generated from sebclem/ansible-role-template
Init
This commit is contained in:
parent
6b17777336
commit
af1b1c1e7b
@ -1,2 +1,15 @@
|
||||
---
|
||||
# defaults file for ${REPO_NAME_TITLE}
|
||||
|
||||
gitea_version: 1.19.1
|
||||
gitea_app_name: Gitea
|
||||
gitea_run_mode: prod
|
||||
gitea_run_user: git
|
||||
|
||||
gitea_config:
|
||||
server: "{{ gitea_config_server }}"
|
||||
|
||||
gitea_config_server:
|
||||
DOMAIN: exemple.com
|
||||
SSH_DOMAIN: ssh.exemple.com
|
||||
ROOT_URL: https://exemple.com
|
||||
|
@ -1,2 +1,51 @@
|
||||
---
|
||||
# tasks file for Ansible-Gitea-Role
|
||||
|
||||
- name: Ensure deps are installed
|
||||
ansible.builtin.apt:
|
||||
name: "{{ gitea_deps }}"
|
||||
|
||||
- name: Download gitea binary
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ gitea_dl_url }}"
|
||||
dest: /usr/local/bin/gitea
|
||||
mode: 755
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Create git user
|
||||
ansible.builtin.user:
|
||||
name: "{{ gitea_run_user }}"
|
||||
system: true
|
||||
shell: /bin/bash
|
||||
home: /home/"{{ gitea_run_user }}"
|
||||
create_home: true
|
||||
|
||||
- name: Create Gitea folders
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
mode: "{{ item.mode }}"
|
||||
owner: "{{ item.user }}"
|
||||
group: "{{ item.group }}"
|
||||
recurse: true
|
||||
loop: "{{ gitea_init_folders }}"
|
||||
|
||||
- name: Update Gitea config
|
||||
ansible.builtin.template:
|
||||
src: app.ini.j2
|
||||
dest: /etc/gitea/app.ini
|
||||
mode: "640"
|
||||
owner: root
|
||||
group: "{{ gitea_run_user }}"
|
||||
|
||||
- name: Add service file
|
||||
ansible.builtin.template:
|
||||
src: gitea.service.j2
|
||||
dest: /etc/systemd/system/gitea.service
|
||||
mode: "644"
|
||||
|
||||
- name: Enable and start Gitea service
|
||||
ansible.builtin.systemd:
|
||||
name: gitea
|
||||
daemon_reload: true
|
||||
state: started
|
||||
|
15
templates/app.ini.j2
Normal file
15
templates/app.ini.j2
Normal file
@ -0,0 +1,15 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
APP_NAME = {{ gitea_app_name }}
|
||||
RUN_MODE = {{ gitea_run_mode }}
|
||||
RUN_USER = {{ gitea_run_user }}
|
||||
|
||||
{% for section in config %}
|
||||
{% if section == "" %}
|
||||
[{{ section }}]
|
||||
{% for entry, value in config[section].items() %}
|
||||
{{ entry }} = {{ value }}
|
||||
{% endfor %}
|
||||
|
||||
|
||||
{% endfor %}
|
43
templates/gitea.service.j2
Normal file
43
templates/gitea.service.j2
Normal file
@ -0,0 +1,43 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
|
||||
# LimitNOFILE=524288:524288
|
||||
RestartSec=2s
|
||||
Type=simple
|
||||
User={{ gitea_run_user }}
|
||||
Group={{ gitea_run_user }}
|
||||
WorkingDirectory=/var/lib/gitea/
|
||||
# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
|
||||
# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
|
||||
#RuntimeDirectory=gitea
|
||||
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
|
||||
Restart=always
|
||||
Environment=USER={{ gitea_run_user }} HOME=/home/{{ gitea_run_user }} GITEA_WORK_DIR=/var/lib/gitea
|
||||
# If you install Git to directory prefix other than default PATH (which happens
|
||||
# for example if you install other versions of Git side-to-side with
|
||||
# distribution version), uncomment below line and add that prefix to PATH
|
||||
# Don't forget to place git-lfs binary on the PATH below if you want to enable
|
||||
# Git LFS support
|
||||
#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
|
||||
# If you want to bind Gitea to a port below 1024, uncomment
|
||||
# the two values below, or use socket activation to pass Gitea its ports as above
|
||||
###
|
||||
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||
#AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
###
|
||||
# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
|
||||
# set the following value to false to allow capabilities to be applied on gitea process. The following
|
||||
# value if set to true sandboxes gitea service and prevent any processes from running with privileges
|
||||
# in the host user namespace.
|
||||
###
|
||||
#PrivateUsers=false
|
||||
###
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -1,2 +1,27 @@
|
||||
---
|
||||
# vars file for Ansible-Gitea-Role
|
||||
|
||||
gitea_dl_url_root: https://dl.gitea.com/gitea
|
||||
gitea_dl_filename: "gitea-{{ gitea_version }}-linux-amd64"
|
||||
gitea_dl_url: "{{ gitea_dl_url_root }}/{{ gitea_version }}/{{ gitea_dl_filename }}"
|
||||
|
||||
gitea_deps:
|
||||
- git
|
||||
|
||||
gitea_init_folders:
|
||||
- path: /var/lib/gitea/custom
|
||||
mode: 750
|
||||
user: "{{ gitea_run_user }}"
|
||||
group: "{{ gitea_run_user }}"
|
||||
- path: /var/lib/gitea/data
|
||||
mode: 750
|
||||
user: "{{ gitea_run_user }}"
|
||||
group: "{{ gitea_run_user }}"
|
||||
- path: /var/lib/gitea/log
|
||||
mode: 750
|
||||
user: "{{ gitea_run_user }}"
|
||||
group: "{{ gitea_run_user }}"
|
||||
- path: /etc/gitea
|
||||
mode: 750
|
||||
user: root
|
||||
group: "{{ gitea_run_user }}"
|
||||
|
Loading…
Reference in New Issue
Block a user