homeserver/roles/mgrote_gitea_setup/tasks/main.yml
2024-04-03 23:17:26 +02:00

57 lines
1.8 KiB
YAML

---
- name: Ensure LDAP config is configured
ansible.builtin.command: |
forgejo admin auth add-ldap \
--config "/etc/gitea/gitea.ini" \
--name "lldap" \
--security-protocol "unencrypted" \
--host "ldap.mgrote.net" \
--port "3890" \
--bind-dn "uid=ladmin,ou=people,dc=mgrote,dc=net" \
--bind-password GEHEIM \
--user-search-base "ou=people,dc=mgrote,dc=net" \
--user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \
--username-attribute "uid" \
--email-attribute "mail" \
--firstname-attribute "givenName" \
--surname-attribute "sn" \
--avatar-attribute "jpegPhoto" \
--synchronize-users
register: configured
ignore_errors: true
failed_when: 'not "Command error: login source already exists [name: lldap]" in configured.stderr'
become_user: gitea
changed_when: "configured.rc == 0"
- name: debug
ansible.builtin.debug:
msg: "{{ configured }}"
- name: Modify LDAP config
ansible.builtin.command: |
forgejo admin auth update-ldap \
--config "/etc/gitea/gitea.ini" \
--id "1" \
--security-protocol "unencrypted" \
--host "ldap.mgrote.net" \
--port "3890" \
--bind-dn "uid=ladmin,ou=people,dc=mgrote,dc=net" \
--bind-password GEHEIM \
--user-search-base "ou=people,dc=mgrote,dc=net" \
--user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \
--username-attribute "uid" \
--email-attribute "mail" \
--firstname-attribute "givenName" \
--surname-attribute "sn" \
--avatar-attribute "jpegPhoto" \
--synchronize-users
when: '"Command error: login source already exists [name: lldap]" in configured.stderr'
become_user: gitea
register: zwei
- name: debug
ansible.builtin.debug:
msg: "{{ zwei }}"
...