add unots

This commit is contained in:
Michael Grote 2024-06-05 18:45:30 +02:00
parent e99d5d98c0
commit c3012c032b
4 changed files with 25 additions and 90 deletions

View file

@ -1,34 +0,0 @@
# die Variablen kommen aus
# -
# -
# und
# den jeweiligen group/host-Vars!
- name: Check if Admin-User exists
no_log: true
become_user: gitea
become: true
ansible.builtin.command: |
forgejo admin user list \
--config "{{ gitea_configuration_path }}/gitea.ini"
register: check
changed_when: false
- name: Ensure Admin-User exists # noqa no-changed-when no-jinja-when
#no_log: true
become_user: gitea
become: true
ansible.builtin.command: |
forgejo admin user create \
--config "{{ gitea_configuration_path }}/gitea.ini" \
--username "{{ gitea_admin_user }}" \
--password "{{ gitea_admin_user_pass }}" \
--email "{{ gitea_admin_user }}" \
when: 'not "{{ gitea_admin_user }}" in check.stdout'
- name: Show existing users
msg: "{{ check.stdout_lines }}"

View file

@ -1,56 +0,0 @@
# die Variablen kommen aus
# -
# -
# und
# den jeweiligen group/host-Vars!
- name: Ensure LDAP config is set up
no_log: true
become_user: gitea
become: true
ansible.builtin.command: |
forgejo admin auth add-ldap \
--config "{{ gitea_configuration_path }}/gitea.ini" \
--name "lldap" \
--security-protocol "unencrypted" \
--host "{{ gitea_ldap_host }}" \
--port "3890" \
--bind-dn "uid={{ gitea_ldap_bind_user }},ou=people,{{ gitea_ldap_base_path }}" \
--bind-password "{{ gitea_ldap_bind_pass }}" \
--user-search-base "ou=people,{{ gitea_ldap_base_path }}" \
--user-filter "(&(memberof=cn=gitea,ou=groups,{{ gitea_ldap_base_path }})(|(uid=%[1]s)(mail=%[1]s)))" \
--username-attribute "uid" \
--email-attribute "mail" \
--firstname-attribute "givenName" \
--surname-attribute "sn" \
--avatar-attribute "jpegPhoto" \
register: setup
ignore_errors: true
failed_when: 'not "Command error: login source already exists [name: lldap]" in setup.stderr' # fail Task wenn LDAP schon konfiguriert ist
changed_when: "setup.rc == 0" # chnaged nur wenn Task rc 0 hat, sollte nur beim ersten lauf vorkommen; ungetestet
- name: Modify LDAP config
no_log: true
become_user: gitea
become: true
ansible.builtin.command: |
forgejo admin auth update-ldap \
--config "{{ gitea_configuration_path }}/gitea.ini" \
--id "1" \
--security-protocol "unencrypted" \
--host "{{ gitea_ldap_host }}" \
--port "3890" \
--bind-dn "uid={{ gitea_ldap_bind_user }},ou=people,{{ gitea_ldap_base_path }}" \
--bind-password "{{ gitea_ldap_bind_pass }}" \
--user-search-base "ou=people,{{ gitea_ldap_base_path }}" \
--user-filter "(&(memberof=cn=gitea,ou=groups,{{ gitea_ldap_base_path }})(|(uid=%[1]s)(mail=%[1]s)))" \
--username-attribute "uid" \
--email-attribute "mail" \
--firstname-attribute "givenName" \
--surname-attribute "sn" \
--avatar-attribute "jpegPhoto" \
when: '"Command error: login source already exists [name: lldap]" in setup.stderr' # führe nur aus wenn erster Task fehlgeschlagen ist
changed_when: false # keine idee wie ich changed feststellen kann

View file

@ -0,0 +1,15 @@
{{ file_header | default () }}
Description=Backup with restic
EnvironmentFile={{ restic_conf_dir }}/restic.env
ExecStart=/usr/bin/restic backup --one-file-system --no-cache --exclude-file {{ restic_conf_dir }}/excludes {{ restic_folders_to_backup }}
{# -iexclude-file Same as exclude-file but ignores cases like in --iexclude; #}
User={{ restic_user }}
Group={{ restic_group }}
RestartSec={{ restic_failure_delay }}

View file

@ -0,0 +1,10 @@
{{ file_header | default () }}
Description=Timer for restic backups.
OnCalendar={{ restic_schedule }}
RandomizedDelaySec=30 min