176 lines
9.3 KiB
YAML
176 lines
9.3 KiB
YAML
---
|
|
#
|
|
# https://gitea.io
|
|
#
|
|
# We use the server ssh daemon, and nginx in front of the service by default.
|
|
# So we do not start in http mode and we do not use the embedded letsencrypt support
|
|
#
|
|
gitea_version: 1.21.11
|
|
gitea_download_url: 'https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64'
|
|
gitea_force_binary_download: False
|
|
gitea_bin_path: /usr/local/bin/gitea
|
|
|
|
gitea_conf_dir: /etc/gitea
|
|
gitea_data_dir: /var/lib/gitea
|
|
gitea_data_subdirs:
|
|
- custom
|
|
- data
|
|
- log
|
|
|
|
gitea_log_dir: /var/log/gitea
|
|
gitea_socket_dir: /run/gitea
|
|
gitea_repository_data: '{{ gitea_data_dir }}/repositories'
|
|
gitea_max_repository_per_user: 200
|
|
|
|
gitea_server_protocol: "http+unix"
|
|
gitea_hostname: '{{ ansible_fqdn }}'
|
|
gitea_http_addr: '{{ gitea_socket_dir }}/gitea.sock'
|
|
gitea_http_port: 3000
|
|
gitea_root_url: https://{{ gitea_hostname }}
|
|
|
|
# home, explore
|
|
gitea_landing_page: explore
|
|
gitea_create_service_user: True
|
|
gitea_user: gitea
|
|
gitea_group: '{{ gitea_user }}'
|
|
gitea_run_mode: prod
|
|
gitea_limit_nofile: 16384
|
|
gitea_limit_nofile_soft: 4096
|
|
gitea_db: postgres
|
|
gitea_local_postgresql: True
|
|
gitea_local_mysql: False
|
|
gitea_local_mariadb: False
|
|
gitea_nginx_frontend: True
|
|
gitea_local_redis: True
|
|
gitea_local_memcache: True
|
|
|
|
gitea_start_lfs: 'true'
|
|
gitea_lfs_content_path: '{{ gitea_data_dir }}/data/lfs'
|
|
#gitea_lfs_jwt_secret: put it into a vault file
|
|
gitea_lfs_http_auth_expiry: 20m
|
|
gitea_lfs_configuration:
|
|
- { section: 'server', option: 'LFS_START_SERVER', value: '{{ gitea_start_lfs }}', state: 'present' }
|
|
- { section: 'server', option: 'LFS_HTTP_AUTH_EXPIRY', value: '{{ gitea_lfs_http_auth_expiry }}', state: 'present' }
|
|
- { section: 'server', option: 'LFS_CONTENT_PATH', value: '{{ gitea_lfs_content_path }}', state: 'absent' }
|
|
- { section: 'lfs', option: 'PATH', value: '{{ gitea_lfs_content_path }}', state: 'present' }
|
|
|
|
gitea_required_packages:
|
|
- git
|
|
|
|
gitea_db_name: gitea
|
|
gitea_db_user: gitea_u
|
|
#gitea_db_pwd: put it into a vault file
|
|
gitea_db_host: "localhost"
|
|
gitea_db_port: 5432
|
|
gitea_db_ssl_mode: 'disable'
|
|
|
|
gitea_app_name: "Gitea git server"
|
|
gitea_disable_registration: 'false'
|
|
gitea_install_lock: 'false'
|
|
gitea_mailer_enabled: False
|
|
gitea_mail_from: gitea@localhost
|
|
gitea_mailer_type: sendmail
|
|
gitea_sendmail_path: /usr/sbin/sendmail
|
|
gitea_cache_provider: memcache
|
|
gitea_cache_host: '127.0.0.1:11211'
|
|
gitea_session_provider: redis
|
|
gitea_session_config: 'network=tcp,addr=127.0.0.1:6379,db=0,pool_size=100,idle_timeout=180'
|
|
gitea_require_signin_view: 'false'
|
|
gitea_users_page_enabled: 'false'
|
|
|
|
gitea_install_viewer_addons: True
|
|
gitea_py3_env_dpkg:
|
|
- jupyter
|
|
- asciidoctor
|
|
- pandoc
|
|
- python3-matplotlib
|
|
- python3-pandas
|
|
- python3-geopandas
|
|
|
|
gitea_renderers_global_conf:
|
|
- { section: 'markdown', option: 'CUSTOM_URL_SCHEMES', value: 'data', state: 'present' }
|
|
|
|
gitea_markup_asciidoc_enabled: 'true'
|
|
gitea_markup_asciidoc_conf:
|
|
- { section: 'markup.asciidoc', option: 'ENABLED', value: '{{ gitea_markup_asciidoc_enabled }}', state: 'present' }
|
|
