diff --git a/README.md b/README.md index 962a84d..3543ad9 100644 --- a/README.md +++ b/README.md @@ -68,23 +68,63 @@ Either you define exactly which release you install. Or you use the option ``lat ### Repository ([repository](https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository)) | variable name | default value | description | | ------------- | ------------- | ----------- | -| `gitea_repository_root` | `{{ gitea_home }}/repos` | Root path for storing all repository data. It must be an absolute path. | -| `gitea_force_private` | `false` | Force every new repository to be private. | -| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* | -| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) | | `gitea_default_branch` | `main` | Default branch name of all repositories. | | `gitea_default_private` | `last` | Default private when creating a new repository. [`last`, `private`, `public`] | -| `gitea_repository_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[repository]` section of the config. | -| `gitea_repository_upload_extra_config` | you can use this variable to pass additional config parameters in the `[repository.upload]` section of the config. | +| `gitea_default_repo_units` | *(see defaults)* | Comma separated list of default repo units. See official docs for more | +| `gitea_disabled_repo_units` | | Comma separated list of globally disabled repo units. | +| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) | +| `gitea_disable_stars` | `false` | Disable stars feature. | +| `gitea_enable_push_create_org` | `false` | Allow users to push local repositories to Gitea and have them automatically created for an org. | +| `gitea_enable_push_create_user` | `false` | Allow users to push local repositories to Gitea and have them automatically created for an user. | +| `gitea_force_private` | `false` | Force every new repository to be private. | +| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* | +| `gitea_repository_root` | `{{ gitea_home }}/repos` | Root path for storing all repository data. It must be an absolute path. | +| `gitea_repository_extra_config` | | you can use this variable to pass additional config parameters in the `[repository]` section of the config. | +| `gitea_repository_upload_extra_config` | | you can use this variable to pass additional config parameters in the `[repository.upload]` section of the config. | + +### Repository - Signing ([repository.signing](https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_enable_repo_signing_options` | `false` | Allow to configure repo signing options | +| `gitea_repo_signing_key` | `default` | Key to sign with. | +| `gitea_repo_signing_name` | | if a KEYID is provided as the `gitea_repo_signing_key`, use these as the Name and Email address of the signer. | +| `gitea_repo_signing_email` | | if a KEYID is provided as the `gitea_repo_signing_key`, use these as the Name and Email address of the signer. | +| `gitea_repo_initial_commit` | `always` | Sign initial commit. | +| `gitea_repo_default_trust_model` | `collaborator` | The default trust model used for verifying commits. | +| `gitea_repo_wiki` | `never` | Sign commits to wiki. | +| `gitea_repo_crud_actions` | *(see defaults)* | Sign CRUD actions. | +| `gitea_repo_merges` | *(see defaults)* | Sign merges. | +| `gitea_enable_repo_signing_extra` | | you can use this variable to pass additional config parameters in the `[repository.signing]` section of the config. | + +### CORS ([cors](https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors)) +| ------------- | ------------- | ----------- | +| `gitea_enable_cors` | `false` | enable cors headers (disabled by default) | +| `gitea_cors_scheme` | `http` | scheme of allowed requests | +| `gitea_cors_allow_domain` | `*` | list of requesting domains that are allowed | +| `gitea_cors_allow_subdomain` | `false` |allow subdomains of headers listed above to request | +| `gitea_cors_methods` | *(see defaults)* | list of methods allowed to request | +| `gitea_cors_max_age` | `10m` | max time to cache response | +| `gitea_cors_allow_credentials` | `false` | allow request with credentials | +| `gitea_cors_headers` | `Content-Type,User-Agent` | additional headers that are permitted in requests | +| `gitea_cors_x_frame_options` | `SAMEORIGIN` | Set the `X-Frame-Options` header value. | +| `gitea_cors_extra` | | you can use this variable to pass additional config parameters in the `[cors]` section of the config. | ### UI ([ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_show_user_email` | `false` | Do you want to display email addresses ? (true/false) | -| `gitea_theme_default` | `gitea` | Default theme | -| `gitea_themes` | `gitea,arc-green` | List of enabled themes | +| `gitea_theme_default` | `auto` | Default theme | +| `gitea_themes` | `auto,gitea,arc-green` | List of enabled themes | | `gitea_ui_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[ui]` section of the config. | +### UI - Meta ([ui.meta](https://docs.gitea.io/en-us/config-cheat-sheet/#ui---metadata-uimeta)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_ui_author` | *(see defaults)* | Author meta tag of the homepage. | +| `gitea_ui_description` | *(see defaults)* | Description meta tag of the homepage. | +| `gitea_ui_keywords` | *(see defaults)* | Keywords meta tag of the homepage | +| `gitea_ui_meta_extra_config` | | you can use this variable to pass additional config parameters in the `[ui.meta]` section of the config. | + ### Server ([server](https://docs.gitea.io/en-us/config-cheat-sheet/#server-server)) | variable name | default value | description | | ------------- | ------------- | ----------- | @@ -93,16 +133,27 @@ Either you define exactly which release you install. Or you use the option ``lat | `gitea_root_url` | `http://localhost:3000` | Root URL used to access your web app (full URL) | | `gitea_http_listen` | `127.0.0.1` | HTTP listen address | | `gitea_http_port` | `3000` | Bind port *(redirect from `80` will be activated if value is `443`)* | -| `gitea_http_letsencrypt_mail` | `undefined` | Enable Let`s Encrypt if a email address is given | + | `gitea_start_ssh` | `true` | When enabled, use the built-in SSH server. | | `gitea_ssh_domain` | `{{ gitea_http_domain ` | Domain name of this server, used for displayed clone URL | | `gitea_ssh_port` | `2222` | SSH port displayed in clone URL. | | `gitea_ssh_listen` | `0.0.0.0` | Listen address for the built-in SSH server. | | `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) | +| `gitea_landing_page` | `home` | Landing page for unauthenticated users | | `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. | -| `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | LFS content path. *(if it is on local storage.)* | -| `gitea_lfs_jwt_secret` | `''` | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | -| `gitea_server_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[server]` section of the config. | +| `gitea_lfs_jwt_secret` | | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | +| `gitea_redirect_other_port` | `false` | If true and `gitea_protocol` is https, allows redirecting http requests on `gitea_port_to_redirect` to the https port Gitea listens on. | +| `gitea_port_to_redirect` | `80` | Port for the http redirection service to listen on, if enabled | +| `gitea_enable_tls_certs` | `false` | Write TLS Cert and Key Path to config file | +| `gitea_tls_cert_file` | `https/cert.pem` | Cert file path used for HTTPS. | +| `gitea_tls_key_file` | `https/key.pem` | Key file path used for HTTPS. | +| `gitea_enable_acme` | `false` | Flag to enable automatic certificate management via an ACME capable CA Server. *(default is letsencrypt)* | +| `gitea_acme_url` | | The CA’s ACME directory URL | +| `gitea_acme_accepttos` | `false` | This is an explicit check that you accept the terms of service of the ACME provider. | +| `gitea_acme_directory` | `https` | Directory that the certificate manager will use to cache information such as certs and private keys. | +| `gitea_acme_email` | | Email used for the ACME registration | +| `gitea_acme_ca_root` | | The CA’s root certificate. If left empty, it defaults to using the system’s trust chain. | +| `gitea_server_extra_config` | | you can use this variable to pass additional config parameters in the `[server]` section of the config. | ### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database)) | variable name | default value | description | @@ -121,18 +172,20 @@ Either you define exactly which release you install. Or you use the option ``lat | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_repo_indexer_enabled` | `false` | Enables code search *(uses a lot of disk space, about 6 times more than the repository size).