Gitea: Hello world.
This commit is contained in:
parent
af99d563ed
commit
7daf25ac4c
291
gitea.yml
291
gitea.yml
|
@ -1,6 +1,297 @@
|
|||
---
|
||||
|
||||
- hosts: gitea
|
||||
vars:
|
||||
gitea_version: "1.17.2"
|
||||
gitea_internal_token: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
65396439373538656633396363313333663233343661643739633135306131613434353335353634
|
||||
6430393533646166323531623939666330393538383334370a346632646666636239366431643763
|
||||
37626331666364646665353639613532353362313531316561646462303261383064396635363962
|
||||
3039646438316264350a653537626634643431343764653034643662393531626532653337636439
|
||||
31663832663039356437656531666564653366383839656438353262393662393636303536663938
|
||||
32623837346462613738663165356464656635326565616637653363376334353035316264303662
|
||||
39346334353266613234363664643030303565313065313334333833383337623637366132663435
|
||||
61386535353635386339383731323464323135366362613734393833386632393166393261373433
|
||||
61363664376330343465656431316163396533326634643636326537383032323636
|
||||
tasks:
|
||||
- name: Basic setup
|
||||
include_role: name=common
|
||||
|
||||
- name: Create git group
|
||||
group:
|
||||
name: git
|
||||
state: present
|
||||
|
||||
- name: Create git-static group
|
||||
group:
|
||||
name: git-static
|
||||
state: present
|
||||
|
||||
- name: Gitea user
|
||||
user:
|
||||
system: true
|
||||
password: '!'
|
||||
home: /home/git
|
||||
shell: /bin/bash
|
||||
comment: "Git Version Control"
|
||||
group: git
|
||||
name: git
|
||||
|
||||
- name: Gitea static user # To compile and own static content
|
||||
user:
|
||||
system: true
|
||||
password: '!'
|
||||
comment: "To compile and own static gitea content."
|
||||
group: git-static
|
||||
name: git-static
|
||||
|
||||
- name: Download gitea
|
||||
get_url:
|
||||
dest: /usr/local/bin/gitea
|
||||
url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
|
||||
mode: 0755
|
||||
owner: root
|
||||
group: root
|
||||
register: download_gitea
|
||||
|
||||
- name: Install dependencies
|
||||
package:
|
||||
name:
|
||||
- git
|
||||
- postgresql
|
||||
- python3-psycopg2 # For Ansible
|
||||
# - rsync # for static file generation
|
||||
# - nodejs # for static file generation
|
||||
# - npm # for static file generation
|
||||
# - make # for static file generation
|
||||
- nginx
|
||||
state: present
|
||||
|
||||
- name: Ensure locale en_US.UTF-8 exists
|
||||
locale_gen:
|
||||
name: en_US.UTF-8
|
||||
state: present
|
||||
|
||||
- name: Create psql git user
|
||||
become: true
|
||||
become_user: postgres
|
||||
postgresql_user:
|
||||
user: git
|
||||
|
||||
- name: Create psql gitea DB
|
||||
become: true
|
||||
become_user: postgres
|
||||
postgresql_db:
|
||||
name: gitea
|
||||
owner: git
|
||||
encoding: UTF-8
|
||||
lc_collate: en_US.UTF-8
|
||||
lc_ctype: en_US.UTF-8
|
||||
template: template0
|
||||
|
||||
- name: Create gitea hierarchy
|
||||
file:
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: git
|
||||
group: git
|
||||
path: "{{ item }}"
|
||||
loop:
|
||||
- /var/lib/gitea/custom
|
||||
- /var/lib/gitea/data
|
||||
- /var/lib/gitea/log
|
||||
|
||||
- name: Create gitea config hierarchy
|
||||
file:
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: root
|
||||
group: git
|
||||
path: /etc/gitea
|
||||
|
||||
- name: Setup app.ini
|
||||
copy:
|
||||
path: /etc/gitea/app.ini
|
||||
mode: 0640
|
||||
owner: root
|
||||
group: git
|
||||
content: |
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
RUN_USER = git
|
||||
RUN_MODE = prod
|
||||
|
||||
[database]
|
||||
DB_TYPE = postgres
|
||||
HOST = /run/postgresql/
|
||||
NAME = gitea
|
||||
USER =
|
||||
PASSWD =
|
||||
SCHEMA =
|
||||
SSL_MODE = disable
|
||||
CHARSET = utf8
|
||||
PATH = /var/lib/gitea/data/gitea.db
|
||||
LOG_SQL = false
|
||||
|
||||
[repository]
|
||||
ROOT = /var/lib/gitea/data/gitea-repositories
|
||||
|
||||
[server]
|
||||
SSH_DOMAIN = git.afpy.org
|
||||
DOMAIN = git.afpy.org
|
