refactoring and renovation

2019-07-19 09:55:47 +02:00 · 2019-07-19 09:55:47 +02:00 · fb66ff1d29
commit fb66ff1d29
parent 5024a136fb
4 changed files with 124 additions and 55 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -8,7 +8,7 @@ gitea_extra_groups: []
 gitea_packages:
  - git

-# Create separate LVM storage for gitea
+## Create separate LVM storage for gitea
 gitea_lvm_enabled: False
 # This variables are only necessary if gitea_lvm_enabled is 'True'
 # Set physical volumes to use in LVM
@ -28,6 +28,7 @@ gitea_bind_port: 61000
 gitea_listen_address: http://gitea.example.com

 gitea_install_lock: true
+## Change this to a unique string
 gitea_secret: "1234567ABCDEFG"
 gitea_token: "akslkaldasasifiuvsiasfa7s7f8as7f8asd"
 gitea_run_mode: prod
@ -90,6 +91,15 @@ gitea_attachment_max_files: 5

 gitea_mail_service_enabled: False
 gitea_mail_service_from: '"System" <systemmail@example.com>'
+gitea_no_reply_address: noreply.example.org
+
+gitea_oauth_provider_enabled: False
+gitea_access_token_expiration_time: 3600
+gitea_refresh_token_expiration_time: 730
+gitea_invalidate_refresh_tokens: False
+## OAuth2 authentication secret for access and refresh tokens
+## Change this to a unique string
+gitea_jwt_secret: Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU

 gitea_tls_enabled: False
 gitea_tls_cert_path: "{{ gitea_base_dir }}/tls/certs/mycert.pem"
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -65,6 +65,6 @@
      with_items: "{{ gitea_open_ports }}"
      loop_control:
        label: "{{ item.name }}"
-      when: gitea_iptables_enabled
+      when: gitea_iptables_enabled | bool
  become: True
  become_user: root
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,9 +1,9 @@
 ---
 - include_tasks: prepare.yml
 - import_tasks: storage.yml
-  when: gitea_lvm_enabled
+  when: gitea_lvm_enabled | bool
 - include_tasks: install.yml
 - import_tasks: tls.yml
-  when: gitea_tls_enabled
+  when: gitea_tls_enabled | bool
  tags: tls_renewal
 - include_tasks: post_tasks.yml
--- a/templates/custom/conf/app.ini.j2
+++ b/templates/custom/conf/app.ini.j2
@ -1,16 +1,24 @@
 #jinja2: lstrip_blocks: True
-; {{ ansible_managed }}
+{{ ansible_managed | comment }}
+
 APP_NAME = Gitea: Git with a cup of tea
 RUN_USER = {{ gitea_user }}
 RUN_MODE = {{ gitea_run_mode }}

 [repository]
-ROOT               = {{ gitea_data_dir }}/repos
-SCRIPT_TYPE        = bash
-FORCE_PRIVATE      = false
-DEFAULT_PRIVATE    = last
-DISABLE_HTTP_GIT   = false
-PREFERRED_LICENSES = MIT License
+ROOT                                           = {{ gitea_data_dir }}/repos
+SCRIPT_TYPE                                    = bash
+ANSI_CHARSET                                   =
+FORCE_PRIVATE                                  = false
+DEFAULT_PRIVATE                                = public
+MAX_CREATION_LIMIT                             = -1
+MIRROR_QUEUE_LENGTH                            = 1000
+PULL_REQUEST_QUEUE_LENGTH                      = 1000
+DISABLE_HTTP_GIT                               = false
+PREFERRED_LICENSES                             = MIT License
+ACCESS_CONTROL_ALLOW_ORIGIN                    =
+USE_COMPAT_SSH_URI                             = false
+DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false

 [repository.editor]
 LINE_WRAP_EXTENSIONS   = .txt,.md,.markdown,.mdown,.mkd,
@ -18,51 +26,49 @@ PREVIEWABLE_FILE_MODES = markdown

 [repository.local]
 LOCAL_COPY_PATH = tmp/local-repo
+LOCAL_WIKI_PATH = tmp/local-wiki

 [repository.upload]
 ENABLED       = true
 TEMP_PATH     = tmp/uploads
+ALLOWED_TYPES =
 FILE_MAX_SIZE = {{ gitea_repository_upload_max_filesize }}
 MAX_FILES     = {{ gitea_repository_upload_max_files }}

 [repository.pull-request]
 WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]

-[attachment]
-ENABLE        = true
-PATH          = data/attachments
-ALLOWED_TYPES = */*
-MAX_SIZE      = {{ gitea_attachment_max_filesize }}
-MAX_FILES     = {{ gitea_attachment_max_files }}
+[repository.issue]
+LOCK_REASONS = Too heated,Off-topic,Resolved,Spam

