forked from ISTI-ansible-roles/ansible-roles
Role that installs and configure a gitea.io service.
This commit is contained in:
parent
c67f747b3f
commit
6b5613146f
|
@ -0,0 +1,68 @@
|
|||
---
|
||||
#
|
||||
# https://gitea.io
|
||||
#
|
||||
# We use the server ssh daemon, and nginx in front of the service by default.
|
||||
# So we do not start in http mode and we do not use the embedded letsencrypt support
|
||||
#
|
||||
gitea_version: 1.8
|
||||
gitea_download_url: 'https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64'
|
||||
gitea_bin_path: /usr/local/bin/gitea
|
||||
|
||||
gitea_conf_dir: /etc/gitea
|
||||
gitea_data_dir: /var/lib/gitea
|
||||
gitea_data_subdirs:
|
||||
- custom
|
||||
- data
|
||||
- log
|
||||
- sock
|
||||
|
||||
gitea_repository_data: '{{ gitea_data_dir }}/repositories'
|
||||
|
||||
gitea_server_protocol: unix
|
||||
gitea_http_addr: '{{ gitea_data_dir }}/sock/gitea.sock'
|
||||
# home, explore
|
||||
gitea_landing_page: home
|
||||
gitea_user: gitea
|
||||
gitea_group: '{{ gitea_user }}'
|
||||
gitea_run_mode: prod
|
||||
gitea_db: postgresql
|
||||
gitea_local_postgresql: True
|
||||
gitea_local_mysql: False
|
||||
gitea_local_mariadb: False
|
||||
gitea_nginx_frontend: True
|
||||
gitea_local_redis: True
|
||||
gitea_local_memcache: True
|
||||
|
||||
gitea_start_lfs: 'true'
|
||||
gitea_lfs_content_path: '{{ gitea_data_dir }}/data/lfs'
|
||||
#gitea_lfs_jwt_secret: put it into a vault file
|
||||
gitea_lfs_http_auth_expiry: 20m
|
||||
|
||||
gitea_required_packages:
|
||||
- git
|
||||
|
||||
gitea_db_name: gitea
|
||||
gitea_db_user: gitea_u
|
||||
#gitea_db_pwd: put it into a vault file
|
||||
gitea_db_host: localhost
|
||||
gitea_db_port: 5432
|
||||
gitea_db_ssl_mode: 'enable'
|
||||
|
||||
gitea_ldap_auth: False
|
||||
gitea_app_name: "Gitea"
|
||||
gitea_disable_registration: 'false'
|
||||
gitea_install_lock: 'false'
|
||||
gitea_mailer_enabled: False
|
||||
gitea_mail_from: gitea@localhost
|
||||
gitea_mailer_type: sendmail
|
||||
gitea_sendmail_path: /usr/sbin/sendmail
|
||||
gitea_cache_provider: redis
|
||||
#gitea_cache_host: '127.0.0.1:11211'
|
||||
gitea_cache_host: 'network=tcp,addr=127.0.0.1:6379,password=macaron,db=0,pool_size=100,idle_timeout=180'
|
||||
gitea_session_provider: memcache
|
||||
gitea_session_config: '127.0.0.1:11211'
|
||||
|
||||
gitea_prometheus_metrics: False
|
||||
#gitea_prometheus_bearer_token: put it into a vault file
|
||||
gitea_prometheus_bearer_token: ''
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- name: reload gitea
|
||||
service: name=gitea state=reloaded
|
||||
|
||||
- name: restart gitea
|
||||
service: name=gitea state=restarted
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
dependencies:
|
||||
- { role: '../../library/roles/postgresql', gitea_local_postgresql }
|
||||
- { role: '../../library/roles/mysql', gitea_local_mysql }
|
||||
- { role: '../../library/roles/nginx', gitea_nginx_frontend }
|
||||
- { role: '../../library/roles/redis', when gitea_local_redis }
|
||||
- { role: '../../library/roles/memcached', when gitea_local_memcache }
|
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
- block:
|
||||
- name: Create the gitea service user
|
||||
user: name={{ gitea_user }} home=/srv/gitea createhome=yes shell=/bin/bash system=yes
|
||||
|
||||
- name: Create the gitea directory tree
|
||||
file: dest={{ gitea_data_dir }}/{{ item }} state=directory owner={{ gitea_user }} group={{ gitea_group }}
|
||||
with_items: '{{ gitea_data_subdirs }}'
|
||||
|
||||
- name: Create the gitea conf directory
|
||||
file: dest={{ gitea_conf_dir }} state=directory owner=root group={{ gitea_group }} mode=0750
|
||||
|
||||
- name: Download the gitea binary
|
||||