* | -| `gitea_repo_indexer_include` | `''` |Glob patterns to include in the index *(comma-separated list)*. An empty list means include all files. | -| `gitea_repo_indexer_exclude` | `''` | Glob patterns to exclude from the index (comma-separated list). | +| `gitea_repo_indexer_include` | |Glob patterns to include in the index *(comma-separated list)*. An empty list means include all files. | +| `gitea_repo_indexer_exclude` | | Glob patterns to exclude from the index (comma-separated list). | | `gitea_repo_exclude_vendored` | `true` | Exclude vendored files from index. | | `gitea_repo_indexer_max_file_size` | `1048576` | Maximum size in bytes of files to be indexed. | -| `gitea_indexer_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[indexer]` section of the config. | +| `gitea_indexer_extra_config` | | you can use this variable to pass additional config parameters in the `[indexer]` section of the config. | +| `gitea_queue_issue_indexer_extra_config` | | | you can use this variable to pass additional config parameters in the `[queue.issue_indexer]` section of the config. | ### Security ([security](https://docs.gitea.io/en-us/config-cheat-sheet/#security-security)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_secret_key` | `''` | Global secret key. Will be autogenerated if not defined. Should be unique. | -| `gitea_internal_token` | `''` | Internal API token. Will be autogenerated if not defined. Should be unique. | | `gitea_disable_git_hooks` | `true` | Set to false to enable users with git hook privilege to create custom git hooks. Can be dangerous. | +| `gitea_disable_webhooks` | `false` | Set to true to disable webhooks feature. | +| `gitea_internal_token` | `''` | Internal API token. Will be autogenerated if not defined. Should be unique. | | `gitea_password_check_pwn` | `false` | Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed. | | `gitea_security_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[security]` section of the config. | @@ -154,15 +207,20 @@ Either you define exactly which release you install. Or you use the option ``lat | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_mailer_enabled` | `false` | Whether to enable the mailer. | -| `gitea_mailer_host` | `localhost:25` | SMTP server hostname and port | -| `gitea_mailer_skip_verify` | `false` | Skip SMTP TLS certificate verification (true/false) | -| `gitea_mailer_tls_enabled` | `true` | Forcibly use TLS to connect even if not on a default SMTPS port. | -| `gitea_mailer_from` | `noreply@{{ gitea_http_domain }}` | Mail from address, RFC 5322. This can be just an email address, or the “Name” format. | -| `gitea_mailer_user` | `''` | Username of mailing user *(usually the sender’s e-mail address)*. | -| `gitea_mailer_password` | `''` | SMTP server password | -| `gitea_subject_prefix` | `''` | Prefix to be placed before e-mail subject lines | -| `gitea_mailer_type` | `smtp` | `[smtp, sendmail, dummy]` | -| `gitea_mailer_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[mailer]` section of the config. | +| `gitea_mailer_protocol` | `dummy` |Mail server protocol. One of “smtp”, “smtps”, “smtp+starttls”, “smtp+unix”, “sendmail”, “dummy”.| +| `gitea_mailer_smtp_addr` | | Mail server address. e.g. smtp.gmail.com. For smtp+unix, this should be a path to a unix socket instead. | +| `gitea_mailer_smtp_port` | | Mail server port | +| `gitea_mailer_use_client_cert` | `false` | Use client certificate for TLS/SSL. | +| `gitea_mailer_client_cert_file` | | Client certificate file. | +| `gitea_mailer_client_key_file` | | Client key file. | +| `gitea_mailer_force_trust_server_cert` | `false` | completely ignores server certificate validation errors. This option is unsafe. Consider adding the certificate to the system trust store instead. | +| `gitea_mailer_user` | | Username of mailing user (usually the sender’s e-mail address). | +| `gitea_mailer_password ` | |Password of mailing user. Use `your password` for quoting if you use special characters in the