Role that installs and configure a gitea.io service.

This commit is contained in:
Andrea Dell'Amico 2019-03-29 14:59:19 +01:00
parent c67f747b3f
commit 6b5613146f
7 changed files with 217 additions and 0 deletions

68
gitea/defaults/main.yml Normal file
View File

@ -0,0 +1,68 @@
---
#
# https://gitea.io
#
# We use the server ssh daemon, and nginx in front of the service by default.
# So we do not start in http mode and we do not use the embedded letsencrypt support
#
gitea_version: 1.8
gitea_download_url: 'https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64'
gitea_bin_path: /usr/local/bin/gitea
gitea_conf_dir: /etc/gitea
gitea_data_dir: /var/lib/gitea
gitea_data_subdirs:
- custom
- data
- log
- sock
gitea_repository_data: '{{ gitea_data_dir }}/repositories'
gitea_server_protocol: unix
gitea_http_addr: '{{ gitea_data_dir }}/sock/gitea.sock'
# home, explore
gitea_landing_page: home
gitea_user: gitea
gitea_group: '{{ gitea_user }}'
gitea_run_mode: prod
gitea_db: postgresql
gitea_local_postgresql: True
gitea_local_mysql: False
gitea_local_mariadb: False
gitea_nginx_frontend: True
gitea_local_redis: True
gitea_local_memcache: True
gitea_start_lfs: 'true'
gitea_lfs_content_path: '{{ gitea_data_dir }}/data/lfs'
#gitea_lfs_jwt_secret: put it into a vault file
gitea_lfs_http_auth_expiry: 20m
gitea_required_packages:
- git
gitea_db_name: gitea
gitea_db_user: gitea_u
#gitea_db_pwd: put it into a vault file
gitea_db_host: localhost
gitea_db_port: 5432
gitea_db_ssl_mode: 'enable'
gitea_ldap_auth: False
gitea_app_name: "Gitea"
gitea_disable_registration: 'false'
gitea_install_lock: 'false'
gitea_mailer_enabled: False
gitea_mail_from: gitea@localhost
gitea_mailer_type: sendmail
gitea_sendmail_path: /usr/sbin/sendmail
gitea_cache_provider: redis
#gitea_cache_host: '127.0.0.1:11211'
gitea_cache_host: 'network=tcp,addr=127.0.0.1:6379,password=macaron,db=0,pool_size=100,idle_timeout=180'
gitea_session_provider: memcache
gitea_session_config: '127.0.0.1:11211'
gitea_prometheus_metrics: False
#gitea_prometheus_bearer_token: put it into a vault file
gitea_prometheus_bearer_token: ''

6
gitea/handlers/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: reload gitea
service: name=gitea state=reloaded
- name: restart gitea
service: name=gitea state=restarted

7
gitea/meta/main.yml Normal file
View File

@ -0,0 +1,7 @@
---
dependencies:
- { role: '../../library/roles/postgresql', gitea_local_postgresql }
- { role: '../../library/roles/mysql', gitea_local_mysql }
- { role: '../../library/roles/nginx', gitea_nginx_frontend }
- { role: '../../library/roles/redis', when gitea_local_redis }
- { role: '../../library/roles/memcached', when gitea_local_memcache }

31
gitea/tasks/main.yml Normal file
View File

@ -0,0 +1,31 @@
---
- block:
- name: Create the gitea service user
user: name={{ gitea_user }} home=/srv/gitea createhome=yes shell=/bin/bash system=yes
- name: Create the gitea directory tree
file: dest={{ gitea_data_dir }}/{{ item }} state=directory owner={{ gitea_user }} group={{ gitea_group }}
with_items: '{{ gitea_data_subdirs }}'
- name: Create the gitea conf directory
file: dest={{ gitea_conf_dir }} state=directory owner=root group={{ gitea_group }} mode=0750
- name: Download the gitea binary
get_url: url={{ gitea_download_url }} dest={{ gitea_bin_path }} owner=root group={{ gitea_group }} mode=0750
- name: Install the required packages
package: state=present use=auto name={{ gitea_required_packages }}
- name: Configure gitea
template: src=app.ini.j2 dest={{ gitea_conf_dir }}/app.ini owner=root group={{ gitea_group }} mode=0640
notify: reload gitea
- name: Install the gitea systemd unit
template: src=gitea.service.systemd dest=/etc/systemd/system/gitea.service
register: gitea_systemd_unit
- name: Reload the systemd configuration
command: systemctl daemon-reload
when: gitea_systemd_unit is changed
tags: [ 'git', 'gitea' ]

View File

@ -0,0 +1,57 @@
[default]
APP_NAME = {{ gitea_app_name }}
RUN_USER = {{ gitea_user }}
RUN_MODE= {{ gitea_run_mode }}
[repository]
ROOT = {{ gitea_repository_data }}
[server]
PROTOCOL = {{ gitea_server_protocol }}
HTTP_ADDR = {{ gitea_http_addr }}
LANDING_PAGE = {{ gitea_landing_page }}
LFS_START_SERVER = {{ gitea_start_lfs }}
LFS_CONTENT_PATH = {{ gitea_lfs_content_path }}
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
LFS_HTTP_AUTH_EXPIRY = {{ gitea_lfs_http_auth_expiry }}
[database]
DB_TYPE = {{ gitea_db }}
HOST = {{ gitea_db_host }}:{{ gitea_db_port }}
NAME = {{ gitea_db_name }}
USER = {{ gitea_db_user }}
PASSWD = {{ gitea_db_pwd }}
SSL_MODE = {{ gitea_db_ssl_mode }}
[security]
INSTALL_LOCK = {{ gitea_install_lock }}
[service]
DISABLE_REGISTRATION = {{ gitea_disable_registration }}
{% if gitea_mailer_enabled %}
[mailer]
ENABLED = true
FROM = {{ gitea_mail_from }}
MAILER_TYPE = {{ gitea_mailer_type }}
SENDMAIL_PATH = {{ gitea_sendmail_path }}
{% endif %}
[cache]
ADAPTER = {{ gitea_cache_provider }}
HOST = {{ gitea_cache_host }}
[session]
PROVIDER = {{ gitea_session_provider }}
PROVIDER_CONFIG = {{ gitea_session_config }}
{% if gitea_prometheus_metrics %}
[metrics]
ENABLED = true
TOKEN = '{{ gitea_prometheus_bearer_token }}'
{% endif %}
[other]
SHOW_FOOTER_VERSION = false
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false

View File

@ -0,0 +1,42 @@
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
{% if gitea_local_mysql %}
Requires=mysql.service
{% endif %}
#Requires=mariadb.service
{% if gitea_local_postgresql %}
Requires=postgresql.service
{% endif %}
{% if gitea_local_redis %}
Requires=redis.service
{% endif %}
{% if gitea_local_memcache %}
Requires=memcached.service
{% endif %}
[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User={{ gitea_user }}
Group={{ gitea_user }}
WorkingDirectory={{ gitea_data_dir }}
ExecStart=/usr/local/bin/gitea web -c {{ gitea_conf_dir }}/app.ini
Restart=always
Environment=USER={{ gitea_user }} HOME=/srv/gitea GITEA_WORK_DIR={{ gitea_data_dir }}
# If you want to bind Gitea to a port below 1024 uncomment
# the two values below
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target

6
gitea/vars/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
nginx_use_common_virthost: True
redis_install: True
http_port: 80
https_port: 443