mirror of
https://github.com/roles-ansible/ansible_role_gitea.git
synced 2024-08-16 11:39:50 +02:00
Add new ansible naming scheme
This commit is contained in:
parent
d3c26ac0f8
commit
0e0a319773
GPG key ID:
CD08445BFF4313D1
6 changed files with 30 additions and 25 deletions
|
|
@ -1,14 +1,14 @@
|
|||
---
|
||||
- name: "Create Gitea Group"
|
||||
become: true
|
||||
group:
|
||||
ansible.builtin.group:
|
||||
name: "{{ gitea_group }}"
|
||||
system: true
|
||||
state: "present"
|
||||
|
||||
- name: "Create Gitea user"
|
||||
become: true
|
||||
user:
|
||||
ansible.builtin.user:
|
||||
name: "{{ gitea_user }}"
|
||||
comment: "Gitea user"
|
||||
home: "{{ gitea_home }}"
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- name: "Create config and data directory"
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
|
|
|
|||
|
|
@ -1,38 +1,38 @@
|
|||
---
|
||||
- name: generate gitea SECRET_KEY if not provided
|
||||
become: true
|
||||
shell: 'umask 077; /usr/local/bin/gitea generate secret SECRET_KEY > /etc/gitea/gitea_secret_key'
|
||||
ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret SECRET_KEY > /etc/gitea/gitea_secret_key'
|
||||
args:
|
||||
creates: '/etc/gitea/gitea_secret_key'
|
||||
when: gitea_secret_key | length == 0
|
||||
|
||||
- name: read gitea SECRET_KEY from file
|
||||
become: true
|
||||
slurp:
|
||||
ansible.builtin.slurp:
|
||||
src: '/etc/gitea/gitea_secret_key'
|
||||
register: remote_secret_key
|
||||
when: gitea_secret_key | length == 0
|
||||
|
||||
- name: set fact gitea_secret_key
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
gitea_secret_key: "{{ remote_secret_key['content'] | b64decode }}"
|
||||
when: gitea_secret_key | length == 0
|
||||
|
||||
- name: generate gitea INTERNAL_TOKEN if not provided
|
||||
become: true
|
||||
shell: 'umask 077; /usr/local/bin/gitea generate secret INTERNAL_TOKEN > /etc/gitea/gitea_internal_token'
|
||||
ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret INTERNAL_TOKEN > /etc/gitea/gitea_internal_token'
|
||||
args:
|
||||
creates: '/etc/gitea/gitea_internal_token'
|
||||
when: gitea_internal_token | length == 0
|
||||
|
||||
- name: read gitea INTERNAL_TOKEN from file
|
||||
become: true
|
||||
slurp:
|
||||
ansible.builtin.slurp:
|
||||
src: '/etc/gitea/gitea_internal_token'
|
||||
register: remote_internal_token
|
||||
when: gitea_internal_token | length == 0
|
||||
|
||||
- name: set fact gitea_internal_token
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
gitea_internal_token: "{{ remote_internal_token['content'] | b64decode }}"
|
||||
when: gitea_internal_token | length == 0
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
---
|
||||
- block:
|
||||
- name: Update apt cache
|
||||
apt:
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
cache_valid_time: 3600
|
||||
update_cache: true
|
||||
register: _pre_update_apt_cache
|
||||
|
|
@ -10,7 +11,8 @@
|
|||
- ansible_pkg_mgr == "apt"
|
||||
|
||||
- name: Install dependencies
|
||||
package:
|
||||
become: true
|
||||
ansible.builtin.package:
|
||||
name: "{{ gitea_dependencies }}"
|
||||
state: present
|
||||
register: _install_dep_packages
|
||||
|
|
@ -20,7 +22,7 @@
|
|||
|
||||
- block:
|
||||
- name: Download gitea archive
|
||||
get_url:
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ gitea_dl_url }}.xz"
|
||||
dest: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
|
||||
checksum: "sha256:{{ gitea_dl_url }}.xz.sha256"
|
||||
|
|
@ -30,7 +32,7 @@
|
|||
delay: 2
|
||||
|
||||
- name: Download gitea asc file
|
||||
get_url:
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ gitea_dl_url }}.xz.asc"
|
||||
dest: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz.asc"
|
||||