password. | +| `gitea_mailer_enable_helo` | `true` |Enable HELO operation. | +| `gitea_mailer_from` | `noreply@{{ gitea_http_domain }}` | Mail from address, RFC 5322. | +| `gitea_subject_prefix` | |Prefix to be placed before e-mail subject lines. | +| `gitea_mailer_send_as_plaintext` | `false` | Send mails only in plain text, without HTML alternative. | +| `gitea_mailer_extra_config` | | you can use this variable to pass additional config parameters in the `[mailer]` section of the config. | ### Session ([session](https://docs.gitea.io/en-us/config-cheat-sheet/#session-session)) | variable name | default value | description | @@ -173,7 +231,6 @@ Either you define exactly which release you install. Or you use the option ``lat ### Picture ([picture](https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture)) | variable name | default value | description | | ------------- | ------------- | ----------- | -| `gitea_disable_gravatar` | `true` | Do you want to disable Gravatar ? (privacy and so on) (true/false) | | `gitea_picture_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[picture]` section of the config. | ### Issue and pull request attachments ([attachment](https://docs.gitea.io/en-us/config-cheat-sheet/#issue-and-pull-request-attachments-attachment)) @@ -187,20 +244,51 @@ Either you define exactly which release you install. Or you use the option ``lat | ------------- | ------------- | ----------- | | `gitea_log_systemd` | `false` | Disable logging into `file`, use systemd-journald | | `gitea_log_level` | `Warn` | General log level. `[Trace, Debug, Info, Warn, Error, Critical, Fatal, None]` | -| `gitea_log_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[log]` section of the config. | +| `gitea_log_extra_config` | | you can use this variable to pass additional config parameters in the `[log]` section of the config. | ### Metrics ([metrics](https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_metrics_enabled`| `false` | Enable the metrics endpoint | -| `gitea_metrics_token`| `''` | Bearer token for the Prometheus scrape job | +| `gitea_metrics_token`| | Bearer token for the Prometheus scrape job | +| `gitea_metrics_extra` | | you can use this variable to pass additional config parameters in the `[metrics]` section of the config. | ### OAuth2 ([oauth2](https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_oauth2_enabled` | `true` | Enable the Oauth2 provider (true/false) | -| `gitea_oauth2_jwt_secret` | `''` | Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined. | -| `gitea_oauth2_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[oauth2]` section of the config. | +| `gitea_oauth2_jwt_secret` | | Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined. | +| `gitea_oauth2_extra_config` | | you can use this variable to pass additional config parameters in the `[oauth2]` section of the config. | + +### Federation ([federation](https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_federation_enabled` | `false` | Enable/Disable federation capabilities | +| `gitea_federation_share_user_stats` | `false` | Enable/Disable user statistics for nodeinfo if federation is enabled | +| `gitea_federation_extra` | | you can use this variable to pass additional config parameters in the `[federation]` section of the config. | + +### Packages ([packages](https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_packages_enabled` | `true` | Enable/Disable package registry capabilities | +| `gitea_packages_extra` | |you can use this variable to pass additional config parameters in the `[packages]` section of the config. | + +### LFS ([lfs](https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_lfs_storage_type` | `local` | Storage type for lfs | +| `gitea_lfs_serve_direct` | `false` | Allows the storage driver to redirect to authenticated URLs to serve files directly. *(only Minio/S3)* | +| `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | Where to store LFS files | +| `gitea_lfs_extra` ||you can use this variable to pass additional config parameters in the `[lfs]` section of the config. | + +### Other ([other](https://docs.gitea.io/en-us/config-cheat-sheet/#other-other)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_other_show_footer_branding` | `false` | Show