ansible
/
xoxys.gitea
1
0
Fork 0
Code Issues Pull Requests 1 Releases Activity

Compare commits

merge into: ansible:main
Branches Tags
ansible:main
ansible:podman
ansible:docs
...
pull from: ansible:docs
Branches Tags
ansible:podman
ansible:docs
ansible:main

No commits in common. "main" and "docs" have entirely different histories.
main ... docs

37 changed files with 2645 additions and 1762 deletions
Show Stats Expand all files Collapse all files

161
.drone.jsonnet
View File

@ -1,161 +0,0 @@
local PipelineLinting = {
kind: 'pipeline',
name: 'linting',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'ansible-later',
image: 'thegeeklab/ansible-later',
commands: [
'ansible-later',
],
},
{
name: 'python-format',
image: 'python:3.11',
environment: {
PY_COLORS: 1,
},
commands: [
'pip install -qq yapf',
'[ -z "$(find . -type f -name *.py)" ] || (yapf -rd ./)',
],
},
{
name: 'python-flake8',
image: 'python:3.11',
environment: {
PY_COLORS: 1,
},
commands: [
'pip install -qq flake8',
'flake8',
],
},
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineDeployment(scenario='centos7') = {
kind: 'pipeline',
name: 'testing-' + scenario,
platform: {
os: 'linux',
arch: 'amd64',
},
concurrency: {
limit: 1,
},
workspace: {
base: '/drone/src',
path: '${DRONE_REPO_NAME}',
},
steps: [
{
name: 'ansible-molecule',
image: 'thegeeklab/molecule:4',
environment: {
HCLOUD_TOKEN: { from_secret: 'hcloud_token' },
},
commands: [
'molecule test -s ' + scenario,
],
},
],
depends_on: [
'linting',
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineDocumentation = {
kind: 'pipeline',
name: 'documentation',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'generate',
image: 'thegeeklab/ansible-doctor',
environment: {
ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO',
ANSIBLE_DOCTOR_FORCE_OVERWRITE: true,
ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/',
ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book',
ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}',
ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/',
},
},
{
name: 'publish',
image: 'plugins/gh-pages',
settings: {
remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}',
netrc_machine: 'gitea.rknet.org',
username: { from_secret: 'gitea_username' },
password: { from_secret: 'gitea_token' },
pages_directory: '_docs/',
target_branch: 'docs',
},
when: {
ref: ['refs/heads/main'],
},
},
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
depends_on: [
'testing-centos7',
'testing-rocky8',
],
};
local PipelineNotification = {
kind: 'pipeline',
name: 'notification',
platform: {
os: 'linux',
arch: 'amd64',
},
clone: {
disable: true,
},
steps: [
{
name: 'matrix',
image: 'thegeeklab/drone-matrix',
settings: {
homeserver: { from_secret: 'matrix_homeserver' },
roomid: { from_secret: 'matrix_roomid' },
template: 'Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}',
username: { from_secret: 'matrix_username' },
password: { from_secret: 'matrix_password' },
},
},
],
depends_on: [
'documentation',
],
trigger: {
status: ['success', 'failure'],
ref: ['refs/heads/main', 'refs/tags/**'],
},
};
[
PipelineLinting,
PipelineDeployment(scenario='centos7'),
PipelineDeployment(scenario='rocky8'),
PipelineDocumentation,
PipelineNotification,
]

187
.drone.yml
View File

@ -1,187 +0,0 @@
---
kind: pipeline
name: linting
platform:
os: linux
arch: amd64
steps:
- name: ansible-later
image: thegeeklab/ansible-later
commands:
- ansible-later
- name: python-format
image: python:3.11
commands:
- pip install -qq yapf
- "[ -z \"$(find . -type f -name *.py)\" ] || (yapf -rd ./)"
environment:
PY_COLORS: 1
- name: python-flake8
image: python:3.11
commands:
- pip install -qq flake8
- flake8
environment:
PY_COLORS: 1
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
kind: pipeline
name: testing-centos7
platform:
os: linux
arch: amd64
concurrency:
limit: 1
workspace:
base: /drone/src
path: ${DRONE_REPO_NAME}
steps:
- name: ansible-molecule
image: thegeeklab/molecule:4
commands:
- molecule test -s centos7
environment:
HCLOUD_TOKEN:
from_secret: hcloud_token
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- linting
---
kind: pipeline
name: testing-rocky8
platform:
os: linux
arch: amd64
concurrency:
limit: 1
workspace:
base: /drone/src
path: ${DRONE_REPO_NAME}
steps:
- name: ansible-molecule
image: thegeeklab/molecule:4
commands:
- molecule test -s rocky8
environment:
HCLOUD_TOKEN:
from_secret: hcloud_token
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- linting
---
kind: pipeline
name: documentation
platform:
os: linux
arch: amd64
steps:
- name: generate
image: thegeeklab/ansible-doctor
environment:
ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
ANSIBLE_DOCTOR_FORCE_OVERWRITE: true
ANSIBLE_DOCTOR_LOG_LEVEL: INFO
ANSIBLE_DOCTOR_OUTPUT_DIR: _docs/
ANSIBLE_DOCTOR_ROLE_NAME: ${DRONE_REPO_NAME#*.}
ANSIBLE_DOCTOR_TEMPLATE: hugo-book
- name: publish
image: plugins/gh-pages
settings:
netrc_machine: gitea.rknet.org
pages_directory: _docs/
password:
from_secret: gitea_token
remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}
target_branch: docs
username:
from_secret: gitea_username
when:
ref:
- refs/heads/main
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- testing-centos7
- testing-rocky8
---
kind: pipeline
name: notification
platform:
os: linux
arch: amd64
clone:
disable: true
steps:
- name: matrix
image: thegeeklab/drone-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: "Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}"
username:
from_secret: matrix_username
trigger:
ref:
- refs/heads/main
- refs/tags/**
status:
- success
- failure
depends_on:
- documentation
---
kind: signature
hmac: 96355b0a9ad3071ee76a08c0be0ebb18224f302aa5f140f44f9760b6b91be95d
...

