diff --git a/.gitmodules b/.gitmodules index cc52e32c..d7c24227 100644 --- a/.gitmodules +++ b/.gitmodules @@ -37,3 +37,6 @@ [submodule "roles/geerlingguy.java"] path = roles/geerlingguy.java url = https://github.com/geerlingguy/ansible-role-java +[submodule "roles/tmaurice.gitea"] + path = roles/tmaurice.gitea + url = https://github.com/thomas-maurice/ansible-role-gitea diff --git a/group_vars/all.yml b/group_vars/all.yml index 50727055..66daeccb 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -12,6 +12,7 @@ acng_server: acng.grote.lan acng_server_port: 9999 ### mgrote.restic + restic_folders_to_backup: "/usr/local /etc /root /var/www /home" restic_cron_hours: "19" restic_repository: "//fileserver2.grote.lan/backup/restic" restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}" diff --git a/group_vars/gitea.yml b/group_vars/gitea.yml new file mode 100644 index 00000000..735aa003 --- /dev/null +++ b/group_vars/gitea.yml @@ -0,0 +1,67 @@ +--- + ### mgrote.restic + restic_folders_to_backup: "/usr/local /etc /root /var/lib/gitea /var/lib/postgres /home" + + ### oefenweb.ufw + ufw_rules: + - rule: allow + to_port: 22 + protocol: tcp + comment: 'ssh' + - rule: allow + to_port: 3000 + protocol: tcp + comment: 'gitea' + - rule: allow + to_port: 2222 + protocol: tcp + comment: 'gitea' + ### tmaurice.gitea + gitea_version: "1.13.0" + gitea_app_name: "Gitea" + gitea_user: "gitea" + gitea_home: "/var/lib/gitea" + gitea_repository_root: "{{ gitea_home }}" + gitea_user_repo_limit: 300 + gitea_root_url: https://git.mgrote.net + gitea_offline_mode: true + gitea_lfs_server_enabled: false + gitea_secret_key: "{{ lookup('keepass', 'gitea_secret_key', 'password') }}" + gitea_internal_token: "{{ lookup('keepass', 'gitea_internal_token', 'password') }}" + gitea_disable_git_hooks: false + gitea_show_user_email: false + gitea_disable_gravatar: true + gitea_enable_captcha: true + gitea_only_allow_external_registration: false + gitea_enable_notify_mail: false + gitea_force_private: false + gitea_oauth2_enabled: false + gitea_repo_indexer_enabled: true + gitea_extra_config: "" + + gitea_mailer_enabled: true + gitea_mailer_skip_verify: false + gitea_mailer_tls_enabled: true + gitea_mailer_host: smtp.strato.de:465 + gitea_mailer_from: info@mgrote.net + gitea_mailer_user: "info@mgrote.net" + gitea_mailer_password: "{{ lookup('keepass', 'postfix_absender_passwort', 'password') }}" + gitea_mailer_type: smtp + + gitea_db_type: sqlite3 + gitea_db_path: "{{ gitea_home }}/data/gitea.db" # for sqlite3 + + gitea_ssh_listen: 0.0.0.0 + gitea_ssh_domain: git.mgrote.net + gitea_ssh_port: 2222 + gitea_start_ssh: true + + gitea_http_domain: git.mgrote.net + gitea_http_listen: 0.0.0.0 + gitea_http_port: 3000 + gitea_disable_http_git: false + gitea_protocol: http + + gitea_show_registration_button: false + gitea_require_signin: true + gitea_disable_registration: true diff --git a/inventory b/inventory index 9b33637c..1b7f62f2 100644 --- a/inventory +++ b/inventory @@ -49,6 +49,11 @@ all: pve-staging.grote.lan: pve-test.grote.lan: pve2.grote.lan: + gitea: + hosts: + gitea-staging.grote.lan: + gitea-test.grote.lan: + gitea.grote.lan: # wsl: # hosts: # irantu.grote.lan: @@ -72,6 +77,7 @@ all: docker.grote.lan: pve2.grote.lan: jenkins.grote.lan: + gitea.grote.lan: staging: hosts: wireguard-staging.grote.lan: @@ -83,6 +89,7 @@ all: docker-staging.grote.lan: pve-staging.grote.lan: jenkins-staging.grote.lan: + gitea-staging.grote.lan: test: hosts: wireguard-test.grote.lan: @@ -96,3 +103,4 @@ all: lxc-test2.grote.lan: pve-test.grote.lan: jenkins-test.grote.lan: + gitea-test.grote.lan: diff --git a/keepass_db.kdbx b/keepass_db.kdbx index 1b918a1e..e5309460 100644 Binary files a/keepass_db.kdbx and b/keepass_db.kdbx differ diff --git a/playbooks/service/gitea.yml b/playbooks/service/gitea.yml new file mode 100644 index 00000000..d2504517 --- /dev/null +++ b/playbooks/service/gitea.yml @@ -0,0 +1,4 @@ +--- +- hosts: gitea + roles: + - { role: tmaurice.gitea, tags: "gitea", become: true } diff --git a/roles/tmaurice.gitea b/roles/tmaurice.gitea new file mode 160000 index 00000000..aa754936 --- /dev/null +++ b/roles/tmaurice.gitea @@ -0,0 +1 @@ +Subproject commit aa754936773ead0a0f2729ad140814f9e262cffb