ansible
/
xoxys.gitea
1
0
Fork 0
Code Issues Pull Requests 1 Releases Activity

refactor: move to podman container setup
continuous-integration/drone/pr Build is failing Details

This commit is contained in:
Robert Kaussow 2023-08-05 15:48:47 +02:00
parent b68e7e49a8
commit 1d03f664ac
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
31 changed files with 420 additions and 808 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
defaults/main.yml
View File

@ -1,35 +1,63 @@
---
gitea_version: 1.16.1
gitea_user: "gitea_adm"
gitea_user_home: "/home/{{ gitea_user }}"
gitea_group: "{{ gitea_user }}"
gitea_extra_groups: []
gitea_image: "docker.io/gitea/gitea:latest-rootless"
gitea_url: "http://localhost:3000"
gitea_packages:
- git
# @var gitea_volumes:description: > Define required docker volumes.
# @end
# @var gitea_volumes:example: >
# gitea_volumes:
# - name: data
# # target location inside the container
# dest: /var/lib/gitea
# type: volume
# @end
gitea_volumes:
- name: "gitea-data"
dest: /var/lib/gitea
- name: /etc/timezone
dest: /etc/timezone
type: bind
opts: Z,ro
- name: /etc/localtime
dest: /etc/localtime
type: bind
opts: Z,ro
gitea_base_dir: "/opt/gitea"
gitea_config_dir: "{{ gitea_base_dir }}/custom/conf"
gitea_data_dir: "{{ gitea_base_dir }}/data"
gitea_run_dir: "{{ gitea_base_dir }}/run"
gitea_template_dir: "{{ gitea_base_dir }}/custom/templates"
# @var gitea_network:description: >
# Name of the container network. If the name ends with `.network`, the network will be created with the specified configuration.
# Otherwise, the network must already exist and the container will be attached to the network.
# @end
gitea_network: "gitea.network"
gitea_network_ipv6_enabled: False
# @var gitea_network_ipv6_subnet:value: $ "_unset_"
# @var gitea_network_ipv6_subnet:example: $ "fd00:0:0:2::/64"
# @var gitea_network_ipv6_gateway:value: $ "_unset_"
# @var gitea_network_ipv6_gateway:example: $ "fd00:0:0:2::1"
gitea_selinux_fcontext:
- target: "{{ gitea_log_dir }}(/.*)?"
setype: var_log_t
gitea_selinux_restorecon:
- "-ir {{ gitea_log_dir }}"
# @var gitea_network_ipv4_subnet:value: $ "_unset_"
# @var gitea_network_ipv4_gateway:value: $ "_unset_"
gitea_bind_ip: 127.0.0.1
gitea_bind_port: 61000
gitea_listen_address: http://gitea.example.com
# @var gitea_exposed_ports:description: >
# Ports you want to publish outside of Docker. The Gitea UI is running on `3000` inside of the container.
# @end
gitea_exposed_ports: []
gitea_cap_add: []
gitea_cap_drop: []
gitea_podman_args:
- --pids-limit=-1
- --health-cmd='["wget", "--spider", "--proxy", "off", "http://localhost:3000/api/healthz"]'
- --health-interval=5s
- --health-timeout=5s
- --health-retries=6
- --health-on-failure=kill
gitea_install_lock: True
# @var gitea_secret:description: Should be replaced by your own secret.
gitea_secret: "1234567ABCDEFG"
# @var gitea_token:description: Should be replaced by your own secret.
gitea_token: "akslkaldasasifiuvsiasfa7s7f8as7f8asd"
gitea_run_mode: prod
gitea_login_remember_days: 7
gitea_password_min_lenght: 8
# @var gitea_password_complexity:description: >
@ -91,7 +119,6 @@ gitea_default_dependencies_enabled: True
gitea_default_timetracking_enabled: True
gitea_log_level: Info
gitea_log_dir: "{{ gitea_base_dir }}/log"
gitea_repository_default_private: last
gitea_repository_force_private: False
@ -275,9 +302,3 @@ gitea_jwt_signing_algorithm: RS256
gitea_metrics_enabled: False
# @var gitea_metrics_token:description: If you want to add authorization, specify a token here.
# @var gitea_metrics_token:default: $ "_unset_"
gitea_tls_enabled: False
gitea_tls_cert_path: "{{ gitea_base_dir }}/tls/certs/mycert.pem"
gitea_tls_key_path: "{{ gitea_base_dir }}/tls/private/mykey.pem"
gitea_tls_cert_source: mycert.pem
gitea_tls_key_source: mykey.pem

7
handlers/main.yml
View File

@ -1,10 +1,7 @@
---
- name: Restart Gitea Service
- name: Restart Gitea
service:
name: gitea
state: restarted
daemon_reload: yes
enabled: yes
daemon_reload: True
listen: __gitea_restart
become: True
become_user: root

5
molecule/centos7/converge.yml
View File

@ -1,5 +0,0 @@
---
- name: Converge
hosts: all
roles:
- role: xoxys.gitea

120
molecule/centos7/create.yml
View File

@ -1,120 +0,0 @@
---
- name: Create
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
vars:
ssh_port: 22
ssh_user: root
ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
tasks:
- name: Create SSH key
user:
name: "{{ lookup('env', 'USER') }}"
generate_ssh_key: true
ssh_key_file: "{{ ssh_path }}"
force: true
register: generated_ssh_key
- name: Register the SSH key name
set_fact:
ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}"
- name: Register SSH key for test instance(s)
hcloud_ssh_key:
name: "{{ ssh_key_name }}"
public_key: "{{ generated_ssh_key.ssh_public_key }}"
state: present
- name: Create molecule instance(s)
hcloud_server:
name: "{{ item.name }}"
server_type: "{{ item.server_type }}"
ssh_keys:
- "{{ ssh_key_name }}"
image: "{{ item.image }}"
location: "{{ item.location | default(omit) }}"
datacenter: "{{ item.datacenter | default(omit) }}"
user_data: "{{ item.user_data | default(omit) }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: present
register: server
loop: "{{ molecule_yml.platforms }}"
async: 7200
poll: 0
- name: Wait for instance(s) creation to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_jobs
until: hetzner_jobs.finished
retries: 300
loop: "{{ server.results }}"
- name: Create volume(s)
hcloud_volume:
name: "{{ item.name }}"
server: "{{ item.name }}"
location: "{{ item.location | default(omit) }}"
size: "{{ item.volume_size | default(10) }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: "present"
loop: "{{ molecule_yml.platforms }}"
when: item.volume | default(False) | bool
register: volumes
async: 7200
poll: 0
- name: Wait for volume(s) creation to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_volumes
until: hetzner_volumes.finished
retries: 300
when: volumes.changed
loop: "{{ volumes.results }}"
# Mandatory configuration for Molecule to function.
- name: Populate instance config dict
set_fact:
instance_conf_dict:
{
"instance": "{{ item.hcloud_server.name }}",
"ssh_key_name": "{{ ssh_key_name }}",
"address": "{{ item.hcloud_server.ipv4_address }}",
"user": "{{ ssh_user }}",
"port": "{{ ssh_port }}",
"identity_file": "{{ ssh_path }}",
"volume": "{{ item.item.item.volume | default(False) | bool }}",
}
loop: "{{ hetzner_jobs.results }}"
register: instance_config_dict
when: server.changed | bool
- name: Convert instance config dict to a list
set_fact:
instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
when: server.changed | bool
- name: Dump instance config
copy:
content: |
# Molecule managed
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
- name: Wait for SSH
wait_for:
port: "{{ ssh_port }}"
host: "{{ item.address }}"
search_regex: SSH
delay: 10
loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}"
- name: Wait for VM to settle down
pause:
seconds: 30