13
.gitignore vendored
View File

@ -1,13 +0,0 @@
# ---> Ansible
*.retry
filter/plugins/
library
# ---> Python
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# ---> Docs
/_docs

19
.later.yml
View File

@ -1,19 +0,0 @@
---
ansible:
custom_modules:
- iptables_raw
- openssl_pkcs12
- proxmox_kvm
- ucr
- corenetworks_dns
- corenetworks_token
rules:
exclude_files:
- molecule/
- "LICENSE*"
- "**/*.md"
- "**/*.ini"
exclude_filter:
- LINT0009

21
LICENSE
View File

@ -1,21 +0,0 @@
MIT License
Copyright (c) 2022 Robert Kaussow <mail@thegeeklab.de>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
The above copyright notice and this permission notice (including the next
paragraph) shall be included in all copies or substantial portions of the
Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

12
README.md
View File

@ -1,12 +0,0 @@
# xoxys.gitea
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.gitea?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.gitea)
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
Setup a [Gitea](https://gitea.io/en-us/) git server. Gitea is a community managed lightweight code hosting solution written in Go.
You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/gitea/).
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

1330
_docs/index.md Normal file
View File

File diff suppressed because it is too large Load Diff

283
defaults/main.yml
View File

@ -1,283 +0,0 @@
---
gitea_version: 1.16.1
gitea_user: "gitea_adm"
gitea_user_home: "/home/{{ gitea_user }}"
gitea_group: "{{ gitea_user }}"
gitea_extra_groups: []
gitea_packages:
- git
gitea_base_dir: "/opt/gitea"
gitea_config_dir: "{{ gitea_base_dir }}/custom/conf"
gitea_data_dir: "{{ gitea_base_dir }}/data"
gitea_run_dir: "{{ gitea_base_dir }}/run"
gitea_template_dir: "{{ gitea_base_dir }}/custom/templates"
gitea_selinux_fcontext:
- target: "{{ gitea_log_dir }}(/.*)?"
setype: var_log_t
gitea_selinux_restorecon:
- "-ir {{ gitea_log_dir }}"
gitea_bind_ip: 127.0.0.1
gitea_bind_port: 61000
gitea_listen_address: http://gitea.example.com
gitea_install_lock: True
# @var gitea_secret:description: Should be replaced by your own secret.
gitea_secret: "1234567ABCDEFG"
# @var gitea_token:description: Should be replaced by your own secret.
gitea_token: "akslkaldasasifiuvsiasfa7s7f8as7f8asd"
gitea_run_mode: prod
gitea_login_remember_days: 7
gitea_password_min_lenght: 8
# @var gitea_password_complexity:description: >
# If left empty or no valid values are specified, the default values
# `lower,upper,digit,spec` will be used. Use `off` to disable checking.
# @end
gitea_password_complexity:
- lower
- upper
- digit
- spec
gitea_git_hooks_enabled: True
gitea_landing_page: explore
gitea_ssh_enabled: True
# @var gitea_minimum_keysize_check:description: >
# Indicate whether to check minimum key size with corresponding type.
# @end
gitea_minimum_keysize_check: False
# @var gitea_minimum_keysize:description: >
# Define allowed algorithms and their minimum key length (use -1 to disable a type).
# @end
gitea_minimum_keysize:
- name: ED25519
size: 256
- name: ECDSA
size: 256
- name: RSA
size: 2048
- name: DSA
size: -1
gitea_offline_mode: False
gitea_registration_enabled: False
gitea_registration_email_confirm: False
gitea_registration_email_domain_whitelist: []
gitea_registration_allow_external_only: False
gitea_registration_button_enabled: True
gitea_db_type: sqlite
# Configurations only applies to non-sqlite provider.
gitea_db_server: localhost
gitea_db_port: 5432
gitea_db_name: gitea
gitea_db_user: pggitea
gitea_db_password: secure
gitea_db_ssl_mode: disable
# @var gitea_default_email_notification:description: >
# Default configuration for email notifications for users (user configurable).
# Options: `enabled`, `onmention`, `disabled`.
# @end
gitea_default_email_notification: enabled
gitea_default_keep_email_private: True
gitea_default_org_allow_creation: True
gitea_default_org_visible: public
gitea_default_org_member_visible: False
gitea_default_dependencies_enabled: True
gitea_default_timetracking_enabled: True
gitea_log_level: Info
gitea_log_dir: "{{ gitea_base_dir }}/log"
gitea_repository_default_private: last
gitea_repository_force_private: False
gitea_repository_default_license:
- Apache License 2.0
- MIT Licensei
gitea_repository_creation_limit: -1
gitea_repository_http_enabled: True
# @var gitea_repository_access_control_allow_origin:default: $ "_unset_"
# @var gitea_repository_access_control_allow_origin:description: >
# Value for Access-Control-Allow-Origin header, default unset.
# WARNING: This maybe harmful to you website if you do not give it a right value!
# @end
# @var gitea_repository_use_compat_ssh_uri:description: >
# Force ssh:// clone url instead of scp-style uri when default SSH port is used
# @end
gitea_repository_use_compat_ssh_uri: False
gitea_repository_push_create_user_enabled: False
gitea_repository_push_create_org_enabled: False
gitea_repository_auto_watch_on_creation: False
gitea_repository_auto_watch_on_change: False
gitea_repository_default_repo_units:
- repo.code
- repo.releases
- repo.issues
- repo.pulls
- repo.wiki
- repo.projects
gitea_repository_default_branch: main
# @var gitea_repository_editor_line_wrap_ext:description: >
# Comma-separated list of file extensions for which lines should be wrapped in the CodeMirror editor.
# To line wrap files without an extension, just put a comma.
# @end
gitea_repository_editor_line_wrap_ext:
- .txt
- .md
- .markdown
- .mdown
- .mkd
gitea_repository_upload_enabled: True
# @var gitea_repository_upload_allowed_types:description: >
# One or more allowed types, e.g. image/jpeg|image/png. Default allows any file type.
# @end
gitea_repository_upload_allowed_types: []
gitea_repository_upload_max_filesize: 3
gitea_repository_upload_max_files: 5
# @var gitea_repository_pr_wip_prefix:description: >
# List of prefixes used in Pull Request title to mark them as Work In Progress.
# @end
gitea_repository_pr_wip_prefix:
- "WIP:"
- "[WIP]"
gitea_repository_pr_close_keyword:
- close
- closes
- closed
- fix
- fixes
- fixed
- resolve
- resolves
- resolved
gitea_repository_pr_reopen_keyword:
- reopen
- reopens
- reopened
# @var gitea_repository_issue_lock_reason:description: >
# List of reasons why a Pull Request or Issue can be locked.
# @end
gitea_repository_issue_lock_reason:
- Too heated
- Off-topic
- Resolved
- Spam
gitea_ui_explore_paging_num: 20
gitea_ui_issue_paging_num: 10
gitea_ui_feed_commit_num: 5
gitea_ui_graph_commit_num: 100
gitea_ui_code_comment_lines: 4
gitea_ui_show_user_email: True
# @var gitea_ui_reaction:description: >
# All available reactions. Allow users react with different emojis.
# See https://gitea.com/gitea/gitea.com/issues/8.
# @end
gitea_ui_reaction:
- +1
- -1
- laugh
- hooray
- confused
- heart
- rocket
- eyes
gitea_ui_show_full_name: False
gitea_ui_search_repo_description: True
gitea_ui_admin_user_paging_num: 50
gitea_ui_admin_repo_paging_num: 50
gitea_ui_admin_notice_paging_num: 25
gitea_ui_admin_org_paging_num: 50
gitea_ui_user_repo_paging_num: 15
gitea_markdown_hard_linebreak_enabled: False
gitea_markdown_custom_url_scheme: []
gitea_markdown_file_ext:
- .md
- .markdown
- .mdown
- .mkd
gitea_lfs_enabled: False
gitea_lfs_jwt_secret: gitea_lfs_jwt_secret
# @var gitea_org_creation_enabled: description: Allow regular (non-admin) users to create organizations.
gitea_org_creation_enabled: True
gitea_gravatar_enabled: False
gitea_gravatar_source: gravatar
gitea_avatar_federation_enabled: False
gitea_attachment_enabled: True
gitea_attachment_allowed_types:
- image/jpeg
- image/png
- application/zip
- application/gzip
gitea_attachment_max_filesize: 3
gitea_attachment_max_files: 5
gitea_mirror_default_interval: 10h
gitea_mirror_min_interval: 8h
gitea_mail_service_enabled: False
gitea_mail_service_from: '"System" <systemmail@example.com>'
gitea_no_reply_address: "noreply@example.org"
# @var gitea_mail_subject_prefix:default: $ "_unset_"
# @var gitea_mail_subject_prefix:description: Prefix displayed before subject in mail.
gitea_session_provider: memory
gitea_session_provider_config: data/sessions
gitea_session_cookie_name: i_like_gitea
gitea_session_cookie_secure: False
gitea_session_enable_set_cookie: True
gitea_session_session_life_time: 86400
gitea_api_swagger_enabled: True
gitea_api_default_paging_num: 30
gitea_api_default_git_trees_per_page: 1000
gitea_footer_show_branding: False
gitea_footer_show_version: False
gitea_footer_show_template_load_time: False
# @var gitea_extra_links_footer:description: Add custom links e.g. legal notice to gitea footer.
# @var gitea_extra_links_footer:example: >
# gitea_extra_links_footer:
# - name: Legal Notice
# href: https://example.com/legal_notice
# @end
gitea_extra_links_footer: []
gitea_extra_links: []
gitea_webhook_allowed_host_list:
- external
gitea_oauth_provider_enabled: False
gitea_access_token_expiration_time: 3600
gitea_refresh_token_expiration_time: 730
gitea_invalidate_refresh_tokens: False
gitea_jwt_signing_algorithm: RS256
# @var gitea_jwt_secret:description: >
# OAuth2 authentication secret for access and refresh tokens. Should be replaced by your own secret.
# Only works if `gitea_jwt_signing_algorithm` is set to HS256, HS384 or HS512.
# @end
# @var gitea_jwt_secret:example: $ "Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU"
gitea_metrics_enabled: False
# @var gitea_metrics_token:description: If you want to add authorization, specify a token here.
# @var gitea_metrics_token:default: $ "_unset_"
gitea_tls_enabled: False
gitea_tls_cert_path: "{{ gitea_base_dir }}/tls/certs/mycert.pem"
gitea_tls_key_path: "{{ gitea_base_dir }}/tls/private/mykey.pem"
gitea_tls_cert_source: mycert.pem
gitea_tls_key_source: mykey.pem