- { section: 'markup.asciidoc', option: 'FILE_EXTENSIONS', value: '.adoc,.asciidoc', state: 'present' }
|
|
- { section: 'markup.asciidoc', option: 'RENDER_COMMAND', value: '"asciidoctor -s -a showtitle --out-file=- -"', state: 'present' }
|
|
- { section: 'markup.asciidoc', option: 'IS_INPUT_FILE', value: 'false', state: 'present' }
|
|
|
|
gitea_markup_jupyter_enabled: 'true'
|
|
gitea_markup_jupyter_conf:
|
|
- { section: 'markup.jupyter', option: 'ENABLED', value: '{{ gitea_markup_jupyter_enabled }}', state: 'present' }
|
|
- { section: 'markup.jupyter', option: 'FILE_EXTENSIONS', value: '.ipynb', state: 'present' }
|
|
- { section: 'markup.jupyter', option: 'RENDER_COMMAND', value: '"jupyter nbconvert --stdout --to html --template basic"', state: 'present' }
|
|
- { section: 'markup.jupyter', option: 'IS_INPUT_FILE', value: 'true', state: 'present' }
|
|
- { section: 'markup.sanitizer.jupyter.rule1', option: 'ALLOW_ATTR', value: 'class', state: 'present' }
|
|
- { section: 'markup.sanitizer.jupyter.rule1', option: 'ELEMENT', value: 'div', state: 'present' }
|
|
- { section: 'markup.sanitizer.jupyter.rule1', option: 'REGEXP', value: '', state: 'present' }
|
|
gitea_markup_docx_enabled: 'true'
|
|
gitea_markup_docx_conf:
|
|
- { section: 'markup.docx', option: 'ENABLED', value: '{{ gitea_markup_docx_enabled }}', state: 'present' }
|
|
- { section: 'markup.docx', option: 'FILE_EXTENSIONS', value: '.docx', state: 'present' }
|
|
- { section: 'markup.docx', option: 'RENDER_COMMAND', value: '"pandoc --from docx --to html --self-contained --template {{ gitea_data_dir }}/custom/templates/docx-basic.html"', state: 'present' }
|
|
- { section: 'markup.sanitizer.docx', option: 'ALLOW_DATA_URI_IMAGES', value: 'true', state: 'present' }
|
|
gitea_markup_restructuredtext_enabled: 'true'
|
|
gitea_markup_restructuredtext_conf:
|
|
- { section: 'markup.restructuredtext', option: 'ENABLED', value: '{{ gitea_markup_restructuredtext_enabled }}', state: 'present' }
|
|
- { section: 'markup.restructuredtext', option: 'FILE_EXTENSIONS', value: '.rst', state: 'present' }
|
|
- { section: 'markup.restructuredtext', option: 'RENDER_COMMAND', value: '"timeout 30s pandoc +RTS -M512M -RTS -f rst"', state: 'present' }
|
|
- { section: 'markup.restructuredtext', option: 'IS_INPUT_FILE', value: 'false', state: 'present' }
|
|
gitea_markup_sanitizer_tex_enabled: 'true'
|
|
gitea_markup_sanitizer_tex_conf:
|
|
- { section: 'markup.sanitizer.TeX', option: 'ENABLED', value: '{{ gitea_markup_sanitizer_tex_enabled }}', state: 'present' }
|
|
- { section: 'markup.sanitizer.TeX', option: 'ELEMENT', value: 'span', state: 'present' }
|
|
- { section: 'markup.sanitizer.TeX', option: 'ALLOW_ATTR', value: 'class', state: 'present' }
|
|
- { section: 'markup.sanitizer.TeX', option: 'REGEXP', value: '^\s*((math(\s+|$)|inline(\s+|$)|display(\s+|$)))+', state: 'present' }
|
|
gitea_markup_markdown_enabled: 'true'
|
|
gitea_markup_markdown_conf:
|
|
- { section: 'markup.markdown', option: 'ENABLED', value: '{{ gitea_markup_markdown_enabled }}', state: 'present' }
|
|
- { section: 'markup.markdown', option: 'FILE_EXTENSIONS', value: '.md,.markdown', state: 'present' }
|
|
- { section: 'markup.markdown', option: 'RENDER_COMMAND', value: 'pandoc -f markdown -t html --katex', state: 'present' }
|
|
|
|
gitea_prometheus_metrics: 'false'
|
|
#gitea_prometheus_bearer_token: put it into a vault file
|
