commit
59caf6a8c9
8 ha cambiato i file con 261 aggiunte e 0 eliminazioni
-
+10 -0defaults/main.yml
-
+12 -0handlers/main.yml
-
+19 -0tasks/config.yml
-
+86 -0tasks/deploy.yml
-
+16 -0tasks/install.yml
-
+28 -0tasks/main.yml
-
+27 -0templates/systemd.service.j2
-
+63 -0vars/main.yml
+ 10
- 0
defaults/main.yml
Vedi File
| @@ -0,0 +1,10 @@ | |||
| gitea_http_addr: 127.0.0.1 | |||
| gitea_http_port: 3000 | |||
| #gitea_download_url: https://dl.gitea.io/gitea/1.4/gitea-1.4-linux-amd64 | |||
| gitea_download_url: https://github.com/go-gitea/gitea/releases/download/v1.4.0/gitea-1.4.0-linux-amd64 | |||
| gitea_download_checksum: sha256:f4c4c7eecc6dd8cd5401883a33924223177b4fa0a40ecd867ad90dc6387a4080 | |||
| gitea_admin_username: testadmin | |||
| gitea_admin_password: testadmin | |||
| gitea_admin_email: admin@example.com | |||
+ 12
- 0
handlers/main.yml
Vedi File
| @@ -0,0 +1,12 @@ | |||
| --- | |||
| - name: systemd daemon-reload | |||
| systemd: | |||
| daemon_reload: yes | |||
| - name: restart gitea | |||
| systemd: | |||
| name: gitea.service | |||
| state: restarted | |||
| listen: | |||
| - restart gitea | |||
+ 19
- 0
tasks/config.yml
Vedi File
| @@ -0,0 +1,19 @@ | |||
| --- | |||
| # https://github.com/ansible/ansible/issues/30599 | |||
| - name: "fill config file with a global variable because of ansible bug #30599" | |||
| copy: | |||
| content: RUN_MODE = prod | |||
| dest: /etc/gitea/app.ini | |||
| force: no | |||
| - name: gitea config | |||
| ini_file: | |||
| path: /etc/gitea/app.ini | |||
| section: "{{ item.section }}" | |||
| option: "{{ item.option }}" | |||
| value: "{{ item.value }}" | |||
| owner: git | |||
| group: git | |||
| notify: restart gitea | |||
| with_items: "{{ _gitea_config }}" | |||
+ 86
- 0
tasks/deploy.yml
Vedi File
| @@ -0,0 +1,86 @@ | |||
| --- | |||
| - name: debian packages | |||
| apt: | |||
| pkg: "{{item}}" | |||
| with_items: | |||
| - ca-certificates | |||
| - git | |||
| - golang | |||
| - name: download gitea | |||
| get_url: | |||
| url: "{{ gitea_download_url }}" | |||
| dest: /usr/local/bin/gitea | |||
| checksum: "{{ gitea_download_checksum }}" | |||
| - name: gitea executable | |||
| file: | |||
| path: /usr/local/bin/gitea | |||
| mode: u=rwx,g=rx,o=rx | |||
| # - name: allow gitea executable to bind on privileged port | |||
| # capabilities: | |||
| # path: /usr/local/bin/gitea | |||
| # capability: cap_sys_chroot+eip | |||
| # state: present | |||
| - name: git user | |||
| user: | |||
| name: git | |||
| system: yes | |||
| home: /srv/git | |||
| - name: gitea home directory | |||
| file: | |||
| path: /srv/git | |||
| mode: u=rwx,g=rx,o=rx | |||
| owner: git | |||
| group: git | |||
| state: directory | |||
| - name: gitea repos directory | |||
| file: | |||
| path: /srv/git/repos | |||
| mode: u=rwx,g=rx,o=rx | |||
| owner: git | |||
| group: git | |||
| state: directory | |||
| - name: gitea work directory | |||
| file: | |||
| path: /var/lib/gitea | |||
| mode: u=rwx,g=rx,o=rx | |||
| owner: git | |||
| group: git | |||
| state: directory | |||
| - name: gitea config directory | |||
| file: | |||
| path: /etc/gitea | |||
| mode: u=rwx,g=rx,o=rx | |||
| owner: git | |||
| group: git | |||
| state: directory | |||
| - name: gitea log directory | |||
| file: | |||
| path: /var/log/gitea | |||
| mode: u=rwx,g=rx,o=rx | |||
| owner: git | |||
| group: git | |||
| state: directory | |||
| - import_tasks: config.yml | |||
| - name: systemd service unit | |||
| template: | |||
| src: systemd.service.j2 | |||
| dest: /etc/systemd/system/gitea.service | |||
| notify: | |||
| - systemd daemon-reload | |||
| - restart gitea | |||
| - name: gitea started | |||
| systemd: | |||
| name: gitea.service | |||
| state: started | |||
+ 16
- 0
tasks/install.yml
Vedi File
| @@ -0,0 +1,16 @@ | |||
| --- | |||
