You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
168 lines
5.5 KiB
168 lines
5.5 KiB
---
|
|
- name: Check if required variables are defined
|
|
ansible.builtin.fail:
|
|
msg: "{{ item }} is not defined or empty"
|
|
when: |
|
|
(vars[item] is undefined)
|
|
or (vars[item] is none)
|
|
or (vars[item] | trim | length == 0)
|
|
with_items:
|
|
- gitea_admin_user
|
|
- gitea_admin_password
|
|
- gitea_admin_email
|
|
- gitea_binary_version
|
|
- gitea_binary_url
|
|
- gitea_binary_checksum
|
|
- gitea_domain_name
|
|
- gitea_binary_ca_cert_path
|
|
- gitea_binary_cert_path
|
|
- gitea_binary_cert_key_path
|
|
- gitea_binary_cert_chain_path
|
|
|
|
- name: Add Gitea domain name to /etc/hosts
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/hosts
|
|
regexp: ".*?\\s{{ gitea_domain_name }}"
|
|
line: "127.0.0.1 {{ gitea_domain_name }}"
|
|
state: present
|
|
|
|
- name: Install git
|
|
ansible.builtin.dnf:
|
|
name: git-core
|
|
state: installed
|
|
|
|
- name: Download Gitea binary
|
|
ansible.builtin.get_url:
|
|
url: "{{ gitea_binary_url }}"
|
|
dest: /usr/local/bin/gitea
|
|
checksum: "sha256:{{ gitea_binary_checksum }}"
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Create Gitea system group
|
|
ansible.builtin.group:
|
|
name: "{{ gitea_binary_system_group }}"
|
|
system: true
|
|
state: present
|
|
|
|
- name: Create Gitea system user
|
|
ansible.builtin.user:
|
|
name: "{{ gitea_binary_system_user }}"
|
|
group: "{{ gitea_binary_system_group }}"
|
|
shell: /bin/bash
|
|
home: "/home/{{ gitea_binary_system_user }}"
|
|
system: true
|
|
comment: 'Git Version Control'
|
|
|
|
- name: Create Gitea working directories
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ gitea_binary_system_user }}"
|
|
group: "{{ gitea_binary_system_group }}"
|
|
mode: '0750'
|
|
with_items:
|
|
- /var/lib/gitea
|
|
- /var/lib/gitea/custom
|
|
- /var/lib/gitea/data
|
|
- /var/lib/gitea/log
|
|
|
|
- name: Create Gitea configuration directory
|
|
ansible.builtin.file:
|
|
path: /etc/gitea
|
|
state: directory
|
|
owner: root
|
|
group: "{{ gitea_binary_system_group }}"
|
|
mode: '0770'
|
|
|
|
- name: Generate Gitea configuration file
|
|
community.general.ini_file:
|
|
path: /etc/gitea/app.ini
|
|
option: "{{ item.key }}"
|
|
section: "{{ item.section | default(none) }}"
|
|
value: "{{ item.value }}"
|
|
owner: "{{ gitea_binary_system_user }}"
|
|
group: "{{ gitea_binary_system_group }}"
|
|
mode: '0600'
|
|
with_items:
|
|
# default section
|
|
- { key: 'APP_NAME', value: "{{ gitea_app_name }}" }
|
|
- { key: 'RUN_USER', value: "{{ gitea_binary_system_user }}" }
|
|
- { key: 'WORK_PATH', value: '/var/lib/gitea' }
|
|
- { key: 'RUN_MODE', value: 'prod' }
|
|
# database section
|
|
- { key: 'DB_TYPE', value: 'postgres', section: 'database' }
|
|
- { key: 'HOST', value: '127.0.0.1:5432', section: 'database' }
|
|
- { key: 'NAME', value: "{{ gitea_db_name }}", section: 'database' }
|
|
- { key: 'USER', value: "{{ gitea_db_user }}", section: 'database' }
|
|
- { key: 'PASSWD', value: "{{ gitea_db_password }}", section: 'database' }
|
|
- { key: 'SCHEMA', value: '', section: 'database' }
|
|
- { key: 'SSL_MODE', value: 'disable', section: 'database' }
|
|
#- { key: 'PATH', value: '/var/lib/gitea/data/gitea.db', section: 'database'}
|
|
- { key: 'LOG_SQL', value: 'false', section: 'database' }
|
|
# repository section
|
|
- { key: 'ROOT', value: '/var/lib/gitea/data/gitea-repositories', section: 'repository' }
|
|
# server section
|
|
- { key: 'SSH_DOMAIN', value: "{{ gitea_domain_name }}", section: 'server' }
|
|
- { key: 'DOMAIN', value: "{{ gitea_domain_name }}", section: 'server' }
|
|
- { key: 'HTTP_PORT', value: '3000', section: 'server' }
|
|
- { key: 'ROOT_URL', value: "http://{{ gitea_domain_name }}/", section: 'server' }
|
|
- { key: 'APP_DATA_PATH', value: '/var/lib/gitea/data', section: 'server' }
|
|
- { key: 'DISABLE_SSH', value: 'false', section: 'server' }
|
|
- { key: 'SSH_PORT', value: '22', section: 'server' }
|
|
- { key: 'LFS_START_SERVER', value: 'true', section: 'server' }
|
|
- { key: 'OFFLINE_MODE', value: 'false', section: 'server' }
|
|
# security section
|
|
- { key: 'INSTALL_LOCK', value: 'true', section: 'security' }
|
|
notify:
|
|
- restart gitea
|
|
|
|
- name: Generate Gitea systemd service
|
|
ansible.builtin.template:
|
|
src: gitea.service.j2
|
|
dest: /etc/systemd/system/gitea.service
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Generate Gitea httpd virtual host config
|
|
ansible.builtin.template:
|
|
src: httpd-vhost.conf.j2
|
|
dest: /etc/httpd/conf.d/{{ gitea_domain_name }}.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: restart httpd
|
|
|
|
- name: Enable and start Gitea systemd service
|
|
ansible.builtin.systemd_service:
|
|
name: gitea
|
|
daemon_reload: true
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: Wait for Gitea service up
|
|
ansible.builtin.uri:
|
|
url: "http://127.0.0.1:3000/"
|
|
method: GET
|
|
register: result
|
|
until: result.status == 200
|
|
retries: 30
|
|
delay: 2
|
|
|
|
- name: Check if Gitea administrator user exists
|
|
ansible.builtin.shell:
|
|
cmd: "/usr/local/bin/gitea -c /etc/gitea/app.ini admin user list --admin | tail -n +2 | grep '{{ gitea_admin_user }}'"
|
|
become: true
|
|
become_user: "{{ gitea_binary_system_user }}"
|
|
register: gitea_admin_list
|
|
changed_when: gitea_admin_list.rc != 0
|
|
failed_when: gitea_admin_list.rc not in [0, 1]
|
|
|
|
- name: Create Gitea administrator user
|
|
ansible.builtin.command: "/usr/local/bin/gitea -c /etc/gitea/app.ini admin user create --admin --username '{{ gitea_admin_user }}' --password '{{ gitea_admin_password }}' --email '{{ gitea_admin_email }}' --must-change-password=false"
|
|
become: true
|
|
become_user: "{{ gitea_binary_system_user }}"
|
|
when: gitea_admin_list.rc != 0
|