|
gitea_prometheus_bearer_token: ''
|
|
gitea_prometheus_conf:
|
|
- { section: 'metrics', option: 'ENABLED', value: '{{ gitea_prometheus_metrics }}', state: 'present' }
|
|
- { section: 'metrics', option: 'TOKEN', value: '{{ gitea_prometheus_bearer_token }}', state: 'present' }
|
|
|
|
gitea_log_level: Info
|
|
|
|
gitea_app_configurations:
|
|
- { section: 'log', option: 'ROOT_PATH', value: '{{ gitea_log_dir }}', state: 'present' }
|
|
- { section: 'log', option: 'COLORIZE', value: 'false', state: 'present' }
|
|
- { section: 'log', option: 'LEVEL', value: '{{ gitea_log_level }}', state: 'present' }
|
|
- { section: 'log', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/gitea.log', state: 'present' }
|
|
- { section: 'log', option: 'ENABLE_XORM_LOG', value: 'true', state: 'absent' }
|
|
- { section: 'log', option: 'ENABLE_ACCESS_LOG', value: 'true', state: 'absent' }
|
|
- { section: 'log.sublogger.router', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/router.log', state: 'present' }
|
|
- { section: 'log.sublogger.access', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/access.log', state: 'present' }
|
|
- { section: 'log.sublogger.xorm', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/xorm.log', state: 'present' }
|
|
- { section: 'database', option: 'LOG_SQL', value: 'false', state: 'present' }
|
|
- { section: 'security', option: 'CSRF_COOKIE_HTTP_ONLY', value: 'true', state: 'present'}
|
|
- { section: 'session', option: 'SAME_SITE', value: 'lax', state: 'present'}
|
|
- { section: 'session', option: 'COOKIE_SECURE', value: 'false', state: 'present'}
|
|
# - { section: 'mailer', option: 'ENABLED', value: 'true', state: 'present' }
|
|
# - { section: 'mailer', option: 'FROM', value: '{{ gitea_mail_from }}', state: 'present' }
|
|
# - { section: 'mailer', option: 'MAILER_PROTOCOL', value: '{{ gitea_mailer_type }}', state: 'present' }
|
|
# - { section: 'mailer', option: 'SENDMAIL_PATH', value: '{{ gitea_sendmail_path }}', state: 'present' }
|
|
# - { section: 'metrics', option: 'ENABLED', value: 'true', state: 'present' }
|
|
# - { section: 'metrics', option: 'TOKEN', value: '{{ gitea_prometheus_bearer_token }}', state: 'present' }
|
|
|
|
gitea_enable_repository_archives_cron_jobs: true
|
|
gitea_delete_repo_archives_frequency: "@weekly"
|
|
gitea_rep_archives_configuration:
|
|
- { section: 'cron.archive_cleanup', option: 'ENABLED', value: 'true', state: 'present' }
|
|
- { section: 'cron.archive_cleanup', option: 'RUN_AT_START', value: 'false', state: 'present' }
|
|
- { section: 'cron.archive_cleanup', option: 'NOTICE_ON_SUCCESS', value: 'false', state: 'present' }
|
|
- { section: 'cron.archive_cleanup', option: 'SCHEDULE', value: '@midnight', state: 'present' }
|
|
- { section: 'cron.archive_cleanup', option: 'OLDER_THAN', value: '24h', state: 'present' }
|
|
- { section: 'cron.delete_repo_archives', option: 'ENABLED', value: 'true', state: 'present' }
|
|
- { section: 'cron.delete_repo_archives', option: 'RUN_AT_START', value: 'false', state: 'present' }
|
|
- { section: 'cron.delete_repo_archives', option: 'NOTICE_ON_SUCCESS', value: 'false', state: 'present' }
|
|
- { section: 'cron.delete_repo_archives', option: 'SCHEDULE', value: '{{ gitea_delete_repo_archives_frequency }}', state: 'present' }
|
|
- { section: 'cron.delete_repo_archives', option: '', value: '', state: 'present' }
|