy chain
- Enable ALLOW_ONLY_EXTERNAL_REGISTRATION to block local signups

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 07:50:25 -08:00
..
inventory Add NixOS configuration for ringtail workstation (#207) 2026-02-18 08:24:25 -08:00
playbooks Add Forgejo repository health metrics and Grafana dashboard (#245) 2026-02-22 11:16:03 -08:00
roles Harden Forgejo for public access: domain, proxy trust, registration lockdown 2026-03-03 07:50:25 -08:00
ansible.cfg Suppress Python interpreter discovery warning in ansible 2026-01-13 21:26:41 -08:00
requirements.yml Add ansible playbook for indri with prometheus and grafana roles 2026-01-13 21:12:24 -08:00