feat: add gitea ansible install

2024-03-13 13:11:36 +01:00 · 2024-03-13 13:11:36 +01:00 · 8994143831
commit 8994143831
parent 5c6e946711
7 changed files with 172 additions and 0 deletions
--- a/ansible/gitea/gitea-playbook.yml
+++ b/ansible/gitea/gitea-playbook.yml
@ -0,0 +1,6 @@
 - name: Install gitea
  hosts:
    - giteas
  roles:
    - role: roles/gitea
--- a/ansible/gitea/roles/gitea/files/gitea.service
+++ b/ansible/gitea/roles/gitea/files/gitea.service
@ -0,0 +1,19 @@
 [Unit]
 Description=Gitea
 After=syslog.target
 After=network.target
 [Service]
 LimitMEMLOCK=infinity
 LimitNOFILE=65535
 RestartSec=2s
 Type=simple
 User=git
 Group=git
 WorkingDirectory=/srv/git
 ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
 Restart=always
 Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/srv/git GITEA_CUSTOM=/srv/git/custom PATH=/usr/bin/git:/bin:/sbin:/usr/bin:/usr/sbin
 [Install]
 WantedBy=multi-user.target
--- a/ansible/gitea/roles/gitea/tasks/main.yml
+++ b/ansible/gitea/roles/gitea/tasks/main.yml
@ -0,0 +1,23 @@
 ---
 - name: Download gitea {{ gitea_version }}
  get_url:
    url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
    dest: "/usr/local/bin/gitea"
 - name: Copy gitea config file app.ini
  template:
    src: app.ini.j2
    dest: /etc/gitea/app.ini
    mode: 0600
 - name: Copy gitea systemd unitfile gitea.service
  copy:
    src: gitea.service
    dest: /etc/systemd/system/gitea.service
    mode: 0600
 - name: Restart gitea systemd service
  ansible.builtin.systemd_service:
    state: restarted
    daemon_reload: true
    name: gitea
--- a/ansible/gitea/roles/gitea/templates/app.ini.j2
+++ b/ansible/gitea/roles/gitea/templates/app.ini.j2
@ -0,0 +1,85 @@
 APP_NAME = Gitea
 RUN_USER = git
 RUN_MODE = prod
 WORK_PATH = /srv/git
 [oauth2]
 JWT_SECRET = {{ gitea_jwt_secret }}
 [security]
 INTERNAL_TOKEN = {{ gitea_internal_token }}
 INSTALL_LOCK = true
 SECRET_KEY = {{ gitea_secret_key }}
 DISABLE_GIT_HOOKS = false
 [database]
 DB_TYPE = postgres
 HOST = {{ gitea_database_host }}
 NAME = {{ gitea_database_name }}
 USER = {{ gitea_database_user }}
 PASSWD = {{ gitea_database_password}}
 SCHEMA =
 SSL_MODE = disable
 CHARSET = utf8
 PATH = /srv/git/data/gitea.db
 [repository]
 ROOT = /srv/git/gitea-repositories
 [server]
 SSH_DOMAIN = {{ gitea_domain }}
 DOMAIN = {{ gitea_domain }}
 HTTP_PORT = 3000
 ROOT_URL = {{ gitea_url }}
 DISABLE_SSH = false
 SSH_PORT = 22
 LFS_START_SERVER = true
 LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
 OFFLINE_MODE = false
 [lfs]
 LFS_CONTENT_PATH = /srv/git/data/lfs
 [mailer]
 ENABLED = true
 SUBJECT = %(APP_NAME)s
 HOST = {{ gitea_mailer_host }}
 FROM = {{ gitea_mailer_from }}
 USER = {{ gitea_mailer_user }}
 PASSWD = {{ gitea_mailer_password }}
 [service]
 REGISTER_EMAIL_CONFIRM = true
 ENABLE_NOTIFY_MAIL = true
 DISABLE_REGISTRATION = false
 ALLOW_ONLY_EXTERNAL_REGISTRATION = true
 ENABLE_CAPTCHA = false
 REQUIRE_SIGNIN_VIEW = false
 DEFAULT_KEEP_EMAIL_PRIVATE = false
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
 DEFAULT_ENABLE_TIMETRACKING = true
 NO_REPLY_ADDRESS = {{ gitea_no_reply_address }}
 [picture]
 DISABLE_GRAVATAR = false
 ENABLE_FEDERATED_AVATAR = true
 [openid]
 ENABLE_OPENID_SIGNIN = false
 ENABLE_OPENID_SIGNUP = false
 [session]
 PROVIDER = file
 [log]
 MODE = file
 LEVEL = info
 ROOT_PATH = /srv/git/log
 [ui]
 THEMES = {{ gitea_themes }}
 DEFAULT_THEME = arc-green