24
molecule/centos7/molecule.yml
View File

@ -1,24 +0,0 @@
---
dependency:
name: galaxy
options:
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
env:
ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
driver:
name: delegated
platforms:
- name: centos7-gitea
image: centos-7
server_type: cx11
lint: |
/usr/local/bin/flake8
provisioner:
name: ansible
env:
ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
log: False
verifier:
name: testinfra

18
molecule/centos7/tests/test_default.py
View File

@ -1,18 +0,0 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_gitea_running_and_enabled(host):
gitea = host.service("gitea")
assert gitea.is_running
assert gitea.is_enabled
def test_gitea_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:61000").is_listening

2
molecule/default
View File

@ -1 +1 @@
rocky8
rocky9

10
molecule/requirements.yml
View File

@ -1,6 +1,12 @@
---
collections:
- name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz
- name: https://gitea.rknet.org/ansible/xoxys.general
type: git
- name: community.general
- name: containers.podman
roles: []
roles:
- src: https://gitea.rknet.org/ansible/xoxys.podman
name: xoxys.podman
scm: git
version: main

5
molecule/rocky8/converge.yml
View File

@ -1,5 +0,0 @@
---
- name: Converge
hosts: all
roles:
- role: xoxys.gitea

78
molecule/rocky8/destroy.yml
View File

@ -1,78 +0,0 @@
---
- name: Destroy
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
tasks:
- name: Check existing instance config file
stat:
path: "{{ molecule_instance_config }}"
register: cfg
- name: Populate the instance config
set_fact:
instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}"
- name: Destroy molecule instance(s)
hcloud_server:
name: "{{ item.instance }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: absent
register: server
loop: "{{ instance_conf }}"
async: 7200
poll: 0
- name: Wait for instance(s) deletion to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_jobs
until: hetzner_jobs.finished
retries: 300
loop: "{{ server.results }}"
- pause:
seconds: 5
- name: Destroy volume(s)
hcloud_volume:
name: "{{ item.instance }}"
server: "{{ item.instance }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: "absent"
register: volumes
loop: "{{ instance_conf }}"
when: item.volume | default(False) | bool
async: 7200
poll: 0
- name: Wait for volume(s) deletion to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_volumes
until: hetzner_volumes.finished
retries: 300
when: volumes.changed
loop: "{{ volumes.results }}"
- name: Remove registered SSH key
hcloud_ssh_key:
name: "{{ instance_conf[0].ssh_key_name }}"
state: absent
when: (instance_conf | default([])) | length > 0
# Mandatory configuration for Molecule to function.
- name: Populate instance config
set_fact:
instance_conf: {}
- name: Dump instance config
copy:
content: |
# Molecule managed
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool

15
molecule/rocky8/prepare.yml
View File

@ -1,15 +0,0 @@
---
- name: Prepare
hosts: all
gather_facts: false
tasks:
- name: Bootstrap python for Ansible
raw: |
command -v python3 python || (
(test -e /usr/bin/dnf && sudo dnf install -y python3) ||
(test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
(test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
echo "Warning: Python not boostrapped due to unknown platform."
)
become: true
changed_when: false

18
molecule/rocky8/tests/test_default.py
View File

@ -1,18 +0,0 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_gitea_running_and_enabled(host):
gitea = host.service("gitea")
assert gitea.is_running
assert gitea.is_enabled
def test_gitea_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:61000").is_listening

10
molecule/rocky9/converge.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Converge
hosts: all
roles:
- role: xoxys.podman
- role: xoxys.gitea
vars:
gitea_exposed_ports:
- 127.0.0.1:3000:3000
- 127.0.0.1:2222:2222

2
molecule/rocky8/create.yml → molecule/rocky9/create.yml
View File

@ -117,4 +117,4 @@
- name: Wait for VM to settle down
pause:
seconds: 30
seconds: 30

2
molecule/centos7/destroy.yml → molecule/rocky9/destroy.yml
View File

@ -75,4 +75,4 @@
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
when: server.changed | bool

4
molecule/rocky8/molecule.yml → molecule/rocky9/molecule.yml
View File

@ -9,8 +9,8 @@ dependency:
driver:
name: delegated
platforms:
- name: rocky8-gitea
image: rocky-8
- name: rocky9-gitea
image: rocky-9
server_type: cx11
lint: |
/usr/local/bin/flake8

0
molecule/centos7/prepare.yml → molecule/rocky9/prepare.yml
View File

30
molecule/rocky9/tests/test_default.py Normal file
View File

@ -0,0 +1,30 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_gitea_running_and_enabled(host):
gitea = host.service("gitea")
assert gitea.is_running
assert gitea.is_enabled
def test_gitea_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:3000").is_listening
# Verify the socket is listening for SSH traffic
assert host.socket("tcp://127.0.0.1:2222").is_listening
def test_gitea_conn_error(host):
code = int(
host.run("curl -sSL -w '%{http_code}' http://127.0.0.1:3000/ -o /dev/null").stdout # noqa
)
body = host.run("curl -sSLX GET http://127.0.0.1:3000/").stdout
assert code == 200
assert "Gitea: Git with a cup of tea" in body