 [ui]
-EXPLORE_PAGING_NUM    = 20
-ISSUE_PAGING_NUM      = 10
-FEED_MAX_COMMIT_NUM   = 5
-MAX_DISPLAY_FILE_SIZE = 8388608
-SHOW_USER_EMAIL       = true
-GRAPH_MAX_COMMIT_NUM  = 100
-CODE_COMMENT_LINES    = 4
-DEFAULT_THEME         = gitea
-ENABLE_CAPTCHA        = false
-ENABLE_TIMETRACKING   = true
+EXPLORE_PAGING_NUM     = 20
+ISSUE_PAGING_NUM       = 10
+FEED_MAX_COMMIT_NUM    = 5
+MAX_DISPLAY_FILE_SIZE  = 8388608
+SHOW_USER_EMAIL        = true
+GRAPH_MAX_COMMIT_NUM   = 100
+CODE_COMMENT_LINES     = 4
+DEFAULT_THEME          = gitea
+DEFAULT_SHOW_FULL_NAME = false

 [ui.admin]
 USER_PAGING_NUM   = 50
 REPO_PAGING_NUM   = 50
 NOTICE_PAGING_NUM = 25
 ORG_PAGING_NUM    = 50
-ENABLE_PPROF      = false

 [ui.user]
 REPO_PAGING_NUM = 15

-[api]
-ENABLE_SWAGGER     = true
-MAX_RESPONSE_ITEMS = 50
+[ui.meta]
+AUTHOR      = Gitea - Git with a cup of tea
+DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go
+KEYWORDS    = go,git,self-hosted,gitea

 [markdown]
 ENABLE_HARD_LINE_BREAK = false
+CUSTOM_URL_SCHEMES     =
 FILE_EXTENSIONS        = .md,.markdown,.mdown,.mkd

 [server]
@ -71,55 +77,82 @@ DOMAIN                 = {{ gitea_listen_address | urlsplit('hostname') }}
 ROOT_URL               = {{ gitea_listen_address | urlsplit('scheme') }}://%(DOMAIN)s/
 HTTP_ADDR              = {{ gitea_bind_ip }}
 HTTP_PORT              = {{ gitea_bind_port }}
+REDIRECT_OTHER_PORT    = false
 {% if gitea_tls_enabled %}
-CERT_FILE = {{ gitea_tls_cert_path }}
-KEY_FILE = {{ gitea_tls_key_path }}
+CERT_FILE              = {{ gitea_tls_cert_path }}
+KEY_FILE               = {{ gitea_tls_key_path }}
 {% endif %}
 UNIX_SOCKET_PERMISSION = 666
 LANDING_PAGE           = {{ gitea_landing_page }}
 START_SSH_SERVER       = false
+MINIMUM_KEY_SIZE_CHECK = true
+OFFLINE_MODE           = false
+ENABLE_PPROF           = false

 [ssh.minimum_key_sizes]
 ED25519 = 256
 ECDSA   = 256
 RSA     = 2048
-DSA     = 1024

 [database]
 {% if gitea_postgres_enabled %}
-DB_TYPE  = postgres
-HOST     = {{ gitea_postgres_server }}:{{ gitea_postgres_port }}
-NAME     = {{ gitea_postgres_db.name }}
-USER     = {{ gitea_postgres_user.name }}
-PASSWD   = {{ gitea_postgres_user.password }}
-SSL_MODE = {{ gitea_postgres_ssl_mode }}
+DB_TYPE             = postgres
+HOST                = {{ gitea_postgres_server }}:{{ gitea_postgres_port }}
+NAME                = {{ gitea_postgres_db.name }}
+USER                = {{ gitea_postgres_user.name }}
+PASSWD              = {{ gitea_postgres_user.password }}
+SSL_MODE            = {{ gitea_postgres_ssl_mode }}
+{% else %}
+DB_TYPE             = sqlite3
+PATH                = {{ gitea_data_dir }}/gitea.db
+SQLITE_TIMEOUT      = 500
 {% endif %}
+ITERATE_BUFFER_SIZE = 50
+LOG_SQL             = true
+DB_RETRIES          = 10
+DB_RETRY_BACKOFF    = 3s

