feat(gitea): add ansible role for deployment in docker containers

roles/gitea/README.md

@@ -7,3 +7,28 @@ using its official available docker image, and is able to setup SSH
 forwarding from the host to the container (enabling git-over-SSH without
 the need for a non-standard SSH port while running an SSH server on the
 host aswell).
+
+### Configuration
+
+#### Email notifications
+
+To enable to send emails, you need to set the following variables, demonstrated
+here with an SMTP server. A TLS connection is strongly advised, as otherwise, it
+can be trival to intercept a login to the mail server and record the authentication
+details, enabling anyone to send mail as if they were your gitea instance.
+
+```yaml
+gitea_config_mailer_enabled: true
+# Can be `sendmail` or `smtp`
+gitea_config_mailer_type: smtp
+# Including the port can be used to force secure smtp (SMTPS)
+gitea_config_mailer_host: mail.my-domain.tld:465
+gitea_config_mailer_user: gitea
+gitea_config_mailer_passwd: very_long_password
+gitea_config_mailer_tls: true
+gitea_config_mailer_from_addr: "gitea@{{ gitea_domain }}"
+# Set `gitea_config_mailer_sendmail_path` when using a sendmail binary
+gitea_config_mailer_sendmail_path: /usr/sbin/sendmail
+```
+
+For more information, see [the gitea docs on email setup](https://docs.gitea.io/en-us/email-setup/).

roles/gitea/defaults/main.yml

@@ -5,6 +5,9 @@ gitea_user: git
 gitea_base_path: "/opt/gitea"
 gitea_data_path: "{{ gitea_base_path }}/data"
 
+# Set this to the (sub)domain gitea will run at
+gitea_domain: ~
+
 # container config
 gitea_container_name: "git"
 gitea_container_image_name: "docker.io/gitea/gitea"
@@ -34,4 +37,15 @@ gitea_container_base_env:
 gitea_container_base_labels:
   version: "{{ gitea_version }}"
 
-gitea_config: {}
+gitea_config_mailer_enabled: false
+gitea_config_mailer_type: ~
+gitea_config_mailer_from_addr: ~
+gitea_config_mailer_host: ~
+gitea_config_mailer_user: ~
+gitea_config_mailer_passwd: ~
+gitea_config_mailer_tls: ~
+gitea_config_mailer_sendmail_path: ~
+gitea_config_metrics_enabled: false
+
+gitea_config: "{{ gitea_config_base | combine(gitea_extra_config, recursive=True, list_merge='append') }}"
+gitea_extra_config: {}

roles/gitea/tasks/main.yml

@@ -88,12 +88,13 @@
     section: "{{ section }}"
     option: "{{ option }}"
     value: "{{ entry.value }}"
-    state: "{{ 'present' if (entry.value is string or entry.value is sequence or entry.value is boolean or entry.value is number) else 'absent' }}"
+    state: "{{ 'present' if (entry.value is not none) else 'absent' }}"
   loop: "{{ lookup('ansible.utils.to_paths', gitea_config) | dict2items }}"
   loop_control:
     loop_var: entry
     label: "{{ section | default('/', True) }}->{{ option }}"
   vars:
     key_split: "{{ entry.key | split('.') }}"
-    section: "{{ '' if key_split|length == 1 else (key_split | first) }}"
-    option: "{{ key_split | first if key_split|length == 1 else key_split[1:] | join('.') }}"
+    # sections can be named `section_name`.`sub_section`, f.ex.: `repository.upload`
+    section: "{{ '' if key_split|length == 1 else (key_split[:-1] | join('.')) }}"
+    option: "{{ key_split | first if key_split|length == 1 else key_split | last }}"

roles/gitea/vars/main.yml

@@ -11,3 +11,24 @@ gitea_container_ports: "{{ gitea_container_base_ports + gitea_container_extra_po
 
 gitea_container_port_webui: 3000
 gitea_container_port_ssh: 22
+
+gitea_config_base:
+  RUN_MODE: prod
+  RUN_USER: "{{ gitea_user }}"
+  server:
+    SSH_DOMAIN: "{{ gitea_domain }}"
+    DOMAIN: "{{ gitea_domain }}"
+    HTTP_PORT: "{{ gitea_container_port_webui }}"
+    DISABLE_SSH: false
+    START_SSH_SERVER: false
+  mailer:
+    ENABLED: "{{ gitea_config_mailer_enabled }}"
+    MAILER_TYP: "{{ gitea_config_mailer_type }}"
+    HOST: "{{ gitea_config_mailer_host }}"
+    USER: "{{ gitea_config_mailer_user }}"
+    PASSWD: "{{ gitea_config_mailer_passwd }}"
+    IS_TLS_ENABLED: "{{ gitea_config_mailer_tls }}"
+    FROM: "{{ gitea_config_mailer_from_addr }}"
+    SENDMAIL_PATH: "{{ gitea_config_mailer_sendmail_path }}"
+  metrics:
+    ENABLED: "{{ gitea_config_metrics_enabled }}"