Gitea branding in the footer. | +| `gitea_other_show_footer_version` | `true` | Show Gitea and Go version information in the footer. | +| `gitea_other_show_footer_template_load_time` | `true` | Show time of template execution in the footer. | +| `gitea_other_enable_sitemap` | `true` | Generate sitemap. | +| `gitea_other_enable_feed` | `true` | Enable/Disable RSS/Atom feed. | ### additional gitea config | variable name | default value | description | diff --git a/defaults/main.yml b/defaults/main.yml index b21ee99..cc25b72 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,22 +28,60 @@ gitea_fqdn: 'localhost' # Repository (repository) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository -gitea_repository_root: "{{ gitea_home }}/repos" -gitea_force_private: false -gitea_user_repo_limit: '-1' -gitea_disable_http_git: false gitea_default_branch: 'main' gitea_default_private: 'last' +gitea_default_repo_units: 'repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects' +gitea_disabled_repo_units: '' +gitea_disable_http_git: false +gitea_disable_stars: false +gitea_enable_push_create_org: false +gitea_enable_push_create_user: false +gitea_force_private: false +gitea_user_repo_limit: '-1' +gitea_repository_root: "{{ gitea_home }}/repos" gitea_repository_extra_config: '' gitea_repository_upload_extra_config: '' +# Repository - Signing (repository.signing) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning +gitea_enable_repo_signing_options: false +gitea_repo_signing_key: 'default' +gitea_repo_signing_name: '' +gitea_repo_signing_email: '' +gitea_repo_initial_commit: 'always' +gitea_repo_default_trust_model: 'collaborator' +gitea_repo_wiki: 'never' +gitea_repo_crud_actions: 'pubkey, twofa, parentsigned' +gitea_repo_merges: ' pubkey, twofa, basesigned, commitssigned' +gitea_enable_repo_signing_extra: '' + +# CORS (cors) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors +gitea_enable_cors: false +gitea_cors_scheme: 'http' +gitea_cors_allow_domain: '*' +gitea_cors_allow_subdomain: false +gitea_cors_methods: 'GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS' +gitea_cors_max_age: '10m' +gitea_cors_allow_credentials: false +gitea_cors_headers: 'Content-Type,User-Agent' +gitea_cors_x_frame_options: 'SAMEORIGIN' +gitea_cors_extra: '' + # UI (ui) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui gitea_show_user_email: false -gitea_theme_default: 'gitea' -gitea_themes: 'gitea,arc-green' +gitea_theme_default: 'auto' +gitea_themes: 'auto,gitea,arc-green' gitea_ui_extra_config: '' +# UI - Metadata (ui.meta) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui---metadata-uimeta +gitea_ui_author: 'Gitea - Git with a cup of tea' +gitea_ui_description: 'Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go:' +gitea_ui_keywords: 'go,git,self-hosted,gitea,forgejo' +gitea_ui_meta_extra_config: '' + # Server (server) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server gitea_protocol: 'http' @@ -51,15 +89,25 @@ gitea_http_domain: "{{ gitea_fqdn }}" gitea_root_url: "http://{{ gitea_fqdn }}:3000" gitea_http_listen: '127.0.0.1' gitea_http_port: '3000' -# gitea_http_letsencrypt_mail: 'mail@example.com' gitea_start_ssh: true gitea_ssh_domain: "{{ gitea_fqdn }}" gitea_ssh_port: '2222' gitea_ssh_listen: '0.0.0.0' gitea_offline_mode: true +gitea_landing_page: 'home' gitea_lfs_server_enabled: false -gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" gitea_lfs_jwt_secret: '' +gitea_redirect_other_port: false +gitea_port_to_redirect: '80' +gitea_enable_tls_certs: false +gitea_tls_cert_file: 'https/cert.pem' +gitea_tls_key_file: 'https/key.pem' +gitea_enable_acme: false +gitea_acme_url: '' +gitea_acme_accepttos: false +gitea_acme_directory: 'https' +gitea_acme_email: '' +gitea_acme_ca_root: '' gitea_server_extra_config: '' # Database (database) @@ -82,12 +130,14 @@ gitea_repo_indexer_exclude: '' gitea_repo_exclude_vendored: true gitea_repo_indexer_max_file_size: '1048576' gitea_indexer_extra_config: '' +gitea_queue_issue_indexer_extra_config: '' # Security (security) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#security-security gitea_secret_key: '' -gitea_internal_token: '' gitea_disable_git_hooks: true +gitea_disable_webhooks: false +gitea_internal_token: '' gitea_password_check_pwn: false gitea_security_extra_config: '' @@ -107,14 +157,19 @@ gitea_service_extra_config: '' # Mailer [mailer] # -> https://docs.gitea.io/en-us/config-cheat-sheet/#mailer-mailer gitea_mailer_enabled: false -gitea_mailer_host: 'localhost:25' -gitea_mailer_skip_verify: false -gitea_mailer_tls_enabled: true -gitea_mailer_from: "noreply@{{ gitea_http_domain }}" +gitea_mailer_protocol: 'dummy' +gitea_mailer_smtp_addr: '' +gitea_mailer_smtp_port: '' +gitea_mailer_use_client_cert: false +gitea_mailer_client_cert_file: '' +gitea_mailer_client_key_file: '' +gitea_mailer_force_trust_server_cert: false gitea_mailer_user: '' gitea_mailer_password: '' +gitea_mailer_enable_helo: true +gitea_mailer_from: "noreply@{{ gitea_http_domain }}" gitea_subject_prefix: '' -gitea_mailer_type: smtp +gitea_mailer_send_as_plaintext: false gitea_mailer_extra_config: '' # Session (session) @@ -123,27 +178,58 @@ gitea_session_provider: 'file' gitea_session_extra_config: '' # Picture (picture) -gitea_disable_gravatar: true +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture gitea_picture_extra_config: '' # Issue and pull request attachments (attachment) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#issue-and-pull-request-attachments-attachment gitea_attachment_enabled: true gitea_attachment_extra_config: '' # Log (log) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#log-log gitea_log_systemd: false gitea_log_level: 'Warn' gitea_log_extra_config: '' # Metrics (metrics) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics gitea_metrics_enabled: false gitea_metrics_token: '' +gitea_metrics_extra: '' # OAuth2 (oauth2) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 gitea_oauth2_enabled: true gitea_oauth2_jwt_secret: '' gitea_oauth2_extra_config: '' +# Federation (federation) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation +gitea_federation_enabled: false +gitea_federation_share_user_stats: false +gitea_federation_extra: '' + +# Packages (packages) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages +gitea_packages_enabled: true +gitea_packages_extra: '' + +# LFS (lfs) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs +gitea_lfs_storage_type: 'local' +gitea_lfs_serve_direct: false +gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" +gitea_lfs_extra: '' + +# Other (other) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#other-other +gitea_other_show_footer_branding: false +gitea_other_show_footer_version: true +gitea_other_show_footer_template_load_time: true +gitea_other_enable_sitemap: true +gitea_other_enable_feed: true + # additional gitea config gitea_extra_config: "" diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index b322dff..6d0d033 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -13,19 +13,57 @@ RUN_MODE = {{ gitea_run_mode }} ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository [repository] -ROOT = {{ gitea_repository_root }} -FORCE_PRIVATE = {{ gitea_force_private | ternary('true', 'false') }} -MAX_CREATION_LIMIT = {{ gitea_user_repo_limit }} -DISABLE_HTTP_GIT = {{ gitea_disable_http_git | ternary('true', 'false') }} -DEFAULT_BRANCH = {{ gitea_default_branch }} -DEFAULT_PRIVATE = {{ gitea_default_private }} +DEFAULT_BRANCH = {{ gitea_default_branch }} +DEFAULT_PRIVATE = {{ gitea_default_private }} +DEFAULT_REPO_UNITS = {{ gitea_default_repo_units }} +DISABLED_REPO_UNITS = {{ gitea_disabled_repo_units }} +DISABLE_HTTP_GIT = {{ gitea_disable_http_git | ternary('true', 'false') }} +DISABLE_STARS = {{ gitea_disable_stars | ternary('true', 'false') }} +ENABLE_PUSH_CREATE_ORG = {{ gitea_enable_push_create_org | ternary('true', 'false') }} +ENABLE_PUSH_CREATE_USER = {{ gitea_enable_push_create_user | ternary('true', 'false') }} +FORCE_PRIVATE = {{ gitea_force_private | ternary('true', 'false') }} +MAX_CREATION_LIMIT = {{ gitea_user_repo_limit }} +ROOT = {{ gitea_repository_root }} {{ gitea_repository_extra_config }} ; +; [repository.upload] TEMP_PATH = {{ gitea_home }}/data/tmp/uploads {{ gitea_repository_upload_extra_config }} ; ; +{% if gitea_enable_repo_signing_options | bool %} +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning +[repository.signing] +SIGNING_KEY = {{ gitea_repo_signing_key }} +SIGNING_NAME = {{ gitea_repo_signing_name }} +SIGNING_EMAIL = {{ gitea_repo_signing_email }} +INITIAL_COMMIT = {{ gitea_repo_initial_commit }} +DEFAULT_TRUST_MODEL = {{ gitea_repo_default_trust_model }} +WIKI = {{ gitea_repo_wiki }} +CRUD_ACTIONS = {{ gitea_repo_crud_actions }} +MERGES = {{ gitea_repo_merges }} +{{ gitea_enable_repo_signing_extra }} +; +{% endif %} +; +{% if gitea_enable_cors | bool %} +; +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors +[cors] +ENABLED = {{ gitea_enable_cors | ternary('true', 'false') }} +SCHEME = {{ gitea_cors_scheme }} +ALLOW_DOMAIN = {{ gitea_cors_allow_domain }} +ALLOW_SUBDOMAIN = {{ gitea_cors_allow_subdomain | ternary('true', 'false') }} +METHODS = {{ gitea_cors_methods }} +MAX_AGE = {{ gitea_cors_max_age }} +ALLOW_CREDENTIALS = {{ gitea_cors_allow_credentials | ternary('true', 'false') }} +HEADERS = {{ gitea_cors_headers }} +X_FRAME_OPTIONS = {{ gitea_cors_x_frame_options }} +{{ gitea_cors_extra }} +; +{% endif %} +; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui [ui] SHOW_USER_EMAIL = {{ gitea_show_user_email | ternary('true', 'false') }} @@ -34,6 +72,14 @@ THEMES = {{ gitea_themes }} {{ gitea_ui_extra_config }} ; ; +; +[ui.meta] +AUTHOR = {{ gitea_ui_author }} +DESCRIPTION = {{ gitea_ui_description }} +KEYWORDS = {{ gitea_ui_keywords }} +{{ gitea_ui_meta_extra_config }} +; +; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server [server] PROTOCOL = {{ gitea_protocol }} @@ -41,25 +87,33 @@ DOMAIN = {{ gitea_http_domain }} ROOT_URL = {{ gitea_root_url }} HTTP_ADDR = {{ gitea_http_listen }} HTTP_PORT = {{ gitea_http_port }} -{% if gitea_http_port == 443 %} -PORT_TO_REDIRECT = 80 -{% endif %} -{% if gitea_http_letsencrypt_mail is defined %} -ENABLE_LETSENCRYPT = true -LETSENCRYPT_ACCEPTTOS = true -LETSENCRYPT_EMAIL = {{ gitea_http_letsencrypt_mail }} -{% endif %} START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }} SSH_DOMAIN = {{ gitea_ssh_domain }} SSH_PORT = {{ gitea_ssh_port }} SSH_LISTEN_HOST = {{ gitea_ssh_listen }} OFFLINE_MODE = {{ gitea_offline_mode | ternary('true', 'false') }} APP_DATA_PATH = {{ gitea_home }}/data +LANDING_PAGE = {{ gitea_landing_page }} {% if gitea_lfs_server_enabled | bool -%} LFS_START_SERVER = true -LFS_CONTENT_PATH = {{ gitea_lfs_content_path }} LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }} {% endif %} +REDIRECT_OTHER_PORT = {{ gitea_redirect_other_port | ternary('true', 'false') }} +PORT_TO_REDIRECT = {{ gitea_port_to_redirect }} +{% if gitea_enable_tls_certs | bool %} +CERT_FILE = {{ gitea_tls_cert_file }} +KEY_FILE = {{ gitea_tls_key_file }} +{% endif %} +ENABLE_ACME = {{ gitea_enable_acme | ternary('true', 'false') }} +{% if gitea_enable_acme | bool %} +{% if gitea_acme_url != '' %} +ACME_URL = {{ gitea_acme_url }} +{% endif %} +ACME_ACCEPTTOS = {{ gitea_acme_accepttos | ternary('true', 'false') }} +ACME_DIRECTORY = {{ gitea_acme_directory }} +ACME_EMAIL = {{ gitea_acme_email }} +ACME_CA_ROOT = {{ gitea_acme_ca_root }} +{% endif %} {{ gitea_server_extra_config }} ; ; @@ -79,7 +133,6 @@ LOG_SQL = {{ gitea_db_log_sql | ternary('true', 'false') }} ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#indexer-indexer [indexer] ISSUE_INDEXER_PATH = {{ gitea_home }}/indexers/issues.bleve -ISSUE_INDEXER_QUEUE_DIR = {{ gitea_home }}/indexers/issues.queue REPO_INDEXER_ENABLED = {{ gitea_repo_indexer_enabled | ternary('true', 'false') }} REPO_INDEXER_PATH = {{ gitea_home }}/indexers/repos.bleve REPO_INDEXER_INCLUDE = {{ gitea_repo_indexer_include }} @@ -89,12 +142,20 @@ MAX_FILE_SIZE = {{ gitea_repo_indexer_max_file_size }} {{ gitea_indexer_extra_config }} ; ; +; Queue (queue and queue.