refactoring and renovation

defaults/main.yml

@@ -8,7 +8,7 @@ gitea_extra_groups: []
 gitea_packages:
   - git
 
-# Create separate LVM storage for gitea
+## Create separate LVM storage for gitea
 gitea_lvm_enabled: False
 # This variables are only necessary if gitea_lvm_enabled is 'True'
 # Set physical volumes to use in LVM
@@ -28,6 +28,7 @@ gitea_bind_port: 61000
 gitea_listen_address: http://gitea.example.com
 
 gitea_install_lock: true
+## Change this to a unique string
 gitea_secret: "1234567ABCDEFG"
 gitea_token: "akslkaldasasifiuvsiasfa7s7f8as7f8asd"
 gitea_run_mode: prod
@@ -90,6 +91,15 @@ gitea_attachment_max_files: 5
 
 gitea_mail_service_enabled: False
 gitea_mail_service_from: '"System" <systemmail@example.com>'
+gitea_no_reply_address: noreply.example.org
+
+gitea_oauth_provider_enabled: False
+gitea_access_token_expiration_time: 3600
+gitea_refresh_token_expiration_time: 730
+gitea_invalidate_refresh_tokens: False
+## OAuth2 authentication secret for access and refresh tokens
+## Change this to a unique string
+gitea_jwt_secret: Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU
 
 gitea_tls_enabled: False
 gitea_tls_cert_path: "{{ gitea_base_dir }}/tls/certs/mycert.pem"

tasks/install.yml

@@ -65,6 +65,6 @@
       with_items: "{{ gitea_open_ports }}"
       loop_control:
         label: "{{ item.name }}"
-      when: gitea_iptables_enabled
+      when: gitea_iptables_enabled | bool
   become: True
   become_user: root

tasks/main.yml

@@ -1,9 +1,9 @@
 ---
 - include_tasks: prepare.yml
 - import_tasks: storage.yml
-  when: gitea_lvm_enabled
+  when: gitea_lvm_enabled | bool
 - include_tasks: install.yml
 - import_tasks: tls.yml
-  when: gitea_tls_enabled
+  when: gitea_tls_enabled | bool
   tags: tls_renewal
 - include_tasks: post_tasks.yml

templates/custom/conf/app.ini.j2

@@ -1,16 +1,24 @@
 #jinja2: lstrip_blocks: True
-; {{ ansible_managed }}
+{{ ansible_managed | comment }}
+
 APP_NAME = Gitea: Git with a cup of tea
 RUN_USER = {{ gitea_user }}
 RUN_MODE = {{ gitea_run_mode }}
 
 [repository]
-ROOT               = {{ gitea_data_dir }}/repos
+ROOT                                           = {{ gitea_data_dir }}/repos
-SCRIPT_TYPE        = bash
+SCRIPT_TYPE                                    = bash
-FORCE_PRIVATE      = false
+ANSI_CHARSET                                   =
-DEFAULT_PRIVATE    = last
+FORCE_PRIVATE                                  = false
-DISABLE_HTTP_GIT   = false
+DEFAULT_PRIVATE                                = public
-PREFERRED_LICENSES = MIT License
+MAX_CREATION_LIMIT                             = -1
+MIRROR_QUEUE_LENGTH                            = 1000
+PULL_REQUEST_QUEUE_LENGTH                      = 1000
+DISABLE_HTTP_GIT                               = false
+PREFERRED_LICENSES                             = MIT License
+ACCESS_CONTROL_ALLOW_ORIGIN                    =
+USE_COMPAT_SSH_URI                             = false
+DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false
 
 [repository.editor]
 LINE_WRAP_EXTENSIONS   = .txt,.md,.markdown,.mdown,.mkd,
@@ -18,51 +26,49 @@ PREVIEWABLE_FILE_MODES = markdown
 
 [repository.local]
 LOCAL_COPY_PATH = tmp/local-repo
+LOCAL_WIKI_PATH = tmp/local-wiki
 
 [repository.upload]
 ENABLED       = true
 TEMP_PATH     = tmp/uploads
+ALLOWED_TYPES =
 FILE_MAX_SIZE = {{ gitea_repository_upload_max_filesize }}
 MAX_FILES     = {{ gitea_repository_upload_max_files }}
 
 [repository.pull-request]
 WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]
 
-[attachment]
+[repository.issue]
-ENABLE        = true
+LOCK_REASONS = Too heated,Off-topic,Resolved,Spam
-PATH          = data/attachments
-ALLOWED_TYPES = */*
-MAX_SIZE      = {{ gitea_attachment_max_filesize }}
-MAX_FILES     = {{ gitea_attachment_max_files }}
 
