2020-12-26 16:22:59 +01:00
---
2023-10-25 22:26:17 +02:00
### mrlesmithjr.ansible-manage-lvm
lvm_groups :
- vgname : vg_gitea_data
disks :
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
create : true
lvnames :
- lvname : lv_gitea_data
size : +100%FREE
create : true
filesystem : xfs
mount : true
mntp : /var/lib/gitea
manage_lvm : true
pvresize_to_max : true
2023-10-19 09:32:59 +02:00
2023-11-29 21:15:50 +01:00
### mgrote_restic
2023-10-25 22:26:17 +02:00
restic_folders_to_backup : "/ /var/lib/gitea" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files
2020-12-26 16:22:59 +01:00
2024-01-28 16:09:58 +01:00
### mgrote_apt_manage_packages
apt_packages_extra :
- fail2ban
2023-10-25 22:26:17 +02:00
### oefenweb.ufw
ufw_rules :
- rule : allow
to_port : 22
protocol : tcp
comment : 'ssh'
from_ip : 0.0 .0 .0 /0
2024-02-15 13:52:00 +01:00
- rule : allow
to_port : 4949
protocol : tcp
comment : 'munin'
from_ip : 192.168 .2 .0 /24
2023-10-25 22:26:17 +02:00
- rule : allow
to_port : "{{ gitea_http_port }}"
protocol : tcp
comment : 'gitea'
from_ip : 0.0 .0 .0 /0
- rule : allow
to_port : "{{ gitea_ssh_port }}"
protocol : tcp
comment : 'gitea'
from_ip : 0.0 .0 .0 /0
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
### l3d.gitea
# config liegt in /etc/gitea/gitea.ini
2024-03-20 09:31:13 +01:00
gitea_version : "1.21.7-0"
gitea_fork : "forgejo"
2023-10-25 22:26:17 +02:00
gitea_app_name : "Gitea"
gitea_user : "gitea"
gitea_home : "/var/lib/gitea"
gitea_repository_root : "{{ gitea_home }}"
gitea_user_repo_limit : 300
gitea_root_url : https://git.mgrote.net
gitea_offline_mode : true
gitea_lfs_server_enabled : false
gitea_secret_key : "{{ lookup('keepass', 'gitea_secret_key', 'password') }}"
gitea_internal_token : "{{ lookup('keepass', 'gitea_internal_token', 'password') }}"
gitea_disable_git_hooks : false
gitea_show_user_email : false
gitea_disable_gravatar : true
gitea_enable_captcha : true
gitea_only_allow_external_registration : false
2024-01-26 14:02:21 +01:00
gitea_enable_notify_mail : true
2024-01-28 16:09:58 +01:00
gitea_autowatch_on_change : true
2023-10-25 22:26:17 +02:00
gitea_force_private : false
gitea_oauth2_enabled : true
gitea_repo_indexer_enabled : true
2023-04-25 16:25:50 +02:00
2023-10-25 22:26:17 +02:00
gitea_mailer_enabled : true
2024-01-28 16:09:58 +01:00
gitea_mailer_protocol : smtp
gitea_mailer_smtp_addr : docker10.mgrote.net
gitea_mailer_smtp_port : 1025
gitea_mailer_from : "gitea@mgrote.net"
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
gitea_default_branch : 'master'
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
gitea_db_type : sqlite3
gitea_db_path : "{{ gitea_home }}/data/gitea.db" # for sqlite3
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
gitea_ssh_listen : 0.0 .0 .0
2023-11-25 19:08:24 +01:00
gitea_ssh_domain : gitea.mgrote.net
2023-10-25 22:26:17 +02:00
gitea_ssh_port : 2222
gitea_start_ssh : true
2020-12-27 17:43:16 +01:00
2023-10-25 22:26:17 +02:00
gitea_http_domain : git.mgrote.net
gitea_http_listen : 0.0 .0 .0
gitea_http_port : 3000
gitea_disable_http_git : false
gitea_protocol : http
2023-04-25 16:25:50 +02:00
2023-10-25 22:26:17 +02:00
gitea_show_registration_button : false
gitea_require_signin : false
gitea_disable_registration : true
gitea_fail2ban_enabled : true
gitea_fail2ban_jail_maxretry : 3
gitea_fail2ban_jail_findtime : 300
gitea_fail2ban_jail_bantime : 600
# wird für drone benötigt, sonst wird der Webhook nicht "gesendet"
gitea_extra_config : |
[ webhook]
2023-11-25 19:08:24 +01:00
ALLOWED_HOST_LIST = *.mgrote.net
2023-10-25 22:26:17 +02:00
gitea_backup_on_upgrade : false
gitea_backup_location : "{{ gitea_home }}/backups/"
2024-01-28 16:09:58 +01:00
submodules_versioncheck : true
gitea_log_systemd : true
gitea_log_level : "Info"