10
handlers/main.yml
View File

@ -1,10 +0,0 @@
---
- name: Restart Gitea Service
service:
name: gitea
state: restarted
daemon_reload: yes
enabled: yes
listen: __gitea_restart
become: True
become_user: root

1315
index.md Normal file
View File

File diff suppressed because it is too large Load Diff

28
meta/main.yml
View File

@ -1,28 +0,0 @@
# Standards: 0.2
---
galaxy_info:
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
author: Robert Kaussow <mail@thegeeklab.de>
namespace: xoxys
role_name: gitea
# @meta description: >
# [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.gitea)
# [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.gitea?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.gitea)
# [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.gitea/src/branch/main/LICENSE)
#
# Setup a [Gitea](https://gitea.io/en-us/) git server. Gitea is a community managed lightweight
# code hosting solution written in Go.
# @end
description: Setup a Gitea git server
license: MIT
min_ansible_version: 2.10
platforms:
- name: EL
versions:
- 7
galaxy_tags:
- gitea
- git
dependencies: []
collections:
- community.general

5
molecule/centos7/converge.yml
View File

@ -1,5 +0,0 @@
---
- name: Converge
hosts: all
roles:
- role: xoxys.gitea

120
molecule/centos7/create.yml
View File

@ -1,120 +0,0 @@
---
- name: Create
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
vars:
ssh_port: 22
ssh_user: root
ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
tasks:
- name: Create SSH key
user:
name: "{{ lookup('env', 'USER') }}"
generate_ssh_key: true
ssh_key_file: "{{ ssh_path }}"
force: true
register: generated_ssh_key
- name: Register the SSH key name
set_fact:
ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}"
- name: Register SSH key for test instance(s)
hcloud_ssh_key:
name: "{{ ssh_key_name }}"
public_key: "{{ generated_ssh_key.ssh_public_key }}"
state: present
- name: Create molecule instance(s)
hcloud_server:
name: "{{ item.name }}"
server_type: "{{ item.server_type }}"
ssh_keys:
- "{{ ssh_key_name }}"
image: "{{ item.image }}"
location: "{{ item.location | default(omit) }}"
datacenter: "{{ item.datacenter | default(omit) }}"
user_data: "{{ item.user_data | default(omit) }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: present
register: server
loop: "{{ molecule_yml.platforms }}"
async: 7200
poll: 0
- name: Wait for instance(s) creation to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_jobs
until: hetzner_jobs.finished
retries: 300
loop: "{{ server.results }}"
- name: Create volume(s)
hcloud_volume:
name: "{{ item.name }}"
server: "{{ item.name }}"
location: "{{ item.location | default(omit) }}"
size: "{{ item.volume_size | default(10) }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: "present"
loop: "{{ molecule_yml.platforms }}"
when: item.volume | default(False) | bool
register: volumes
async: 7200
poll: 0
- name: Wait for volume(s) creation to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_volumes
until: hetzner_volumes.finished
retries: 300
when: volumes.changed
loop: "{{ volumes.results }}"
# Mandatory configuration for Molecule to function.
- name: Populate instance config dict
set_fact:
instance_conf_dict:
{
"instance": "{{ item.hcloud_server.name }}",
"ssh_key_name": "{{ ssh_key_name }}",
"address": "{{ item.hcloud_server.ipv4_address }}",
"user": "{{ ssh_user }}",
"port": "{{ ssh_port }}",
"identity_file": "{{ ssh_path }}",
"volume": "{{ item.item.item.volume | default(False) | bool }}",
}
loop: "{{ hetzner_jobs.results }}"
register: instance_config_dict
when: server.changed | bool
- name: Convert instance config dict to a list
set_fact:
instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
when: server.changed | bool
- name: Dump instance config
copy:
content: |
# Molecule managed
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
- name: Wait for SSH
wait_for:
port: "{{ ssh_port }}"
host: "{{ item.address }}"
search_regex: SSH
delay: 10
loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}"
- name: Wait for VM to settle down
pause:
seconds: 30

78
molecule/centos7/destroy.yml
View File

@ -1,78 +0,0 @@
---
- name: Destroy
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
tasks:
- name: Check existing instance config file
stat:
path: "{{ molecule_instance_config }}"
register: cfg
- name: Populate the instance config
set_fact:
instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}"
- name: Destroy molecule instance(s)
hcloud_server:
name: "{{ item.instance }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: absent
register: server
loop: "{{ instance_conf }}"
async: 7200
poll: 0
- name: Wait for instance(s) deletion to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_jobs
until: hetzner_jobs.finished
retries: 300
loop: "{{ server.results }}"
- pause:
seconds: 5
- name: Destroy volume(s)
hcloud_volume:
name: "{{ item.instance }}"
server: "{{ item.instance }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: "absent"
register: volumes
loop: "{{ instance_conf }}"
when: item.volume | default(False) | bool
async: 7200
poll: 0
- name: Wait for volume(s) deletion to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_volumes
until: hetzner_volumes.finished
retries: 300
when: volumes.changed
loop: "{{ volumes.results }}"
- name: Remove registered SSH key
hcloud_ssh_key:
name: "{{ instance_conf[0].ssh_key_name }}"
state: absent
when: (instance_conf | default([])) | length > 0
# Mandatory configuration for Molecule to function.
- name: Populate instance config
set_fact:
instance_conf: {}
- name: Dump instance config
copy:
content: |
# Molecule managed
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool

24
molecule/centos7/molecule.yml
View File

@ -1,24 +0,0 @@
---
dependency:
name: galaxy
options:
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
env:
ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
driver:
name: delegated
platforms:
- name: centos7-gitea
image: centos-7
server_type: cx11
lint: |
/usr/local/bin/flake8
provisioner:
name: ansible
env:
ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
log: False
verifier:
name: testinfra

15
molecule/centos7/prepare.yml
View File

@ -1,15 +0,0 @@
---
- name: Prepare
hosts: all
gather_facts: false
tasks:
- name: Bootstrap python for Ansible
raw: |
command -v python3 python || (
(test -e /usr/bin/dnf && sudo dnf install -y python3) ||
(test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
(test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
echo "Warning: Python not boostrapped due to unknown platform."
)
become: true
changed_when: false

18
molecule/centos7/tests/test_default.py
View File

@ -1,18 +0,0 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_gitea_running_and_enabled(host):
gitea = host.service("gitea")
assert gitea.is_running
assert gitea.is_enabled
def test_gitea_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:61000").is_listening

1
molecule/default
View File

@ -1 +0,0 @@
rocky8

3
molecule/pytest.ini
View File

@ -1,3 +0,0 @@
[pytest]
filterwarnings =
ignore::DeprecationWarning

6
molecule/requirements.yml
View File

@ -1,6 +0,0 @@
---
collections:
- name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz
- name: community.general
roles: []

