Add Gitea role

This commit is contained in:
Salt 2020-04-30 05:06:49 -05:00
parent 0038a8b633
commit 31ea3c3e1f
4 changed files with 1135 additions and 0 deletions

View File

@ -0,0 +1,6 @@
---
allow_duplicates: no
dependencies:
- role: apache-php
- role: mysql
- role: redis

View File

@ -0,0 +1,84 @@
#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Set up Gitea
block:
- name: Set up MySQL
block:
- name: Create DB
mysql_db:
name: gitea
login_user: root
login_password: "{{ mysql_root_password }}"
state: present
- name: Create user
mysql_user:
name: gitea
host: localhost
password: "{{ gitea_mysql_password }}"
priv: "gitea.*:ALL,GRANT"
login_user: root
login_password: "{{ mysql_root_password }}"
- name: Set up Apache
block:
- name: Template out vhost
template:
src: "apache2-vhost-ssl.conf"
dest: "/etc/apache2/sites-available/{{ gitea_url }}.conf"
- name: Enable site
command:
cmd: "a2ensite {{ gitea_url }}.conf"
creates: "/etc/apache2/sites-enabled/{{ gitea_url }}.conf"
notify: restart apache
- name: Generate certificate
include_role:
name: https
vars:
website_url: "{{ gitea_url }}"
- name: Install git
apt:
name: git
- name: Install Gitea
get_url:
url: "https://dl.gitea.io/gitea/1.11.4/gitea-1.11.4-linux-amd64"
dest: "/usr/local/bin/gitea"
mode: "0755"
- name: Create Gitea user
user:
name: git
password: "!"
home: "/home/git"
shell: "/usr/sbin/nologin"
- name: Create directory structure
file:
state: directory
recurse: yes
owner: git
group: git
mode: "0750"
path: "/var/lib/{{ item }}"
loop:
- "gitea"
- "gitea/custom"
- "gitea/data"
- "gitea/log"
- name: Create config directory
file:
state: directory
recurse: yes
mode: "0750"
owner: "root"
group: "git"
path: "/etc/gitea"
- name: Generate INTERNAL_TOKEN"
command: /usr/local/bin/gitea generate secret INTERNAL_TOKEN
register: gitea_internal_token
- name: Generate SECRET_KEY"
command: /usr/local/bin/gitea generate secret SECRET_KEY
register: gitea_secret_key
- name: Template out app.ini
template:
src: "app.ini"
dest: "/etc/gitea/app.ini"
mode: "0640"
become: yes

View File

@ -0,0 +1,30 @@
# Configuration for {{ gitea_url }}
# vim:ft=apache:
# Accept connections from non-SNI clients
SSLStrictSNIVHostCheck off
# Website configuration
<VirtualHost *:80>
ServerName {{ gitea_url }}
Redirect permanent / https://{{ gitea_url }}
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt
ServerName {{ gitea_url }}
DocumentRoot {{ gitea_webroot }}
<Directory "{{ gitea_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
ProxyRequests off
ProxyPass / https://127.0.0.1:3000/ nocanon
ProxyPassReverse / https://127.0.0.1:3000/
RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on
</VirtualHost>

File diff suppressed because it is too large Load Diff