---
gitea_version: 1.9.0
gitea_user: "gitea_adm"
gitea_user_home: "/home/{{ gitea_user }}"
gitea_group: "{{ gitea_user }}"
gitea_extra_groups: []

gitea_packages:
  - git

gitea_lvm_enabled: False
# @var gitea_lvm_pvs: $ "_unset_"
# @var gitea_lvm_pvs:example: $ ["/dev/sdb", "/dev/sdc"]
# @var gitea_lvm_vg: $ "_unset_"
# @var gitea_lvm_vg:example: $ "vg_gitea"
# @var gitea_lvm_lv: $ "_unset_"
# @var gitea_lvm_lv:example: $ "lv_gitea"
# @var gitea_lvm_fstype: $ "_unset_"
# @var gitea_lvm_fstype:example: $ ext4
# @var gitea_lvm_size: $ "_unset_"
# @var gitea_lvm_size:example: $ "50G"

gitea_base_dir: "/opt/gitea"
gitea_bin_dir: "{{ gitea_base_dir }}/bin"
gitea_config_dir: "{{ gitea_base_dir }}/custom/conf"
gitea_data_dir: "{{ gitea_base_dir }}/data"

gitea_bind_ip: 127.0.0.1
gitea_bind_port: 61000
gitea_listen_address: http://gitea.example.com

gitea_install_lock: "true"
# @var gitea_secret:description: Should be replaced by your own secret.
gitea_secret: "1234567ABCDEFG"
# @var gitea_token:description: Should be replaced by your own secret.
gitea_token: "akslkaldasasifiuvsiasfa7s7f8as7f8asd"
gitea_run_mode: prod
gitea_landing_page: explore
gitea_disable_registration: "true"

gitea_postgres_enabled: False
gitea_postgres_ssl_mode: disabled
gitea_postgres_server: "{{ inventory_hostname }}"
gitea_postgres_port: 5432
gitea_postgres_superuser: postgres
gitea_postgres_password: postgres

gitea_postgres_db:
  name: gitea
  lc_collate: en_US.UTF-8
  lc_ctype: en_US.UTF-8'
  encoding: UTF-8
  template: template0
  login_host: localhost
  login_user: "{{ gitea_postgres_superuser }}"
  login_password: "{{ gitea_postgres_password }}"
  # login_unix_socket: # defaults to not set
  port: "{{ gitea_postgres_port }}"
  # owner: # defaults to not set
  state: present

gitea_postgres_user:
  name: pggitea
  password: gitea
  encrypted: 'yes'
  # priv: # defaults to not set
  # role_attr_flags: # defaults to not set
  db: "{{ gitea_postgres_db.name }}"
  login_host: localhost
  login_user: "{{ gitea_postgres_superuser }}"
  login_password: "{{ gitea_postgres_password }}"
  # login_unix_socket: # defaults to not set
  port: "{{ gitea_postgres_port }}"
  state: present

gitea_iptables_enabled: False
gitea_open_ports:
  - name: allow_gitea_web
    rules: |
      -A INPUT -m state --state NEW -p tcp --dport {{ gitea_bind_port }} -j ACCEPT
    state: present

gitea_global_log_level: Info
gitea_global_log_dir: "{{ gitea_base_dir }}/log"
gitea_file_log_level: "{{ gitea_global_log_level }}"
gitea_file_log_rotate_enabled: "true"
gitea_file_log_rotate_daily_enabled: "true"
gitea_file_log_rotate_max_days: 7

gitea_repository_upload_max_filesize: 3
gitea_repository_upload_max_files: 5
gitea_attachment_max_filesize: 3
gitea_attachment_max_files: 5

gitea_mail_service_enabled: False
gitea_mail_service_from: '"System" <systemmail@example.com>'
gitea_no_reply_address: noreply.example.org

gitea_oauth_provider_enabled: False
gitea_access_token_expiration_time: 3600
gitea_refresh_token_expiration_time: 730
gitea_invalidate_refresh_tokens: "false"
# @bar gitea_jwt_secret:description: >
# OAuth2 authentication secret for access and refresh tokens.
# Should be replaced by your own secret.
# @end
gitea_jwt_secret: Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU

gitea_tls_enabled: False
gitea_tls_cert_path: "{{ gitea_base_dir }}/tls/certs/mycert.pem"
gitea_tls_key_path: "{{ gitea_base_dir }}/tls/private/mykey.pem"
gitea_tls_cert_source: mycert.pem
gitea_tls_key_source: mykey.pem