--- ### mrlesmithjr.ansible-manage-lvm lvm_groups: - vgname: vg_data disks: - /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1 create: true lvnames: - lvname: lv_data size: +100%FREE create: true filesystem: xfs mount: true mntp: /var/lib/forgejo manage_lvm: true pvresize_to_max: true ### mgrote_apt_manage_packages apt_packages_extra: - fail2ban ### oefenweb.ufw ufw_rules: - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 0.0.0.0/0 - rule: allow to_port: 4949 protocol: tcp comment: 'munin' from_ip: 192.168.2.0/24 - rule: allow to_port: "{{ gitea_http_port }}" protocol: tcp comment: 'gitea' from_ip: 0.0.0.0/0 - rule: allow to_port: "{{ gitea_ssh_port }}" protocol: tcp comment: 'gitea' from_ip: 0.0.0.0/0 ### l3d.gitea # config liegt in /etc/gitea/gitea.ini gitea_version: "1.21.7-0" gitea_fork: "forgejo" gitea_app_name: "Gitea" gitea_user: "gitea" gitea_home: "/var/lib/gitea" gitea_repository_root: "{{ gitea_home }}" gitea_user_repo_limit: 300 gitea_root_url: https://git.mgrote.net gitea_offline_mode: true gitea_lfs_server_enabled: false gitea_secret_key: "{{ lookup('keepass', 'gitea_secret_key', 'password') }}" gitea_internal_token: "{{ lookup('keepass', 'gitea_internal_token', 'password') }}" gitea_disable_git_hooks: false gitea_show_user_email: false gitea_disable_gravatar: true gitea_enable_captcha: true gitea_only_allow_external_registration: false gitea_enable_notify_mail: true gitea_autowatch_on_change: true gitea_force_private: false gitea_oauth2_enabled: true gitea_repo_indexer_enabled: true gitea_mailer_enabled: true gitea_mailer_protocol: smtp gitea_mailer_smtp_addr: docker10.mgrote.net gitea_mailer_smtp_port: 1025 gitea_mailer_from: "gitea@mgrote.net" gitea_default_branch: 'master' gitea_db_type: sqlite3 gitea_db_path: "{{ gitea_home }}/data/gitea.db" # for sqlite3 gitea_ssh_listen: 0.0.0.0 gitea_ssh_domain: gitea.mgrote.net gitea_ssh_port: 2222 gitea_start_ssh: true gitea_http_domain: git.mgrote.net gitea_http_listen: 0.0.0.0 gitea_http_port: 3000 gitea_disable_http_git: false gitea_protocol: http gitea_show_registration_button: false gitea_require_signin: false gitea_disable_registration: true gitea_fail2ban_enabled: true gitea_fail2ban_jail_maxretry: 3 gitea_fail2ban_jail_findtime: 300 gitea_fail2ban_jail_bantime: 600 # webhook: wird für drone benötigt, sonst wird der Webhook nicht "gesendet" # archive_cleanup: https://forum.gitea.com/t/how-to-configure-cron-task-for-delete-all-repositories-archives-zip-tar-gz-etc/4848/3 gitea_extra_config: | [webhook] ALLOWED_HOST_LIST = *.mgrote.net [cron.archive_cleanup] ENABLED = true RUN_AT_START = true SCHEDULE = @midnight gitea_backup_on_upgrade: false gitea_backup_location: "{{ gitea_home }}/backups/" submodules_versioncheck: true gitea_log_systemd: true gitea_log_level: "Info"