get_url: url={{ gitea_download_url }} dest={{ gitea_bin_path }} owner=root group={{ gitea_group }} mode=0750
|
||||
|
||||
- name: Install the required packages
|
||||
package: state=present use=auto name={{ gitea_required_packages }}
|
||||
|
||||
- name: Configure gitea
|
||||
template: src=app.ini.j2 dest={{ gitea_conf_dir }}/app.ini owner=root group={{ gitea_group }} mode=0640
|
||||
notify: reload gitea
|
||||
|
||||
- name: Install the gitea systemd unit
|
||||
template: src=gitea.service.systemd dest=/etc/systemd/system/gitea.service
|
||||
register: gitea_systemd_unit
|
||||
|
||||
- name: Reload the systemd configuration
|
||||
command: systemctl daemon-reload
|
||||
when: gitea_systemd_unit is changed
|
||||
|
||||
tags: [ 'git', 'gitea' ]
|
|
@ -0,0 +1,57 @@
|
|||
[default]
|
||||
APP_NAME = {{ gitea_app_name }}
|
||||
RUN_USER = {{ gitea_user }}
|
||||
RUN_MODE= {{ gitea_run_mode }}
|
||||
|
||||
[repository]
|
||||
ROOT = {{ gitea_repository_data }}
|
||||
|
||||
[server]
|
||||
PROTOCOL = {{ gitea_server_protocol }}
|
||||
HTTP_ADDR = {{ gitea_http_addr }}
|
||||
LANDING_PAGE = {{ gitea_landing_page }}
|
||||
LFS_START_SERVER = {{ gitea_start_lfs }}
|
||||
LFS_CONTENT_PATH = {{ gitea_lfs_content_path }}
|
||||
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
|
||||
LFS_HTTP_AUTH_EXPIRY = {{ gitea_lfs_http_auth_expiry }}
|
||||
|
||||
[database]
|
||||
DB_TYPE = {{ gitea_db }}
|
||||
HOST = {{ gitea_db_host }}:{{ gitea_db_port }}
|
||||
NAME = {{ gitea_db_name }}
|
||||
USER = {{ gitea_db_user }}
|
||||
PASSWD = {{ gitea_db_pwd }}
|
||||
SSL_MODE = {{ gitea_db_ssl_mode }}
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = {{ gitea_install_lock }}
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = {{ gitea_disable_registration }}
|
||||
|
||||
{% if gitea_mailer_enabled %}
|
||||
[mailer]
|
||||
ENABLED = true
|
||||
FROM = {{ gitea_mail_from }}
|
||||
MAILER_TYPE = {{ gitea_mailer_type }}
|
||||
SENDMAIL_PATH = {{ gitea_sendmail_path }}
|
||||
{% endif %}
|
||||
|
||||
[cache]
|
||||
ADAPTER = {{ gitea_cache_provider }}
|
||||
HOST = {{ gitea_cache_host }}
|
||||
|
||||
[session]
|
||||
PROVIDER = {{ gitea_session_provider }}
|
||||
PROVIDER_CONFIG = {{ gitea_session_config }}
|
||||
|
||||
{% if gitea_prometheus_metrics %}
|
||||
[metrics]
|
||||
ENABLED = true
|
||||
TOKEN = '{{ gitea_prometheus_bearer_token }}'
|
||||
{% endif %}
|
||||
|
||||
[other]
|
||||
SHOW_FOOTER_VERSION = false
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
{% if gitea_local_mysql %}
|
||||
Requires=mysql.service
|
||||
{% endif %}
|
||||
#Requires=mariadb.service
|
||||
{% if gitea_local_postgresql %}
|
||||
Requires=postgresql.service
|
||||
{% endif %}
|
||||
{% if gitea_local_redis %}
|
||||
Requires=redis.service
|
||||
{% endif %}
|
||||
{% if gitea_local_memcache %}
|
||||
Requires=memcached.service
|
||||
{% endif %}
|
||||
|
||||
[Service]
|
||||
# Modify these two values and uncomment them if you have
|
||||
# repos with lots of files and get an HTTP error 500 because
|
||||
# of that
|
||||
###
|
||||
#LimitMEMLOCK=infinity
|
||||
#LimitNOFILE=65535
|
||||
RestartSec=2s
|
||||
Type=simple
|
||||
User={{ gitea_user }}
|
||||
Group={{ gitea_user }}
|
||||
WorkingDirectory={{ gitea_data_dir }}
|
||||
ExecStart=/usr/local/bin/gitea web -c {{ gitea_conf_dir }}/app.ini
|
||||
Restart=always
|
||||
Environment=USER={{ gitea_user }} HOME=/srv/gitea GITEA_WORK_DIR={{ gitea_data_dir }}
|
||||
# If you want to bind Gitea to a port below 1024 uncomment
|
||||
# the two values below
|
||||
###
|
||||
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||
#AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
nginx_use_common_virthost: True
|
||||
redis_install: True
|
||||
http_port: 80
|
||||
https_port: 443
|
||||
|
Loading…
Reference in New Issue