5
molecule/rocky8/converge.yml
View File

@ -1,5 +0,0 @@
---
- name: Converge
hosts: all
roles:
- role: xoxys.gitea

120
molecule/rocky8/create.yml
View File

@ -1,120 +0,0 @@
---
- name: Create
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
vars:
ssh_port: 22
ssh_user: root
ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
tasks:
- name: Create SSH key
user:
name: "{{ lookup('env', 'USER') }}"
generate_ssh_key: true
ssh_key_file: "{{ ssh_path }}"
force: true
register: generated_ssh_key
- name: Register the SSH key name
set_fact:
ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}"
- name: Register SSH key for test instance(s)
hcloud_ssh_key:
name: "{{ ssh_key_name }}"
public_key: "{{ generated_ssh_key.ssh_public_key }}"
state: present
- name: Create molecule instance(s)
hcloud_server:
name: "{{ item.name }}"
server_type: "{{ item.server_type }}"
ssh_keys:
- "{{ ssh_key_name }}"
image: "{{ item.image }}"
location: "{{ item.location | default(omit) }}"
datacenter: "{{ item.datacenter | default(omit) }}"
user_data: "{{ item.user_data | default(omit) }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: present
register: server
loop: "{{ molecule_yml.platforms }}"
async: 7200
poll: 0
- name: Wait for instance(s) creation to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_jobs
until: hetzner_jobs.finished
retries: 300
loop: "{{ server.results }}"
- name: Create volume(s)
hcloud_volume:
name: "{{ item.name }}"
server: "{{ item.name }}"
location: "{{ item.location | default(omit) }}"
size: "{{ item.volume_size | default(10) }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: "present"
loop: "{{ molecule_yml.platforms }}"
when: item.volume | default(False) | bool
register: volumes
async: 7200
poll: 0
- name: Wait for volume(s) creation to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_volumes
until: hetzner_volumes.finished
retries: 300
when: volumes.changed
loop: "{{ volumes.results }}"
# Mandatory configuration for Molecule to function.
- name: Populate instance config dict
set_fact:
instance_conf_dict:
{
"instance": "{{ item.hcloud_server.name }}",
"ssh_key_name": "{{ ssh_key_name }}",
"address": "{{ item.hcloud_server.ipv4_address }}",
"user": "{{ ssh_user }}",
"port": "{{ ssh_port }}",
"identity_file": "{{ ssh_path }}",
"volume": "{{ item.item.item.volume | default(False) | bool }}",
}
loop: "{{ hetzner_jobs.results }}"
register: instance_config_dict
when: server.changed | bool
- name: Convert instance config dict to a list
set_fact:
instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
when: server.changed | bool
- name: Dump instance config
copy:
content: |
# Molecule managed
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
- name: Wait for SSH
wait_for:
port: "{{ ssh_port }}"
host: "{{ item.address }}"
search_regex: SSH
delay: 10
loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}"
- name: Wait for VM to settle down
pause:
seconds: 30

78
molecule/rocky8/destroy.yml
View File

@ -1,78 +0,0 @@
---
- name: Destroy
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
tasks:
- name: Check existing instance config file
stat:
path: "{{ molecule_instance_config }}"
register: cfg
- name: Populate the instance config
set_fact:
instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}"
- name: Destroy molecule instance(s)
hcloud_server:
name: "{{ item.instance }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: absent
register: server
loop: "{{ instance_conf }}"
async: 7200
poll: 0
- name: Wait for instance(s) deletion to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_jobs
until: hetzner_jobs.finished
retries: 300
loop: "{{ server.results }}"
- pause:
seconds: 5
- name: Destroy volume(s)
hcloud_volume:
name: "{{ item.instance }}"
server: "{{ item.instance }}"
api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
state: "absent"
register: volumes
loop: "{{ instance_conf }}"
when: item.volume | default(False) | bool
async: 7200
poll: 0
- name: Wait for volume(s) deletion to complete
async_status:
jid: "{{ item.ansible_job_id }}"
register: hetzner_volumes
until: hetzner_volumes.finished
retries: 300
when: volumes.changed
loop: "{{ volumes.results }}"
- name: Remove registered SSH key
hcloud_ssh_key:
name: "{{ instance_conf[0].ssh_key_name }}"
state: absent
when: (instance_conf | default([])) | length > 0
# Mandatory configuration for Molecule to function.
- name: Populate instance config
set_fact:
instance_conf: {}
- name: Dump instance config
copy:
content: |
# Molecule managed
{{ instance_conf | to_nice_yaml(indent=2) }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool

24
molecule/rocky8/molecule.yml
View File

@ -1,24 +0,0 @@
---
dependency:
name: galaxy
options:
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
env:
ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
driver:
name: delegated
platforms:
- name: rocky8-gitea
image: rocky-8
server_type: cx11
lint: |
/usr/local/bin/flake8
provisioner:
name: ansible
env:
ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
log: False
verifier:
name: testinfra

15
molecule/rocky8/prepare.yml
View File

@ -1,15 +0,0 @@
---
- name: Prepare
hosts: all
gather_facts: false
tasks:
- name: Bootstrap python for Ansible
raw: |
command -v python3 python || (
(test -e /usr/bin/dnf && sudo dnf install -y python3) ||
(test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
(test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
echo "Warning: Python not boostrapped due to unknown platform."
)
become: true
changed_when: false

18
molecule/rocky8/tests/test_default.py
View File

@ -1,18 +0,0 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_gitea_running_and_enabled(host):
gitea = host.service("gitea")
assert gitea.is_running
assert gitea.is_enabled
def test_gitea_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:61000").is_listening

12
setup.cfg
View File

@ -1,12 +0,0 @@
[flake8]
ignore = D100, D101, D102, D103, D105, D107, E402, W503
max-line-length = 99
inline-quotes = double
exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env*
[yapf]
based_on_style = google
column_limit = 99
dedent_closing_brackets = true
coalesce_brackets = true
split_before_logical_operator = true

59
tasks/install.yml
View File

@ -1,59 +0,0 @@
---
- name: Prepare base folder
file:
path: "{{ gitea_base_dir }}"
state: directory
owner: "{{ gitea_user }}"
group: "{{ gitea_user }}"
mode: 0750
become: True
become_user: root
- block:
- name: Prepare folder structure
file:
path: "{{ item }}"
state: directory
mode: 0750
loop:
- "{{ gitea_config_dir }}"
- "{{ gitea_data_dir }}"
- "{{ gitea_log_dir }}"
- "{{ gitea_run_dir }}"
- "{{ gitea_template_dir }}/custom"
- name: Download Gitea binary
get_url:
url: "https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
dest: "{{ gitea_base_dir }}/gitea-latest"
mode: 0750
notify: __gitea_restart
- name: Copy config file
template:
src: "custom/conf/app.ini.j2"
dest: "{{ gitea_config_dir }}/app.ini"
mode: 0600
notify: __gitea_restart
- name: Copy template files
template:
src: "templates/custom/templates/custom/{{ item }}.tmpl.j2"
dest: "{{ gitea_template_dir }}/custom/{{ item }}.tmpl"
mode: 0600
loop:
- extra_links_footer
- extra_links
notify: __gitea_restart
become: True
become_user: "{{ gitea_user }}"
- block:
- name: Copy systemd unit file
template:
src: "etc/systemd/system/gitea.service.j2"
dest: "/etc/systemd/system/gitea.service"
mode: 0640
notify: __gitea_restart
become: True
become_user: root

9
tasks/main.yml
View File

@ -1,9 +0,0 @@
---
- include_tasks: prepare.yml
- include_tasks: install.yml
- include_tasks: selinux.yml
when: ansible_selinux.status == "enabled"
- import_tasks: tls.yml
when: gitea_tls_enabled | bool
tags: tls_renewal
- include_tasks: post_tasks.yml