 [indexer]
-ISSUE_INDEXER_PATH   = {{ gitea_data_dir }}/indexers/issues.bleve
-REPO_INDEXER_PATH    = {{ gitea_data_dir }}/indexers/repos.bleve
-REPO_INDEXER_ENABLED = true
+ISSUE_INDEXER_TYPE       = bleve
+ISSUE_INDEXER_QUEUE_TYPE = levelqueue
+ISSUE_INDEXER_PATH       = {{ gitea_data_dir }}/indexers/issues.bleve
+REPO_INDEXER_PATH        = {{ gitea_data_dir }}/indexers/repos.bleve
+ISSUE_INDEXER_QUEUE_DIR  = {{ gitea_data_dir }}/issues.queue
+REPO_INDEXER_ENABLED     = true
+
+[admin]
+DISABLE_REGULAR_ORG_CREATION = false

 [security]
-INSTALL_LOCK        = {{ gitea_install_lock }}
-SECRET_KEY          = {{ gitea_secret }}
-INTERNAL_TOKEN      = {{ gitea_token }}
-MIN_PASSWORD_LENGTH = 8
-DISABLE_GIT_HOOKS   = false
+INSTALL_LOCK         = {{ gitea_install_lock }}
+SECRET_KEY           = {{ gitea_secret }}
+LOGIN_REMEMBER_DAYS  = 7
+COOKIE_USERNAME      = gitea_awesome
+COOKIE_REMEMBER_NAME = gitea_incredible
+INTERNAL_TOKEN       = {{ gitea_token }}
+MIN_PASSWORD_LENGTH  = 8
+DISABLE_GIT_HOOKS    = false

 [service]
 DISABLE_REGISTRATION       = {{ gitea_disable_registration }}
-DEFAULT_KEEP_EMAIL_PRIVATE = false
-ENABLE_TIMETRACKING        = true
 {% if gitea_mail_service_enabled %}
 ENABLE_NOTIFY_MAIL         = true
+{% endif %}
 ENABLE_USER_HEATMAP        = true
+ENABLE_CAPTCHA             = false
+ENABLE_TIMETRACKING        = true
+AUTO_WATCH_NEW_REPOS       = false
+DEFAULT_KEEP_EMAIL_PRIVATE = false
+NO_REPLY_ADDRESS           = "{{ gitea_no_reply_address }}"

+{% if gitea_mail_service_enabled %}
 [mailer]
 ENABLED       = true
+SUBJECT       = %(APP_NAME)s
 FROM          = {{ gitea_mail_service_from }}
-USE_SENDMAIL  = true
+MAILER_TYPE   = sendmail
 SENDMAIL_PATH = /usr/sbin/sendmail
+SENDMAIL_ARGS =
 {% else %}
 [mailer]
 ENABLED = false
@ -130,11 +163,19 @@ AVATAR_UPLOAD_PATH      = {{ gitea_data_dir }}/avatars
 DISABLE_GRAVATAR        = true
 ENABLE_FEDERATED_AVATAR = false

+[attachment]
+ENABLE        = true
+PATH          = {{ gitea_data_dir }}/attachments
+ALLOWED_TYPES = */*
+MAX_SIZE      = {{ gitea_attachment_max_filesize }}
+MAX_FILES     = {{ gitea_attachment_max_files }}
+
 [log]
-ROOT_PATH  = {{ gitea_global_log_dir }}
-MODE       = file
-BUFFER_LEN = 10000
-LEVEL      = {{ gitea_global_log_level }}
+ROOT_PATH            = {{ gitea_global_log_dir }}
+MODE                 = file
+BUFFER_LEN           = 10000
+LEVEL                = {{ gitea_global_log_level }}
+REDIRECT_MACARON_LOG = false

 [log.file]
 LEVEL          = {{ gitea_file_log_level }}
@ -169,6 +210,12 @@ RUN_AT_START    = true
 SCHEDULE        = @every 24h
 UPDATE_EXISTING = true

+[api]
+ENABLE_SWAGGER             = true
+MAX_RESPONSE_ITEMS         = 50
+DEFAULT_PAGING_NUM         = 30
+DEFAULT_GIT_TREES_PER_PAGE = 1000
+
 [other]
 SHOW_FOOTER_BRANDING           = false
 SHOW_FOOTER_VERSION            = false
@ -177,3 +224,15 @@ SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
 [metrics]
 ENABLED = false
 TOKEN   =
+
+{% if gitea_oauth_provider_enabled %}
+[oauth2]
+ENABLE                        = true
+ACCESS_TOKEN_EXPIRATION_TIME  = {{ gitea_access_token_expiration_time }}
+REFRESH_TOKEN_EXPIRATION_TIME = {{ gitea_refresh_token_expiration_time }}
+INVALIDATE_REFRESH_TOKENS     = {{ gitea_invalidate_refresh_tokens | lower }}
+JWT_SECRET                    = {{ gitea_jwt_secret }}
+{% else %}
+[oauth2]
+ENABLE = false
+{% endif %}