refactor: move to podman container setup
continuous-integration/drone/pr Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
This commit is contained in:
parent
b68e7e49a8
commit
1d03f664ac
|
@ -1,35 +1,63 @@
|
|||
---
|
||||
gitea_version: 1.16.1
|
||||
gitea_user: "gitea_adm"
|
||||
gitea_user_home: "/home/{{ gitea_user }}"
|
||||
gitea_group: "{{ gitea_user }}"
|
||||
gitea_extra_groups: []
|
||||
gitea_image: "docker.io/gitea/gitea:latest-rootless"
|
||||
gitea_url: "http://localhost:3000"
|
||||
|
||||
gitea_packages:
|
||||
- git
|
||||
# @var gitea_volumes:description: > Define required docker volumes.
|
||||
# @end
|
||||
# @var gitea_volumes:example: >
|
||||
# gitea_volumes:
|
||||
# - name: data
|
||||
# # target location inside the container
|
||||
# dest: /var/lib/gitea
|
||||
# type: volume
|
||||
# @end
|
||||
gitea_volumes:
|
||||
- name: "gitea-data"
|
||||
dest: /var/lib/gitea
|
||||
- name: /etc/timezone
|
||||
dest: /etc/timezone
|
||||
type: bind
|
||||
opts: Z,ro
|
||||
- name: /etc/localtime
|
||||
dest: /etc/localtime
|
||||
type: bind
|
||||
opts: Z,ro
|
||||
|
||||
gitea_base_dir: "/opt/gitea"
|
||||
gitea_config_dir: "{{ gitea_base_dir }}/custom/conf"
|
||||
gitea_data_dir: "{{ gitea_base_dir }}/data"
|
||||
gitea_run_dir: "{{ gitea_base_dir }}/run"
|
||||
gitea_template_dir: "{{ gitea_base_dir }}/custom/templates"
|
||||
# @var gitea_network:description: >
|
||||
# Name of the container network. If the name ends with `.network`, the network will be created with the specified configuration.
|
||||
# Otherwise, the network must already exist and the container will be attached to the network.
|
||||
# @end
|
||||
gitea_network: "gitea.network"
|
||||
gitea_network_ipv6_enabled: False
|
||||
# @var gitea_network_ipv6_subnet:value: $ "_unset_"
|
||||
# @var gitea_network_ipv6_subnet:example: $ "fd00:0:0:2::/64"
|
||||
# @var gitea_network_ipv6_gateway:value: $ "_unset_"
|
||||
# @var gitea_network_ipv6_gateway:example: $ "fd00:0:0:2::1"
|
||||
|
||||
gitea_selinux_fcontext:
|
||||
- target: "{{ gitea_log_dir }}(/.*)?"
|
||||
setype: var_log_t
|
||||
gitea_selinux_restorecon:
|
||||
- "-ir {{ gitea_log_dir }}"
|
||||
# @var gitea_network_ipv4_subnet:value: $ "_unset_"
|
||||
# @var gitea_network_ipv4_gateway:value: $ "_unset_"
|
||||
|
||||
gitea_bind_ip: 127.0.0.1
|
||||
gitea_bind_port: 61000
|
||||
gitea_listen_address: http://gitea.example.com
|
||||
# @var gitea_exposed_ports:description: >
|
||||
# Ports you want to publish outside of Docker. The Gitea UI is running on `3000` inside of the container.
|
||||
# @end
|
||||
gitea_exposed_ports: []
|
||||
|
||||
gitea_cap_add: []
|
||||
gitea_cap_drop: []
|
||||
|
||||
gitea_podman_args:
|
||||
- --pids-limit=-1
|
||||
- --health-cmd='["wget", "--spider", "--proxy", "off", "http://localhost:3000/api/healthz"]'
|
||||
- --health-interval=5s
|
||||
- --health-timeout=5s
|
||||
- --health-retries=6
|
||||
- --health-on-failure=kill
|
||||
|
||||
gitea_install_lock: True
|
||||
# @var gitea_secret:description: Should be replaced by your own secret.
|
||||
gitea_secret: "1234567ABCDEFG"
|
||||
# @var gitea_token:description: Should be replaced by your own secret.
|
||||
gitea_token: "akslkaldasasifiuvsiasfa7s7f8as7f8asd"
|
||||
gitea_run_mode: prod
|
||||
gitea_login_remember_days: 7
|
||||
gitea_password_min_lenght: 8
|
||||
# @var gitea_password_complexity:description: >
|
||||
|
@ -91,7 +119,6 @@ gitea_default_dependencies_enabled: True
|
|||
gitea_default_timetracking_enabled: True
|
||||
|
||||
gitea_log_level: Info
|
||||
gitea_log_dir: "{{ gitea_base_dir }}/log"
|
||||
|
||||
gitea_repository_default_private: last
|
||||
gitea_repository_force_private: False
|
||||
|
@ -275,9 +302,3 @@ gitea_jwt_signing_algorithm: RS256
|
|||
gitea_metrics_enabled: False
|
||||
# @var gitea_metrics_token:description: If you want to add authorization, specify a token here.
|
||||
# @var gitea_metrics_token:default: $ "_unset_"
|
||||
|
||||
gitea_tls_enabled: False
|
||||
gitea_tls_cert_path: "{{ gitea_base_dir }}/tls/certs/mycert.pem"
|
||||
gitea_tls_key_path: "{{ gitea_base_dir }}/tls/private/mykey.pem"
|
||||
gitea_tls_cert_source: mycert.pem
|
||||
gitea_tls_key_source: mykey.pem
|
||||
|
|
|
@ -1,10 +1,7 @@
|
|||
---
|
||||
- name: Restart Gitea Service
|
||||
- name: Restart Gitea
|
||||
service:
|
||||
name: gitea
|
||||
state: restarted
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
daemon_reload: True
|
||||
listen: __gitea_restart
|
||||
become: True
|
||||
become_user: root
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
roles:
|
||||
- role: xoxys.gitea
|
|
@ -1,120 +0,0 @@
|
|||
---
|
||||
- name: Create
|
||||
hosts: localhost
|
||||
connection: local
|
||||
gather_facts: false
|
||||
no_log: "{{ molecule_no_log }}"
|
||||
vars:
|
||||
ssh_port: 22
|
||||
ssh_user: root
|
||||
ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
|
||||
tasks:
|
||||
- name: Create SSH key
|
||||
user:
|
||||
name: "{{ lookup('env', 'USER') }}"
|
||||
generate_ssh_key: true
|
||||
ssh_key_file: "{{ ssh_path }}"
|
||||
force: true
|
||||
register: generated_ssh_key
|
||||
|
||||
- name: Register the SSH key name
|
||||
set_fact:
|
||||
ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}"
|
||||
|
||||
- name: Register SSH key for test instance(s)
|
||||
hcloud_ssh_key:
|
||||
name: "{{ ssh_key_name }}"
|
||||
public_key: "{{ generated_ssh_key.ssh_public_key }}"
|
||||
state: present
|
||||
|
||||
- name: Create molecule instance(s)
|
||||
hcloud_server:
|
||||
name: "{{ item.name }}"
|
||||
server_type: "{{ item.server_type }}"
|
||||
ssh_keys:
|
||||
- "{{ ssh_key_name }}"
|
||||
image: "{{ item.image }}"
|
||||
location: "{{ item.location | default(omit) }}"
|
||||
datacenter: "{{ item.datacenter | default(omit) }}"
|
||||
user_data: "{{ item.user_data | default(omit) }}"
|
||||
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
|
||||
state: present
|
||||
register: server
|
||||
loop: "{{ molecule_yml.platforms }}"
|
||||
async: 7200
|
||||
poll: 0
|
||||
|
||||
- name: Wait for instance(s) creation to complete
|
||||
async_status:
|
||||
jid: "{{ item.ansible_job_id }}"
|
||||
register: hetzner_jobs
|
||||
until: hetzner_jobs.finished
|
||||
retries: 300
|
||||
loop: "{{ server.results }}"
|
||||
|
||||
- name: Create volume(s)
|
||||
hcloud_volume:
|
||||
name: "{{ item.name }}"
|
||||
server: "{{ item.name }}"
|
||||
location: "{{ item.location | default(omit) }}"
|
||||
size: "{{ item.volume_size | default(10) }}"
|
||||
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
|
||||
state: "present"
|
||||
loop: "{{ molecule_yml.platforms }}"
|
||||
when: item.volume | default(False) | bool
|
||||
register: volumes
|
||||
async: 7200
|
||||
poll: 0
|
||||
|
||||
- name: Wait for volume(s) creation to complete
|
||||
async_status:
|
||||
jid: "{{ item.ansible_job_id }}"
|
||||
register: hetzner_volumes
|
||||
until: hetzner_volumes.finished
|
||||
retries: 300
|
||||
when: volumes.changed
|
||||
loop: "{{ volumes.results }}"
