From 18b9813cc1f1234340d003cc91e015bf01a8aeda Mon Sep 17 00:00:00 2001 From: Gnieark Date: Tue, 30 Jul 2019 14:20:50 +0200 Subject: [PATCH] First --- defaults/README.md | 5 +++ defaults/main.yml | 45 +++++++++++++++++++++++ handlers/main.yml | 11 ++++++ tasks/main.yml | 72 +++++++++++++++++++++++++++++++++++++ templates/gitea.ini | 79 +++++++++++++++++++++++++++++++++++++++++ templates/gitea.service | 12 +++++++ 6 files changed, 224 insertions(+) create mode 100644 defaults/README.md create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 tasks/main.yml create mode 100644 templates/gitea.ini create mode 100644 templates/gitea.service diff --git a/defaults/README.md b/defaults/README.md new file mode 100644 index 0000000..bc6d00a --- /dev/null +++ b/defaults/README.md @@ -0,0 +1,5 @@ +# Ansible rĂ´le: Gitea + +Gitea front (no reverse proxy) with embeded let's Encrypt acme use. + +In our case, we uses Gitea with a mariadb database witch isn't on the same server. This role doesnot install mariadb. \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..0c41a82 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,45 @@ +--- +#mac 02:00:00:19:bb:b5 + +gitea_dl_url: https://dl.gitea.io/gitea +gitea_version: "1.9" +gitea_arch: amd64 +gitea_home: /home/git + +#Over All +gitea_APP_NAME: "Gitea" +gitea_RUN_USER: "git" + +#Database + +database_DB_TYPE: mysql +database_HOST: 192.168.x.x:3306 +database_NAME: gitea +database_USER: gitea +database_PASSWD: xxxxxxxx +database_SSL_MODE: disable +database_CHARSET: utf8 +database_PATH: /usr/local/bin/data/gitea.db + +#server + +server_SSH_DOMAIN: mygitserver.com +server_DOMAIN: mygitserver.com +server_HTTP_PORT: 443 +server_ROOT_URL: https://mygitserver.com/ +server_DISABLE_SSH: false +server_SSH_PORT: 2222 +server_START_SSH_SERVER: true +server_LFS_START_SERVER: false +server_OFFLINE_MODE: false +server_LETSENCRYPT_EMAIL: mymail@mail.fr + +#mailer +mailer_ENABLED: true +mailer_HOST: smtp.server.com:587 +mailer_USER: mymail +mailer_PASSWD: xxxxxxxxxx +mailer_FROM: mymail@mail.fr + +#service +service_NO_REPLY_ADDRESS: noreply@mail.fr diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..c6aa6bb --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,11 @@ +--- +- name: "Restart gitea" + service: + name: gitea + state: restarted + when: ansible_service_mgr == "systemd" + +- name: "Reload systemd" + systemd: + daemon_reload: true + when: ansible_service_mgr == "systemd" \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..c9f0f4e --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,72 @@ +--- + +- name: install git package + apt: + name: ['git'] + state: latest + +- name: "Create Gitea user" + user: + name: git + comment: "Gitea user" + home: "/home/git" + shell: "/bin/false" + +- name: "Create config and data directory" + file: + path: "{{ item }}" + state: directory + owner: git + with_items: + - "/home/git" + - "/home/git/data" + - "/var/log/gitea" + - "/home/git/custom" + - "/home/git/custom/conf" + - "/home/git/custom/https" + - "/home/git/custom/mailer" + - "/home/git/indexers" + +- name: "Check gitea version" + shell: "set -eo pipefail; /home/git/gitea -v | cut -d' ' -f 3" + register: gitea_active_version + changed_when: false + failed_when: false + +- name: "Download the binary" + get_url: + url: "{{ gitea_dl_url }}/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_arch }}" + dest: /home/git/gitea + owner: root + group: root + mode: 0755 + force: true + #notify: "Restart gitea" + when: gitea_active_version.stdout != gitea_version + +- name: "Give gitea binary capability to bind all ports" + capabilities: + path: /home/git/gitea + capability: cap_net_bind_service=+ep + state: present + +- name: "Configure gitea" + template: + src: gitea.ini + dest: /home/git/custom/conf/app.ini + owner: git + mode: 0600 + notify: "Restart gitea" + +- name: "Setup systemd service" + template: + src: gitea.service + dest: /lib/systemd/system/gitea.service + owner: root + group: root + mode: 0644 + notify: + - "Reload systemd" + - "Restart gitea" + + diff --git a/templates/gitea.ini b/templates/gitea.ini new file mode 100644 index 0000000..6f22a2a --- /dev/null +++ b/templates/gitea.ini @@ -0,0 +1,79 @@ +APP_NAME: {{ gitea_APP_NAME }} +RUN_USER: {{ gitea_RUN_USER }} +RUN_MODE: prod + + +[database] +DB_TYPE = {{ database_DB_TYPE }} +HOST = {{ database_HOST }} +NAME = {{ database_NAME }} +USER = {{ database_USER }} +PASSWD = {{ database_PASSWD }} +SSL_MODE = {{ database_SSL_MODE }} +CHARSET = {{ database_CHARSET }} +PATH = {{ database_PATH }} + +[repository] +ROOT = {{ gitea_home }}/data + +[server] +SSH_DOMAIN = {{ server_SSH_DOMAIN }} +DOMAIN = {{ server_DOMAIN }} +HTTP_PORT = {{ server_HTTP_PORT }} +PROTOCOL=https +DOMAIN={{ server_DOMAIN }} +ENABLE_LETSENCRYPT=true +LETSENCRYPT_ACCEPTTOS=true +LETSENCRYPT_DIRECTORY=https +LETSENCRYPT_EMAIL={{server_LETSENCRYPT_EMAIL}} + + +ROOT_URL = {{ server_ROOT_URL }} +DISABLE_SSH = {{ server_DISABLE_SSH }} +START_SSH_SERVER = {{ server_START_SSH_SERVER }} +SSH_PORT = {{ server_SSH_PORT }} +LFS_START_SERVER = {{ server_LFS_START_SERVER }} +OFFLINE_MODE = {{ server_OFFLINE_MODE }} + +[mailer] +ENABLED = {{ mailer_ENABLED }} +HOST = {{ mailer_HOST }} +USER = {{ mailer_USER }} +PASSWD = {{ mailer_PASSWD }} +FROM = {{ mailer_FROM }} + +[service] +REGISTER_EMAIL_CONFIRM = false +ENABLE_NOTIFY_MAIL = false +DISABLE_REGISTRATION = false +ALLOW_ONLY_EXTERNAL_REGISTRATION = false +ENABLE_CAPTCHA = false +REQUIRE_SIGNIN_VIEW = false +DEFAULT_KEEP_EMAIL_PRIVATE = false +DEFAULT_ALLOW_CREATE_ORGANIZATION = true +DEFAULT_ENABLE_TIMETRACKING = true +NO_REPLY_ADDRESS = {{ service_NO_REPLY_ADDRESS }} + +[picture] +DISABLE_GRAVATAR = false +ENABLE_FEDERATED_AVATAR = true + +[openid] +ENABLE_OPENID_SIGNIN = true +ENABLE_OPENID_SIGNUP = true + +[session] +PROVIDER = file + +[log] +MODE = file +LEVEL = info +ROOT_PATH = /var/log/gitea + +[oauth2] +JWT_SECRET = 1bBwvwFreUqcVSvPPO7UZ_4ovAGtQI_kIq070ua4Mms + +[security] +INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NjQ0ODU2NTZ9.D5YYxvLXAerBlfq5JKXHLBhhnI4N5KBKW2Mae2EJJb0 +INSTALL_LOCK = true +SECRET_KEY = xdD1yrkDWNq6LNqTx3bfa3kWOLv8Ew0HOCDzb2QfsJLVpsrcOoPjCA7G9bhTUsVv diff --git a/templates/gitea.service b/templates/gitea.service new file mode 100644 index 0000000..e280b2f --- /dev/null +++ b/templates/gitea.service @@ -0,0 +1,12 @@ +[Unit] +Description=Gitea git server +After=network.target + +[Service] +User=git +ExecStart=/home/git/gitea web +Restart=on-failure +WorkingDirectory=/home/git + +[Install] +WantedBy=multi-user.target \ No newline at end of file