Reorganize gitea vars

This commit is contained in:
Salt 2020-08-02 19:39:39 -05:00
parent 8990cc4494
commit 75aeaca8ee
7 changed files with 49 additions and 47 deletions

View File

@ -52,7 +52,8 @@ psql:
## WEBAPPS ## WEBAPPS
# Gitea # Gitea
gitea_mysql_password: !vault | gitea:
mysql_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
62353264353465316661353738666161313036373761666163663733656461316536636334386335 62353264353465316661353738666161313036373761666163663733656461316536636334386335
6161386630663739363439383237343065333239613134610a383036373735326536386464343164 6161386630663739363439383237343065333239613134610a383036373735326536386464343164
@ -60,12 +61,13 @@ gitea_mysql_password: !vault |
3364306566323666310a323034303434613237643665643637633430353437316339356463646331 3364306566323666310a323034303434613237643665643637633430353437316339356463646331
33353062343164396465326365653561626363343961326363633231303736316436643935646161 33353062343164396465326365653561626363343961326363633231303736316436643935646161
3933353234613430373930663832643934613233383635613433 3933353234613430373930663832643934613233383635613433
gitea_app_name: "9iron Gitea" app_name: "9iron Gitea"
gitea_disable_registration: "false" disable_registration: "false"
gitea_url: "git.9iron.club" url: "git.9iron.club"
gitea_admin_username: "salt" admin:
gitea_admin_email: "rehashedsalt@cock.li" user: "salt"
gitea_admin_password: !vault | email: "rehashedsalt@cock.li"
pass: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35613039646236306236363930353231303331633765303039373736626666666530323433356466 35613039646236306236363930353231303331633765303039373736626666666530323433356466
3062633166313332643039613561303431613735396339650a376664373137643439303465376365 3062633166313332643039613561303431613735396339650a376664373137643439303465376365

View File

@ -1,7 +1,7 @@
# vim:ft=ansible: # vim:ft=ansible:
gitea_root_directory: "/home/git/gitea-repositories" gitea_root_directory: "/home/git/gitea-repositories"
gitea_app_name: "Ansible Gitea" gitea.app_name: "Ansible Gitea"
gitea_push_create_user: "true" gitea_push_create_user: "true"
gitea_push_create_org: "false" gitea_push_create_org: "false"
gitea_disable_registration: "true" gitea.disable_registration: "true"
gitea_webroot: "/var/www/gitea" gitea_webroot: "/var/www/gitea"

View File

@ -10,11 +10,11 @@
- admin - admin
- create-user - create-user
- --username - --username
- "{{ gitea_admin_username }}" - "{{ gitea.admin.user }}"
- --password - --password
- "{{ gitea_admin_password }}" - "{{ gitea.admin.pass }}"
- --email - --email
- "{{ gitea_admin_email }}" - "{{ gitea.admin.email }}"
- --config - --config
- /etc/gitea/app.ini - /etc/gitea/app.ini
- name: Promote user to admin - name: Promote user to admin
@ -25,8 +25,8 @@
- -u - -u
- gitea - gitea
- -p - -p
- "{{ gitea_mysql_password }}" - "{{ gitea.mysql_password }}"
- -e - -e
- 'UPDATE user SET is_admin = 1 WHERE name = "{{ gitea_admin_username }}";' - 'UPDATE user SET is_admin = 1 WHERE name = "{{ gitea.admin.user }}";'
become: yes become: yes
become_user: git become_user: git

View File

@ -16,7 +16,7 @@
mysql_user: mysql_user:
name: gitea name: gitea
host: localhost host: localhost
password: "{{ gitea_mysql_password }}" password: "{{ gitea.mysql_password }}"
priv: "gitea.*:ALL,GRANT" priv: "gitea.*:ALL,GRANT"
login_user: root login_user: root
login_password: "{{ mysql.root_password }}" login_password: "{{ mysql.root_password }}"
@ -33,7 +33,7 @@
- name: Template out vhost - name: Template out vhost
template: template:
src: "apache2-vhost-ssl.conf" src: "apache2-vhost-ssl.conf"
dest: "/etc/apache2/sites-available/{{ gitea_url }}.conf" dest: "/etc/apache2/sites-available/{{ gitea.url }}.conf"
notify: restart apache notify: restart apache
- name: Create webroot - name: Create webroot
file: file:
@ -41,14 +41,14 @@
path: "{{ gitea_webroot }}" path: "{{ gitea_webroot }}"
- name: Enable site - name: Enable site
command: command:
cmd: "a2ensite {{ gitea_url }}.conf" cmd: "a2ensite {{ gitea.url }}.conf"
creates: "/etc/apache2/sites-enabled/{{ gitea_url }}.conf" creates: "/etc/apache2/sites-enabled/{{ gitea.url }}.conf"
notify: restart apache notify: restart apache
- name: Generate certificate - name: Generate certificate
include_role: include_role:
name: https name: https
vars: vars:
website_url: "{{ gitea_url }}" website_url: "{{ gitea.url }}"
- name: Install git - name: Install git
apt: apt:
name: git name: git
@ -130,6 +130,6 @@
- name: Template out backup module - name: Template out backup module
template: template:
src: "backup.sh" src: "backup.sh"
dest: "/opt/backups/modules/{{ gitea_url }}.sh" dest: "/opt/backups/modules/{{ gitea.url }}.sh"
mode: "0600" mode: "0600"
become: yes become: yes