|
||||
|
||||
# Mandatory configuration for Molecule to function.
|
||||
|
||||
- name: Populate instance config dict
|
||||
set_fact:
|
||||
instance_conf_dict:
|
||||
{
|
||||
"instance": "{{ item.hcloud_server.name }}",
|
||||
"ssh_key_name": "{{ ssh_key_name }}",
|
||||
"address": "{{ item.hcloud_server.ipv4_address }}",
|
||||
"user": "{{ ssh_user }}",
|
||||
"port": "{{ ssh_port }}",
|
||||
"identity_file": "{{ ssh_path }}",
|
||||
"volume": "{{ item.item.item.volume | default(False) | bool }}",
|
||||
}
|
||||
loop: "{{ hetzner_jobs.results }}"
|
||||
register: instance_config_dict
|
||||
when: server.changed | bool
|
||||
|
||||
- name: Convert instance config dict to a list
|
||||
set_fact:
|
||||
instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
|
||||
when: server.changed | bool
|
||||
|
||||
- name: Dump instance config
|
||||
copy:
|
||||
content: |
|
||||
# Molecule managed
|
||||
|
||||
{{ instance_conf | to_nice_yaml(indent=2) }}
|
||||
dest: "{{ molecule_instance_config }}"
|
||||
when: server.changed | bool
|
||||
|
||||
- name: Wait for SSH
|
||||
wait_for:
|
||||
port: "{{ ssh_port }}"
|
||||
host: "{{ item.address }}"
|
||||
search_regex: SSH
|
||||
delay: 10
|
||||
loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}"
|
||||
|
||||
- name: Wait for VM to settle down
|
||||
pause:
|
||||
seconds: 30
|
|
@ -1,24 +0,0 @@
|
|||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
role-file: molecule/requirements.yml
|
||||
requirements-file: molecule/requirements.yml
|
||||
env:
|
||||
ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
|
||||
driver:
|
||||
name: delegated
|
||||
platforms:
|
||||
- name: centos7-gitea
|
||||
image: centos-7
|
||||
server_type: cx11
|
||||
lint: |
|
||||
/usr/local/bin/flake8
|
||||
provisioner:
|
||||
name: ansible
|
||||
env:
|
||||
ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
|
||||
ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
|
||||
log: False
|
||||
verifier:
|
||||
name: testinfra
|
|
@ -1,18 +0,0 @@
|
|||
import os
|
||||
|
||||
import testinfra.utils.ansible_runner
|
||||
|
||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||
os.environ["MOLECULE_INVENTORY_FILE"]
|
||||
).get_hosts("all")
|
||||
|
||||
|
||||
def test_gitea_running_and_enabled(host):
|
||||
gitea = host.service("gitea")
|
||||
assert gitea.is_running
|
||||
assert gitea.is_enabled
|
||||
|
||||
|
||||
def test_gitea_socket(host):
|
||||
# Verify the socket is listening for HTTP traffic
|
||||
assert host.socket("tcp://127.0.0.1:61000").is_listening
|
|
@ -1 +1 @@
|
|||
rocky8
|
||||
rocky9
|
|
@ -1,6 +1,12 @@
|
|||
---
|
||||
collections:
|
||||
- name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz
|
||||
- name: https://gitea.rknet.org/ansible/xoxys.general
|
||||
type: git
|
||||
- name: community.general
|
||||
- name: containers.podman
|
||||
|
||||
roles: []
|
||||
roles:
|
||||
- src: https://gitea.rknet.org/ansible/xoxys.podman
|
||||
name: xoxys.podman
|
||||
scm: git
|
||||
version: main
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
roles:
|
||||
- role: xoxys.gitea
|
|
@ -1,78 +0,0 @@
|
|||
---
|
||||
- name: Destroy
|
||||
hosts: localhost
|
||||
connection: local
|
||||
gather_facts: false
|
||||
no_log: "{{ molecule_no_log }}"
|
||||
tasks:
|
||||
- name: Check existing instance config file
|
||||
stat:
|
||||
path: "{{ molecule_instance_config }}"
|
||||
register: cfg
|
||||
|
||||
- name: Populate the instance config
|
||||
set_fact:
|
||||
instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}"
|
||||
|
||||
- name: Destroy molecule instance(s)
|
||||
hcloud_server:
|
||||
name: "{{ item.instance }}"
|
||||
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
|
||||
state: absent
|
||||
register: server
|
||||
loop: "{{ instance_conf }}"
|
||||
async: 7200
|
||||
poll: 0
|
||||
|
||||
- name: Wait for instance(s) deletion to complete
|
||||
async_status:
|
||||
jid: "{{ item.ansible_job_id }}"
|
||||
register: hetzner_jobs
|
||||
until: hetzner_jobs.finished
|
||||
retries: 300
|
||||
loop: "{{ server.results }}"
|
||||
|
||||
- pause:
|
||||
seconds: 5
|
||||
|
||||
- name: Destroy volume(s)
|
||||
hcloud_volume:
|
||||
name: "{{ item.instance }}"
|
||||
server: "{{ item.instance }}"
|
||||
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
|
||||
state: "absent"
|
||||
register: volumes
|
||||
loop: "{{ instance_conf }}"
|
||||
when: item.volume | default(False) | bool
|
||||
async: 7200
|
||||
poll: 0
|
||||
|
||||
- name: Wait for volume(s) deletion to complete
|
||||
async_status:
|
||||
jid: "{{ item.ansible_job_id }}"
|
||||
register: hetzner_volumes
|
||||
until: hetzner_volumes.finished
|
||||
retries: 300
|
||||
when: volumes.changed
|
||||
loop: "{{ volumes.results }}"
|
||||
|
||||
- name: Remove registered SSH key
|
||||
hcloud_ssh_key:
|
||||
name: "{{ instance_conf[0].ssh_key_name }}"
|
||||
state: absent
|
||||
when: (instance_conf | default([])) | length > 0
|
||||
|
||||
# Mandatory configuration for Molecule to function.
|
||||
|
||||
- name: Populate instance config
|
||||
set_fact:
|
||||
instance_conf: {}
|
||||
|
||||
- name: Dump instance config
|
||||
copy:
|
||||
content: |
|
||||
# Molecule managed
|
||||
|
||||
{{ instance_conf | to_nice_yaml(indent=2) }}
|
||||
dest: "{{ molecule_instance_config }}"
|
||||
when: server.changed | bool
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Bootstrap python for Ansible
|
||||
raw: |
|
||||
command -v python3 python || (
|
||||
(test -e /usr/bin/dnf && sudo dnf install -y python3) ||
|
||||
(test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
|
||||
(test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
|
||||
echo "Warning: Python not boostrapped due to unknown platform."