59
tasks/install.yml
View File

@ -1,59 +0,0 @@
---
- name: Prepare base folder
file:
path: "{{ gitea_base_dir }}"
state: directory
owner: "{{ gitea_user }}"
group: "{{ gitea_user }}"
mode: 0750
become: True
become_user: root
- block:
- name: Prepare folder structure
file:
path: "{{ item }}"
state: directory
mode: 0750
loop:
- "{{ gitea_config_dir }}"
- "{{ gitea_data_dir }}"
- "{{ gitea_log_dir }}"
- "{{ gitea_run_dir }}"
- "{{ gitea_template_dir }}/custom"
- name: Download Gitea binary
get_url:
url: "https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
dest: "{{ gitea_base_dir }}/gitea-latest"
mode: 0750
notify: __gitea_restart
- name: Copy config file
template:
src: "custom/conf/app.ini.j2"
dest: "{{ gitea_config_dir }}/app.ini"
mode: 0600
notify: __gitea_restart
- name: Copy template files
template:
src: "templates/custom/templates/custom/{{ item }}.tmpl.j2"
dest: "{{ gitea_template_dir }}/custom/{{ item }}.tmpl"
mode: 0600
loop:
- extra_links_footer
- extra_links
notify: __gitea_restart
become: True
become_user: "{{ gitea_user }}"
- block:
- name: Copy systemd unit file
template:
src: "etc/systemd/system/gitea.service.j2"
dest: "/etc/systemd/system/gitea.service"
mode: 0640
notify: __gitea_restart
become: True
become_user: root

60
tasks/main.yml
View File

@ -1,9 +1,53 @@
---
- include_tasks: prepare.yml
- include_tasks: install.yml
- include_tasks: selinux.yml
when: ansible_selinux.status == "enabled"
- import_tasks: tls.yml
when: gitea_tls_enabled | bool
tags: tls_renewal
- include_tasks: post_tasks.yml
- block:
- name: Create network specs
template:
src: etc/containers/systemd/gitea.network.j2
dest: "/etc/containers/systemd/gitea.network"
owner: root
group: root
mode: "0640"
when: gitea_network | splitext | last == ".network"
notify: __gitea_restart
- name: Create container volumes
containers.podman.podman_volume:
name: "{{ item.name }}"
options: "{{ item.options | default(omit) }}"
state: "{{ item.state | default('present') }}"
loop: "{{ gitea_volumes }}"
loop_control:
label: "{{ item.name }}"
when: item.type | default("volume") | lower == "volume"
register: __gitea_volumes_raw
- name: Register container volumes map
set_fact:
__gitea_volumes_map: "{{ __gitea_volumes_raw.results | json_query('[].volume') | items2dict(key_name='Name', value_name='Mountpoint') }}"
- name: Deploy gitea env file
template:
src: etc/containers/systemd/gitea.env.j2
dest: "/etc/containers/systemd/gitea.env"
owner: root
group: root
mode: "0640"
notify: __gitea_restart
- name: Create container specs
template:
src: etc/containers/systemd/gitea.container.j2
dest: "/etc/containers/systemd/gitea.container"
owner: root
group: root
mode: "0640"
notify: __gitea_restart
- name: Ensure service state
systemd:
name: "gitea.service"
state: started
daemon_reload: True
enabled: True
become: True
become_user: root

9
tasks/post_tasks.yml
View File

@ -1,9 +0,0 @@
---
- name: Ensure gitea service is up and running
service:
state: started
daemon_reload: yes
enabled: yes
name: gitea
become: True
become_user: root

23
tasks/prepare.yml
View File

@ -1,23 +0,0 @@
---
- block:
- name: Create group '{{ gitea_group }}'
group:
name: "{{ gitea_group }}"
state: present
- name: Create user '{{ gitea_user }}'
user:
comment: Gitea
name: "{{ gitea_user }}"
home: "{{ gitea_user_home }}"
group: "{{ gitea_group }}"
groups: "{{ gitea_extra_groups | join(',') }}"
- name: Install dependencies
package:
name: "{{ item }}"
state: present
loop:
- "{{ gitea_packages }}"
become: True
become_user: root

15
tasks/selinux.yml
View File

@ -1,15 +0,0 @@
---
- block:
- name: Add SELinux file context mapping definitions
sefcontext:
target: "{{ item.target }}"
setype: "{{ item.setype }}"
state: present
loop: "{{ gitea_selinux_fcontext }}"
- name: Apply new SELinux file context to filesystem
command: "restorecon {{ item }}"
loop: "{{ gitea_selinux_restorecon }}"
changed_when: False
become: True
become_user: root

28
tasks/tls.yml
View File

@ -1,28 +0,0 @@
---
- block:
- name: Create tls folder structure
file:
path: "{{ item }}"
state: directory
owner: "{{ gitea_user }}"
group: "{{ gitea_group }}"
recurse: True
loop:
- "{{ gitea_tls_cert_path | dirname }}"
- "{{ gitea_tls_key_path | dirname }}"
become: True
become_user: root
- block:
- name: Copy certs and private key
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- { src: "{{ gitea_tls_key_source }}", dest: '{{ gitea_tls_key_path }}', mode: '0600' }
- { src: "{{ gitea_tls_cert_source }}", dest: '{{ gitea_tls_cert_path }}', mode: '0750' }
loop_control:
label: "{{ item.dest }}"
become: True
become_user: "{{ gitea_user }}"