register: _download_asc
|
||||
|
|
@ -39,28 +41,30 @@
|
|||
delay: 2
|
||||
|
||||
- name: Check gitea gpg key
|
||||
command: "gpg --list-keys 0x{{ gitea_gpg_key }}"
|
||||
ansible.builtin.command: "gpg --list-keys 0x{{ gitea_gpg_key }}"
|
||||
register: _gitea_gpg_key_status
|
||||
changed_when: false
|
||||
failed_when: _gitea_gpg_key_status.rc not in (0, 2)
|
||||
|
||||
- name: Import gitea gpg key
|
||||
command: "gpg --keyserver {{ gitea_gpg_server }} --recv {{ gitea_gpg_key }}"
|
||||
become: true
|
||||
ansible.builtin.command: "gpg --keyserver {{ gitea_gpg_server }} --recv {{ gitea_gpg_key }}"
|
||||
register: _gitea_import_key
|
||||
changed_when: '"imported: 1" in _gitea_import_key.stderr'
|
||||
when: _gitea_gpg_key_status.rc != 0
|
||||
|
||||
- name: Check archive signature
|
||||
command: "gpg --verify /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz.asc /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
|
||||
ansible.builtin.command: "gpg --verify /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz.asc /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
|
||||
changed_when: false
|
||||
|
||||
- name: Unpack gitea binary
|
||||
command:
|
||||
ansible.builtin.command:
|
||||
cmd: "xz -k -d /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
|
||||
creates: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}"
|
||||
|
||||
- name: Propagate gitea binary
|
||||
copy:
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
src: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}"
|
||||
remote_src: true
|
||||
dest: "/usr/local/bin/gitea"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: "Setup systemd service"
|
||||
become: true
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: gitea.service.j2
|
||||
dest: /lib/systemd/system/gitea.service
|
||||
owner: root
|
||||
|
|
@ -13,5 +13,5 @@
|
|||
|
||||
- name: "Reload systemd"
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: true
|
||||
|
|
|
|||
|
|
@ -1,38 +1,38 @@
|
|||
---
|
||||
- name: generate OAuth2 JWT_SECRET if not provided
|
||||
become: true
|
||||
shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_oauth_jwt_secret'
|
||||
ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_oauth_jwt_secret'
|
||||
args:
|
||||
creates: '/etc/gitea/gitea_oauth_jwt_secret'
|
||||
when: gitea_oauth2_jwt_secret | length == 0
|
||||
|
||||
- name: read OAuth2 JWT_SECRET from file
|
||||
become: true
|
||||
slurp:
|
||||
ansible.builtin.slurp:
|
||||
src: '/etc/gitea/gitea_oauth_jwt_secret'
|
||||
register: oauth_jwt_secret
|
||||
when: gitea_oauth2_jwt_secret | length == 0
|
||||
|
||||
- name: set fact gitea_oauth2_jwt_secret
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
gitea_oauth2_jwt_secret: "{{ oauth_jwt_secret['content'] | b64decode }}"
|
||||
when: gitea_oauth2_jwt_secret | length == 0
|
||||
|
||||
- name: generate LFS JWT_SECRET if not provided
|
||||
become: true
|
||||
shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_lfs_jwt_secret'
|
||||
ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_lfs_jwt_secret'
|
||||
args:
|
||||
creates: '/etc/gitea/gitea_lfs_jwt_secret'
|
||||
when: gitea_lfs_jwt_secret | length == 0
|
||||
|
||||
- name: read LFS JWT_SECRET from file
|
||||
become: true
|
||||
slurp:
|
||||
ansible.builtin.slurp:
|
||||
src: '/etc/gitea/gitea_lfs_jwt_secret'
|
||||
register: lfs_jwt_secret
|
||||
when: gitea_lfs_jwt_secret | length == 0
|
||||
|
||||
- name: set fact gitea_lfs_jwt_secret
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
gitea_lfs_jwt_secret: "{{ lfs_jwt_secret['content'] | b64decode }}"
|
||||
when: gitea_lfs_jwt_secret | length == 0
|
||||
|
|
|
|||
Loading…
Reference in a new issue