|
||||
)
|
||||
become: true
|
||||
changed_when: false
|
|
@ -1,18 +0,0 @@
|
|||
import os
|
||||
|
||||
import testinfra.utils.ansible_runner
|
||||
|
||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||
os.environ["MOLECULE_INVENTORY_FILE"]
|
||||
).get_hosts("all")
|
||||
|
||||
|
||||
def test_gitea_running_and_enabled(host):
|
||||
gitea = host.service("gitea")
|
||||
assert gitea.is_running
|
||||
assert gitea.is_enabled
|
||||
|
||||
|
||||
def test_gitea_socket(host):
|
||||
# Verify the socket is listening for HTTP traffic
|
||||
assert host.socket("tcp://127.0.0.1:61000").is_listening
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
roles:
|
||||
- role: xoxys.podman
|
||||
- role: xoxys.gitea
|
||||
vars:
|
||||
gitea_exposed_ports:
|
||||
- 127.0.0.1:3000:3000
|
||||
- 127.0.0.1:2222:2222
|
|
@ -117,4 +117,4 @@
|
|||
|
||||
- name: Wait for VM to settle down
|
||||
pause:
|
||||
seconds: 30
|
||||
seconds: 30
|
|
@ -75,4 +75,4 @@
|
|||
|
||||
{{ instance_conf | to_nice_yaml(indent=2) }}
|
||||
dest: "{{ molecule_instance_config }}"
|
||||
when: server.changed | bool
|
||||
when: server.changed | bool
|
|
@ -9,8 +9,8 @@ dependency:
|
|||
driver:
|
||||
name: delegated
|
||||
platforms:
|
||||
- name: rocky8-gitea
|
||||
image: rocky-8
|
||||
- name: rocky9-gitea
|
||||
image: rocky-9
|
||||
server_type: cx11
|
||||
lint: |
|
||||
/usr/local/bin/flake8
|
|
@ -0,0 +1,30 @@
|
|||
import os
|
||||
|
||||
import testinfra.utils.ansible_runner
|
||||
|
||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||
os.environ["MOLECULE_INVENTORY_FILE"]
|
||||
).get_hosts("all")
|
||||
|
||||
|
||||
def test_gitea_running_and_enabled(host):
|
||||
gitea = host.service("gitea")
|
||||
assert gitea.is_running
|
||||
assert gitea.is_enabled
|
||||
|
||||
|
||||
def test_gitea_socket(host):
|
||||
# Verify the socket is listening for HTTP traffic
|
||||
assert host.socket("tcp://127.0.0.1:3000").is_listening
|
||||
# Verify the socket is listening for SSH traffic
|
||||
assert host.socket("tcp://127.0.0.1:2222").is_listening
|
||||
|
||||
|
||||
def test_gitea_conn_error(host):
|
||||
code = int(
|
||||
host.run("curl -sSL -w '%{http_code}' http://127.0.0.1:3000/ -o /dev/null").stdout # noqa
|
||||
)
|
||||
body = host.run("curl -sSLX GET http://127.0.0.1:3000/").stdout
|
||||
|
||||
assert code == 200
|
||||
assert "Gitea: Git with a cup of tea" in body
|
|
@ -1,59 +0,0 @@
|
|||
---
|
||||
- name: Prepare base folder
|
||||
file:
|
||||
path: "{{ gitea_base_dir }}"
|
||||
state: directory
|
||||
owner: "{{ gitea_user }}"
|
||||
group: "{{ gitea_user }}"
|
||||
mode: 0750
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- block:
|
||||
- name: Prepare folder structure
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
loop:
|
||||
- "{{ gitea_config_dir }}"
|
||||
- "{{ gitea_data_dir }}"
|
||||
- "{{ gitea_log_dir }}"
|
||||
- "{{ gitea_run_dir }}"
|
||||
- "{{ gitea_template_dir }}/custom"
|
||||
|
||||
- name: Download Gitea binary
|
||||
get_url:
|
||||
url: "https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
|
||||
dest: "{{ gitea_base_dir }}/gitea-latest"
|
||||
mode: 0750
|
||||
notify: __gitea_restart
|
||||
|
||||
- name: Copy config file
|
||||
template:
|
||||
src: "custom/conf/app.ini.j2"
|
||||
dest: "{{ gitea_config_dir }}/app.ini"
|
||||
mode: 0600
|
||||
notify: __gitea_restart
|
||||
|
||||
- name: Copy template files
|
||||
template:
|
||||
src: "templates/custom/templates/custom/{{ item }}.tmpl.j2"
|
||||
dest: "{{ gitea_template_dir }}/custom/{{ item }}.tmpl"
|
||||
mode: 0600
|
||||
loop:
|
||||
- extra_links_footer
|
||||
- extra_links
|
||||
notify: __gitea_restart
|
||||
become: True
|
||||
become_user: "{{ gitea_user }}"
|
||||
|
||||
- block:
|
||||
- name: Copy systemd unit file
|
||||
template:
|
||||
src: "etc/systemd/system/gitea.service.j2"
|
||||
dest: "/etc/systemd/system/gitea.service"
|
||||
mode: 0640
|
||||
notify: __gitea_restart
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,9 +1,53 @@
|
|||
---
|
||||
- include_tasks: prepare.yml
|
||||
- include_tasks: install.yml
|
||||
- include_tasks: selinux.yml
|
||||
when: ansible_selinux.status == "enabled"
|
||||
- import_tasks: tls.yml
|
||||
when: gitea_tls_enabled | bool
|
||||
tags: tls_renewal
|
||||
- include_tasks: post_tasks.yml
|
||||
- block:
|
||||
- name: Create network specs
|
||||
template:
|
||||
src: etc/containers/systemd/gitea.network.j2
|
||||
dest: "/etc/containers/systemd/gitea.network"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0640"
|
||||
when: gitea_network | splitext | last == ".network"
|
||||
notify: __gitea_restart
|
||||
|
||||
- name: Create container volumes
|
||||
containers.podman.podman_volume:
|
||||
name: "{{ item.name }}"
|
||||
options: "{{ item.options | default(omit) }}"
|
||||
state: "{{ item.state | default('present') }}"
|
||||
loop: "{{ gitea_volumes }}"
|
||||
loop_control:
|
||||
label: "{{ item.name }}"
|
||||
when: item.type | default("volume") | lower == "volume"
|
||||
register: __gitea_volumes_raw
|
||||
|
||||
- name: Register container volumes map
|
||||
set_fact:
|
||||
__gitea_volumes_map: "{{ __gitea_volumes_raw.results | json_query('[].volume') | items2dict(key_name='Name', value_name='Mountpoint') }}"
|
||||
|
||||
- name: Deploy gitea env file
|
||||
template:
|
||||
src: etc/containers/systemd/gitea.env.j2
|
||||
dest: "/etc/containers/systemd/gitea.env"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0640"
|
||||
notify: __gitea_restart
|
||||
|
||||
- name: Create container specs
|
||||
template:
|
||||
src: etc/containers/systemd/gitea.container.j2
|
||||
dest: "/etc/containers/systemd/gitea.container"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0640"
|
||||
notify: __gitea_restart
|
||||
|
||||
- name: Ensure service state
|
||||
systemd:
|
||||
name: "gitea.service"
|
||||
state: started
|
||||
daemon_reload: True
|
||||
enabled: True
|
||||
become: True
|
||||
become_user: root
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
---
|
||||
- name: Ensure gitea service is up and running
