1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
ansible_role_gitea/defaults/main.yml

108 lines
2.6 KiB
YAML
Raw Normal View History

---
# gitea version
gitea_version: "1.13.4"
gitea_version_check: true
gitea_dl_url: "https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_arch }}"
Improve ARM Support (#74) * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Improve support for Vault Encrypted JWT tokens * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * autogenerate JWT_SECRETS (#77) * autogenerate JWT_SECRETS Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined. In my opinion a much better idea than writing a value in the default config. The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit. * drop ansible.builtin. syntax * Update file permissions for "{{ gitea_home }}" (#75) The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files. This should be done better. And I have done here now. By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me ``` find . -type f -exec chmod a-x {} \+; find . -type f -exec chmod u=rwX {} \+; ``` * Bump cryptography from 3.2 to 3.3.2 (#79) Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * check-variables.yml doesn't exists anymore Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 18:56:31 +01:00
gitea_gpg_key: "7C9E68152594688862D62AF62D9AE806EC1592E2"
gitea_gpg_server: "hkp://keyserver.ubuntu.com:80"
2019-01-07 14:56:08 +01:00
# gitea in the linux world
2017-01-10 22:09:34 +01:00
gitea_user: "gitea"
gitea_group: "gitea"
2017-01-10 22:09:34 +01:00
gitea_home: "/var/lib/gitea"
gitea_shell: "/bin/false"
2017-01-10 22:09:34 +01:00
# look and feel
gitea_app_name: "Gitea"
2020-09-18 17:23:25 +02:00
gitea_repository_root: "{{ gitea_home }}/repos"
gitea_show_user_email: false
gitea_disable_gravatar: true
gitea_disable_registration: false
gitea_register_email_confirm: false
gitea_offline_mode: true
gitea_only_allow_external_registration: false
gitea_show_registration_button: true
gitea_require_signin: true
gitea_enable_captcha: true
gitea_enable_notify_mail: false
gitea_auto_watch_new_repos: true
gitea_themes: gitea,arc-green
gitea_theme_default: gitea
# security
gitea_secret_key: ''
gitea_internal_token: ''
gitea_disable_git_hooks: true
gitea_user_repo_limit: -1
gitea_lfs_jwt_secret: ''
gitea_oauth2_jwt_secret: ''
2017-01-10 22:09:34 +01:00
gitea_http_domain: localhost
2017-01-10 22:09:34 +01:00
gitea_root_url: http://localhost:3000
gitea_protocol: http
gitea_http_listen: 127.0.0.1
gitea_http_port: 3000
# gitea_http_letsencrypt_mail: - required
2017-01-10 22:09:34 +01:00
gitea_disable_http_git: false
gitea_lfs_server_enabled: false
gitea_lfs_content_path: "{{ gitea_home }}/data/lfs"
gitea_systemd_cap_net_bind_service: false
gitea_db_type: sqlite3
gitea_db_host: 127.0.0.0:3306
gitea_db_name: root
gitea_db_user: gitea
2019-03-08 11:58:14 +01:00
gitea_db_password: lel
gitea_db_ssl: disable
gitea_db_path: "{{ gitea_home }}/data/gitea.db"
2017-01-10 22:09:34 +01:00
gitea_ssh_listen: 0.0.0.0
gitea_ssh_domain: localhost
gitea_start_ssh: true
gitea_ssh_port: 2222
2019-02-20 17:08:09 +01:00
gitea_force_private: false
2019-03-08 12:29:34 +01:00
gitea_mailer_enabled: false
gitea_mailer_skip_verify: false
gitea_mailer_tls_enabled: true
gitea_mailer_host: localhost:25
gitea_mailer_from: noreply@your.domain
gitea_mailer_user: ""
gitea_mailer_password: ""
gitea_subject_prefix: ""
2020-07-21 14:18:08 +02:00
gitea_mailer_type: smtp
gitea_log_systemd: false
gitea_log_only_warning: true
gitea_fail2ban_enabled: false
2019-03-09 21:46:23 +01:00
gitea_fail2ban_jail_maxretry: 10
gitea_fail2ban_jail_findtime: 3600
gitea_fail2ban_jail_bantime: 900
gitea_fail2ban_jail_action: iptables-allports
gitea_oauth2_enabled: true
2019-12-21 13:08:19 +01:00
gitea_metrics_enabled: false
gitea_metrics_token: ~
2020-05-09 23:01:51 +02:00
gitea_repo_indexer_enabled: false
gitea_repo_indexer_include: ""
gitea_repo_indexer_exclude: ""
gitea_repo_exclude_vendored: true
gitea_repo_indexer_max_file_size: 1048576
gitea_log_level: Info
gitea_extra_config: ""
gitea_backup_on_upgrade: false
gitea_backup_location: "{{ gitea_home }}/backups/"