9
tasks/post_tasks.yml
View File

@ -1,9 +0,0 @@
---
- name: Ensure gitea service is up and running
service:
state: started
daemon_reload: yes
enabled: yes
name: gitea
become: True
become_user: root

23
tasks/prepare.yml
View File

@ -1,23 +0,0 @@
---
- block:
- name: Create group '{{ gitea_group }}'
group:
name: "{{ gitea_group }}"
state: present
- name: Create user '{{ gitea_user }}'
user:
comment: Gitea
name: "{{ gitea_user }}"
home: "{{ gitea_user_home }}"
group: "{{ gitea_group }}"
groups: "{{ gitea_extra_groups | join(',') }}"
- name: Install dependencies
package:
name: "{{ item }}"
state: present
loop:
- "{{ gitea_packages }}"
become: True
become_user: root

15
tasks/selinux.yml
View File

@ -1,15 +0,0 @@
---
- block:
- name: Add SELinux file context mapping definitions
sefcontext:
target: "{{ item.target }}"
setype: "{{ item.setype }}"
state: present
loop: "{{ gitea_selinux_fcontext }}"
- name: Apply new SELinux file context to filesystem
command: "restorecon {{ item }}"
loop: "{{ gitea_selinux_restorecon }}"
changed_when: False
become: True
become_user: root

28
tasks/tls.yml
View File

@ -1,28 +0,0 @@
---
- block:
- name: Create tls folder structure
file:
path: "{{ item }}"
state: directory
owner: "{{ gitea_user }}"
group: "{{ gitea_group }}"
recurse: True
loop:
- "{{ gitea_tls_cert_path | dirname }}"
- "{{ gitea_tls_key_path | dirname }}"
become: True
become_user: root
- block:
- name: Copy certs and private key
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- { src: "{{ gitea_tls_key_source }}", dest: '{{ gitea_tls_key_path }}', mode: '0600' }
- { src: "{{ gitea_tls_cert_source }}", dest: '{{ gitea_tls_cert_path }}', mode: '0750' }
loop_control:
label: "{{ item.dest }}"
become: True
become_user: "{{ gitea_user }}"