 [ui]
-EXPLORE_PAGING_NUM    = 20
+EXPLORE_PAGING_NUM     = 20
-ISSUE_PAGING_NUM      = 10
+ISSUE_PAGING_NUM       = 10
-FEED_MAX_COMMIT_NUM   = 5
+FEED_MAX_COMMIT_NUM    = 5
-MAX_DISPLAY_FILE_SIZE = 8388608
+MAX_DISPLAY_FILE_SIZE  = 8388608
-SHOW_USER_EMAIL       = true
+SHOW_USER_EMAIL        = true
-GRAPH_MAX_COMMIT_NUM  = 100
+GRAPH_MAX_COMMIT_NUM   = 100
-CODE_COMMENT_LINES    = 4
+CODE_COMMENT_LINES     = 4
-DEFAULT_THEME         = gitea
+DEFAULT_THEME          = gitea
-ENABLE_CAPTCHA        = false
+DEFAULT_SHOW_FULL_NAME = false
-ENABLE_TIMETRACKING   = true
 
 [ui.admin]
 USER_PAGING_NUM   = 50
 REPO_PAGING_NUM   = 50
 NOTICE_PAGING_NUM = 25
 ORG_PAGING_NUM    = 50
-ENABLE_PPROF      = false
 
 [ui.user]
 REPO_PAGING_NUM = 15
 
-[api]
+[ui.meta]
-ENABLE_SWAGGER     = true
+AUTHOR      = Gitea - Git with a cup of tea
-MAX_RESPONSE_ITEMS = 50
+DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go
+KEYWORDS    = go,git,self-hosted,gitea
 
 [markdown]
 ENABLE_HARD_LINE_BREAK = false
+CUSTOM_URL_SCHEMES     =
 FILE_EXTENSIONS        = .md,.markdown,.mdown,.mkd
 
 [server]
@@ -71,55 +77,82 @@ DOMAIN                 = {{ gitea_listen_address | urlsplit('hostname') }}
 ROOT_URL               = {{ gitea_listen_address | urlsplit('scheme') }}://%(DOMAIN)s/
 HTTP_ADDR              = {{ gitea_bind_ip }}
 HTTP_PORT              = {{ gitea_bind_port }}
+REDIRECT_OTHER_PORT    = false
 {% if gitea_tls_enabled %}
-CERT_FILE = {{ gitea_tls_cert_path }}
+CERT_FILE              = {{ gitea_tls_cert_path }}
-KEY_FILE = {{ gitea_tls_key_path }}
+KEY_FILE               = {{ gitea_tls_key_path }}
 {% endif %}
 UNIX_SOCKET_PERMISSION = 666
 LANDING_PAGE           = {{ gitea_landing_page }}
 START_SSH_SERVER       = false
+MINIMUM_KEY_SIZE_CHECK = true
+OFFLINE_MODE           = false
+ENABLE_PPROF           = false
 
 [ssh.minimum_key_sizes]
 ED25519 = 256
 ECDSA   = 256
 RSA     = 2048
-DSA     = 1024
 
 [database]
 {% if gitea_postgres_enabled %}
-DB_TYPE  = postgres
+DB_TYPE             = postgres
-HOST     = {{ gitea_postgres_server }}:{{ gitea_postgres_port }}
+HOST                = {{ gitea_postgres_server }}:{{ gitea_postgres_port }}
-NAME     = {{ gitea_postgres_db.name }}
+NAME                = {{ gitea_postgres_db.name }}
-USER     = {{ gitea_postgres_user.name }}
+USER                = {{ gitea_postgres_user.name }}
-PASSWD   = {{ gitea_postgres_user.password }}
+PASSWD              = {{ gitea_postgres_user.password }}
-SSL_MODE = {{ gitea_postgres_ssl_mode }}
+SSL_MODE            = {{ gitea_postgres_ssl_mode }}
+{% else %}
+DB_TYPE             = sqlite3
+PATH                = {{ gitea_data_dir }}/gitea.db
+SQLITE_TIMEOUT      = 500
 {% endif %}
+ITERATE_BUFFER_SIZE = 50
+LOG_SQL             = true
+DB_RETRIES          = 10
+DB_RETRY_BACKOFF    = 3s
 