315
templates/custom/conf/app.ini.j2
View File

@ -1,315 +0,0 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment(decoration="; ")}}
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = {{ gitea_user }}
RUN_MODE = {{ gitea_run_mode }}
WORK_PATH = {{ gitea_base_dir }}
[repository]
ROOT = {{ gitea_data_dir }}/repos
FORCE_PRIVATE = {{ gitea_repository_force_private | bool | lower }}
DEFAULT_PRIVATE = {{ gitea_repository_default_private }}
MAX_CREATION_LIMIT = {{ gitea_repository_creation_limit }}
PREFERRED_LICENSES = {{ gitea_repository_default_license | join(",") }}
DISABLE_HTTP_GIT = {{ 'false' if gitea_repository_http_enabled | bool else 'true' }}
{% if gitea_repository_access_control_allow_origin is defined and gitea_repository_access_control_allow_origin %}
ACCESS_CONTROL_ALLOW_ORIGIN = {{ gitea_repository_access_control_allow_origin }}
{% endif %}
USE_COMPAT_SSH_URI = {{ gitea_repository_use_compat_ssh_uri | bool | lower }}
ENABLE_PUSH_CREATE_USER = {{ gitea_repository_push_create_user_enabled | bool | lower }}
ENABLE_PUSH_CREATE_ORG = {{ gitea_repository_push_create_org_enabled | bool | lower }}
DEFAULT_REPO_UNITS = {{ gitea_repository_default_repo_units | join(",") }}
DEFAULT_BRANCH = {{ gitea_repository_default_branch }}
[repository.editor]
LINE_WRAP_EXTENSIONS = {{ gitea_repository_editor_line_wrap_ext | join(",") }}
PREVIEWABLE_FILE_MODES = markdown
[repository.upload]
{% if gitea_repository_upload_enabled | bool %}
ENABLED = true
{% if gitea_repository_upload_allowed_types %}
ALLOWED_TYPES = {{ gitea_repository_upload_allowed_types | join(",") }}
{% endif %}
FILE_MAX_SIZE = {{ gitea_repository_upload_max_filesize }}
MAX_FILES = {{ gitea_repository_upload_max_files }}
{% else %}
ENABLED = false
{% endif %}
[repository.pull-request]
WORK_IN_PROGRESS_PREFIXES = {{ gitea_repository_pr_wip_prefix | join(",") }}
CLOSE_KEYWORDS = {{ gitea_repository_pr_close_keyword | join(",") }}
REOPEN_KEYWORDS = {{ gitea_repository_pr_reopen_keyword | join(",") }}
[repository.issue]
LOCK_REASONS = {{ gitea_repository_issue_lock_reason | join(",") }}
[ui]
EXPLORE_PAGING_NUM = {{ gitea_ui_explore_paging_num }}
ISSUE_PAGING_NUM = {{ gitea_ui_issue_paging_num }}
FEED_MAX_COMMIT_NUM = {{ gitea_ui_feed_commit_num }}
GRAPH_MAX_COMMIT_NUM = {{ gitea_ui_graph_commit_num }}
CODE_COMMENT_LINES = {{ gitea_ui_code_comment_lines }}
SHOW_USER_EMAIL = {{ gitea_ui_show_user_email | bool | lower }}
REACTIONS = {{ gitea_ui_reaction | join(",") }}
DEFAULT_SHOW_FULL_NAME = {{ gitea_ui_show_full_name | bool | lower }}
SEARCH_REPO_DESCRIPTION = {{ gitea_ui_search_repo_description | bool | lower }}
[ui.admin]
USER_PAGING_NUM = {{ gitea_ui_admin_user_paging_num }}
REPO_PAGING_NUM = {{ gitea_ui_admin_repo_paging_num }}
NOTICE_PAGING_NUM = {{ gitea_ui_admin_notice_paging_num }}
ORG_PAGING_NUM = {{ gitea_ui_admin_org_paging_num }}
[ui.user]
REPO_PAGING_NUM = {{ gitea_ui_user_repo_paging_num }}
[markdown]
ENABLE_HARD_LINE_BREAK = {{ gitea_markdown_hard_linebreak_enabled | bool | lower }}
{% if gitea_markdown_custom_url_scheme %}
CUSTOM_URL_SCHEMES = {{ gitea_markdown_custom_url_scheme | join(",") }}
{% endif %}
FILE_EXTENSIONS = {{ gitea_markdown_file_ext | join(",") }}
[server]
PROTOCOL = {{ 'https' if gitea_tls_enabled else 'http' }}
DOMAIN = {{ gitea_listen_address | urlsplit('hostname') }}
ROOT_URL = {{ gitea_listen_address | urlsplit('scheme') }}://%(DOMAIN)s/
HTTP_ADDR = {{ gitea_bind_ip }}
HTTP_PORT = {{ gitea_bind_port }}
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
DISABLE_SSH = {{ 'false' if gitea_ssh_enabled | bool else 'true' }}
START_SSH_SERVER = false
MINIMUM_KEY_SIZE_CHECK = {{ gitea_minimum_keysize_check | bool | lower }}
OFFLINE_MODE = {{ gitea_offline_mode | bool | lower }}
{% if gitea_tls_enabled | bool %}
CERT_FILE = {{ gitea_tls_cert_path }}
KEY_FILE = {{ gitea_tls_key_path }}
{% endif %}
APP_DATA_PATH = {{ gitea_data_dir }}
PPROF_DATA_PATH = {{ gitea_data_dir }}/tmp/pprof
LANDING_PAGE = {{ gitea_landing_page }}
{% if gitea_lfs_enabled | bool %}
LFS_START_SERVER = true
LFS_CONTENT_PATH = {{ gitea_data_dir }}/lfs
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
LFS_HTTP_AUTH_EXPIRY = 20m
{% else %}
LFS_START_SERVER = false
{% endif %}
[ssh.minimum_key_sizes]
{% for key in gitea_minimum_keysize %}
{{ key.name }} = {{ key.size }}
{% endfor %}
[database]
{% if gitea_db_type == "pgsql" %}
DB_TYPE = postgres
HOST = {{ gitea_db_server }}:{{ gitea_db_port }}
NAME = {{ gitea_db_name }}
USER = {{ gitea_db_user }}
PASSWD = {{ gitea_db_password }}
SSL_MODE = {{ gitea_db_ssl_mode }}
{% elif gitea_db_type == "sqlite" %}
DB_TYPE = sqlite3
PATH = {{ gitea_data_dir }}/gitea.db
SQLITE_TIMEOUT = 500
{% endif %}
[indexer]
ISSUE_INDEXER_TYPE = bleve
ISSUE_INDEXER_PATH = {{ gitea_data_dir }}/indexers/issues.bleve
REPO_INDEXER_ENABLED = true
REPO_INDEXER_PATH = {{ gitea_data_dir }}/indexers/repos.bleve
[queue.issue_indexer]
DATADIR = {{ gitea_data_dir }}/issues.queue
[admin]
DISABLE_REGULAR_ORG_CREATION = {{ 'false' if gitea_org_creation_enabled | bool else 'true' }}
DEFAULT_EMAIL_NOTIFICATIONS = {{ gitea_default_email_notification }}
[webhook]
QUEUE_LENGTH = 1000
DELIVER_TIMEOUT = 5
ALLOWED_HOST_LIST = {{ gitea_webhook_allowed_host_list | join(",") }}
SKIP_TLS_VERIFY = false
[security]
INSTALL_LOCK = {{ gitea_install_lock | bool | lower }}
SECRET_KEY = {{ gitea_secret }}
LOGIN_REMEMBER_DAYS = {{ gitea_login_remember_days }}
MIN_PASSWORD_LENGTH = {{ gitea_password_min_lenght }}
DISABLE_GIT_HOOKS = {{ 'false' if gitea_git_hooks_enabled | bool else 'true' }}
PASSWORD_COMPLEXITY = {{ gitea_password_complexity | join(",") }}
PASSWORD_HASH_ALGO = pbkdf2
INTERNAL_TOKEN = {{ gitea_token }}
[service]
REGISTER_EMAIL_CONFIRM = {{ gitea_registration_email_confirm | bool | lower }}
{% if gitea_registration_email_domain_whitelist is defined and gitea_registration_email_domain_whitelist %}
EMAIL_DOMAIN_WHITELIST= {{ gitea_registration_email_domain_whitelist | join(",") }}
{% endif %}
DISABLE_REGISTRATION = {{ 'false' if gitea_registration_enabled | bool else 'true' }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_registration_allow_external_only | bool | lower }}
REQUIRE_SIGNIN_VIEW = false
{% if gitea_mail_service_enabled | bool %}
ENABLE_NOTIFY_MAIL = true
{% endif %}
ENABLE_BASIC_AUTHENTICATION = true
ALLOW_CROSS_REPOSITORY_DEPENDENCIES = true
ENABLE_USER_HEATMAP = true
ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = {{ gitea_no_reply_address }}
SHOW_REGISTRATION_BUTTON = {{ gitea_registration_button_enabled | bool | lower }}
SHOW_MILESTONES_DASHBOARD_PAGE = true
AUTO_WATCH_NEW_REPOS = {{ gitea_repository_auto_watch_on_creation | bool | lower }}
AUTO_WATCH_ON_CHANGES = {{ gitea_repository_auto_watch_on_change | bool | lower }}
DEFAULT_KEEP_EMAIL_PRIVATE = {{ gitea_default_keep_email_private | bool | lower }}
DEFAULT_ALLOW_CREATE_ORGANIZATION = {{ gitea_default_org_allow_creation | bool | lower }}
DEFAULT_ORG_VISIBILITY = {{ gitea_default_org_visible }}
DEFAULT_ORG_MEMBER_VISIBLE = {{ gitea_default_org_member_visible | bool | lower }}
DEFAULT_ENABLE_DEPENDENCIES = {{ gitea_default_dependencies_enabled | bool | lower }}
DEFAULT_ENABLE_TIMETRACKING = {{ gitea_default_timetracking_enabled | bool | lower }}
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
{% if gitea_mail_service_enabled | bool %}
[mailer]
ENABLED = true
{% if gitea_mail_subject_prefix is defined and gitea_mail_subject_prefix %}
SUBJECT_PREFIX = {{ gitea_mail_subject_prefix }}
{% endif %}
FROM = {{ gitea_mail_service_from }}
PROTOCOL = sendmail
SENDMAIL_PATH = /usr/sbin/sendmail
{% else %}
[mailer]
ENABLED = false
{% endif %}
[session]
PROVIDER = {{ gitea_session_provider }}
PROVIDER_CONFIG = {{ gitea_session_provider_config }}
COOKIE_NAME = {{ gitea_session_cookie_name }}
COOKIE_SECURE = {{ gitea_session_cookie_secure | bool | lower }}
ENABLE_SET_COOKIE = {{ gitea_session_enable_set_cookie | bool | lower }}
GC_INTERVAL_TIME = {{ gitea_session_session_life_time }}
SESSION_LIFE_TIME = {{ gitea_session_session_life_time }}
[picture]
AVATAR_UPLOAD_PATH = {{ gitea_data_dir }}/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = {{ gitea_data_dir }}/repo-avatars
REPOSITORY_AVATAR_FALLBACK = none
DISABLE_GRAVATAR = {{ 'false' if gitea_gravatar_enabled | bool else 'true' }}
GRAVATAR_SOURCE = {{ gitea_gravatar_source }}
ENABLE_FEDERATED_AVATAR = {{ gitea_avatar_federation_enabled | bool | lower }}
[attachment]
{% if gitea_attachment_enabled | bool %}
ENABLE = true
PATH = {{ gitea_data_dir }}/attachments
ALLOWED_TYPES = {{ gitea_attachment_allowed_types | join("|") }}
MAX_SIZE = {{ gitea_attachment_max_filesize }}
MAX_FILES = {{ gitea_attachment_max_files }}
{% else %}
ENABLE = false
{% endif %}
[log]
ROOT_PATH = {{ gitea_log_dir }}
MODE = file
REDIRECT_MACARON_LOG = true
MACARON = file
ROUTER_LOG_LEVEL = Info
logger.router.MODE = file
{% raw %}
ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
{% endraw %}
logger.access.MODE = file
LEVEL = {{ gitea_log_level }}
STACKTRACE_LEVEL = None
[log.file]
LOG_ROTATE = false
[log.file.macaron]
LEVEL = Info
[log.file.router]
LEVEL = Info
[log.file.access]
LEVEL = Info
[cron]
ENABLED = true
RUN_AT_START = false
[cron.update_mirrors]
SCHEDULE = @every 10m
[cron.repo_health_check]
SCHEDULE = @every 24h
TIMEOUT =
ARGS =
[cron.check_repo_stats]
RUN_AT_START = true
SCHEDULE = @every 24h
[cron.archive_cleanup]
ENABLED = true
RUN_AT_START = true
SCHEDULE = @every 24h
OLDER_THAN = 24h
[cron.sync_external_users]
RUN_AT_START = true
SCHEDULE = @every 24h
UPDATE_EXISTING = true
[cron.update_migration_post_id]
SCHEDULE = @every 24h
[mirror]
DEFAULT_INTERVAL = {{ gitea_mirror_default_interval }}
MIN_INTERVAL = {{ gitea_mirror_min_interval }}
[api]
ENABLE_SWAGGER = {{ gitea_api_swagger_enabled | bool | lower }}
MAX_RESPONSE_ITEMS = 50
DEFAULT_PAGING_NUM = {{ gitea_api_default_paging_num }}
DEFAULT_GIT_TREES_PER_PAGE = {{ gitea_api_default_git_trees_per_page }}
DEFAULT_MAX_BLOB_SIZE = 10485760
{% if gitea_oauth_provider_enabled | bool %}
[oauth2]
ENABLE = true
ACCESS_TOKEN_EXPIRATION_TIME = {{ gitea_access_token_expiration_time }}
REFRESH_TOKEN_EXPIRATION_TIME = {{ gitea_refresh_token_expiration_time }}
INVALIDATE_REFRESH_TOKENS = {{ gitea_invalidate_refresh_tokens | bool | lower }}
JWT_SIGNING_ALGORITHM = {{ gitea_jwt_signing_algorithm }}
JWT_SECRET = {{ gitea_jwt_secret }}
{% else %}
[oauth2]
ENABLE = false
{% endif %}
[other]
SHOW_FOOTER_BRANDING = {{ gitea_footer_show_branding | bool | lower }}
SHOW_FOOTER_VERSION = {{ gitea_footer_show_version | bool | lower }}
SHOW_FOOTER_TEMPLATE_LOAD_TIME = {{ gitea_footer_show_template_load_time | bool | lower }}
[markup.asciidoc]
ENABLED = false
FILE_EXTENSIONS = .adoc,.asciidoc
RENDER_COMMAND = asciidoc --out-file=- -
IS_INPUT_FILE = false
[metrics]
ENABLED = {{ gitea_metrics_enabled | bool | lower }}
{% if gitea_metrics_token is defined and gitea_metrics_token %}
TOKEN = {{ gitea_metrics_token }}
{% endif %}