|
||||
service:
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
name: gitea
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,23 +0,0 @@
|
|||
---
|
||||
- block:
|
||||
- name: Create group '{{ gitea_group }}'
|
||||
group:
|
||||
name: "{{ gitea_group }}"
|
||||
state: present
|
||||
|
||||
- name: Create user '{{ gitea_user }}'
|
||||
user:
|
||||
comment: Gitea
|
||||
name: "{{ gitea_user }}"
|
||||
home: "{{ gitea_user_home }}"
|
||||
group: "{{ gitea_group }}"
|
||||
groups: "{{ gitea_extra_groups | join(',') }}"
|
||||
|
||||
- name: Install dependencies
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
loop:
|
||||
- "{{ gitea_packages }}"
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- block:
|
||||
- name: Add SELinux file context mapping definitions
|
||||
sefcontext:
|
||||
target: "{{ item.target }}"
|
||||
setype: "{{ item.setype }}"
|
||||
state: present
|
||||
loop: "{{ gitea_selinux_fcontext }}"
|
||||
|
||||
- name: Apply new SELinux file context to filesystem
|
||||
command: "restorecon {{ item }}"
|
||||
loop: "{{ gitea_selinux_restorecon }}"
|
||||
changed_when: False
|
||||
become: True
|
||||
become_user: root
|
|
@ -1,28 +0,0 @@
|
|||
---
|
||||
- block:
|
||||
- name: Create tls folder structure
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ gitea_user }}"
|
||||
group: "{{ gitea_group }}"
|
||||
recurse: True
|
||||
loop:
|
||||
- "{{ gitea_tls_cert_path | dirname }}"
|
||||
- "{{ gitea_tls_key_path | dirname }}"
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- block:
|
||||
- name: Copy certs and private key
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
mode: "{{ item.mode }}"
|
||||
loop:
|
||||
- { src: "{{ gitea_tls_key_source }}", dest: '{{ gitea_tls_key_path }}', mode: '0600' }
|
||||
- { src: "{{ gitea_tls_cert_source }}", dest: '{{ gitea_tls_cert_path }}', mode: '0750' }
|
||||
loop_control:
|
||||
label: "{{ item.dest }}"
|
||||
become: True
|
||||
become_user: "{{ gitea_user }}"
|
|
@ -1,315 +0,0 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment(decoration="; ")}}
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
RUN_USER = {{ gitea_user }}
|
||||
RUN_MODE = {{ gitea_run_mode }}
|
||||
WORK_PATH = {{ gitea_base_dir }}
|
||||
|
||||
[repository]
|
||||
ROOT = {{ gitea_data_dir }}/repos
|
||||
FORCE_PRIVATE = {{ gitea_repository_force_private | bool | lower }}
|
||||
DEFAULT_PRIVATE = {{ gitea_repository_default_private }}
|
||||
MAX_CREATION_LIMIT = {{ gitea_repository_creation_limit }}
|
||||
PREFERRED_LICENSES = {{ gitea_repository_default_license | join(",") }}
|
||||
DISABLE_HTTP_GIT = {{ 'false' if gitea_repository_http_enabled | bool else 'true' }}
|
||||
{% if gitea_repository_access_control_allow_origin is defined and gitea_repository_access_control_allow_origin %}
|
||||
ACCESS_CONTROL_ALLOW_ORIGIN = {{ gitea_repository_access_control_allow_origin }}
|
||||
{% endif %}
|
||||
USE_COMPAT_SSH_URI = {{ gitea_repository_use_compat_ssh_uri | bool | lower }}
|
||||
ENABLE_PUSH_CREATE_USER = {{ gitea_repository_push_create_user_enabled | bool | lower }}
|
||||
ENABLE_PUSH_CREATE_ORG = {{ gitea_repository_push_create_org_enabled | bool | lower }}
|
||||
DEFAULT_REPO_UNITS = {{ gitea_repository_default_repo_units | join(",") }}
|
||||
DEFAULT_BRANCH = {{ gitea_repository_default_branch }}
|
||||
|
||||
[repository.editor]
|
||||
LINE_WRAP_EXTENSIONS = {{ gitea_repository_editor_line_wrap_ext | join(",") }}
|
||||
PREVIEWABLE_FILE_MODES = markdown
|
||||
|
||||
[repository.upload]
|
||||
{% if gitea_repository_upload_enabled | bool %}
|
||||
ENABLED = true
|
||||
{% if gitea_repository_upload_allowed_types %}
|
||||
ALLOWED_TYPES = {{ gitea_repository_upload_allowed_types | join(",") }}
|
||||
{% endif %}
|
||||
FILE_MAX_SIZE = {{ gitea_repository_upload_max_filesize }}
|
||||
MAX_FILES = {{ gitea_repository_upload_max_files }}
|
||||
{% else %}
|
||||
ENABLED = false
|
||||
{% endif %}
|
||||
|
||||
[repository.pull-request]
|
||||
WORK_IN_PROGRESS_PREFIXES = {{ gitea_repository_pr_wip_prefix | join(",") }}
|
||||
CLOSE_KEYWORDS = {{ gitea_repository_pr_close_keyword | join(",") }}
|
||||
REOPEN_KEYWORDS = {{ gitea_repository_pr_reopen_keyword | join(",") }}
|
||||
|
||||
[repository.issue]
|
||||
LOCK_REASONS = {{ gitea_repository_issue_lock_reason | join(",") }}
|
||||
|
||||
[ui]
|
||||
EXPLORE_PAGING_NUM = {{ gitea_ui_explore_paging_num }}
|
||||
ISSUE_PAGING_NUM = {{ gitea_ui_issue_paging_num }}
|
||||
FEED_MAX_COMMIT_NUM = {{ gitea_ui_feed_commit_num }}
|
||||
GRAPH_MAX_COMMIT_NUM = {{ gitea_ui_graph_commit_num }}
|
||||
CODE_COMMENT_LINES = {{ gitea_ui_code_comment_lines }}
|
||||
SHOW_USER_EMAIL = {{ gitea_ui_show_user_email | bool | lower }}
|
||||
REACTIONS = {{ gitea_ui_reaction | join(",") }}
|
||||
DEFAULT_SHOW_FULL_NAME = {{ gitea_ui_show_full_name | bool | lower }}
|
||||
SEARCH_REPO_DESCRIPTION = {{ gitea_ui_search_repo_description | bool | lower }}
|
||||
|
||||
[ui.admin]
|
||||
USER_PAGING_NUM = {{ gitea_ui_admin_user_paging_num }}
|
||||
REPO_PAGING_NUM = {{ gitea_ui_admin_repo_paging_num }}
|
||||
NOTICE_PAGING_NUM = {{ gitea_ui_admin_notice_paging_num }}
|
||||
ORG_PAGING_NUM = {{ gitea_ui_admin_org_paging_num }}
|
||||
|
||||
[ui.user]
|
||||
REPO_PAGING_NUM = {{ gitea_ui_user_repo_paging_num }}
|
||||
|
||||
[markdown]
|
||||
ENABLE_HARD_LINE_BREAK = {{ gitea_markdown_hard_linebreak_enabled | bool | lower }}
|
||||
{% if gitea_markdown_custom_url_scheme %}
|
||||
CUSTOM_URL_SCHEMES = {{ gitea_markdown_custom_url_scheme | join(",") }}
|
||||
{% endif %}
|
||||
FILE_EXTENSIONS = {{ gitea_markdown_file_ext | join(",") }}
|
||||
|
||||
[server]
|
||||
PROTOCOL = {{ 'https' if gitea_tls_enabled else 'http' }}
|
||||
DOMAIN = {{ gitea_listen_address | urlsplit('hostname') }}
|
||||
ROOT_URL = {{ gitea_listen_address | urlsplit('scheme') }}://%(DOMAIN)s/
|
||||
HTTP_ADDR = {{ gitea_bind_ip }}
|
||||
HTTP_PORT = {{ gitea_bind_port }}
|
||||
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
|
||||
DISABLE_SSH = {{ 'false' if gitea_ssh_enabled | bool else 'true' }}
