salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6e9af61025
ansible/roles/gitea/tasks/main.yml
Salt 590741d001 Rename Gitea root directory
2020-08-15 05:51:05 -05:00

159 lines
4.7 KiB
YAML
Raw Blame History

#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Set up Gitea
block:
- name: Set up MySQL
block:
- name: Create DB
mysql_db:
name: gitea
login_user: root
login_password: "{{ mysql.root_password }}"
state: present
notify: gitea add default user
- name: Create user
mysql_user:
name: gitea
host: localhost
password: "{{ gitea.mysql_password }}"
priv: "gitea.*:ALL,GRANT"
login_user: root
login_password: "{{ mysql.root_password }}"
- name: Set up Apache
block:
- name: Enable modules
command:
cmd: a2enmod "{{ item }}"
creates: "/etc/apache2/mods-enabled/{{ item }}.load"
loop:
- proxy
- proxy_http
notify: restart apache
- name: Template out vhost
template:
src: "apache2-vhost-ssl.conf"
dest: "/etc/apache2/sites-available/{{ gitea.url }}.conf"
notify: restart apache
- name: Create webroot
file:
state: directory
path: "{{ gitea_webroot }}"
- name: Enable site
command:
cmd: "a2ensite {{ gitea.url }}.conf"
creates: "/etc/apache2/sites-enabled/{{ gitea.url }}.conf"
notify: restart apache
- name: Generate certificate
include_role:
name: https
vars:
website_url: "{{ gitea.url }}"
- name: Install git
apt:
name: git
- name: Install Gitea
get_url:
url: "https://dl.gitea.io/gitea/1.12/gitea-1.12-linux-amd64"
dest: "/usr/local/bin/gitea"
mode: "0755"
notify: restart gitea
- name: Create Gitea user
user:
name: git
password: "!"
home: "/home/git"
shell: "/bin/bash"
- name: Create directory structure
file:
state: directory
owner: git
group: git
mode: "0750"
path: "/var/lib/{{ item }}"
loop:
- "gitea"
- "gitea/custom"
- "gitea/data"
- "gitea/log"
- name: Create config directory
file:
state: directory
recurse: yes
mode: "0750"
owner: "root"
group: "git"
path: "/etc/gitea"
- name: Create repositories directory
file:
state: directory
mode: "0700"
owner: git
group: git
path: "{{ gitea.root }}"
- name: Set up EFS mount
block:
- name: Install required packages
apt:
name:
- nfs-client
- name: Create EFS
efs:
name: "{{ gitea.efs.name }}"
encrypt: yes
region: "{{ gitea.efs.region }}"
targets:
- subnet_id: "{{ gitea.efs.subnet_id }}"
security_groups: [ "{{ gitea.efs.security_group }}" ]
register: efs
- name: Mount EFS
path: "{{ gitea.root }}"
src: "{{ efs.efs.filesystem_address }}"
fstype: nfs4
opts: "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport"
state: mounted
when: gitea.efs.name is defined
tags: [ giteaefs ]
- name: Check for config
stat: path="/etc/gitea/app.ini"
register: p
- name: Deploy config
block:
- name: Generate INTERNAL_TOKEN
command: /usr/local/bin/gitea generate secret INTERNAL_TOKEN
register: gitea_internal_token
- name: Generate SECRET_KEY
command: /usr/local/bin/gitea generate secret SECRET_KEY
register: gitea_secret_key
- name: Generate JWT_SECRET
command: /usr/local/bin/gitea generate secret JWT_SECRET
register: gitea_jwt_secret
- name: Generate LFS_JWT_SECRET
command: /usr/local/bin/gitea generate secret LFS_JWT_SECRET
register: gitea_lfs_jwt_secret
- name: Template out app.ini
template:
src: "app.ini"
dest: "/etc/gitea/app.ini"
mode: "0640"
owner: "root"
group: "git"
when: not p.stat.exists
- name: Template out service
template:
src: "gitea.service"
dest: "/etc/systemd/system/gitea.service"
notify: restart gitea
- name: Start and enable service
systemd:
daemon_reload: yes
name: "gitea.service"
enabled: yes
state: "started"
- name: Template out backup module
template:
src: "backup.sh"
dest: "/opt/backups/modules/{{ gitea.url }}.sh"
mode: "0600"
become: yes
Reference in New Issue View Git Blame Copy Permalink