4
templates/custom/templates/custom/extra_links.tmpl.j2
View File

@ -1,4 +0,0 @@
#jinja2: lstrip_blocks: True
{% for link in gitea_extra_links %}
<a class="item" href="{{ link.href }}">{{ link.name }}</a>
{% endfor %}

4
templates/custom/templates/custom/extra_links_footer.tmpl.j2
View File

@ -1,4 +0,0 @@
#jinja2: lstrip_blocks: True
{% for link in gitea_extra_links_footer %}
<a class="item" href="{{ link.href }}">{{ link.name }}</a>
{% endfor %}

32
templates/etc/containers/systemd/gitea.container.j2 Normal file
View File

@ -0,0 +1,32 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
[Install]
WantedBy=default.target
[Service]
Restart=on-failure
RestartSec=5s
ExecReload=/usr/bin/podman kill --signal=SIGHUP %p
[Container]
Image={{ gitea_image }}
EnvironmentFile=/etc/containers/systemd/gitea.env
{% for item in gitea_volumes %}
Volume={{ item.name }}:{{ item.dest }}{{ ":" + item.opts if item.opts is defined else "" }}
{% endfor %}
{% if gitea_cap_add | length > 0 %}
AddCapability={{ gitea_cap_add | join(" ") }}
{% endif %}
{% if gitea_cap_drop | length > 0 %}
DropCapability={{ gitea_cap_drop | join(" ") }}
{% endif %}
Network={{ gitea_network }}
{% for item in gitea_exposed_ports %}
PublishPort={{ item }}
{% endfor %}
{% for item in gitea_podman_args %}
PodmanArgs={{ item }}
{% endfor %}