||||
HTTP_PORT = 3000
|
||||
ROOT_URL = https://git.afpy.org/
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 22
|
||||
LFS_START_SERVER = false
|
||||
OFFLINE_MODE = false
|
||||
|
||||
[lfs]
|
||||
PATH = /var/lib/gitea/data/lfs
|
||||
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
|
||||
[service]
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
DISABLE_REGISTRATION = true
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
ENABLE_CAPTCHA = false
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
NO_REPLY_ADDRESS = noreply.localhost
|
||||
|
||||
[picture]
|
||||
DISABLE_GRAVATAR = false
|
||||
ENABLE_FEDERATED_AVATAR = true
|
||||
|
||||
[openid]
|
||||
ENABLE_OPENID_SIGNIN = true
|
||||
ENABLE_OPENID_SIGNUP = true
|
||||
|
||||
[session]
|
||||
PROVIDER = file
|
||||
|
||||
[log]
|
||||
MODE = console
|
||||
LEVEL = info
|
||||
ROOT_PATH = /var/lib/gitea/log
|
||||
ROUTER = console
|
||||
|
||||
[repository.pull-request]
|
||||
DEFAULT_MERGE_STYLE = merge
|
||||
|
||||
[repository.signing]
|
||||
DEFAULT_TRUST_MODEL = committer
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = true
|
||||
INTERNAL_TOKEN = {{ gitea_internal_token }}
|
||||
PASSWORD_HASH_ALGO = pbkdf2
|
||||
|
||||
|
||||
# Public asset generation (to allow nginx to serve them) needs nodejs>14.
|
||||
|
||||
# - name: Create gitea static hierarchy
|
||||
# file:
|
||||
# state: directory
|
||||
# mode: 0755
|
||||
# owner: git-static
|
||||
# group: git-static
|
||||
# path: "{{ item }}"
|
||||
# loop:
|
||||
# - /var/lib/gitea-static/source
|
||||
# - /var/lib/gitea-static/public
|
||||
#
|
||||
# - name: Download gitea tarball # For the static content
|
||||
# unarchive:
|
||||
# src: "https://github.com/go-gitea/gitea/archive/refs/tags/v{{ gitea_version }}.tar.gz"
|
||||
# dest: /var/lib/gitea-static/source/
|
||||
# remote_src: true
|
||||
# owner: git-static
|
||||
# group: git-static
|
||||
# register: download_gitea_tarball
|
||||
#
|
||||
# - name: Compile static assets
|
||||
# command: make frontend
|
||||
# args:
|
||||
# chdir: "/var/lib/gitea-static/source/gitea-{{ gitea_version }}"
|
||||
# become: true
|
||||
# become_user: git-static
|
||||
# when: download_gitea_tarball is changed
|
||||
#
|
||||
# - name: Copy public assets
|
||||
# synchronize:
|
||||
# src: "/var/lib/gitea-static/source/gitea-{{ gitea_version }}/public/"
|
||||
# dest: "/var/lib/gitea-static/public/"
|
||||
|
||||
- name: Setup gitea systemd service
|
||||
copy:
|
||||
dest: /etc/systemd/system/gitea.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
Wants=postgresql.service
|
||||
After=postgresql.service
|
||||
|
||||
[Service]
|
||||
RestartSec=2s
|
||||
Type=simple
|
||||
User=git
|
||||
Group=git
|
||||
WorkingDirectory=/var/lib/gitea/
|
||||
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
|
||||
Restart=always
|
||||
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
- name: Setup nginx
|
||||
include_role: name=nginx
|
||||
vars:
|
||||
nginx_domain: git.afpy.org
|
||||
nginx_certificates: ['git.afpy.org']
|
||||
nginx_conf: |
|
||||
server
|
||||
{
|
||||
listen [::]:80; listen 80;
|
||||
server_name git.afpy.org;
|
||||
access_log /var/log/nginx/git.afpy.org-access.log;
|
||||
error_log /var/log/nginx/git.afpy.org-error.log;
|
||||
return 301 https://git.afpy.org$request_uri;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen [::]:443 ssl; listen 443 ssl;
|
||||
server_name git.afpy.org;
|
||||
access_log /var/log/nginx/git.afpy.org-access.log;
|
||||
error_log /var/log/nginx/git.afpy.org-error.log;
|
||||
include snippets/letsencrypt-git.afpy.org.conf;
|
||||
client_max_body_size 16M;
|
||||
|
||||
# location /_/static/assets/ {
|
||||
# alias /var/lib/gitea-static/public/;
|
||||
# }
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:3000;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
- name: Start gitea
|
||||
service: name=gitea enabled=yes state=started daemon_reload=yes
|
||||
|
|
Loading…
Reference in New Issue