--- # # https://gitea.io # # We use the server ssh daemon, and nginx in front of the service by default. # So we do not start in http mode and we do not use the embedded letsencrypt support # gitea_version: 1.21.11 gitea_download_url: 'https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64' gitea_force_binary_download: False gitea_bin_path: /usr/local/bin/gitea gitea_conf_dir: /etc/gitea gitea_data_dir: /var/lib/gitea gitea_data_subdirs: - custom - data - log gitea_log_dir: /var/log/gitea gitea_socket_dir: /run/gitea gitea_repository_data: '{{ gitea_data_dir }}/repositories' gitea_max_repository_per_user: 200 gitea_server_protocol: "http+unix" gitea_hostname: '{{ ansible_fqdn }}' gitea_http_addr: '{{ gitea_socket_dir }}/gitea.sock' gitea_http_port: 3000 gitea_root_url: https://{{ gitea_hostname }} # home, explore gitea_landing_page: explore gitea_create_service_user: True gitea_user: gitea gitea_group: '{{ gitea_user }}' gitea_run_mode: prod gitea_limit_nofile: 16384 gitea_limit_nofile_soft: 4096 gitea_db: postgres gitea_local_postgresql: True gitea_local_mysql: False gitea_local_mariadb: False gitea_nginx_frontend: True gitea_local_redis: True gitea_local_memcache: True gitea_start_lfs: 'true' gitea_lfs_content_path: '{{ gitea_data_dir }}/data/lfs' #gitea_lfs_jwt_secret: put it into a vault file gitea_lfs_http_auth_expiry: 20m gitea_lfs_configuration: - { section: 'server', option: 'LFS_START_SERVER', value: '{{ gitea_start_lfs }}', state: 'present' } - { section: 'server', option: 'LFS_HTTP_AUTH_EXPIRY', value: '{{ gitea_lfs_http_auth_expiry }}', state: 'present' } - { section: 'server', option: 'LFS_CONTENT_PATH', value: '{{ gitea_lfs_content_path }}', state: 'absent' } - { section: 'lfs', option: 'PATH', value: '{{ gitea_lfs_content_path }}', state: 'present' } gitea_required_packages: - git gitea_db_name: gitea gitea_db_user: gitea_u #gitea_db_pwd: put it into a vault file gitea_db_host: "localhost" gitea_db_port: 5432 gitea_db_ssl_mode: 'disable' gitea_app_name: "Gitea git server" gitea_disable_registration: 'false' gitea_install_lock: 'false' gitea_mailer_enabled: False gitea_mail_from: gitea@localhost gitea_mailer_type: sendmail gitea_sendmail_path: /usr/sbin/sendmail gitea_cache_provider: memcache gitea_cache_host: '127.0.0.1:11211' gitea_session_provider: redis gitea_session_config: 'network=tcp,addr=127.0.0.1:6379,db=0,pool_size=100,idle_timeout=180' gitea_require_signin_view: 'false' gitea_users_page_enabled: 'false' gitea_install_viewer_addons: True gitea_py3_env_dpkg: - jupyter - asciidoctor - pandoc - python3-matplotlib - python3-pandas - python3-geopandas gitea_renderers_global_conf: - { section: 'markdown', option: 'CUSTOM_URL_SCHEMES', value: 'data', state: 'present' } gitea_markup_asciidoc_enabled: 'true' gitea_markup_asciidoc_conf: - { section: 'markup.asciidoc', option: 'ENABLED', value: '{{ gitea_markup_asciidoc_enabled }}', state: 'present' } - { section: 'markup.asciidoc', option: 'FILE_EXTENSIONS', value: '.adoc,.asciidoc', state: 'present' } - { section: 'markup.asciidoc', option: 'RENDER_COMMAND', value: '"asciidoctor -s -a showtitle --out-file=- -"', state: 'present' } - { section: 'markup.asciidoc', option: 'IS_INPUT_FILE', value: 'false', state: 'present' } gitea_markup_jupyter_enabled: 'true' gitea_markup_jupyter_conf: - { section: 'markup.jupyter', option: 'ENABLED', value: '{{ gitea_markup_jupyter_enabled }}', state: 'present' } - { section: 'markup.jupyter', option: 'FILE_EXTENSIONS', value: '.ipynb', state: 'present' } - { section: 'markup.jupyter', option: 'RENDER_COMMAND', value: '"jupyter nbconvert --stdout --to html --template basic"', state: 'present' } - { section: 'markup.jupyter', option: 'IS_INPUT_FILE', value: 'true', state: 'present' } - { section: 'markup.sanitizer.jupyter.rule1', option: 'ALLOW_ATTR', value: 'class', state: 'present' } - { section: 'markup.sanitizer.jupyter.rule1', option: 'ELEMENT', value: 'div', state: 'present' } - { section: 'markup.sanitizer.jupyter.rule1', option: 'REGEXP', value: '', state: 'present' } gitea_markup_docx_enabled: 'true' gitea_markup_docx_conf: - { section: 'markup.docx', option: 'ENABLED', value: '{{ gitea_markup_docx_enabled }}', state: 'present' } - { section: 'markup.docx', option: 'FILE_EXTENSIONS', value: '.docx', state: 'present' } - { section: 'markup.docx', option: 'RENDER_COMMAND', value: '"pandoc --from docx --to html --self-contained --template {{ gitea_data_dir }}/custom/templates/docx-basic.html"', state: 'present' } - { section: 'markup.sanitizer.docx', option: 'ALLOW_DATA_URI_IMAGES', value: 'true', state: 'present' } gitea_markup_restructuredtext_enabled: 'true' gitea_markup_restructuredtext_conf: - { section: 