213
templates/etc/containers/systemd/gitea.env.j2 Normal file
View File

@ -0,0 +1,213 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
GITEA__RUN_MODE=prod
GITEA__repository__FORCE_PRIVATE={{ gitea_repository_force_private | bool | lower }}
GITEA__repository__DEFAULT_PRIVATE={{ gitea_repository_default_private }}
GITEA__repository__MAX_CREATION_LIMIT={{ gitea_repository_creation_limit }}
GITEA__repository__PREFERRED_LICENSES={{ gitea_repository_default_license | join(",") }}
GITEA__repository__DISABLE_HTTP_GIT={{ "false" if gitea_repository_http_enabled | bool else "true" }}
{% if gitea_repository_access_control_allow_origin is defined and gitea_repository_access_control_allow_origin %}
GITEA__repository__ACCESS_CONTROL_ALLOW_ORIGIN={{ gitea_repository_access_control_allow_origin }}
{% endif %}
GITEA__repository__USE_COMPAT_SSH_URI={{ gitea_repository_use_compat_ssh_uri | bool | lower }}
GITEA__repository__ENABLE_PUSH_CREATE_USER={{ gitea_repository_push_create_user_enabled | bool | lower }}
GITEA__repository__ENABLE_PUSH_CREATE_ORG={{ gitea_repository_push_create_org_enabled | bool | lower }}
GITEA__repository__DEFAULT_REPO_UNITS={{ gitea_repository_default_repo_units | join(",") }}
GITEA__repository__DEFAULT_BRANCH={{ gitea_repository_default_branch }}
GITEA__repository_0X2E_editor__LINE_WRAP_EXTENSIONS={{ gitea_repository_editor_line_wrap_ext | join(",") }}
GITEA__repository_0X2E_editor__PREVIEWABLE_FILE_MODES=markdown
{% if gitea_repository_upload_enabled | bool %}
GITEA__repository_0X2E_upload__ENABLED=true
{% if gitea_repository_upload_allowed_types %}
GITEA__repository_0X2E_upload__ALLOWED_TYPES={{ gitea_repository_upload_allowed_types | join(",") }}
{% endif %}
GITEA__repository_0X2E_upload__FILE_MAX_SIZE={{ gitea_repository_upload_max_filesize }}
GITEA__repository_0X2E_upload__MAX_FILES={{ gitea_repository_upload_max_files }}
{% else %}
GITEA__repository_0X2E_upload__ENABLED=false
{% endif %}
GITEA__repository_0X2E_pull_0X2D_request__WORK_IN_PROGRESS_PREFIXES={{ gitea_repository_pr_wip_prefix | join(",") }}
GITEA__repository_0X2E_pull_0X2D_request__CLOSE_KEYWORDS={{ gitea_repository_pr_close_keyword | join(",") }}
GITEA__repository_0X2E_pull_0X2D_request__REOPEN_KEYWORDS={{ gitea_repository_pr_reopen_keyword | join(",") }}
GITEA__repository_0X2E_issue__LOCK_REASONS={{ gitea_repository_issue_lock_reason | join(",") }}
GITEA__ui__EXPLORE_PAGING_NUM={{ gitea_ui_explore_paging_num }}
GITEA__ui__ISSUE_PAGING_NUM={{ gitea_ui_issue_paging_num }}
GITEA__ui__FEED_MAX_COMMIT_NUM={{ gitea_ui_feed_commit_num }}
GITEA__ui__GRAPH_MAX_COMMIT_NUM={{ gitea_ui_graph_commit_num }}
GITEA__ui__CODE_COMMENT_LINES={{ gitea_ui_code_comment_lines }}
GITEA__ui__SHOW_USER_EMAIL={{ gitea_ui_show_user_email | bool | lower }}
GITEA__ui__REACTIONS={{ gitea_ui_reaction | join(",") }}
GITEA__ui__DEFAULT_SHOW_FULL_NAME={{ gitea_ui_show_full_name | bool | lower }}
GITEA__ui__SEARCH_REPO_DESCRIPTION={{ gitea_ui_search_repo_description | bool | lower }}
GITEA__ui_0X2E_admin__USER_PAGING_NUM={{ gitea_ui_admin_user_paging_num }}
GITEA__ui_0X2E_admin__REPO_PAGING_NUM={{ gitea_ui_admin_repo_paging_num }}
GITEA__ui_0X2E_admin__NOTICE_PAGING_NUM={{ gitea_ui_admin_notice_paging_num }}
GITEA__ui_0X2E_admin__ORG_PAGING_NUM={{ gitea_ui_admin_org_paging_num }}
GITEA__ui_0X2E_user__REPO_PAGING_NUM={{ gitea_ui_user_repo_paging_num }}
GITEA__markdown__ENABLE_HARD_LINE_BREAK={{ gitea_markdown_hard_linebreak_enabled | bool | lower }}
{% if gitea_markdown_custom_url_scheme %}
GITEA__markdown__CUSTOM_URL_SCHEMES={{ gitea_markdown_custom_url_scheme | join(",") }}
{% endif %}
GITEA__markdown__FILE_EXTENSIONS={{ gitea_markdown_file_ext | join(",") }}
GITEA__server__DOMAIN={{ gitea_url | urlsplit("hostname") }}
GITEA__server__ROOT_URL={{ gitea_url }}
GITEA__server__DISABLE_SSH={{ "false" if gitea_ssh_enabled | bool else "true" }}
GITEA__server__START_SSH_SERVER=true
GITEA__server__MINIMUM_KEY_SIZE_CHECK={{ gitea_minimum_keysize_check | bool | lower }}
GITEA__server__OFFLINE_MODE={{ gitea_offline_mode | bool | lower }}
GITEA__server__LANDING_PAGE={{ gitea_landing_page }}
{% if gitea_lfs_enabled | bool %}
GITEA__server__LFS_START_SERVER=true
GITEA__server__LFS_JWT_SECRET={{ gitea_lfs_jwt_secret }}
GITEA__server__LFS_HTTP_AUTH_EXPIRY=20m
{% else %}
GITEA__server__LFS_START_SERVER=false
{% endif %}
{% for key in gitea_minimum_keysize %}
GITEA__ssh_0X2E_minimum_key_sizes__{{ key.name | upper }}={{ key.size }}
{% endfor %}
{% if gitea_db_type == "pgsql" %}
GITEA__database__DB_TYPE=postgres
GITEA__database__HOST={{ gitea_db_server }}:{{ gitea_db_port }}
GITEA__database__NAME={{ gitea_db_name }}
GITEA__database__USER={{ gitea_db_user }}
GITEA__database__PASSWD={{ gitea_db_password }}
GITEA__database__SSL_MODE={{ gitea_db_ssl_mode }}
{% elif gitea_db_type == "sqlite" %}
GITEA__database__DB_TYPE=sqlite3
GITEA__database__SQLITE_TIMEOUT=500
{% endif %}
GITEA__admin__DISABLE_REGULAR_ORG_CREATION={{ "false" if gitea_org_creation_enabled | bool else "true" }}
GITEA__admin__DEFAULT_EMAIL_NOTIFICATIONS={{ gitea_default_email_notification }}
GITEA__webhook__QUEUE_LENGTH=1000
GITEA__webhook__DELIVER_TIMEOUT=5
GITEA__webhook__ALLOWED_HOST_LIST={{ gitea_webhook_allowed_host_list | join(",") }}
GITEA__webhook__SKIP_TLS_VERIFY=false
GITEA__security__INSTALL_LOCK={{ gitea_install_lock | bool | lower }}
GITEA__security__SECRET_KEY={{ gitea_secret }}
GITEA__security__LOGIN_REMEMBER_DAYS={{ gitea_login_remember_days }}
GITEA__security__MIN_PASSWORD_LENGTH={{ gitea_password_min_lenght }}
GITEA__security__DISABLE_GIT_HOOKS={{ "false" if gitea_git_hooks_enabled | bool else "true" }}
