2020-12-26 16:22:59 +01:00
---
2023-10-25 22:26:17 +02:00
### mrlesmithjr.ansible-manage-lvm
lvm_groups :
- vgname : vg_gitea_data
disks :
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
create : true
lvnames :
- lvname : lv_gitea_data
size : +100%FREE
create : true
filesystem : xfs
mount : true
mntp : /var/lib/gitea
manage_lvm : true
pvresize_to_max : true
2023-10-19 09:32:59 +02:00
2023-11-29 21:15:50 +01:00
### mgrote_restic
2023-10-25 22:26:17 +02:00
restic_folders_to_backup : "/ /var/lib/gitea" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
### oefenweb.ufw
ufw_rules :
- rule : allow
to_port : 22
protocol : tcp
comment : 'ssh'
from_ip : 0.0 .0 .0 /0
- rule : allow
to_port : "{{ gitea_http_port }}"
protocol : tcp
comment : 'gitea'
from_ip : 0.0 .0 .0 /0
- rule : allow
to_port : "{{ gitea_ssh_port }}"
protocol : tcp
comment : 'gitea'
from_ip : 0.0 .0 .0 /0
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
### l3d.gitea
# config liegt in /etc/gitea/gitea.ini
2023-11-21 16:39:45 +01:00
gitea_version : "1.21.0"
2023-10-25 22:26:17 +02:00
gitea_app_name : "Gitea"
gitea_user : "gitea"
gitea_home : "/var/lib/gitea"
gitea_repository_root : "{{ gitea_home }}"
gitea_user_repo_limit : 300
gitea_root_url : https://git.mgrote.net
gitea_offline_mode : true
gitea_lfs_server_enabled : false
gitea_secret_key : "{{ lookup('keepass', 'gitea_secret_key', 'password') }}"
gitea_internal_token : "{{ lookup('keepass', 'gitea_internal_token', 'password') }}"
gitea_disable_git_hooks : false
gitea_show_user_email : false
gitea_disable_gravatar : true
gitea_enable_captcha : true
gitea_only_allow_external_registration : false
gitea_enable_notify_mail : false
gitea_force_private : false
gitea_oauth2_enabled : true
gitea_repo_indexer_enabled : true
2023-04-25 16:25:50 +02:00
2023-10-25 22:26:17 +02:00
gitea_mailer_enabled : true
gitea_mailer_skip_verify : false
gitea_mailer_tls_enabled : true
gitea_mailer_host : smtp.strato.de:465
gitea_mailer_from : info@mgrote.net
gitea_mailer_user : "info@mgrote.net"
2023-10-31 11:37:50 +01:00
gitea_mailer_password : "{{ lookup('keepass', 'strato_smtp_password', 'password') }}"
2023-10-25 22:26:17 +02:00
gitea_mailer_type : smtp
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
gitea_default_branch : 'master'
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
gitea_db_type : sqlite3
gitea_db_path : "{{ gitea_home }}/data/gitea.db" # for sqlite3
2020-12-26 16:22:59 +01:00
2023-10-25 22:26:17 +02:00
gitea_ssh_listen : 0.0 .0 .0
2023-11-25 19:08:24 +01:00
gitea_ssh_domain : gitea.mgrote.net
2023-10-25 22:26:17 +02:00
gitea_ssh_port : 2222
gitea_start_ssh : true
2020-12-27 17:43:16 +01:00
2023-10-25 22:26:17 +02:00
gitea_http_domain : git.mgrote.net
gitea_http_listen : 0.0 .0 .0
gitea_http_port : 3000
gitea_disable_http_git : false
gitea_protocol : http
2023-04-25 16:25:50 +02:00
2023-10-25 22:26:17 +02:00
gitea_show_registration_button : false
gitea_require_signin : false
gitea_disable_registration : true
gitea_fail2ban_enabled : true
gitea_fail2ban_jail_maxretry : 3
gitea_fail2ban_jail_findtime : 300
gitea_fail2ban_jail_bantime : 600
# wird für drone benötigt, sonst wird der Webhook nicht "gesendet"
gitea_extra_config : |
[ webhook]
2023-11-25 19:08:24 +01:00
ALLOWED_HOST_LIST = *.mgrote.net
2023-10-25 22:26:17 +02:00
gitea_backup_on_upgrade : false
gitea_backup_location : "{{ gitea_home }}/backups/"
