msvsphere
/
ansible-msvsphere.ci
12
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ansible-msvsphere.ci/roles/gitea_binary/tasks/main.yml

168 lines
5.5 KiB
Raw Permalink Normal View History Unescape

Adds Gitea installation and Koji builders support
9 months ago
---
- name: Check if required variables are defined
ansible.builtin.fail:
msg: "{{ item }} is not defined or empty"
when: |
(vars[item] is undefined)
or (vars[item] is none)
or (vars[item] | trim | length == 0)
with_items:
- gitea_admin_user
- gitea_admin_password
- gitea_admin_email
- gitea_binary_version
- gitea_binary_url
- gitea_binary_checksum
- gitea_domain_name
- gitea_binary_ca_cert_path
- gitea_binary_cert_path
- gitea_binary_cert_key_path
- gitea_binary_cert_chain_path
- name: Add Gitea domain name to /etc/hosts
ansible.builtin.lineinfile:
dest: /etc/hosts
regexp: ".*?\\s{{ gitea_domain_name }}"
line: "127.0.0.1 {{ gitea_domain_name }}"
state: present
- name: Install git
ansible.builtin.dnf:
name: git-core
state: installed
- name: Download Gitea binary
ansible.builtin.get_url:
url: "{{ gitea_binary_url }}"
dest: /usr/local/bin/gitea
checksum: "sha256:{{ gitea_binary_checksum }}"
owner: root
group: root
mode: '0755'
- name: Create Gitea system group
ansible.builtin.group:
name: "{{ gitea_binary_system_group }}"
system: true
state: present
- name: Create Gitea system user
ansible.builtin.user:
name: "{{ gitea_binary_system_user }}"
group: "{{ gitea_binary_system_group }}"
shell: /bin/bash
home: "/home/{{ gitea_binary_system_user }}"
system: true
comment: 'Git Version Control'
- name: Create Gitea working directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ gitea_binary_system_user }}"
group: "{{ gitea_binary_system_group }}"
mode: '0750'
with_items:
- /var/lib/gitea
- /var/lib/gitea/custom
- /var/lib/gitea/data
- /var/lib/gitea/log
- name: Create Gitea configuration directory
ansible.builtin.file:
path: /etc/gitea
state: directory
owner: root
group: "{{ gitea_binary_system_group }}"
mode: '0770'
- name: Generate Gitea configuration file
community.general.ini_file:
path: /etc/gitea/app.ini
option: "{{ item.key }}"
section: "{{ item.section | default(none) }}"
value: "{{ item.value }}"
owner: "{{ gitea_binary_system_user }}"
group: "{{ gitea_binary_system_group }}"
mode: '0600'
with_items:
# default section
- { key: 'APP_NAME', value: "{{ gitea_app_name }}" }
- { key: 'RUN_USER', value: "{{ gitea_binary_system_user }}" }
- { key: 'WORK_PATH', value: '/var/lib/gitea' }
- { key: 'RUN_MODE', value: 'prod' }
# database section
- { key: 'DB_TYPE', value: 'postgres', section: 'database' }
- { key: 'HOST', value: '127.0.0.1:5432', section: 'database' }
- { key: 'NAME', value: "{{ gitea_db_name }}", section: 'database' }
- { key: 'USER', value: "{{ gitea_db_user }}", section: 'database' }
- { key: 'PASSWD', value: "{{ gitea_db_password }}", section: 'database' }
- { key: 'SCHEMA', value: '', section: 'database' }
- { key: 'SSL_MODE', value: 'disable', section: 'database' }
#- { key: 'PATH', value: '/var/lib/gitea/data/gitea.db', section: 'database'}
- { key: 'LOG_SQL', value: 'false', section: 'database' }
# repository section
- { key: 'ROOT', value: '/var/lib/gitea/data/gitea-repositories', section: 'repository' }
# server section
- { key: 'SSH_DOMAIN', value: "{{ gitea_domain_name }}", section: 'server' }
- { key: 'DOMAIN', value: "{{ gitea_domain_name }}", section: 'server' }
- { key: 'HTTP_PORT', value: '3000', section: 'server' }
- { key: 'ROOT_URL', value: "http://{{ gitea_domain_name }}/", section: 'server' }
- { key: 'APP_DATA_PATH', value: '/var/lib/gitea/data', section: 'server' }
- { key: 'DISABLE_SSH', value: 'false', section: 'server' }
- { key: 'SSH_PORT', value: '22', section: 'server' }
- { key: 'LFS_START_SERVER', value: 'true', section: 'server' }
- { key: 'OFFLINE_MODE', value: 'false', section: 'server' }
# security section
- { key: 'INSTALL_LOCK', value: 'true', section: 'security' }
notify:
- restart gitea
- name: Generate Gitea systemd service
ansible.builtin.template:
src: gitea.service.j2
dest: /etc/systemd/system/gitea.service
owner: root
group: root
mode: '0644'
- name: Generate Gitea httpd virtual host config
ansible.builtin.template:
src: httpd-vhost.conf.j2
dest: /etc/httpd/conf.d/{{ gitea_domain_name }}.conf
owner: root
group: root
mode: '0644'
notify: restart httpd
- name: Enable and start Gitea systemd service
ansible.builtin.systemd_service:
name: gitea
daemon_reload: true
enabled: true
state: started
- name: Wait for Gitea service up
ansible.builtin.uri:
url: "http://127.0.0.1:3000/"
method: GET
register: result
until: result.status == 200
retries: 30
delay: 2
- name: Check if Gitea administrator user exists
ansible.builtin.shell:
cmd: "/usr/local/bin/gitea -c /etc/gitea/app.ini admin user list --admin | tail -n +2 | grep '{{ gitea_admin_user }}'"
become: true
become_user: "{{ gitea_binary_system_user }}"
register: gitea_admin_list
changed_when: gitea_admin_list.rc != 0
failed_when: gitea_admin_list.rc not in [0, 1]
- name: Create Gitea administrator user
ansible.builtin.command: "/usr/local/bin/gitea -c /etc/gitea/app.ini admin user create --admin --username '{{ gitea_admin_user }}' --password '{{ gitea_admin_password }}' --email '{{ gitea_admin_email }}' --must-change-password=false"
become: true
become_user: "{{ gitea_binary_system_user }}"
when: gitea_admin_list.rc != 0