GITEA__security__PASSWORD_COMPLEXITY={{ gitea_password_complexity | join(",") }}
GITEA__security__PASSWORD_HASH_ALGO=pbkdf2
GITEA__security__INTERNAL_TOKEN={{ gitea_token }}
GITEA__service__REGISTER_EMAIL_CONFIRM={{ gitea_registration_email_confirm | bool | lower }}
{% if gitea_registration_email_domain_whitelist is defined and gitea_registration_email_domain_whitelist %}
GITEA__service__EMAIL_DOMAIN_WHITELIST= {{ gitea_registration_email_domain_whitelist | join(",") }}
{% endif %}
GITEA__service__DISABLE_REGISTRATION={{ "false" if gitea_registration_enabled | bool else "true" }}
GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION={{ gitea_registration_allow_external_only | bool | lower }}
GITEA__service__REQUIRE_SIGNIN_VIEW=false
{% if gitea_mail_service_enabled | bool %}
GITEA__service__ENABLE_NOTIFY_MAIL=true
{% endif %}
GITEA__service__ENABLE_BASIC_AUTHENTICATION=true
GITEA__service__ALLOW_CROSS_REPOSITORY_DEPENDENCIES=true
GITEA__service__ENABLE_USER_HEATMAP=true
GITEA__service__ENABLE_TIMETRACKING=true
GITEA__service__NO_REPLY_ADDRESS={{ gitea_no_reply_address }}
GITEA__service__SHOW_REGISTRATION_BUTTON={{ gitea_registration_button_enabled | bool | lower }}
GITEA__service__SHOW_MILESTONES_DASHBOARD_PAGE=true
GITEA__service__AUTO_WATCH_NEW_REPOS={{ gitea_repository_auto_watch_on_creation | bool | lower }}
GITEA__service__AUTO_WATCH_ON_CHANGES={{ gitea_repository_auto_watch_on_change | bool | lower }}
GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE={{ gitea_default_keep_email_private | bool | lower }}
GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION={{ gitea_default_org_allow_creation | bool | lower }}
GITEA__service__DEFAULT_ORG_VISIBILITY={{ gitea_default_org_visible }}
GITEA__service__DEFAULT_ORG_MEMBER_VISIBLE={{ gitea_default_org_member_visible | bool | lower }}
GITEA__service__DEFAULT_ENABLE_DEPENDENCIES={{ gitea_default_dependencies_enabled | bool | lower }}
GITEA__service__DEFAULT_ENABLE_TIMETRACKING={{ gitea_default_timetracking_enabled | bool | lower }}
GITEA__service__DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME=true
{% if gitea_mail_service_enabled | bool %}
GITEA__mailer__ENABLED=true
{% if gitea_mail_subject_prefix is defined and gitea_mail_subject_prefix %}
GITEA__mailer__SUBJECT_PREFIX={{ gitea_mail_subject_prefix }}
{% endif %}
GITEA__mailer__FROM={{ gitea_mail_service_from }}
GITEA__mailer__PROTOCOL=sendmail
GITEA__mailer__SENDMAIL_PATH=/usr/sbin/sendmail
{% else %}
GITEA__mailer__ENABLED=false
{% endif %}
GITEA__session__PROVIDER={{ gitea_session_provider }}
GITEA__session__PROVIDER_CONFIG={{ gitea_session_provider_config }}
GITEA__session__COOKIE_NAME={{ gitea_session_cookie_name }}
GITEA__session__COOKIE_SECURE={{ gitea_session_cookie_secure | bool | lower }}
GITEA__session__ENABLE_SET_COOKIE={{ gitea_session_enable_set_cookie | bool | lower }}
GITEA__session__GC_INTERVAL_TIME={{ gitea_session_session_life_time }}
GITEA__session__SESSION_LIFE_TIME={{ gitea_session_session_life_time }}
GITEA__picture__REPOSITORY_AVATAR_FALLBACK=none
GITEA__picture__DISABLE_GRAVATAR={{ "false" if gitea_gravatar_enabled | bool else "true" }}
GITEA__picture__GRAVATAR_SOURCE={{ gitea_gravatar_source }}
GITEA__picture__ENABLE_FEDERATED_AVATAR={{ gitea_avatar_federation_enabled | bool | lower }}
{% if gitea_attachment_enabled | bool %}
GITEA__attachment__ENABLE=true
GITEA__attachment__ALLOWED_TYPES={{ gitea_attachment_allowed_types | join("|") }}
GITEA__attachment__MAX_SIZE={{ gitea_attachment_max_filesize }}
GITEA__attachment__MAX_FILES={{ gitea_attachment_max_files }}
{% else %}
GITEA__attachment__ENABLE=false
{% endif %}
GITEA__log__logger_0X2E_xorm_0X2E_MODE=
GITEA__log__logger_0X2E_router_0X2E_MODE=
#GITEA__log__MODE=file
#GITEA__log__REDIRECT_MACARON_LOG=true
#GITEA__log__MACARON=file
#GITEA__log__ROUTER_LOG_LEVEL=Info
#GITEA__log__logger_0X2E_router_0X2E_MODE=file
#{% raw %}
#GITEA__log__ACCESS_LOG_TEMPLATE={{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
#{% endraw %}
#GITEA__log__logger_0X2E_access_0X2E_MODE=file
#GITEA__log__LEVEL={{ gitea_log_level }}
#GITEA__log__STACKTRACE_LEVEL=None
GITEA__mirror__DEFAULT_INTERVAL={{ gitea_mirror_default_interval }}
GITEA__mirror__MIN_INTERVAL={{ gitea_mirror_min_interval }}
GITEA__api__ENABLE_SWAGGER={{ gitea_api_swagger_enabled | bool | lower }}
GITEA__api__MAX_RESPONSE_ITEMS=50
GITEA__api__DEFAULT_PAGING_NUM={{ gitea_api_default_paging_num }}
GITEA__api__DEFAULT_GIT_TREES_PER_PAGE={{ gitea_api_default_git_trees_per_page }}
GITEA__api__DEFAULT_MAX_BLOB_SIZE=10485760
{% if gitea_oauth_provider_enabled | bool %}
GITEA__oauth2__ENABLE=true
GITEA__oauth2__ACCESS_TOKEN_EXPIRATION_TIME={{ gitea_access_token_expiration_time }}
GITEA__oauth2__REFRESH_TOKEN_EXPIRATION_TIME={{ gitea_refresh_token_expiration_time }}
GITEA__oauth2__INVALIDATE_REFRESH_TOKENS={{ gitea_invalidate_refresh_tokens | bool | lower }}
GITEA__oauth2__JWT_SIGNING_ALGORITHM={{ gitea_jwt_signing_algorithm }}
GITEA__oauth2__JWT_SECRET={{ gitea_jwt_secret }}
{% else %}
GITEA__oauth2__ENABLE=false
{% endif %}
GITEA__other__SHOW_FOOTER_BRANDING={{ gitea_footer_show_branding | bool | lower }}
GITEA__other__SHOW_FOOTER_VERSION={{ gitea_footer_show_version | bool | lower }}
GITEA__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME={{ gitea_footer_show_template_load_time | bool | lower }}
GITEA__metrics__ENABLED={{ gitea_metrics_enabled | bool | lower }}
{% if gitea_metrics_token is defined and gitea_metrics_token %}
GITEA__metrics__TOKEN={{ gitea_metrics_token }}
{% endif %}