View File

@ -1,4 +1,4 @@
# Configuration for {{ gitea_url }} # Configuration for {{ gitea.url }}
# vim:ft=apache: # vim:ft=apache:
# Accept connections from non-SNI clients # Accept connections from non-SNI clients
@ -8,17 +8,17 @@ SSLProxyEngine on
# Website configuration # Website configuration
<VirtualHost *:80> <VirtualHost *:80>
ServerName {{ gitea_url }} ServerName {{ gitea.url }}
Redirect permanent / https://{{ gitea_url }} Redirect permanent / https://{{ gitea.url }}
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
SSLEngine on SSLEngine on
SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt SSLCertificateFile /etc/pki/cert/crt/{{ gitea.url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea.url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea.url }}-fullchain.crt
SSLProtocol {{ ssl_protocol }} SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }} SSLCipherSuite {{ ssl_cipher_suite }}
ServerName {{ gitea_url }} ServerName {{ gitea.url }}
DocumentRoot {{ gitea_webroot }} DocumentRoot {{ gitea_webroot }}
<Directory "{{ gitea_webroot }}"> <Directory "{{ gitea_webroot }}">
Require all granted Require all granted

View File

@ -1,4 +1,4 @@
APP_NAME = {{ gitea_app_name }} APP_NAME = {{ gitea.app_name }}
RUN_USER = git RUN_USER = git
RUN_MODE = prod RUN_MODE = prod
@ -7,7 +7,7 @@ DB_TYPE = mysql
HOST = 127.0.0.1:3306 HOST = 127.0.0.1:3306
NAME = gitea NAME = gitea
USER = gitea USER = gitea
PASSWD = {{ gitea_mysql_password }} PASSWD = {{ gitea.mysql_password }}
SSL_MODE = disable SSL_MODE = disable
CHARSET = utf8 CHARSET = utf8
PATH = /var/lib/gitea/data/gitea.db PATH = /var/lib/gitea/data/gitea.db
@ -43,10 +43,10 @@ PASSWORD_COMPLEXITY = off
SECRET_KEY = {{ gitea_secret_key.stdout }} SECRET_KEY = {{ gitea_secret_key.stdout }}
[server] [server]
SSH_DOMAIN = {{ gitea_url }} SSH_DOMAIN = {{ gitea.url }}
DOMAIN = {{ gitea_url }} DOMAIN = {{ gitea.url }}
HTTP_PORT = 3000 HTTP_PORT = 3000
ROOT_URL = https://{{ gitea_url }}/ ROOT_URL = https://{{ gitea.url }}/
DISABLE_SSH = false DISABLE_SSH = false
SSH_PORT = 22 SSH_PORT = 22
LFS_START_SERVER = true LFS_START_SERVER = true
@ -57,7 +57,7 @@ OFFLINE_MODE = true
[service] [service]
REGISTER_EMAIL_CONFIRM = true REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true ENABLE_NOTIFY_MAIL = true
DISABLE_REGISTRATION = {{ gitea_disable_registration }} DISABLE_REGISTRATION = {{ gitea.disable_registration }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = false ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false REQUIRE_SIGNIN_VIEW = false

View File

@ -9,7 +9,7 @@
set -e set -e
export OUTDIR="$BACKUPSDIR/{{ gitea_url }}" export OUTDIR="$BACKUPSDIR/{{ gitea.url }}"
retention=7 # 7-day retention period retention=7 # 7-day retention period
# Sanity checks # Sanity checks