*) +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#queue-queue-and-queue +[queue.issue_indexer] +DATADIR = {{ gitea_home }}/indexers/issues.queue +{{ gitea_queue_issue_indexer_extra_config }} +; +; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#security-security [security] INSTALL_LOCK = true SECRET_KEY = {{ gitea_secret_key }} -INTERNAL_TOKEN = {{ gitea_internal_token }} DISABLE_GIT_HOOKS = {{ gitea_disable_git_hooks | ternary('true', 'false') }} +DISABLE_WEBHOOKS = { gitea_disable_webhooks | ternary('true', 'false') } +INTERNAL_TOKEN = {{ gitea_internal_token }} PASSWORD_CHECK_PWN = {{ gitea_password_check_pwn | ternary('true', 'false') }} {{ gitea_security_extra_config }} ; @@ -115,17 +176,27 @@ AUTO_WATCH_NEW_REPOS = {{ gitea_auto_watch_new_repos | ternary('tru ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#mailer-mailer [mailer] -ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }} -HOST = {{ gitea_mailer_host }} -SKIP_VERIFY = {{ gitea_mailer_skip_verify | ternary('true', 'false') }} -IS_TLS_ENABLED = {{ gitea_mailer_tls_enabled | ternary('true', 'false') }} -FROM = {{ gitea_mailer_from }} -USER = {{ gitea_mailer_user }} -PASSWD = `{{ gitea_mailer_password }}` -SUBJECT_PREFIX = {{ gitea_subject_prefix }} -MAILER_TYPE = {{ gitea_mailer_type }} +ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }} +{% if gitea_mailer_enabled | bool %} +PROTOCOL = {{ gitea_mailer_protocol }} +SMTP_ADDR = {{ gitea_mailer_smtp_addr }} +SMTP_PORT = {{ gitea_mailer_smtp_port }} +USE_CLIENT_CERT = {{ gitea_mailer_use_client_cert | ternary('true', 'false') }} +{% if gitea_mailer_use_client_cert | bool %} +CLIENT_CERT_FILE = {{ gitea_mailer_client_cert_file }} +CLIENT_KEY_FILE = {{ gitea_mailer_client_key_file }} +{% endif %} +FORCE_TRUST_SERVER_CERT = {{ gitea_mailer_force_trust_server_cert | ternary('true', 'false') }} +USER = {{ gitea_mailer_user }} +PASSWD = `{{ gitea_mailer_password }}` +ENABLE_HELO = {{ gitea_mailer_enable_helo | ternary('true', 'false') }} +FROM = {{ gitea_mailer_from }} +SUBJECT_PREFIX = {{ gitea_subject_prefix }} +SEND_AS_PLAIN_TEXT = {{ gitea_mailer_send_as_plaintext | ternary('true', 'false') }} {{ gitea_mailer_extra_config }} ; +{% endif %} +; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#session-session [session] @@ -137,7 +208,6 @@ PROVIDER_CONFIG = {{ gitea_home }}/data/sessions ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture [picture] AVATAR_UPLOAD_PATH = {{ gitea_home }}/data/avatars -DISABLE_GRAVATAR = {{ gitea_disable_gravatar | ternary('true', 'false') }} {{ gitea_picture_extra_config }} ; ; @@ -164,14 +234,53 @@ LEVEL = {{ gitea_log_level }} [metrics] ENABLED = {{ gitea_metrics_enabled | ternary('true', 'false') }} TOKEN = {{ gitea_metrics_token }} +{{ gitea_metrics_extra }} ; ; -; https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 [oauth2] ENABLE = {{ gitea_oauth2_enabled | ternary('true', 'false') }} JWT_SECRET = {{ gitea_oauth2_jwt_secret }} {{ gitea_oauth2_extra_config }} ; ; +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation +[federation] +ENABLED = {{ gitea_federation_enabled | ternary('true', 'false') }} +SHARE_USER_STATISTICS = {{ gitea_federation_share_user_stats | ternary('true', 'false') }} +{{ gitea_federation_extra }} +; +; +; Packages (packages) +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages +[packages] +ENABLED = {{ gitea_packages_enabled | ternary('true', 'false') }} +{% if gitea_packages_enabled | bool %} +CHUNKED_UPLOAD_PATH = {{ gitea_home }}/data/tmp/package-upload +{{ gitea_packages_extra }} +{% endif %} +; +; +{% if gitea_lfs_server_enabled | bool %} +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs +[lfs] +STORAGE_TYPE = {{ gitea_lfs_storage_type }} +SERVE_DIRECT = {{ gitea_lfs_serve_direct | ternary('true', 'false') }} +PATH = {{ gitea_lfs_content_path }} +{{ gitea_lfs_extra }} +{% endif %} +; +; +; Other (other) +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#other-other +[other] +SHOW_FOOTER_BRANDING = {{ gitea_other_show_footer_branding | ternary('true', 'false') }} +SHOW_FOOTER_VERSION = {{ gitea_other_show_footer_version | ternary('true', 'false') }} +SHOW_FOOTER_TEMPLATE_LOAD_TIME = {{ gitea_other_show_footer_template_load_time | ternary('true', 'false') }} +ENABLE_SITEMAP = {{ gitea_other_enable_sitemap | ternary('true', 'false') }} +ENABLE_FEED = {{ gitea_other_enable_feed | ternary('true', 'false') }} +; +; +; ; Optional additional config {{ gitea_extra_config }} diff --git a/vars/main.yml b/vars/main.yml index a00109c..fe6297c 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -56,5 +56,5 @@ transfer_custom_footer: - 'files/gitea_footer/extra_links_footer.tmpl' - 'files/extra_links_footer.tmpl' -playbook_version_number: 39 # should be int +playbook_version_number: 40 # should be int playbook_version_path: 'do1jlr.gitea.version'