315
templates/custom/conf/app.ini.j2
View File

@ -1,315 +0,0 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment(decoration="; ")}}
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = {{ gitea_user }}
RUN_MODE = {{ gitea_run_mode }}
WORK_PATH = {{ gitea_base_dir }}
[repository]
ROOT = {{ gitea_data_dir }}/repos
FORCE_PRIVATE = {{ gitea_repository_force_private | bool | lower }}
DEFAULT_PRIVATE = {{ gitea_repository_default_private }}
MAX_CREATION_LIMIT = {{ gitea_repository_creation_limit }}
PREFERRED_LICENSES = {{ gitea_repository_default_license | join(",") }}
DISABLE_HTTP_GIT = {{ 'false' if gitea_repository_http_enabled | bool else 'true' }}
{% if gitea_repository_access_control_allow_origin is defined and gitea_repository_access_control_allow_origin %}
ACCESS_CONTROL_ALLOW_ORIGIN = {{ gitea_repository_access_control_allow_origin }}
{% endif %}
USE_COMPAT_SSH_URI = {{ gitea_repository_use_compat_ssh_uri | bool | lower }}
ENABLE_PUSH_CREATE_USER = {{ gitea_repository_push_create_user_enabled | bool | lower }}
ENABLE_PUSH_CREATE_ORG = {{ gitea_repository_push_create_org_enabled | bool | lower }}
DEFAULT_REPO_UNITS = {{ gitea_repository_default_repo_units | join(",") }}
DEFAULT_BRANCH = {{ gitea_repository_default_branch }}
[repository.editor]
LINE_WRAP_EXTENSIONS = {{ gitea_repository_editor_line_wrap_ext | join(",") }}
PREVIEWABLE_FILE_MODES = markdown
[repository.upload]
{% if gitea_repository_upload_enabled | bool %}
ENABLED = true
{% if gitea_repository_upload_allowed_types %}
ALLOWED_TYPES = {{ gitea_repository_upload_allowed_types | join(",") }}
{% endif %}
FILE_MAX_SIZE = {{ gitea_repository_upload_max_filesize }}
MAX_FILES = {{ gitea_repository_upload_max_files }}
{% else %}
ENABLED = false
{% endif %}
[repository.pull-request]
WORK_IN_PROGRESS_PREFIXES = {{ gitea_repository_pr_wip_prefix | join(",") }}
CLOSE_KEYWORDS = {{ gitea_repository_pr_close_keyword | join(",") }}
REOPEN_KEYWORDS = {{ gitea_repository_pr_reopen_keyword | join(",") }}
[repository.issue]
LOCK_REASONS = {{ gitea_repository_issue_lock_reason | join(",") }}
[ui]
EXPLORE_PAGING_NUM = {{ gitea_ui_explore_paging_num }}
ISSUE_PAGING_NUM = {{ gitea_ui_issue_paging_num }}
FEED_MAX_COMMIT_NUM = {{ gitea_ui_feed_commit_num }}
GRAPH_MAX_COMMIT_NUM = {{ gitea_ui_graph_commit_num }}
CODE_COMMENT_LINES = {{ gitea_ui_code_comment_lines }}
SHOW_USER_EMAIL = {{ gitea_ui_show_user_email | bool | lower }}
REACTIONS = {{ gitea_ui_reaction | join(",") }}
DEFAULT_SHOW_FULL_NAME = {{ gitea_ui_show_full_name | bool | lower }}
SEARCH_REPO_DESCRIPTION = {{ gitea_ui_search_repo_description | bool | lower }}
[ui.admin]
USER_PAGING_NUM = {{ gitea_ui_admin_user_paging_num }}
REPO_PAGING_NUM = {{ gitea_ui_admin_repo_paging_num }}
NOTICE_PAGING_NUM = {{ gitea_ui_admin_notice_paging_num }}
ORG_PAGING_NUM = {{ gitea_ui_admin_org_paging_num }}
[ui.user]
REPO_PAGING_NUM = {{ gitea_ui_user_repo_paging_num }}
[markdown]
ENABLE_HARD_LINE_BREAK = {{ gitea_markdown_hard_linebreak_enabled | bool | lower }}
{% if gitea_markdown_custom_url_scheme %}
CUSTOM_URL_SCHEMES = {{ gitea_markdown_custom_url_scheme | join(",") }}
{% endif %}
FILE_EXTENSIONS = {{ gitea_markdown_file_ext | join(",") }}
[server]
PROTOCOL = {{ 'https' if gitea_tls_enabled else 'http' }}
DOMAIN = {{ gitea_listen_address | urlsplit('hostname') }}
ROOT_URL = {{ gitea_listen_address | urlsplit('scheme') }}://%(DOMAIN)s/
HTTP_ADDR = {{ gitea_bind_ip }}
HTTP_PORT = {{ gitea_bind_port }}
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
DISABLE_SSH = {{ 'false' if gitea_ssh_enabled | bool else 'true' }}
START_SSH_SERVER = false
MINIMUM_KEY_SIZE_CHECK = {{ gitea_minimum_keysize_check | bool | lower }}
OFFLINE_MODE = {{ gitea_offline_mode | bool | lower }}
{% if gitea_tls_enabled | bool %}
CERT_FILE = {{ gitea_tls_cert_path }}
KEY_FILE = {{ gitea_tls_key_path }}
{% endif %}
APP_DATA_PATH = {{ gitea_data_dir }}
PPROF_DATA_PATH = {{ gitea_data_dir }}/tmp/pprof
LANDING_PAGE = {{ gitea_landing_page }}
{% if gitea_lfs_enabled | bool %}
LFS_START_SERVER = true
LFS_CONTENT_PATH = {{ gitea_data_dir }}/lfs
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
LFS_HTTP_AUTH_EXPIRY = 20m
{% else %}
LFS_START_SERVER = false
{% endif %}
[ssh.minimum_key_sizes]
{% for key in gitea_minimum_keysize %}
{{ key.name }} = {{ key.size }}
{% endfor %}
[database]
{% if gitea_db_type == "pgsql" %}
DB_TYPE = postgres
HOST = {{ gitea_db_server }}:{{ gitea_db_port }}
NAME = {{ gitea_db_name }}
USER = {{ gitea_db_user }}
PASSWD = {{ gitea_db_password }}
SSL_MODE = {{ gitea_db_ssl_mode }}
{% elif gitea_db_type == "sqlite" %}
DB_TYPE = sqlite3
PATH = {{ gitea_data_dir }}/gitea.db
SQLITE_TIMEOUT = 500
{% endif %}
[indexer]
ISSUE_INDEXER_TYPE = bleve
ISSUE_INDEXER_PATH = {{ gitea_data_dir }}/indexers/issues.bleve
REPO_INDEXER_ENABLED = true
REPO_INDEXER_PATH = {{ gitea_data_dir }}/indexers/repos.bleve
[queue.issue_indexer]
DATADIR = {{ gitea_data_dir }}/issues.queue
[admin]
DISABLE_REGULAR_ORG_CREATION = {{ 'false' if gitea_org_creation_enabled | bool else 'true' }}
DEFAULT_EMAIL_NOTIFICATIONS = {{ gitea_default_email_notification }}
[webhook]
QUEUE_LENGTH = 1000
DELIVER_TIMEOUT = 5
ALLOWED_HOST_LIST = {{ gitea_webhook_allowed_host_list | join(",") }}
SKIP_TLS_VERIFY = false
[security]
INSTALL_LOCK = {{ gitea_install_lock | bool | lower }}
SECRET_KEY = {{ gitea_secret }}
LOGIN_REMEMBER_DAYS = {{ gitea_login_remember_days }}
MIN_PASSWORD_LENGTH = {{ gitea_password_min_lenght }}
