Gitea: documenting the hardware, backup, restore, and upgrade.
This commit is contained in:
parent
b27195c0e7
commit
7c0feb42e8
47
README.md
47
README.md
|
@ -95,6 +95,53 @@ Julien Palard a aussi un rsnapshot sur `silence.palard.fr`, vérifié en octobre
|
||||||
- `/srv/backups/rsnapshot/daily.0/deb.afpy.org/var/discourse/shared/standalone/backups/default/` contient bien les sauvegardes d'octobre 2022.
|
- `/srv/backups/rsnapshot/daily.0/deb.afpy.org/var/discourse/shared/standalone/backups/default/` contient bien les sauvegardes d'octobre 2022.
|
||||||
|
|
||||||
|
|
||||||
|
## gitea1.afpy.org
|
||||||
|
|
||||||
|
♥ Machine sponsorisée par Gandi ♥
|
||||||
|
|
||||||
|
C’est un « Gandi VPS V-R1 » 1 CPU, 1 GB RAM, 25 GB disk.
|
||||||
|
|
||||||
|
C’est la machine derrière `git.afpy.org`, déployée via `gitea.yml`.
|
||||||
|
|
||||||
|
|
||||||
|
### Mise à jour
|
||||||
|
|
||||||
|
Pour faire une mise à jour, se connecter en root à la machine puis exécuter :
|
||||||
|
|
||||||
|
systemctl start gitea-backup.service
|
||||||
|
backupopts="-c /etc/gitea/app.ini --file /var/backups/gitea/before-upgrade.zip" gitea-upgrade.sh
|
||||||
|
|
||||||
|
(Oui, je sais, ça fait deux sauvegardes, une par nous (avec un
|
||||||
|
`pg_dump`), une par le script de gitea dont le SQL n’est pas aussi
|
||||||
|
propre que celui généré par `pg_dump`).
|
||||||
|
|
||||||
|
Une fois la mise à jour terminée, il est de bon goût de mettre à jour
|
||||||
|
`gitea_version` dans `gitea.yml`.
|
||||||
|
|
||||||
|
|
||||||
|
### Restaurer une sauvegarde
|
||||||
|
|
||||||
|
La machine est sauvegardée automatiquement sur `backup1.afpy.org` (voir `backup.yml`).
|
||||||
|
|
||||||
|
Adapté de : https://docs.gitea.io/en-us/backup-and-restore/#restore-command-restore
|
||||||
|
|
||||||
|
Les sauvegardes sont sur `backup1.afpy.org` dans `/srv/backups/`,
|
||||||
|
copiez-les d’abord vers `gitea1.afpy.org`.
|
||||||
|
|
||||||
|
Une fois la sauvegarde rappatriée (`gitea.zip` ET `gitea.sql`) :
|
||||||
|
|
||||||
|
systemctl stop gitea
|
||||||
|
unzip gitea.zip
|
||||||
|
mv app.ini /etc/gitea/app.ini
|
||||||
|
rsync -vah --delete data/ /var/lib/gitea/data/
|
||||||
|
rsync -vah --delete repos/ /var/lib/gitea/data/gitea-repositories/
|
||||||
|
rsync -vah --delete custom/ /var/lib/gitea/custom/
|
||||||
|
chown -R git:git /var/lib/gitea/
|
||||||
|
sudo --user git psql -d gitea < gitea.sql
|
||||||
|
|
||||||
|
Puis passer le playbook `gitea.yml` pour remettre les bons droits partout (le playbook démarrera aussi `gitea`).
|
||||||
|
|
||||||
|
|
||||||
# Ansible
|
# Ansible
|
||||||
|
|
||||||
On utilies ces rôles Ansible :
|
On utilies ces rôles Ansible :
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
|
|
||||||
- hosts: gitea
|
- hosts: gitea
|
||||||
vars:
|
vars:
|
||||||
gitea_version: "1.17.2"
|
gitea_version: "1.17.3" # To upgrade, read the README file first.
|
||||||
gitea_binary_checksum: "sha256:d0e903671ae04007c5956beb65985825795c1d9b24c9f354b48008fd44db1b57"
|
|
||||||
gitea_internal_token: !vault |
|
gitea_internal_token: !vault |
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
65396439373538656633396363313333663233343661643739633135306131613434353335353634
|
65396439373538656633396363313333663233343661643739633135306131613434353335353634
|
||||||
|
|
|
@ -6,6 +6,14 @@
|
||||||
# systemctl status gitea-backup.service
|
# systemctl status gitea-backup.service
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create backup directory
|
||||||
|
file:
|
||||||
|
state: directory
|
||||||
|
mode: 0700
|
||||||
|
owner: git
|
||||||
|
group: git
|
||||||
|
path: /var/backups/gitea/
|
||||||
|
|
||||||
- name: Create backup script
|
- name: Create backup script
|
||||||
copy:
|
copy:
|
||||||
dest: /usr/local/bin/gitea-backup.sh
|
dest: /usr/local/bin/gitea-backup.sh
|
||||||
|
@ -14,14 +22,9 @@
|
||||||
mode: 0750
|
mode: 0750
|
||||||
content: |
|
content: |
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
rm -fr /var/backups/gitea
|
|
||||||
mkdir /var/backups/gitea
|
|
||||||
systemctl stop gitea
|
systemctl stop gitea
|
||||||
chown git:git /var/backups/gitea/
|
sudo --user git gitea --work-path /var/lib/gitea --config /etc/gitea/app.ini dump --file /var/backups/gitea/gitea.zip
|
||||||
GITEA_WORK_DIR=/var/lib/gitea sudo -u git --preserve-env=GITEA_WORK_DIR gitea dump -c /etc/gitea/app.ini --file /var/backups/gitea/gitea.zip
|
sudo --user git pg_dump --clean gitea > /var/backups/gitea/gitea.sql
|
||||||
sudo -u git pg_dump gitea > /var/backups/gitea/gitea.sql
|
|
||||||
chown root:root /var/backups/gitea
|
|
||||||
chmod 700 /var/backups/gitea/
|
|
||||||
systemctl start gitea
|
systemctl start gitea
|
||||||
|
|
||||||
- name: Create backup service
|
- name: Create backup service
|
||||||
|
|
|
@ -31,12 +31,19 @@
|
||||||
- name: Download gitea
|
- name: Download gitea
|
||||||
get_url:
|
get_url:
|
||||||
dest: /usr/local/bin/gitea
|
dest: /usr/local/bin/gitea
|
||||||
checksum: "{{ gitea_binary_checksum }}"
|
|
||||||
url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
|
url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
|
||||||
mode: 0755
|
mode: 0755
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
register: download_gitea
|
|
||||||
|
- name: Download gitea upgrade script
|
||||||
|
get_url:
|
||||||
|
dest: /usr/local/bin/gitea-upgrade.sh
|
||||||
|
url: "https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/upgrade.sh"
|
||||||
|
mode: 0755
|
||||||
|
force: true
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
package:
|
package:
|
||||||
|
@ -49,6 +56,7 @@
|
||||||
# - npm # for static file generation
|
# - npm # for static file generation
|
||||||
# - make # for static file generation
|
# - make # for static file generation
|
||||||
- nginx
|
- nginx
|
||||||
|
- jq # For upgrade.sh
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Ensure locale en_US.UTF-8 exists
|
- name: Ensure locale en_US.UTF-8 exists
|
||||||
|
|
Loading…
Reference in New Issue
Block a user