finallycoffee/services
6
1
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Compare commits

base: finallycoffee:4aa0d6efbd53605665ed468eb38a227589e0e2b5
Branches Tags
finallycoffee:main finallycoffee:transcaffeine/snipe-it-8.1.0 finallycoffee:transcaffeine/phpldapadmin finallycoffee:transcaffeine/authelia-refactor finallycoffee:transcaffeine/snipe-it finallycoffee:transcaffeine/vaultwarden finallycoffee:transcaffeine/hedgedoc finallycoffee:transcaffeine/restic-unlock-on-boot
finallycoffee:0.1.15 finallycoffee:0.1.14 finallycoffee:0.1.13 finallycoffee:0.1.12 finallycoffee:0.1.11 finallycoffee:0.1.10 finallycoffee:0.1.9 finallycoffee:0.1.8 finallycoffee:0.1.7 finallycoffee:0.1.6 finallycoffee:0.1.5 finallycoffee:0.1.4 finallycoffee:0.1.3 finallycoffee:0.1.2 finallycoffee:0.1.1 finallycoffee:0.1.0
..
compare: finallycoffee:b1d9f73b861dad5b1537e25b2dc3071c0dd3554d
Branches Tags
finallycoffee:main finallycoffee:transcaffeine/snipe-it-8.1.0 finallycoffee:transcaffeine/phpldapadmin finallycoffee:transcaffeine/authelia-refactor finallycoffee:transcaffeine/snipe-it finallycoffee:transcaffeine/vaultwarden finallycoffee:transcaffeine/hedgedoc finallycoffee:transcaffeine/restic-unlock-on-boot
finallycoffee:0.1.15 finallycoffee:0.1.14 finallycoffee:0.1.13 finallycoffee:0.1.12 finallycoffee:0.1.11 finallycoffee:0.1.10 finallycoffee:0.1.9 finallycoffee:0.1.8 finallycoffee:0.1.7 finallycoffee:0.1.6 finallycoffee:0.1.5 finallycoffee:0.1.4 finallycoffee:0.1.3 finallycoffee:0.1.2 finallycoffee:0.1.1 finallycoffee:0.1.0

1 Commits
4aa0d6efbd ... b1d9f73b86

Author SHA1 Message Date
Johanna Dorothea Reichmann
b1d9f73b86 feat(gitea): add ansible role for deployment in docker containers 2022-02-11 09:13:45 +01:00
4 changed files with 65 additions and 4 deletions
Expand all files Collapse all files

25
roles/gitea/README.md
View File

@ -7,3 +7,28 @@ using its official available docker image, and is able to setup SSH
forwarding from the host to the container (enabling git-over-SSH without
the need for a non-standard SSH port while running an SSH server on the
host aswell).
### Configuration
#### Email notifications
To enable to send emails, you need to set the following variables, demonstrated
here with an SMTP server. A TLS connection is strongly advised, as otherwise, it
can be trival to intercept a login to the mail server and record the authentication
details, enabling anyone to send mail as if they were your gitea instance.
```yaml
gitea_config_mailer_enabled: true
# Can be `sendmail` or `smtp`
gitea_config_mailer_type: smtp
# Including the port can be used to force secure smtp (SMTPS)
gitea_config_mailer_host: mail.my-domain.tld:465
gitea_config_mailer_user: gitea
gitea_config_mailer_passwd: very_long_password
gitea_config_mailer_tls: true
gitea_config_mailer_from_addr: "gitea@{{ gitea_domain }}"
# Set `gitea_config_mailer_sendmail_path` when using a sendmail binary
gitea_config_mailer_sendmail_path: /usr/sbin/sendmail
```
For more information, see [the gitea docs on email setup](https://docs.gitea.io/en-us/email-setup/).

16
roles/gitea/defaults/main.yml
View File

@ -5,6 +5,9 @@ gitea_user: git
gitea_base_path: "/opt/gitea"
gitea_data_path: "{{ gitea_base_path }}/data"
# Set this to the (sub)domain gitea will run at
gitea_domain: ~
# container config
gitea_container_name: "git"
gitea_container_image_name: "docker.io/gitea/gitea"
@ -34,4 +37,15 @@ gitea_container_base_env:
gitea_container_base_labels:
version: "{{ gitea_version }}"
gitea_config: {}
gitea_config_mailer_enabled: false
gitea_config_mailer_type: ~
gitea_config_mailer_from_addr: ~
gitea_config_mailer_host: ~
gitea_config_mailer_user: ~
gitea_config_mailer_passwd: ~
gitea_config_mailer_tls: ~
gitea_config_mailer_sendmail_path: ~
gitea_config_metrics_enabled: false
gitea_config: "{{ gitea_config_base | combine(gitea_extra_config, recursive=True, list_merge='append') }}"
gitea_extra_config: {}

7
roles/gitea/tasks/main.yml
View File

@ -88,12 +88,13 @@
section: "{{ section }}"
option: "{{ option }}"
value: "{{ entry.value }}"
state: "{{ 'present' if (entry.value is string or entry.value is sequence or entry.value is boolean or entry.value is number) else 'absent' }}"
state: "{{ 'present' if (entry.value is not none) else 'absent' }}"
loop: "{{ lookup('ansible.utils.to_paths', gitea_config) | dict2items }}"
loop_control:
loop_var: entry
label: "{{ section | default('/', True) }}->{{ option }}"
vars:
key_split: "{{ entry.key | split('.') }}"
section: "{{ '' if key_split|length == 1 else (key_split | first) }}"
option: "{{ key_split | first if key_split|length == 1 else key_split[1:] | join('.') }}"
# sections can be named `section_name`.`sub_section`, f.ex.: `repository.upload`
section: "{{ '' if key_split|length == 1 else (key_split[:-1] | join('.')) }}"
option: "{{ key_split | first if key_split|length == 1 else key_split | last }}"

21
roles/gitea/vars/main.yml
View File

@ -11,3 +11,24 @@ gitea_container_ports: "{{ gitea_container_base_ports + gitea_container_extra_po
gitea_container_port_webui: 3000
gitea_container_port_ssh: 22
gitea_config_base:
RUN_MODE: prod
RUN_USER: "{{ gitea_user }}"
server:
SSH_DOMAIN: "{{ gitea_domain }}"
DOMAIN: "{{ gitea_domain }}"
HTTP_PORT: "{{ gitea_container_port_webui }}"
DISABLE_SSH: false
START_SSH_SERVER: false
mailer:
ENABLED: "{{ gitea_config_mailer_enabled }}"
MAILER_TYP: "{{ gitea_config_mailer_type }}"
HOST: "{{ gitea_config_mailer_host }}"
USER: "{{ gitea_config_mailer_user }}"
PASSWD: "{{ gitea_config_mailer_passwd }}"
IS_TLS_ENABLED: "{{ gitea_config_mailer_tls }}"
FROM: "{{ gitea_config_mailer_from_addr }}"
SENDMAIL_PATH: "{{ gitea_config_mailer_sendmail_path }}"
metrics:
ENABLED: "{{ gitea_config_metrics_enabled }}"