 ENABLE_RENDER = true
 [actions]
 ENABLED = true
--- a/ansible/gitea/roles/gitea/vars/main.yml
+++ b/ansible/gitea/roles/gitea/vars/main.yml
@ -0,0 +1,18 @@
 ---
 gitea_version: 1.21.8
 gitea_jwt_secret: "{{ lookup('env', 'GITEA_JWT_SECRET') }}"
 gitea_internal_token: "{{ lookup('env', 'GITEA_INTERNAL_TOKEN') }}"
 gitea_secret_key: "{{ lookup('env', 'GITEA_SECRET_KEY') }}"
 gitea_database_host: "{{ lookup('env', 'GITEA_DATABASE_HOST') }}"
 gitea_database_name: "{{ lookup('env', 'GITEA_DATABASE_NAME') }}"
 gitea_database_user: "{{ lookup('env', 'GITEA_DATABASE_USER') }}"
 gitea_database_password: "{{ lookup('env', 'GITEA_DATABASE_PASSWORD') }}"
 gitea_domain: "{{ lookup('env', 'GITEA_DOMAIN', default='git.roboces.dev') }}"
 gitea_url: "{{ lookup('env', 'GITEA_URL', default='https://git.roboces.dev/') }}"
 gitea_lfs_jwt_secret: "{{ lookup('env', 'GITEA_LFS_JWT_SECRET') }}"
 gitea_mailer_host: "{{ lookup('env', 'GITEA_MAILER_HOST', default='mail.fukurokuju.dev:587') }}"
 gitea_mailer_from: "{{ lookup('env', 'GITEA_MAILER_FROM', default='git@fukurokuju.dev') }}"
 gitea_mailer_user: "{{ lookup('env', 'GITEA_MAILER_USER') }}"
 gitea_mailer_password: "{{ lookup('env', 'GITEA_MAILER_PASSWORD') }}"
 gitea_no_reply_address: "{{ lookup('env', 'GITEA_NO_REPLY_ADDRESS', default='git@fukurokuju.dev') }}"
 gitea_themes: gitea,arc-green,gitea-modern,catppuccin-latte-rosewater,catppuccin-latte-flamingo,catppuccin-latte-pink,catppuccin-latte-mauve,catppuccin-latte-red,catppuccin-latte-maroon,catppuccin-latte-peach,catppuccin-latte-yellow,catppuccin-latte-green,catppuccin-latte-teal,catppuccin-latte-sky,catppuccin-latte-sapphire,catppuccin-latte-blue,catppuccin-latte-lavender,catppuccin-frappe-rosewater,catppuccin-frappe-flamingo,catppuccin-frappe-pink,catppuccin-frappe-mauve,catppuccin-frappe-red,catppuccin-frappe-maroon,catppuccin-frappe-peach,catppuccin-frappe-yellow,catppuccin-frappe-green,catppuccin-frappe-teal,catppuccin-frappe-sky,catppuccin-frappe-sapphire,catppuccin-frappe-blue,catppuccin-frappe-lavender,catppuccin-macchiato-rosewater,catppuccin-macchiato-flamingo,catppuccin-macchiato-pink,catppuccin-macchiato-mauve,catppuccin-macchiato-red,catppuccin-macchiato-maroon,catppuccin-macchiato-peach,catppuccin-macchiato-yellow,catppuccin-macchiato-green,catppuccin-macchiato-teal,catppuccin-macchiato-sky,catppuccin-macchiato-sapphire,catppuccin-macchiato-blue,catppuccin-macchiato-lavender,catppuccin-mocha-rosewater,catppuccin-mocha-flamingo,catppuccin-mocha-pink,catppuccin-mocha-mauve,catppuccin-mocha-red,catppuccin-mocha-maroon,catppuccin-mocha-peach,catppuccin-mocha-yellow,catppuccin-mocha-green,catppuccin-mocha-teal,catppuccin-mocha-sky,catppuccin-mocha-sapphire,catppuccin-mocha-blue,catppuccin-mocha-lavender
--- a/ansible/gitea/sample.env
+++ b/ansible/gitea/sample.env
@ -0,0 +1,15 @@
 GITEA_JWT_SECRET=
 GITEA_INTERNAL_TOKEN=
 GITEA_SECRET_KEY=
 GITEA_DATABASE_HOST=
 GITEA_DATABASE_NAME=
 GITEA_DATABASE_USER=
 GITEA_DATABASE_PASSWORD=
 GITEA_DOMAIN=git.roboces.dev
 GITEA_URL=https://git.roboces.dev/
 GITEA_LFS_JWT_SECRET=
 GITEA_MAILER_HOST=mail.fukurokuju.dev:587
 GITEA_MAILER_FROM=git@fukurokuju.dev
 GITEA_MAILER_USER=
 GITEA_MAILER_PASSWORD=
 GITEA_NO_REPLY_ADDRESS=git@fukurokuju.dev
--- a/ansible/inventory
+++ b/ansible/inventory
@ -18,3 +18,9 @@ ansible_user=ci
 [k3s_agents:vars]
 ansible_user=ci
 [giteas]
 gitea.fuku
 [giteas:vars]
 ansible_user=root