DISABLE_GIT_HOOKS = {{ 'false' if gitea_git_hooks_enabled | bool else 'true' }}
PASSWORD_COMPLEXITY = {{ gitea_password_complexity | join(",") }}
PASSWORD_HASH_ALGO = pbkdf2
INTERNAL_TOKEN = {{ gitea_token }}
[service]
REGISTER_EMAIL_CONFIRM = {{ gitea_registration_email_confirm | bool | lower }}
{% if gitea_registration_email_domain_whitelist is defined and gitea_registration_email_domain_whitelist %}
EMAIL_DOMAIN_WHITELIST= {{ gitea_registration_email_domain_whitelist | join(",") }}
{% endif %}
DISABLE_REGISTRATION = {{ 'false' if gitea_registration_enabled | bool else 'true' }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_registration_allow_external_only | bool | lower }}
REQUIRE_SIGNIN_VIEW = false
{% if gitea_mail_service_enabled | bool %}
ENABLE_NOTIFY_MAIL = true
{% endif %}
ENABLE_BASIC_AUTHENTICATION = true
ALLOW_CROSS_REPOSITORY_DEPENDENCIES = true
ENABLE_USER_HEATMAP = true
ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = {{ gitea_no_reply_address }}
SHOW_REGISTRATION_BUTTON = {{ gitea_registration_button_enabled | bool | lower }}
SHOW_MILESTONES_DASHBOARD_PAGE = true
AUTO_WATCH_NEW_REPOS = {{ gitea_repository_auto_watch_on_creation | bool | lower }}
AUTO_WATCH_ON_CHANGES = {{ gitea_repository_auto_watch_on_change | bool | lower }}
DEFAULT_KEEP_EMAIL_PRIVATE = {{ gitea_default_keep_email_private | bool | lower }}
DEFAULT_ALLOW_CREATE_ORGANIZATION = {{ gitea_default_org_allow_creation | bool | lower }}
DEFAULT_ORG_VISIBILITY = {{ gitea_default_org_visible }}
DEFAULT_ORG_MEMBER_VISIBLE = {{ gitea_default_org_member_visible | bool | lower }}
DEFAULT_ENABLE_DEPENDENCIES = {{ gitea_default_dependencies_enabled | bool | lower }}
DEFAULT_ENABLE_TIMETRACKING = {{ gitea_default_timetracking_enabled | bool | lower }}
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
{% if gitea_mail_service_enabled | bool %}
[mailer]
ENABLED = true
{% if gitea_mail_subject_prefix is defined and gitea_mail_subject_prefix %}
SUBJECT_PREFIX = {{ gitea_mail_subject_prefix }}
{% endif %}
FROM = {{ gitea_mail_service_from }}
PROTOCOL = sendmail
SENDMAIL_PATH = /usr/sbin/sendmail
{% else %}
[mailer]
ENABLED = false
{% endif %}
[session]
PROVIDER = {{ gitea_session_provider }}
PROVIDER_CONFIG = {{ gitea_session_provider_config }}
COOKIE_NAME = {{ gitea_session_cookie_name }}
COOKIE_SECURE = {{ gitea_session_cookie_secure | bool | lower }}
ENABLE_SET_COOKIE = {{ gitea_session_enable_set_cookie | bool | lower }}
GC_INTERVAL_TIME = {{ gitea_session_session_life_time }}
SESSION_LIFE_TIME = {{ gitea_session_session_life_time }}
[picture]
AVATAR_UPLOAD_PATH = {{ gitea_data_dir }}/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = {{ gitea_data_dir }}/repo-avatars
REPOSITORY_AVATAR_FALLBACK = none
DISABLE_GRAVATAR = {{ 'false' if gitea_gravatar_enabled | bool else 'true' }}
GRAVATAR_SOURCE = {{ gitea_gravatar_source }}
ENABLE_FEDERATED_AVATAR = {{ gitea_avatar_federation_enabled | bool | lower }}
[attachment]
{% if gitea_attachment_enabled | bool %}
ENABLE = true
PATH = {{ gitea_data_dir }}/attachments
ALLOWED_TYPES = {{ gitea_attachment_allowed_types | join("|") }}
MAX_SIZE = {{ gitea_attachment_max_filesize }}
MAX_FILES = {{ gitea_attachment_max_files }}
{% else %}
ENABLE = false
{% endif %}
[log]
ROOT_PATH = {{ gitea_log_dir }}
MODE = file
REDIRECT_MACARON_LOG = true
MACARON = file
ROUTER_LOG_LEVEL = Info
logger.router.MODE = file
{% raw %}
ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
{% endraw %}
logger.access.MODE = file
LEVEL = {{ gitea_log_level }}
STACKTRACE_LEVEL = None
[log.file]
LOG_ROTATE = false
[log.file.macaron]
LEVEL = Info
[log.file.router]
LEVEL = Info
[log.file.access]
LEVEL = Info
[cron]
ENABLED = true
RUN_AT_START = false
[cron.update_mirrors]
SCHEDULE = @every 10m
[cron.repo_health_check]
SCHEDULE = @every 24h
TIMEOUT =
ARGS =
[cron.check_repo_stats]
RUN_AT_START = true
SCHEDULE = @every 24h
[cron.archive_cleanup]
ENABLED = true
RUN_AT_START = true
SCHEDULE = @every 24h
OLDER_THAN = 24h
[cron.sync_external_users]
RUN_AT_START = true
SCHEDULE = @every 24h
UPDATE_EXISTING = true
[cron.update_migration_post_id]
SCHEDULE = @every 24h
[mirror]
DEFAULT_INTERVAL = {{ gitea_mirror_default_interval }}
MIN_INTERVAL = {{ gitea_mirror_min_interval }}
[api]
ENABLE_SWAGGER = {{ gitea_api_swagger_enabled | bool | lower }}
MAX_RESPONSE_ITEMS = 50
DEFAULT_PAGING_NUM = {{ gitea_api_default_paging_num }}
DEFAULT_GIT_TREES_PER_PAGE = {{ gitea_api_default_git_trees_per_page }}
DEFAULT_MAX_BLOB_SIZE = 10485760
{% if gitea_oauth_provider_enabled | bool %}
[oauth2]
ENABLE = true
ACCESS_TOKEN_EXPIRATION_TIME = {{ gitea_access_token_expiration_time }}
REFRESH_TOKEN_EXPIRATION_TIME = {{ gitea_refresh_token_expiration_time }}
INVALIDATE_REFRESH_TOKENS = {{ gitea_invalidate_refresh_tokens | bool | lower }}
JWT_SIGNING_ALGORITHM = {{ gitea_jwt_signing_algorithm }}
JWT_SECRET = {{ gitea_jwt_secret }}
{% else %}
[oauth2]
ENABLE = false
{% endif %}
[other]
SHOW_FOOTER_BRANDING = {{ gitea_footer_show_branding | bool | lower }}
SHOW_FOOTER_VERSION = {{ gitea_footer_show_version | bool | lower }}
SHOW_FOOTER_TEMPLATE_LOAD_TIME = {{ gitea_footer_show_template_load_time | bool | lower }}
[markup.asciidoc]
ENABLED = false
FILE_EXTENSIONS = .adoc,.asciidoc
RENDER_COMMAND = asciidoc --out-file=- -
IS_INPUT_FILE = false
[metrics]
ENABLED = {{ gitea_metrics_enabled | bool | lower }}
{% if gitea_metrics_token is defined and gitea_metrics_token %}
TOKEN = {{ gitea_metrics_token }}
{% endif %}

