gitea: fix admin user setup #72
3 changed files with 19 additions and 8 deletions
|
@ -80,7 +80,7 @@ blocky_custom_lookups: # optional
|
||||||
ip: 192.168.3.239
|
ip: 192.168.3.239
|
||||||
- name: pve5-test.mgrote.net
|
- name: pve5-test.mgrote.net
|
||||||
ip: 192.168.2.17
|
ip: 192.168.2.17
|
||||||
- name: pve5.mgrote.net # bleibt im Router auch angelegt, weil wenn pve aus auch kein blocky ;-)
|
- name: pve5.mgrote.net # bleibt im Router auch angelegt, weil wenn pve aus auch kein blocky mehr ;-)
|
||||||
ip: 192.168.2.16
|
ip: 192.168.2.16
|
||||||
- name: rb5009.mgrote.net
|
- name: rb5009.mgrote.net
|
||||||
ip: 192.168.2.1
|
ip: 192.168.2.1
|
||||||
|
@ -89,7 +89,6 @@ blocky_custom_lookups: # optional
|
||||||
- name: ldap.mgrote.net
|
- name: ldap.mgrote.net
|
||||||
ip: 192.168.2.47
|
ip: 192.168.2.47
|
||||||
|
|
||||||
|
|
||||||
### mgrote_munin_node
|
### mgrote_munin_node
|
||||||
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
||||||
munin_node_plugins:
|
munin_node_plugins:
|
||||||
|
|
|
@ -4,19 +4,31 @@
|
||||||
# - https://github.com/lldap/lldap/blob/main/example_configs/gitea.md
|
# - https://github.com/lldap/lldap/blob/main/example_configs/gitea.md
|
||||||
# und
|
# und
|
||||||
# den jeweiligen group/host-Vars!
|
# den jeweiligen group/host-Vars!
|
||||||
|
|
||||||
|
- name: Check if Admin-User exists
|
||||||
|
no_log: true
|
||||||
|
become_user: gitea
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command: |
|
||||||
|
forgejo admin user create \
|
||||||
|
--config "{{ gitea_configuration_path }}/gitea.ini"
|
||||||
|
--username "{{ gitea_admin_user }}" \
|
||||||
|
--password "{{ gitea_admin_user_pass }}" \
|
||||||
|
--email "{{ gitea_admin_user }}@mgrote.net" \
|
||||||
|
--admin
|
||||||
|
register: check
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
- name: Ensure Admin-User exists
|
- name: Ensure Admin-User exists
|
||||||
no_log: true
|
no_log: true
|
||||||
become_user: gitea
|
become_user: gitea
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.command: |
|
ansible.builtin.command: |
|
||||||
forgejo admin user create \
|
forgejo admin user create \
|
||||||
--config /etc/gitea/gitea.ini
|
--config "{{ gitea_configuration_path }}/gitea.ini"
|
||||||
--username "{{ gitea_admin_user }}" \
|
--username "{{ gitea_admin_user }}" \
|
||||||
--password "{{ gitea_admin_user_pass }}" \
|
--password "{{ gitea_admin_user_pass }}" \
|
||||||
--email "{{ gitea_admin_user }}@mgrote.net" \
|
--email "{{ gitea_admin_user }}@mgrote.net" \
|
||||||
--admin
|
--admin
|
||||||
register: setup_admin
|
when: 'not "Command error: CreateUser: user already exists [name: fadmin]" in check'
|
||||||
ignore_errors: true
|
|
||||||
failed_when: 'not "Command error: CreateUser: user already exists [name: mg]" in setup_admin.stderr' # fail Task wenn LDAP schon konfiguriert ist
|
|
||||||
changed_when: "setup_admin.rc == 0" # chnaged nur wenn Task rc 0 hat, sollte nur beim ersten lauf vorkommen; ungetestet
|
|
||||||
...
|
...
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.command: |
|
ansible.builtin.command: |
|
||||||
forgejo admin auth add-ldap \
|
forgejo admin auth add-ldap \
|
||||||
--config "{{ gitea_configuration_path }}/gitea.ini" \
|
--config "{{ gitea_configuration_path }}/gitea.ini"
|
||||||
--name "lldap" \
|
--name "lldap" \
|
||||||
--security-protocol "unencrypted" \
|
--security-protocol "unencrypted" \
|
||||||
--host "{{ gitea_ldap_host }}" \
|
--host "{{ gitea_ldap_host }}" \
|
||||||
|
|
Loading…
Reference in a new issue