 [indexer]
-ISSUE_INDEXER_PATH   = {{ gitea_data_dir }}/indexers/issues.bleve
+ISSUE_INDEXER_TYPE       = bleve
-REPO_INDEXER_PATH    = {{ gitea_data_dir }}/indexers/repos.bleve
+ISSUE_INDEXER_QUEUE_TYPE = levelqueue
-REPO_INDEXER_ENABLED = true
+ISSUE_INDEXER_PATH       = {{ gitea_data_dir }}/indexers/issues.bleve
+REPO_INDEXER_PATH        = {{ gitea_data_dir }}/indexers/repos.bleve
+ISSUE_INDEXER_QUEUE_DIR  = {{ gitea_data_dir }}/issues.queue
+REPO_INDEXER_ENABLED     = true
+
+[admin]
+DISABLE_REGULAR_ORG_CREATION = false
 
 [security]
-INSTALL_LOCK        = {{ gitea_install_lock }}
+INSTALL_LOCK         = {{ gitea_install_lock }}
-SECRET_KEY          = {{ gitea_secret }}
+SECRET_KEY           = {{ gitea_secret }}
-INTERNAL_TOKEN      = {{ gitea_token }}
+LOGIN_REMEMBER_DAYS  = 7
-MIN_PASSWORD_LENGTH = 8
+COOKIE_USERNAME      = gitea_awesome
-DISABLE_GIT_HOOKS   = false
+COOKIE_REMEMBER_NAME = gitea_incredible
+INTERNAL_TOKEN       = {{ gitea_token }}
+MIN_PASSWORD_LENGTH  = 8
+DISABLE_GIT_HOOKS    = false
 
 [service]
 DISABLE_REGISTRATION       = {{ gitea_disable_registration }}
-DEFAULT_KEEP_EMAIL_PRIVATE = false
-ENABLE_TIMETRACKING        = true
 {% if gitea_mail_service_enabled %}
 ENABLE_NOTIFY_MAIL         = true
+{% endif %}
 ENABLE_USER_HEATMAP        = true
+ENABLE_CAPTCHA             = false
+ENABLE_TIMETRACKING        = true
+AUTO_WATCH_NEW_REPOS       = false
+DEFAULT_KEEP_EMAIL_PRIVATE = false
+NO_REPLY_ADDRESS           = "{{ gitea_no_reply_address }}"
 
+{% if gitea_mail_service_enabled %}
 [mailer]
 ENABLED       = true
+SUBJECT       = %(APP_NAME)s
 FROM          = {{ gitea_mail_service_from }}
-USE_SENDMAIL  = true
+MAILER_TYPE   = sendmail
 SENDMAIL_PATH = /usr/sbin/sendmail
+SENDMAIL_ARGS =
 {% else %}
 [mailer]
 ENABLED = false
@@ -130,11 +163,19 @@ AVATAR_UPLOAD_PATH      = {{ gitea_data_dir }}/avatars
 DISABLE_GRAVATAR        = true
 ENABLE_FEDERATED_AVATAR = false
 
+[attachment]
+ENABLE        = true
+PATH          = {{ gitea_data_dir }}/attachments
+ALLOWED_TYPES = */*
+MAX_SIZE      = {{ gitea_attachment_max_filesize }}
+MAX_FILES     = {{ gitea_attachment_max_files }}
+
 [log]
-ROOT_PATH  = {{ gitea_global_log_dir }}
+ROOT_PATH            = {{ gitea_global_log_dir }}
-MODE       = file
+MODE                 = file
-BUFFER_LEN = 10000
+BUFFER_LEN           = 10000
-LEVEL      = {{ gitea_global_log_level }}
+LEVEL                = {{ gitea_global_log_level }}
+REDIRECT_MACARON_LOG = false
 
 [log.file]
 LEVEL          = {{ gitea_file_log_level }}
@@ -169,6 +210,12 @@ RUN_AT_START    = true
 SCHEDULE        = @every 24h
 UPDATE_EXISTING = true
 
+[api]
+ENABLE_SWAGGER             = true
+MAX_RESPONSE_ITEMS         = 50
+DEFAULT_PAGING_NUM         = 30
+DEFAULT_GIT_TREES_PER_PAGE = 1000
+
 [other]
 SHOW_FOOTER_BRANDING           = false
 SHOW_FOOTER_VERSION            = false
@@ -177,3 +224,15 @@ SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
 [metrics]
 ENABLED = false
 TOKEN   =
+
+{% if gitea_oauth_provider_enabled %}
+[oauth2]
+ENABLE                        = true
+ACCESS_TOKEN_EXPIRATION_TIME  = {{ gitea_access_token_expiration_time }}
+REFRESH_TOKEN_EXPIRATION_TIME = {{ gitea_refresh_token_expiration_time }}
+INVALIDATE_REFRESH_TOKENS     = {{ gitea_invalidate_refresh_tokens | lower }}
+JWT_SECRET                    = {{ gitea_jwt_secret }}
+{% else %}
+[oauth2]
+ENABLE = false
+{% endif %}