4
templates/custom/templates/custom/extra_links.tmpl.j2
View File

@ -1,4 +0,0 @@
#jinja2: lstrip_blocks: True
{% for link in gitea_extra_links %}
<a class="item" href="{{ link.href }}">{{ link.name }}</a>
{% endfor %}

4
templates/custom/templates/custom/extra_links_footer.tmpl.j2
View File

@ -1,4 +0,0 @@
#jinja2: lstrip_blocks: True
{% for link in gitea_extra_links_footer %}
<a class="item" href="{{ link.href }}">{{ link.name }}</a>
{% endfor %}

20
templates/etc/systemd/system/gitea.service.j2
View File

@ -1,20 +0,0 @@
{{ ansible_managed | comment }}
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
[Service]
Type=simple
Environment=USER={{ gitea_user }}
Environment=HOME={{ gitea_user_home }}
Environment=GITEA_WORK_DIR={{ gitea_base_dir }}
User={{ gitea_user }}
Group={{ gitea_group }}
WorkingDirectory={{ gitea_base_dir }}
ExecStart={{ gitea_base_dir }}/gitea-latest web -c {{ gitea_config_dir }}/app.ini -P {{ gitea_run_dir }}/gitea.pid
Restart=on-failure
PrivateTmp=yes
[Install]
WantedBy=multi-user.target