|
||||
START_SSH_SERVER = false
|
||||
MINIMUM_KEY_SIZE_CHECK = {{ gitea_minimum_keysize_check | bool | lower }}
|
||||
OFFLINE_MODE = {{ gitea_offline_mode | bool | lower }}
|
||||
{% if gitea_tls_enabled | bool %}
|
||||
CERT_FILE = {{ gitea_tls_cert_path }}
|
||||
KEY_FILE = {{ gitea_tls_key_path }}
|
||||
{% endif %}
|
||||
APP_DATA_PATH = {{ gitea_data_dir }}
|
||||
PPROF_DATA_PATH = {{ gitea_data_dir }}/tmp/pprof
|
||||
LANDING_PAGE = {{ gitea_landing_page }}
|
||||
{% if gitea_lfs_enabled | bool %}
|
||||
LFS_START_SERVER = true
|
||||
LFS_CONTENT_PATH = {{ gitea_data_dir }}/lfs
|
||||
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
|
||||
LFS_HTTP_AUTH_EXPIRY = 20m
|
||||
{% else %}
|
||||
LFS_START_SERVER = false
|
||||
{% endif %}
|
||||
|
||||
[ssh.minimum_key_sizes]
|
||||
{% for key in gitea_minimum_keysize %}
|
||||
{{ key.name }} = {{ key.size }}
|
||||
{% endfor %}
|
||||
|
||||
[database]
|
||||
{% if gitea_db_type == "pgsql" %}
|
||||
DB_TYPE = postgres
|
||||
HOST = {{ gitea_db_server }}:{{ gitea_db_port }}
|
||||
NAME = {{ gitea_db_name }}
|
||||
USER = {{ gitea_db_user }}
|
||||
PASSWD = {{ gitea_db_password }}
|
||||
SSL_MODE = {{ gitea_db_ssl_mode }}
|
||||
{% elif gitea_db_type == "sqlite" %}
|
||||
DB_TYPE = sqlite3
|
||||
PATH = {{ gitea_data_dir }}/gitea.db
|
||||
SQLITE_TIMEOUT = 500
|
||||
{% endif %}
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_TYPE = bleve
|
||||
ISSUE_INDEXER_PATH = {{ gitea_data_dir }}/indexers/issues.bleve
|
||||
REPO_INDEXER_ENABLED = true
|
||||
REPO_INDEXER_PATH = {{ gitea_data_dir }}/indexers/repos.bleve
|
||||
|
||||
[queue.issue_indexer]
|
||||
DATADIR = {{ gitea_data_dir }}/issues.queue
|
||||
|
||||
[admin]
|
||||
DISABLE_REGULAR_ORG_CREATION = {{ 'false' if gitea_org_creation_enabled | bool else 'true' }}
|
||||
DEFAULT_EMAIL_NOTIFICATIONS = {{ gitea_default_email_notification }}
|
||||
|
||||
[webhook]
|
||||
QUEUE_LENGTH = 1000
|
||||
DELIVER_TIMEOUT = 5
|
||||
ALLOWED_HOST_LIST = {{ gitea_webhook_allowed_host_list | join(",") }}
|
||||
SKIP_TLS_VERIFY = false
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = {{ gitea_install_lock | bool | lower }}
|
||||
SECRET_KEY = {{ gitea_secret }}
|
||||
LOGIN_REMEMBER_DAYS = {{ gitea_login_remember_days }}
|
||||
MIN_PASSWORD_LENGTH = {{ gitea_password_min_lenght }}
|
||||
DISABLE_GIT_HOOKS = {{ 'false' if gitea_git_hooks_enabled | bool else 'true' }}
|
||||
PASSWORD_COMPLEXITY = {{ gitea_password_complexity | join(",") }}
|
||||
PASSWORD_HASH_ALGO = pbkdf2
|
||||
INTERNAL_TOKEN = {{ gitea_token }}
|
||||
|
||||
[service]
|
||||
REGISTER_EMAIL_CONFIRM = {{ gitea_registration_email_confirm | bool | lower }}
|
||||
{% if gitea_registration_email_domain_whitelist is defined and gitea_registration_email_domain_whitelist %}
|
||||
EMAIL_DOMAIN_WHITELIST= {{ gitea_registration_email_domain_whitelist | join(",") }}
|
||||
{% endif %}
|
||||
DISABLE_REGISTRATION = {{ 'false' if gitea_registration_enabled | bool else 'true' }}
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_registration_allow_external_only | bool | lower }}
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
{% if gitea_mail_service_enabled | bool %}
|
||||
ENABLE_NOTIFY_MAIL = true
|
||||
{% endif %}
|
||||
ENABLE_BASIC_AUTHENTICATION = true
|
||||
ALLOW_CROSS_REPOSITORY_DEPENDENCIES = true
|
||||
ENABLE_USER_HEATMAP = true
|
||||
ENABLE_TIMETRACKING = true
|
||||
NO_REPLY_ADDRESS = {{ gitea_no_reply_address }}
|
||||
SHOW_REGISTRATION_BUTTON = {{ gitea_registration_button_enabled | bool | lower }}
|
||||
SHOW_MILESTONES_DASHBOARD_PAGE = true
|
||||
AUTO_WATCH_NEW_REPOS = {{ gitea_repository_auto_watch_on_creation | bool | lower }}
|
||||
AUTO_WATCH_ON_CHANGES = {{ gitea_repository_auto_watch_on_change | bool | lower }}
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = {{ gitea_default_keep_email_private | bool | lower }}
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = {{ gitea_default_org_allow_creation | bool | lower }}
|
||||
DEFAULT_ORG_VISIBILITY = {{ gitea_default_org_visible }}
|
||||
DEFAULT_ORG_MEMBER_VISIBLE = {{ gitea_default_org_member_visible | bool | lower }}
|
||||
DEFAULT_ENABLE_DEPENDENCIES = {{ gitea_default_dependencies_enabled | bool | lower }}
|
||||
DEFAULT_ENABLE_TIMETRACKING = {{ gitea_default_timetracking_enabled | bool | lower }}
|
||||
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
|
||||
|
||||
{% if gitea_mail_service_enabled | bool %}
|
||||
[mailer]
|
||||
ENABLED = true
|
||||
{% if gitea_mail_subject_prefix is defined and gitea_mail_subject_prefix %}
|
||||
SUBJECT_PREFIX = {{ gitea_mail_subject_prefix }}
|
||||
{% endif %}
|
||||
FROM = {{ gitea_mail_service_from }}
|
||||
PROTOCOL = sendmail
|
||||
SENDMAIL_PATH = /usr/sbin/sendmail
|
||||
{% else %}
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
{% endif %}
|
||||
|
||||
[session]
|
||||
PROVIDER = {{ gitea_session_provider }}
|
||||
PROVIDER_CONFIG = {{ gitea_session_provider_config }}
|
||||
COOKIE_NAME = {{ gitea_session_cookie_name }}
|
||||
COOKIE_SECURE = {{ gitea_session_cookie_secure | bool | lower }}
|
||||
ENABLE_SET_COOKIE = {{ gitea_session_enable_set_cookie | bool | lower }}
|
||||
GC_INTERVAL_TIME = {{ gitea_session_session_life_time }}
|
||||
SESSION_LIFE_TIME = {{ gitea_session_session_life_time }}
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = {{ gitea_data_dir }}/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = {{ gitea_data_dir }}/repo-avatars
|
||||
REPOSITORY_AVATAR_FALLBACK = none
|
||||
DISABLE_GRAVATAR = {{ 'false' if gitea_gravatar_enabled | bool else 'true' }}
|
||||
GRAVATAR_SOURCE = {{ gitea_gravatar_source }}
|
||||
ENABLE_FEDERATED_AVATAR = {{ gitea_avatar_federation_enabled | bool | lower }}
|
||||
|
||||
[attachment]
|
||||
{% if gitea_attachment_enabled | bool %}
|
||||
ENABLE = true
|
||||
PATH = {{ gitea_data_dir }}/attachments
|
||||
ALLOWED_TYPES = {{ gitea_attachment_allowed_types | join("|") }}
|
||||
MAX_SIZE = {{ gitea_attachment_max_filesize }}
|
||||
MAX_FILES = {{ gitea_attachment_max_files }}