| - name: wait for gitea http port to be open | |||
| wait_for: | |||
| port: "{{ gitea_http_port }}" | |||
| - name: create gitea admin user | |||
| command: "/usr/local/bin/gitea admin create-user --name {{ gitea_admin_username }} --password {{ gitea_admin_password }} --email {{ gitea_admin_email }} --admin --config /etc/gitea/app.ini" | |||
| register: _gitea_create_admin_user | |||
| failed_when: _gitea_create_admin_user.rc == 1 and 'user already exists' not in _gitea_create_admin_user.stderr | |||
| changed_when: _gitea_create_admin_user.rc == 0 | |||
| #no_log: true | |||
| - debug: | |||
| msg: "{{ _gitea_create_admin_user }}" | |||
+ 28
- 0
tasks/main.yml
Vedi File
| @@ -0,0 +1,28 @@ | |||
| --- | |||
| - import_tasks: deploy.yml | |||
| - name: flush handlers | |||
| meta: flush_handlers | |||
| - include_role: | |||
| name: certificate | |||
| vars: | |||
| certificate_name: gitea | |||
| certificate_directory: /etc/ssl | |||
| certificate_key_usage: | |||
| - digitalSignature | |||
| - keyEncipherment | |||
| certificate_extended_key_usage: | |||
| - serverAuth | |||
| certificate_alt_names: | |||
| - "{{ gitea_server_name | regex_replace( '(.*)','DNS:\\1' ) }}" | |||
| - include_role: | |||
| name: nginx | |||
| vars: | |||
| nginx_vhosts: "{{ _gitea_nginx_vhosts }}" | |||
| - name: flush handlers | |||
| meta: flush_handlers | |||
+ 27
- 0
templates/systemd.service.j2
Vedi File
| @@ -0,0 +1,27 @@ | |||
| [Unit] | |||
| Description=Gitea (Git with a cup of tea) | |||
| After=syslog.target | |||
| After=network.target | |||
| #After=mysqld.service | |||
| #After=postgresql.service | |||
| #After=memcached.service | |||
| #After=redis.service | |||
| [Service] | |||
| # Modify these two values and uncomment them if you have | |||
| # repos with lots of files and get an HTTP error 500 because | |||
| # of that | |||
| ### | |||
| #LimitMEMLOCK=infinity | |||
| #LimitNOFILE=65535 | |||
| RestartSec=2s | |||
| Type=simple | |||
| User=git | |||
| Group=git | |||
| WorkingDirectory=~ | |||
| ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini | |||
| Restart=always | |||
| Environment=USER=git HOME=/srv/git GITEA_WORK_DIR=/var/lib/gitea | |||
| [Install] | |||
| WantedBy=multi-user.target | |||
+ 63
- 0
vars/main.yml
Vedi File
| @@ -0,0 +1,63 @@ | |||
| _gitea_nginx_vhosts: | |||
| - name: gitea | |||
| server_names: | |||
| - "{{ gitea_server_name }}" | |||
| locations: | |||
| - location: / | |||
| proxy_pass: http://localhost:3000 | |||
| _gitea_config: | |||
| - section: null | |||
| option: RUN_MODE | |||
| value: prod | |||
| - section: null | |||
| option: APP_NAME | |||
| value: "{{ gitea_app_name | default(gitea_server_name) }}" | |||
| - section: server | |||
| option: HTTP_ADDR | |||
| value: "{{ gitea_http_addr }}" | |||
| - section: server | |||
| option: HTTP_PORT | |||
| value: "{{ gitea_http_port }}" | |||
| - section: server | |||
| option: ROOT_URL | |||
| value: "https://{{ gitea_server_name }}/" | |||
| - section: server | |||
| option: DOMAIN | |||
| value: "{{ gitea_server_name }}" | |||
| - section: server | |||
| option: SSH_DOMAIN | |||
| value: "{{ gitea_server_name }}" | |||
| - section: repository | |||
| option: ROOT | |||
| value: /srv/git/repos | |||
| - section: database | |||
| option: DB_TYPE | |||
| value: sqlite3 | |||
| - section: database | |||
| option: PATH | |||
| value: "/var/lib/gitea/data/gitea.db" | |||
| - section: log | |||
| option: ROOT_PATH | |||
| value: /var/log/gitea | |||
| # see: Support automatic installation via configuration management (ansible, puppet, chef, etc) #2324 | |||
| # https://github.com/go-gitea/gitea/issues/2324 | |||
| - section: security | |||
| option: INSTALL_LOCK | |||
| value: true | |||
| - section: security | |||
| option: DISABLE_GIT_HOOKS | |||
| value: true | |||