19
templates/etc/containers/systemd/gitea.network.j2 Normal file
View File

@ -0,0 +1,19 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
[Network]
{% if gitea_network_ipv4_subnet is defined %}
Subnet={{ gitea_network_ipv4_subnet }}
{% endif %}
{% if gitea_network_ipv4_gateway is defined %}
Gateway={{ gitea_network_ipv4_gateway }}
{% endif %}
IPv6={{ gitea_network_ipv6_enabled | bool | lower }}
{% if gitea_network_ipv6_enabled | bool %}
{% if gitea_network_ipv6_subnet is defined %}
Subnet={{ gitea_network_ipv6_subnet }}
{% endif %}
{% if gitea_network_ipv6_gateway is defined %}
Gateway={{ gitea_network_ipv6_gateway }}
{% endif %}
{% endif %}
Label=app=gitea

20
templates/etc/systemd/system/gitea.service.j2
View File

@ -1,20 +0,0 @@
{{ ansible_managed | comment }}
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
[Service]
Type=simple
Environment=USER={{ gitea_user }}
Environment=HOME={{ gitea_user_home }}
Environment=GITEA_WORK_DIR={{ gitea_base_dir }}
User={{ gitea_user }}
Group={{ gitea_group }}
WorkingDirectory={{ gitea_base_dir }}
ExecStart={{ gitea_base_dir }}/gitea-latest web -c {{ gitea_config_dir }}/app.ini -P {{ gitea_run_dir }}/gitea.pid
Restart=on-failure
PrivateTmp=yes
[Install]
WantedBy=multi-user.target