|
||||
{% else %}
|
||||
ENABLE = false
|
||||
{% endif %}
|
||||
|
||||
[log]
|
||||
ROOT_PATH = {{ gitea_log_dir }}
|
||||
MODE = file
|
||||
REDIRECT_MACARON_LOG = true
|
||||
MACARON = file
|
||||
ROUTER_LOG_LEVEL = Info
|
||||
logger.router.MODE = file
|
||||
{% raw %}
|
||||
ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
|
||||
{% endraw %}
|
||||
logger.access.MODE = file
|
||||
LEVEL = {{ gitea_log_level }}
|
||||
STACKTRACE_LEVEL = None
|
||||
|
||||
[log.file]
|
||||
LOG_ROTATE = false
|
||||
|
||||
[log.file.macaron]
|
||||
LEVEL = Info
|
||||
|
||||
[log.file.router]
|
||||
LEVEL = Info
|
||||
|
||||
[log.file.access]
|
||||
LEVEL = Info
|
||||
|
||||
[cron]
|
||||
ENABLED = true
|
||||
RUN_AT_START = false
|
||||
|
||||
[cron.update_mirrors]
|
||||
SCHEDULE = @every 10m
|
||||
|
||||
[cron.repo_health_check]
|
||||
SCHEDULE = @every 24h
|
||||
TIMEOUT =
|
||||
ARGS =
|
||||
|
||||
[cron.check_repo_stats]
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
|
||||
[cron.archive_cleanup]
|
||||
ENABLED = true
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
OLDER_THAN = 24h
|
||||
|
||||
[cron.sync_external_users]
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
UPDATE_EXISTING = true
|
||||
|
||||
[cron.update_migration_post_id]
|
||||
SCHEDULE = @every 24h
|
||||
|
||||
[mirror]
|
||||
DEFAULT_INTERVAL = {{ gitea_mirror_default_interval }}
|
||||
MIN_INTERVAL = {{ gitea_mirror_min_interval }}
|
||||
|
||||
[api]
|
||||
ENABLE_SWAGGER = {{ gitea_api_swagger_enabled | bool | lower }}
|
||||
MAX_RESPONSE_ITEMS = 50
|
||||
DEFAULT_PAGING_NUM = {{ gitea_api_default_paging_num }}
|
||||
DEFAULT_GIT_TREES_PER_PAGE = {{ gitea_api_default_git_trees_per_page }}
|
||||
DEFAULT_MAX_BLOB_SIZE = 10485760
|
||||
|
||||
{% if gitea_oauth_provider_enabled | bool %}
|
||||
[oauth2]
|
||||
ENABLE = true
|
||||
ACCESS_TOKEN_EXPIRATION_TIME = {{ gitea_access_token_expiration_time }}
|
||||
REFRESH_TOKEN_EXPIRATION_TIME = {{ gitea_refresh_token_expiration_time }}
|
||||
INVALIDATE_REFRESH_TOKENS = {{ gitea_invalidate_refresh_tokens | bool | lower }}
|
||||
JWT_SIGNING_ALGORITHM = {{ gitea_jwt_signing_algorithm }}
|
||||
JWT_SECRET = {{ gitea_jwt_secret }}
|
||||
{% else %}
|
||||
[oauth2]
|
||||
ENABLE = false
|
||||
{% endif %}
|
||||
|
||||
[other]
|
||||
SHOW_FOOTER_BRANDING = {{ gitea_footer_show_branding | bool | lower }}
|
||||
SHOW_FOOTER_VERSION = {{ gitea_footer_show_version | bool | lower }}
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = {{ gitea_footer_show_template_load_time | bool | lower }}
|
||||
|
||||
[markup.asciidoc]
|
||||
ENABLED = false
|
||||
FILE_EXTENSIONS = .adoc,.asciidoc
|
||||
RENDER_COMMAND = asciidoc --out-file=- -
|
||||
IS_INPUT_FILE = false
|
||||
|
||||
[metrics]
|
||||
ENABLED = {{ gitea_metrics_enabled | bool | lower }}
|
||||
{% if gitea_metrics_token is defined and gitea_metrics_token %}
|
||||
TOKEN = {{ gitea_metrics_token }}
|
||||
{% endif %}
|
|
@ -1,4 +0,0 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{% for link in gitea_extra_links %}
|
||||
<a class="item" href="{{ link.href }}">{{ link.name }}</a>
|
||||
{% endfor %}
|
|
@ -1,4 +0,0 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{% for link in gitea_extra_links_footer %}
|
||||
<a class="item" href="{{ link.href }}">{{ link.name }}</a>
|
||||
{% endfor %}
|
|
@ -0,0 +1,32 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment }}
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
|
||||
[Service]
|
||||
Restart=on-failure
|
||||
RestartSec=5s
|
||||
|
||||
ExecReload=/usr/bin/podman kill --signal=SIGHUP %p
|
||||
|
||||
[Container]
|
||||
Image={{ gitea_image }}
|
||||
EnvironmentFile=/etc/containers/systemd/gitea.env
|
||||
{% for item in gitea_volumes %}
|
||||
Volume={{ item.name }}:{{ item.dest }}{{ ":" + item.opts if item.opts is defined else "" }}
|
||||
{% endfor %}
|
||||
|
||||
{% if gitea_cap_add | length > 0 %}
|
||||
AddCapability={{ gitea_cap_add | join(" ") }}
|
||||
{% endif %}
|
||||
{% if gitea_cap_drop | length > 0 %}
|
||||
DropCapability={{ gitea_cap_drop | join(" ") }}
|
||||
{% endif %}
|
||||
|
||||
Network={{ gitea_network }}
|
||||
{% for item in gitea_exposed_ports %}
|
||||
PublishPort={{ item }}
|
||||
{% endfor %}
|
||||
{% for item in gitea_podman_args %}
|
||||
PodmanArgs={{ item }}
|
||||
{% endfor %}
|
|
@ -0,0 +1,213 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment }}
|
||||
GITEA__RUN_MODE=prod
|
||||
|
||||
GITEA__repository__FORCE_PRIVATE={{ gitea_repository_force_private | bool | lower }}
|
||||
GITEA__repository__DEFAULT_PRIVATE={{ gitea_repository_default_private }}
|
||||
GITEA__repository__MAX_CREATION_LIMIT={{ gitea_repository_creation_limit }}
|
||||
GITEA__repository__PREFERRED_LICENSES={{ gitea_repository_default_license | join(",") }}
|
||||
GITEA__repository__DISABLE_HTTP_GIT={{ "false" if gitea_repository_http_enabled | bool else "true" }}
|
||||
{% if gitea_repository_access_control_allow_origin is defined and gitea_repository_access_control_allow_origin %}
|
||||
GITEA__repository__ACCESS_CONTROL_ALLOW_ORIGIN={{ gitea_repository_access_control_allow_origin }}
|
||||
{% endif %}
|
||||
GITEA__repository__USE_COMPAT_SSH_URI={{ gitea_repository_use_compat_ssh_uri | bool | lower }}
|
||||
GITEA__repository__ENABLE_PUSH_CREATE_USER={{ gitea_repository_push_create_user_enabled | bool | lower }}
|
||||
GITEA__repository__ENABLE_PUSH_CREATE_ORG={{ gitea_repository_push_create_org_enabled | bool | lower }}
|
||||
GITEA__repository__DEFAULT_REPO_UNITS={{ gitea_repository_default_repo_units | join(",") }}
|
||||
GITEA__repository__DEFAULT_BRANCH={{ gitea_repository_default_branch }}
|
||||
|
||||
GITEA__repository_0X2E_editor__LINE_WRAP_EXTENSIONS={{ gitea_repository_editor_line_wrap_ext | join(",") }}
|
||||
GITEA__repository_0X2E_editor__PREVIEWABLE_FILE_MODES=markdown
|
||||
|
||||
{% if gitea_repository_upload_enabled | bool %}
|
||||
GITEA__repository_0X2E_upload__ENABLED=true
|
||||
{% if gitea_repository_upload_allowed_types %}
|
||||