'markup.restructuredtext', option: 'ENABLED', value: '{{ gitea_markup_restructuredtext_enabled }}', state: 'present' } - { section: 'markup.restructuredtext', option: 'FILE_EXTENSIONS', value: '.rst', state: 'present' } - { section: 'markup.restructuredtext', option: 'RENDER_COMMAND', value: '"timeout 30s pandoc +RTS -M512M -RTS -f rst"', state: 'present' } - { section: 'markup.restructuredtext', option: 'IS_INPUT_FILE', value: 'false', state: 'present' } gitea_markup_sanitizer_tex_enabled: 'true' gitea_markup_sanitizer_tex_conf: - { section: 'markup.sanitizer.TeX', option: 'ENABLED', value: '{{ gitea_markup_sanitizer_tex_enabled }}', state: 'present' } - { section: 'markup.sanitizer.TeX', option: 'ELEMENT', value: 'span', state: 'present' } - { section: 'markup.sanitizer.TeX', option: 'ALLOW_ATTR', value: 'class', state: 'present' } - { section: 'markup.sanitizer.TeX', option: 'REGEXP', value: '^\s*((math(\s+|$)|inline(\s+|$)|display(\s+|$)))+', state: 'present' } gitea_markup_markdown_enabled: 'true' gitea_markup_markdown_conf: - { section: 'markup.markdown', option: 'ENABLED', value: '{{ gitea_markup_markdown_enabled }}', state: 'present' } - { section: 'markup.markdown', option: 'FILE_EXTENSIONS', value: '.md,.markdown', state: 'present' } - { section: 'markup.markdown', option: 'RENDER_COMMAND', value: 'pandoc -f markdown -t html --katex', state: 'present' } gitea_prometheus_metrics: 'false' #gitea_prometheus_bearer_token: put it into a vault file gitea_prometheus_bearer_token: '' gitea_prometheus_conf: - { section: 'metrics', option: 'ENABLED', value: '{{ gitea_prometheus_metrics }}', state: 'present' } - { section: 'metrics', option: 'TOKEN', value: '{{ gitea_prometheus_bearer_token }}', state: 'present' } gitea_log_level: Info gitea_app_configurations: - { section: 'log', option: 'ROOT_PATH', value: '{{ gitea_log_dir }}', state: 'present' } - { section: 'log', option: 'COLORIZE', value: 'false', state: 'present' } - { section: 'log', option: 'LEVEL', value: '{{ gitea_log_level }}', state: 'present' } - { section: 'log', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/gitea.log', state: 'present' } - { section: 'log', option: 'ENABLE_XORM_LOG', value: 'true', state: 'absent' } - { section: 'log', option: 'ENABLE_ACCESS_LOG', value: 'true', state: 'absent' } - { section: 'log.sublogger.router', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/router.log', state: 'present' } - { section: 'log.sublogger.access', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/access.log', state: 'present' } - { section: 'log.sublogger.xorm', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/xorm.log', state: 'present' } - { section: 'database', option: 'LOG_SQL', value: 'false', state: 'present' } - { section: 'security', option: 'CSRF_COOKIE_HTTP_ONLY', value: 'true', state: 'present'} - { section: 'session', option: 'SAME_SITE', value: 'lax', state: 'present'} - { section: 'session', option: 'COOKIE_SECURE', value: 'false', state: 'present'} # - { section: 'mailer', option: 'ENABLED', value: 'true', state: 'present' } # - { section: 'mailer', option: 'FROM', value: '{{ gitea_mail_from }}', state: 'present' } # - { section: 'mailer', option: 'MAILER_PROTOCOL', value: '{{ gitea_mailer_type }}', state: 'present' } # - { section: 'mailer', option: 'SENDMAIL_PATH', value: '{{ gitea_sendmail_path }}', state: 'present' } # - { section: 'metrics', option: 'ENABLED', value: 'true', state: 'present' } # - { section: 'metrics', option: 'TOKEN', value: '{{ gitea_prometheus_bearer_token }}', state: 'present' } gitea_enable_repository_archives_cron_jobs: true gitea_delete_repo_archives_frequency: "@weekly" gitea_rep_archives_configuration: - { section: 'cron.archive_cleanup', option: 'ENABLED', value: 'true', state: 'present' } - { section: 'cron.archive_cleanup', option: 'RUN_AT_START', value: 'false', state: 'present' } - { section: 'cron.archive_cleanup', option: 'NOTICE_ON_SUCCESS', value: 'false', state: 'present' } - { section: 'cron.archive_cleanup', option: 'SCHEDULE', value: '@midnight', state: 'present' } - { section: 'cron.archive_cleanup', option: 'OLDER_THAN', value: '24h', state: 'present' } - { section: 'cron.delete_repo_archives', option: 'ENABLED', value: 'true', state: 'present' } - { section: 'cron.delete_repo_archives', option: 'RUN_AT_START', value: 'false', state: 'present' } - { section: 'cron.delete_repo_archives', option: 'NOTICE_ON_SUCCESS', value: 'false', state: 'present' } - { section: 'cron.delete_repo_archives', option: 'SCHEDULE', value: '{{ gitea_delete_repo_archives_frequency }}', state: 'present' } - { section: 'cron.delete_repo_archives', option: '', value: '', state: 'present' }