GITEA__repository_0X2E_upload__ALLOWED_TYPES={{ gitea_repository_upload_allowed_types | join(",") }}
|
||||
{% endif %}
|
||||
GITEA__repository_0X2E_upload__FILE_MAX_SIZE={{ gitea_repository_upload_max_filesize }}
|
||||
GITEA__repository_0X2E_upload__MAX_FILES={{ gitea_repository_upload_max_files }}
|
||||
{% else %}
|
||||
GITEA__repository_0X2E_upload__ENABLED=false
|
||||
{% endif %}
|
||||
|
||||
GITEA__repository_0X2E_pull_0X2D_request__WORK_IN_PROGRESS_PREFIXES={{ gitea_repository_pr_wip_prefix | join(",") }}
|
||||
GITEA__repository_0X2E_pull_0X2D_request__CLOSE_KEYWORDS={{ gitea_repository_pr_close_keyword | join(",") }}
|
||||
GITEA__repository_0X2E_pull_0X2D_request__REOPEN_KEYWORDS={{ gitea_repository_pr_reopen_keyword | join(",") }}
|
||||
|
||||
GITEA__repository_0X2E_issue__LOCK_REASONS={{ gitea_repository_issue_lock_reason | join(",") }}
|
||||
|
||||
GITEA__ui__EXPLORE_PAGING_NUM={{ gitea_ui_explore_paging_num }}
|
||||
GITEA__ui__ISSUE_PAGING_NUM={{ gitea_ui_issue_paging_num }}
|
||||
GITEA__ui__FEED_MAX_COMMIT_NUM={{ gitea_ui_feed_commit_num }}
|
||||
GITEA__ui__GRAPH_MAX_COMMIT_NUM={{ gitea_ui_graph_commit_num }}
|
||||
GITEA__ui__CODE_COMMENT_LINES={{ gitea_ui_code_comment_lines }}
|
||||
GITEA__ui__SHOW_USER_EMAIL={{ gitea_ui_show_user_email | bool | lower }}
|
||||
GITEA__ui__REACTIONS={{ gitea_ui_reaction | join(",") }}
|
||||
GITEA__ui__DEFAULT_SHOW_FULL_NAME={{ gitea_ui_show_full_name | bool | lower }}
|
||||
GITEA__ui__SEARCH_REPO_DESCRIPTION={{ gitea_ui_search_repo_description | bool | lower }}
|
||||
|
||||
GITEA__ui_0X2E_admin__USER_PAGING_NUM={{ gitea_ui_admin_user_paging_num }}
|
||||
GITEA__ui_0X2E_admin__REPO_PAGING_NUM={{ gitea_ui_admin_repo_paging_num }}
|
||||
GITEA__ui_0X2E_admin__NOTICE_PAGING_NUM={{ gitea_ui_admin_notice_paging_num }}
|
||||
GITEA__ui_0X2E_admin__ORG_PAGING_NUM={{ gitea_ui_admin_org_paging_num }}
|
||||
|
||||
GITEA__ui_0X2E_user__REPO_PAGING_NUM={{ gitea_ui_user_repo_paging_num }}
|
||||
|
||||
GITEA__markdown__ENABLE_HARD_LINE_BREAK={{ gitea_markdown_hard_linebreak_enabled | bool | lower }}
|
||||
{% if gitea_markdown_custom_url_scheme %}
|
||||
GITEA__markdown__CUSTOM_URL_SCHEMES={{ gitea_markdown_custom_url_scheme | join(",") }}
|
||||
{% endif %}
|
||||
GITEA__markdown__FILE_EXTENSIONS={{ gitea_markdown_file_ext | join(",") }}
|
||||
|
||||
GITEA__server__DOMAIN={{ gitea_url | urlsplit("hostname") }}
|
||||
GITEA__server__ROOT_URL={{ gitea_url }}
|
||||
GITEA__server__DISABLE_SSH={{ "false" if gitea_ssh_enabled | bool else "true" }}
|
||||
GITEA__server__START_SSH_SERVER=true
|
||||
GITEA__server__MINIMUM_KEY_SIZE_CHECK={{ gitea_minimum_keysize_check | bool | lower }}
|
||||
GITEA__server__OFFLINE_MODE={{ gitea_offline_mode | bool | lower }}
|
||||
GITEA__server__LANDING_PAGE={{ gitea_landing_page }}
|
||||
{% if gitea_lfs_enabled | bool %}
|
||||
GITEA__server__LFS_START_SERVER=true
|
||||
GITEA__server__LFS_JWT_SECRET={{ gitea_lfs_jwt_secret }}
|
||||
GITEA__server__LFS_HTTP_AUTH_EXPIRY=20m
|
||||
{% else %}
|
||||
GITEA__server__LFS_START_SERVER=false
|
||||
{% endif %}
|
||||
|
||||
{% for key in gitea_minimum_keysize %}
|
||||
GITEA__ssh_0X2E_minimum_key_sizes__{{ key.name | upper }}={{ key.size }}
|
||||
{% endfor %}
|
||||
|
||||
{% if gitea_db_type == "pgsql" %}
|
||||
GITEA__database__DB_TYPE=postgres
|
||||
GITEA__database__HOST={{ gitea_db_server }}:{{ gitea_db_port }}
|
||||
GITEA__database__NAME={{ gitea_db_name }}
|
||||
GITEA__database__USER={{ gitea_db_user }}
|
||||
GITEA__database__PASSWD={{ gitea_db_password }}
|
||||
GITEA__database__SSL_MODE={{ gitea_db_ssl_mode }}
|
||||
{% elif gitea_db_type == "sqlite" %}
|
||||
GITEA__database__DB_TYPE=sqlite3
|
||||
GITEA__database__SQLITE_TIMEOUT=500
|
||||
{% endif %}
|
||||
|
||||
GITEA__admin__DISABLE_REGULAR_ORG_CREATION={{ "false" if gitea_org_creation_enabled | bool else "true" }}
|
||||
GITEA__admin__DEFAULT_EMAIL_NOTIFICATIONS={{ gitea_default_email_notification }}
|
||||
|
||||
GITEA__webhook__QUEUE_LENGTH=1000
|
||||
GITEA__webhook__DELIVER_TIMEOUT=5
|
||||
GITEA__webhook__ALLOWED_HOST_LIST={{ gitea_webhook_allowed_host_list | join(",") }}
|
||||
GITEA__webhook__SKIP_TLS_VERIFY=false
|
||||
|
||||
GITEA__security__INSTALL_LOCK={{ gitea_install_lock | bool | lower }}
|
||||
GITEA__security__SECRET_KEY={{ gitea_secret }}
|
||||
GITEA__security__LOGIN_REMEMBER_DAYS={{ gitea_login_remember_days }}
|
||||
GITEA__security__MIN_PASSWORD_LENGTH={{ gitea_password_min_lenght }}
|
||||
GITEA__security__DISABLE_GIT_HOOKS={{ "false" if gitea_git_hooks_enabled | bool else "true" }}
|
||||
GITEA__security__PASSWORD_COMPLEXITY={{ gitea_password_complexity | join(",") }}
|
||||
GITEA__security__PASSWORD_HASH_ALGO=pbkdf2
|
||||
GITEA__security__INTERNAL_TOKEN={{ gitea_token }}
|
||||
|
||||
GITEA__service__REGISTER_EMAIL_CONFIRM={{ gitea_registration_email_confirm | bool | lower }}
|
||||
{% if gitea_registration_email_domain_whitelist is defined and gitea_registration_email_domain_whitelist %}
|
||||
GITEA__service__EMAIL_DOMAIN_WHITELIST= {{ gitea_registration_email_domain_whitelist | join(",") }}
|
||||
{% endif %}
|
||||
GITEA__service__DISABLE_REGISTRATION={{ "false" if gitea_registration_enabled | bool else "true" }}
|
||||
GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION={{ gitea_registration_allow_external_only | bool | lower }}
|
||||
GITEA__service__REQUIRE_SIGNIN_VIEW=false
|
||||
{% if gitea_mail_service_enabled | bool %}
|
||||
GITEA__service__ENABLE_NOTIFY_MAIL=true
|
||||
{% endif %}
|
||||
GITEA__service__ENABLE_BASIC_AUTHENTICATION=true
|
||||
GITEA__service__ALLOW_CROSS_REPOSITORY_DEPENDENCIES=true
|
||||
GITEA__service__ENABLE_USER_HEATMAP=true
|
||||
GITEA__service__ENABLE_TIMETRACKING=true
|
||||
GITEA__service__NO_REPLY_ADDRESS={{ gitea_no_reply_address }}
|
||||
GITEA__service__SHOW_REGISTRATION_BUTTON={{ gitea_registration_button_enabled | bool | lower }}
|
||||
GITEA__service__SHOW_MILESTONES_DASHBOARD_PAGE=true
|
||||
GITEA__service__AUTO_WATCH_NEW_REPOS={{ gitea_repository_auto_watch_on_creation | bool | lower }}
|
||||
GITEA__service__AUTO_WATCH_ON_CHANGES={{ gitea_repository_auto_watch_on_change | bool | lower }}
|
||||
GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE={{ gitea_default_keep_email_private | bool | lower }}
|
||||
GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION={{ gitea_default_org_allow_creation | bool | lower }}
|
||||
GITEA__service__DEFAULT_ORG_VISIBILITY={{ gitea_default_org_visible }}
|
||||
GITEA__service__DEFAULT_ORG_MEMBER_VISIBLE={{ gitea_default_org_member_visible | bool | lower }}
|
||||
GITEA__service__DEFAULT_ENABLE_DEPENDENCIES={{ gitea_default_dependencies_enabled | bool | lower }}
|
||||
GITEA__service__DEFAULT_ENABLE_TIMETRACKING={{ gitea_default_timetracking_enabled | bool | lower }}
|
||||
GITEA__service__DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME=true
|
||||
|
||||
{% if gitea_mail_service_enabled | bool %}
|
||||
GITEA__mailer__ENABLED=true
|
||||
{% if gitea_mail_subject_prefix is defined and gitea_mail_subject_prefix %}
|
||||
GITEA__mailer__SUBJECT_PREFIX={{ gitea_mail_subject_prefix }}
|
||||
{% endif %}
|
||||
GITEA__mailer__FROM={{ gitea_mail_service_from }}
|
||||
GITEA__mailer__PROTOCOL=sendmail
|
||||
GITEA__mailer__SENDMAIL_PATH=/usr/sbin/sendmail
|
||||
{% else %}
|
||||
GITEA__mailer__ENABLED=false
|
||||
{% endif %}
|
||||
|
||||
GITEA__session__PROVIDER={{ gitea_session_provider }}
|
||||
GITEA__session__PROVIDER_CONFIG={{ gitea_session_provider_config }}
|
||||
GITEA__session__COOKIE_NAME={{ gitea_session_cookie_name }}
|
||||
GITEA__session__COOKIE_SECURE={{ gitea_session_cookie_secure | bool | lower }}
|
||||
GITEA__session__ENABLE_SET_COOKIE={{ gitea_session_enable_set_cookie | bool | lower }}
|
||||
GITEA__session__GC_INTERVAL_TIME={{ gitea_session_session_life_time }}
|
||||
GITEA__session__SESSION_LIFE_TIME={{ gitea_session_session_life_time }}
|
||||
|
||||
GITEA__picture__REPOSITORY_AVATAR_FALLBACK=none
|
||||
GITEA__picture__DISABLE_GRAVATAR={{ "false" if gitea_gravatar_enabled | bool else "true" }}
|
||||
GITEA__picture__GRAVATAR_SOURCE={{ gitea_gravatar_source }}
|
||||
GITEA__picture__ENABLE_FEDERATED_AVATAR={{ gitea_avatar_federation_enabled | bool | lower }}
|
||||
|
||||
{% if gitea_attachment_enabled | bool %}
|
||||
GITEA__attachment__ENABLE=true
|
||||
GITEA__attachment__ALLOWED_TYPES={{ gitea_attachment_allowed_types | join("|") }}
|
||||
GITEA__attachment__MAX_SIZE={{ gitea_attachment_max_filesize }}
|
||||
GITEA__attachment__MAX_FILES={{ gitea_attachment_max_files }}
|
||||
{% else %}
|
||||
GITEA__attachment__ENABLE=false
|
||||
{% endif %}
|
||||
|
||||
GITEA__log__logger_0X2E_xorm_0X2E_MODE=
|
||||
GITEA__log__logger_0X2E_router_0X2E_MODE=
|
||||
|
||||
#GITEA__log__MODE=file
|
||||
#GITEA__log__REDIRECT_MACARON_LOG=true
|
||||
#GITEA__log__MACARON=file
|
||||
#GITEA__log__ROUTER_LOG_LEVEL=Info
|
||||
#GITEA__log__logger_0X2E_router_0X2E_MODE=file
|
||||
#{% raw %}
|
||||
#GITEA__log__ACCESS_LOG_TEMPLATE={{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
|
||||
#{% endraw %}
|
||||
#GITEA__log__logger_0X2E_access_0X2E_MODE=file
|
||||
#GITEA__log__LEVEL={{ gitea_log_level }}
|
||||
#GITEA__log__STACKTRACE_LEVEL=None
|
||||
|
||||
GITEA__mirror__DEFAULT_INTERVAL={{ gitea_mirror_default_interval }}
|
||||
GITEA__mirror__MIN_INTERVAL={{ gitea_mirror_min_interval }}
|
||||
|
||||
GITEA__api__ENABLE_SWAGGER={{ gitea_api_swagger_enabled | bool | lower }}
|
||||
GITEA__api__MAX_RESPONSE_ITEMS=50
|
||||
GITEA__api__DEFAULT_PAGING_NUM={{ gitea_api_default_paging_num }}
|
||||
GITEA__api__DEFAULT_GIT_TREES_PER_PAGE={{ gitea_api_default_git_trees_per_page }}
|
||||
GITEA__api__DEFAULT_MAX_BLOB_SIZE=10485760
|
||||
|
||||
{% if gitea_oauth_provider_enabled | bool %}
|
||||
GITEA__oauth2__ENABLE=true
|
||||
GITEA__oauth2__ACCESS_TOKEN_EXPIRATION_TIME={{ gitea_access_token_expiration_time }}
|
||||
GITEA__oauth2__REFRESH_TOKEN_EXPIRATION_TIME={{ gitea_refresh_token_expiration_time }}
|
||||
GITEA__oauth2__INVALIDATE_REFRESH_TOKENS={{ gitea_invalidate_refresh_tokens | bool | lower }}
|
||||
GITEA__oauth2__JWT_SIGNING_ALGORITHM={{ gitea_jwt_signing_algorithm }}
|
||||
GITEA__oauth2__JWT_SECRET={{ gitea_jwt_secret }}
|
||||
{% else %}
|
||||
GITEA__oauth2__ENABLE=false
|
||||
{% endif %}
|
||||
|
||||
GITEA__other__SHOW_FOOTER_BRANDING={{ gitea_footer_show_branding | bool | lower }}
|
||||
GITEA__other__SHOW_FOOTER_VERSION={{ gitea_footer_show_version | bool | lower }}
|
||||
GITEA__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME={{ gitea_footer_show_template_load_time | bool | lower }}
|
||||
|
||||
GITEA__metrics__ENABLED={{ gitea_metrics_enabled | bool | lower }}
|
||||
{% if gitea_metrics_token is defined and gitea_metrics_token %}
|
||||
GITEA__metrics__TOKEN={{ gitea_metrics_token }}
|
||||
{% endif %}
|
|
@ -0,0 +1,19 @@
|
|||
#jinja2: lstrip_blocks: True
|
||||
{{ ansible_managed | comment }}
|
||||
[Network]
|
||||
{% if gitea_network_ipv4_subnet is defined %}
|
||||
Subnet={{ gitea_network_ipv4_subnet }}
|
||||
{% endif %}
|
||||
{% if gitea_network_ipv4_gateway is defined %}
|
||||
Gateway={{ gitea_network_ipv4_gateway }}
|
||||
{% endif %}
|
||||
IPv6={{ gitea_network_ipv6_enabled | bool | lower }}
|
||||
{% if gitea_network_ipv6_enabled | bool %}
|
||||
{% if gitea_network_ipv6_subnet is defined %}
|
||||
Subnet={{ gitea_network_ipv6_subnet }}
|
||||
{% endif %}
|
||||
{% if gitea_network_ipv6_gateway is defined %}
|
||||
Gateway={{ gitea_network_ipv6_gateway }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
Label=app=gitea
|
|
@ -1,20 +0,0 @@
|
|||
{{ ansible_managed | comment }}
|
||||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment=USER={{ gitea_user }}
|
||||
Environment=HOME={{ gitea_user_home }}
|
||||
Environment=GITEA_WORK_DIR={{ gitea_base_dir }}
|
||||
User={{ gitea_user }}
|
||||
Group={{ gitea_group }}
|
||||
WorkingDirectory={{ gitea_base_dir }}
|
||||
ExecStart={{ gitea_base_dir }}/gitea-latest web -c {{ gitea_config_dir }}/app.ini -P {{ gitea_run_dir }}/gitea.pid
|
||||
Restart=on-failure
|
||||
PrivateTmp=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue