From 2f6f3496a7f5a8c33e25c527c204d98f37b01354 Mon Sep 17 00:00:00 2001 From: L3D Date: Tue, 24 Jan 2023 21:22:55 +0100 Subject: [PATCH 1/8] Expand Gitea Repo config options + Sort Options Alphabetically in Repo section + Added ``gitea_enable_push_create_user`` option *(Allow users to push local repositories to Gitea and have them automatically created for a user.)* + Added ``gitea_enable_push_create_org`` option *(Allow users to push local repositories to Gitea and have them automatically created for an org.)* + Added ``gitea_disabled_repo_units`` Option + Added ``gitea_default_repo_units`` Option + Added ``gitea_disable_stars`` Option + Added Options for signing repos together with the `gitea_enable_repo_signing`_options variable. --- README.md | 35 +++++++++++++++++++++++++++-------- defaults/main.yml | 26 ++++++++++++++++++++++---- templates/gitea.ini.j2 | 35 +++++++++++++++++++++++++++-------- 3 files changed, 76 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 962a84d..f389dc0 100644 --- a/README.md +++ b/README.md @@ -68,14 +68,33 @@ Either you define exactly which release you install. Or you use the option ``lat ### Repository ([repository](https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository)) | variable name | default value | description | | ------------- | ------------- | ----------- | -| `gitea_repository_root` | `{{ gitea_home }}/repos` | Root path for storing all repository data. It must be an absolute path. | -| `gitea_force_private` | `false` | Force every new repository to be private. | -| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* | -| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) | | `gitea_default_branch` | `main` | Default branch name of all repositories. | | `gitea_default_private` | `last` | Default private when creating a new repository. [`last`, `private`, `public`] | -| `gitea_repository_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[repository]` section of the config. | -| `gitea_repository_upload_extra_config` | you can use this variable to pass additional config parameters in the `[repository.upload]` section of the config. | +| `gitea_default_repo_units` | *(see defaults)* | Comma separated list of default repo units. See official docs for more | +| `gitea_disabled_repo_units` | | Comma separated list of globally disabled repo units. | +| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) | +| `gitea_disable_stars` | `false` | Disable stars feature. | +| `gitea_enable_push_create_org` | `false` | Allow users to push local repositories to Gitea and have them automatically created for an org. | +| `gitea_enable_push_create_user` | `false` | Allow users to push local repositories to Gitea and have them automatically created for an user. | +| `gitea_force_private` | `false` | Force every new repository to be private. | +| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* | +| `gitea_repository_root` | `{{ gitea_home }}/repos` | Root path for storing all repository data. It must be an absolute path. | +| `gitea_repository_extra_config` | | you can use this variable to pass additional config parameters in the `[repository]` section of the config. | +| `gitea_repository_upload_extra_config` | | you can use this variable to pass additional config parameters in the `[repository.upload]` section of the config. | + +### Repository - Signing ([repository.signing](https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_enable_repo_signing_options` | `false` | Allow to configure repo signing options | +| `gitea_repo_signing_key` | `default` | Key to sign with. | +| `gitea_repo_signing_name` | | if a KEYID is provided as the `gitea_repo_signing_key`, use these as the Name and Email address of the signer. | +| `gitea_repo_signing_email` | | if a KEYID is provided as the `gitea_repo_signing_key`, use these as the Name and Email address of the signer. | +| `gitea_repo_initial_commit` | `always` | Sign initial commit. | +| `gitea_repo_default_trust_model` | `collaborator` | The default trust model used for verifying commits. | +| `gitea_repo_wiki` | `never` | Sign commits to wiki. | +| `gitea_repo_crud_actions` | *(see defaults)* | Sign CRUD actions. | +| `gitea_repo_merges` | *(see defaults)* | Sign merges. | +| `gitea_enable_repo_signing_extra` | | you can use this variable to pass additional config parameters in the `[repository.signing]` section of the config. | ### UI ([ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui)) | variable name | default value | description | @@ -101,8 +120,8 @@ Either you define exactly which release you install. Or you use the option ``lat | `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) | | `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. | | `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | LFS content path. *(if it is on local storage.)* | -| `gitea_lfs_jwt_secret` | `''` | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | -| `gitea_server_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[server]` section of the config. | +| `gitea_lfs_jwt_secret` | | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | +| `gitea_server_extra_config` | | you can use this variable to pass additional config parameters in the `[server]` section of the config. | ### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database)) | variable name | default value | description | diff --git a/defaults/main.yml b/defaults/main.yml index b21ee99..22b5778 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,15 +28,33 @@ gitea_fqdn: 'localhost' # Repository (repository) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository -gitea_repository_root: "{{ gitea_home }}/repos" -gitea_force_private: false -gitea_user_repo_limit: '-1' -gitea_disable_http_git: false gitea_default_branch: 'main' gitea_default_private: 'last' +gitea_default_repo_units: 'repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects' +gitea_disabled_repo_units: '' +gitea_disable_http_git: false +gitea_disable_stars: false +gitea_enable_push_create_org: false +gitea_enable_push_create_user: false +gitea_force_private: false +gitea_user_repo_limit: '-1' +gitea_repository_root: "{{ gitea_home }}/repos" gitea_repository_extra_config: '' gitea_repository_upload_extra_config: '' +# Repository - Signing (repository.signing) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning +gitea_enable_repo_signing_options: false +gitea_repo_signing_key: 'default' +gitea_repo_signing_name: '' +gitea_repo_signing_email: '' +gitea_repo_initial_commit: 'always' +gitea_repo_default_trust_model: 'collaborator' +gitea_repo_wiki: 'never' +gitea_repo_crud_actions: 'pubkey, twofa, parentsigned' +gitea_repo_merges: ' pubkey, twofa, basesigned, commitssigned' +gitea_enable_repo_signing_extra: '' + # UI (ui) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui gitea_show_user_email: false diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index b322dff..a6055ff 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -13,17 +13,36 @@ RUN_MODE = {{ gitea_run_mode }} ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository [repository] -ROOT = {{ gitea_repository_root }} -FORCE_PRIVATE = {{ gitea_force_private | ternary('true', 'false') }} -MAX_CREATION_LIMIT = {{ gitea_user_repo_limit }} -DISABLE_HTTP_GIT = {{ gitea_disable_http_git | ternary('true', 'false') }} -DEFAULT_BRANCH = {{ gitea_default_branch }} -DEFAULT_PRIVATE = {{ gitea_default_private }} -{{ gitea_repository_extra_config }} +DEFAULT_BRANCH = {{ gitea_default_branch }} +DEFAULT_PRIVATE = {{ gitea_default_private }} +DEFAULT_REPO_UNITS = {{ gitea_default_repo_units }} +DISABLED_REPO_UNITS = {{ gitea_disabled_repo_units }} +DISABLE_HTTP_GIT = {{ gitea_disable_http_git | ternary('true', 'false') }} +DISABLE_STARS = {{ gitea_disable_stars | ternary('true', 'false') }} +ENABLE_PUSH_CREATE_ORG = {{ gitea_enable_push_create_org | ternary('true', 'false') }} +ENABLE_PUSH_CREATE_USER = {{ gitea_enable_push_create_user | ternary('true', 'false') }} +FORCE_PRIVATE = {{ gitea_force_private | ternary('true', 'false') }} +MAX_CREATION_LIMIT = {{ gitea_user_repo_limit }} +ROOT = {{ gitea_repository_root }} +{% if gitea_repository_extra_config != '' %}{{ gitea_repository_extra_config }}{% else %};{% endif %} ; [repository.upload] TEMP_PATH = {{ gitea_home }}/data/tmp/uploads -{{ gitea_repository_upload_extra_config }} +{% if gitea_repository_upload_extra_config != '' %}{{ gitea_repository_upload_extra_config }}{% else %};{% endif %} +; +;{% if gitea_enable_repo_signing_options | bool %} +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning +[repository.signing] +SIGNING_KEY = {{ gitea_repo_signing_key }} +SIGNING_NAME = {{ gitea_repo_signing_name }} +SIGNING_EMAIL = {{ gitea_repo_signing_email }} +INITIAL_COMMIT = {{ gitea_repo_initial_commit }} +DEFAULT_TRUST_MODEL = {{ gitea_repo_default_trust_model }} +WIKI = {{ gitea_repo_wiki }} +CRUD_ACTIONS = {{ gitea_repo_crud_actions }} +MERGES = {{ gitea_repo_merges }} +{% if gitea_enable_repo_signing_extra != '' %}{{ gitea_enable_repo_signing_extra }}{% else %};{% endif %} +;{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui From fe1a26cd9e72c7665c789113a0246cef37a0bfaa Mon Sep 17 00:00:00 2001 From: L3D Date: Wed, 25 Jan 2023 23:55:35 +0100 Subject: [PATCH 2/8] update config Update config, add ui.meta and cors options and update ui vars --- README.md | 25 +++++++++++++++++++++++-- defaults/main.yml | 24 ++++++++++++++++++++++-- templates/gitea.ini.j2 | 37 +++++++++++++++++++++++++++++-------- 3 files changed, 74 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index f389dc0..b8e1169 100644 --- a/README.md +++ b/README.md @@ -96,14 +96,35 @@ Either you define exactly which release you install. Or you use the option ``lat | `gitea_repo_merges` | *(see defaults)* | Sign merges. | | `gitea_enable_repo_signing_extra` | | you can use this variable to pass additional config parameters in the `[repository.signing]` section of the config. | +### CORS ([cors](https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors)) +| ------------- | ------------- | ----------- | +| `gitea_enable_cors` | `false` | enable cors headers (disabled by default) | +| `gitea_cors_scheme` | `http` | scheme of allowed requests | +| `gitea_cors_allow_domain` | `*` | list of requesting domains that are allowed | +| `gitea_cors_allow_subdomain` | `false` |allow subdomains of headers listed above to request | +| `gitea_cors_methods` | *(see defaults)* | list of methods allowed to request | +| `gitea_cors_max_age` | `10m` | max time to cache response | +| `gitea_cors_allow_credentials` | `false` | allow request with credentials | +| `gitea_cors_headers` | `Content-Type,User-Agent` | additional headers that are permitted in requests | +| `gitea_cors_x_frame_options` | `SAMEORIGIN` | Set the `X-Frame-Options` header value. | +| `gitea_cors_extra` | | you can use this variable to pass additional config parameters in the `[cors]` section of the config. | + ### UI ([ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_show_user_email` | `false` | Do you want to display email addresses ? (true/false) | -| `gitea_theme_default` | `gitea` | Default theme | -| `gitea_themes` | `gitea,arc-green` | List of enabled themes | +| `gitea_theme_default` | `auto` | Default theme | +| `gitea_themes` | `auto,gitea,arc-green` | List of enabled themes | | `gitea_ui_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[ui]` section of the config. | +### UI - Meta ([ui.meta](https://docs.gitea.io/en-us/config-cheat-sheet/#ui---metadata-uimeta)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_ui_author` | *(see defaults)* | Author meta tag of the homepage. | +| `gitea_ui_description` | *(see defaults)* | Description meta tag of the homepage. | +| `gitea_ui_keywords` | *(see defaults)* | Keywords meta tag of the homepage | +| `gitea_ui_meta_extra_config` | | you can use this variable to pass additional config parameters in the `[ui.meta]` section of the config. | + ### Server ([server](https://docs.gitea.io/en-us/config-cheat-sheet/#server-server)) | variable name | default value | description | | ------------- | ------------- | ----------- | diff --git a/defaults/main.yml b/defaults/main.yml index 22b5778..9dfcccf 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -55,13 +55,33 @@ gitea_repo_crud_actions: 'pubkey, twofa, parentsigned' gitea_repo_merges: ' pubkey, twofa, basesigned, commitssigned' gitea_enable_repo_signing_extra: '' +# CORS (cors) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors +gitea_enable_cors: false +gitea_cors_scheme: 'http' +gitea_cors_allow_domain: '*' +gitea_cors_allow_subdomain: false +gitea_cors_methods: 'GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS' +gitea_cors_max_age: '10m' +gitea_cors_allow_credentials: false +gitea_cors_headers: 'Content-Type,User-Agent' +gitea_cors_x_frame_options: 'SAMEORIGIN' +gitea_cors_extra: '' + # UI (ui) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui gitea_show_user_email: false -gitea_theme_default: 'gitea' -gitea_themes: 'gitea,arc-green' +gitea_theme_default: 'auto' +gitea_themes: 'auto,gitea,arc-green' gitea_ui_extra_config: '' +# UI - Metadata (ui.meta) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui---metadata-uimeta +gitea_ui_author: 'Gitea - Git with a cup of tea' +gitea_ui_description: 'Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go:' +gitea_ui_keywords: 'go,git,self-hosted,gitea,forgejo' +gitea_ui_meta_extra_config: '' + # Server (server) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server gitea_protocol: 'http' diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index a6055ff..58cab05 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -33,24 +33,45 @@ TEMP_PATH = {{ gitea_home }}/data/tmp/uploads ;{% if gitea_enable_repo_signing_options | bool %} ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning [repository.signing] -SIGNING_KEY = {{ gitea_repo_signing_key }} -SIGNING_NAME = {{ gitea_repo_signing_name }} -SIGNING_EMAIL = {{ gitea_repo_signing_email }} -INITIAL_COMMIT = {{ gitea_repo_initial_commit }} +SIGNING_KEY = {{ gitea_repo_signing_key }} +SIGNING_NAME = {{ gitea_repo_signing_name }} +SIGNING_EMAIL = {{ gitea_repo_signing_email }} +INITIAL_COMMIT = {{ gitea_repo_initial_commit }} DEFAULT_TRUST_MODEL = {{ gitea_repo_default_trust_model }} -WIKI = {{ gitea_repo_wiki }} -CRUD_ACTIONS = {{ gitea_repo_crud_actions }} -MERGES = {{ gitea_repo_merges }} +WIKI = {{ gitea_repo_wiki }} +CRUD_ACTIONS = {{ gitea_repo_crud_actions }} +MERGES = {{ gitea_repo_merges }} {% if gitea_enable_repo_signing_extra != '' %}{{ gitea_enable_repo_signing_extra }}{% else %};{% endif %} ;{% endif %} ; +;{% if gitea_enable_cors | bool %} +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors +[cors] +ENABLED = {{ gitea_enable_cors | ternary('true', 'false') }} +SCHEME = {{ gitea_cors_scheme }} +ALLOW_DOMAIN = {{ gitea_cors_allow_domain }} +ALLOW_SUBDOMAIN = {{ gitea_cors_allow_subdomain | ternary('true', 'false') }} +METHODS = {{ gitea_cors_methods }} +MAX_AGE = {{ gitea_cors_max_age }} +ALLOW_CREDENTIALS = {{ gitea_cors_allow_credentials | ternary('true', 'false') }} +HEADERS = {{ gitea_cors_headers }} +X_FRAME_OPTIONS = {{ gitea_cors_x_frame_options }} +{% if gitea_cors_extra != '' %}{{ gitea_cors_extra }}{% else %};{% endif %} +;{% endif %} ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui [ui] SHOW_USER_EMAIL = {{ gitea_show_user_email | ternary('true', 'false') }} DEFAULT_THEME = {{ gitea_theme_default }} THEMES = {{ gitea_themes }} -{{ gitea_ui_extra_config }} +{% if gitea_ui_extra_config != '' %}{{ gitea_ui_extra_config }}{% else %};{% endif %} +; +; +[ui.meta] +AUTHOR = {{ gitea_ui_author }} +DESCRIPTION = {{ gitea_ui_description }} +KEYWORDS = {{ gitea_ui_keywords }} +{% if gitea_ui_meta_extra_config != '' %}{{ gitea_ui_meta_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server From a1c047b341e59b2dbbaec19685c0b4f8af827f75 Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 26 Jan 2023 01:01:54 +0100 Subject: [PATCH 3/8] CHANGING - update acme variables updated server variables and most important replaced letsencrypt with acme. --- README.md | 15 +++++++++++++-- defaults/main.yml | 14 ++++++++++++-- templates/gitea.ini.j2 | 30 +++++++++++++++++++----------- 3 files changed, 44 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index b8e1169..5579f49 100644 --- a/README.md +++ b/README.md @@ -133,15 +133,26 @@ Either you define exactly which release you install. Or you use the option ``lat | `gitea_root_url` | `http://localhost:3000` | Root URL used to access your web app (full URL) | | `gitea_http_listen` | `127.0.0.1` | HTTP listen address | | `gitea_http_port` | `3000` | Bind port *(redirect from `80` will be activated if value is `443`)* | -| `gitea_http_letsencrypt_mail` | `undefined` | Enable Let`s Encrypt if a email address is given | + | `gitea_start_ssh` | `true` | When enabled, use the built-in SSH server. | | `gitea_ssh_domain` | `{{ gitea_http_domain ` | Domain name of this server, used for displayed clone URL | | `gitea_ssh_port` | `2222` | SSH port displayed in clone URL. | | `gitea_ssh_listen` | `0.0.0.0` | Listen address for the built-in SSH server. | | `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) | +| `gitea_landing_page` | `home` | Landing page for unauthenticated users | | `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. | -| `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | LFS content path. *(if it is on local storage.)* | | `gitea_lfs_jwt_secret` | | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | +| `gitea_redirect_other_port` | `false` | If true and `gitea_protocol` is https, allows redirecting http requests on `gitea_port_to_redirect` to the https port Gitea listens on. | +| `gitea_port_to_redirect` | `80` | Port for the http redirection service to listen on, if enabled | +| `gitea_enable_tls_certs` | `false` | Write TLS Cert and Key Path to config file | +| `gitea_tls_cert_file` | `https/cert.pem` | Cert file path used for HTTPS. | +| `gitea_tls_key_file` | `https/key.pem` | Key file path used for HTTPS. | +| `gitea_enable_acme` | `false` | Flag to enable automatic certificate management via an ACME capable CA Server. *(default is letsencrypt)* | +| `gitea_acme_url` | | The CA’s ACME directory URL | +| `gitea_acme_accepttos` | `false` | This is an explicit check that you accept the terms of service of the ACME provider. | +| `gitea_acme_directory` | `https` | Directory that the certificate manager will use to cache information such as certs and private keys. | +| `gitea_acme_email` | | Email used for the ACME registration | +| `gitea_acme_ca_root` | | The CA’s root certificate. If left empty, it defaults to using the system’s trust chain. | | `gitea_server_extra_config` | | you can use this variable to pass additional config parameters in the `[server]` section of the config. | ### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database)) diff --git a/defaults/main.yml b/defaults/main.yml index 9dfcccf..c46e0f4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -89,15 +89,25 @@ gitea_http_domain: "{{ gitea_fqdn }}" gitea_root_url: "http://{{ gitea_fqdn }}:3000" gitea_http_listen: '127.0.0.1' gitea_http_port: '3000' -# gitea_http_letsencrypt_mail: 'mail@example.com' gitea_start_ssh: true gitea_ssh_domain: "{{ gitea_fqdn }}" gitea_ssh_port: '2222' gitea_ssh_listen: '0.0.0.0' gitea_offline_mode: true +gitea_landing_page: 'home' gitea_lfs_server_enabled: false -gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" gitea_lfs_jwt_secret: '' +gitea_redirect_other_port: false +gitea_port_to_redirect: '80' +gitea_enable_tls_certs: false +gitea_tls_cert_file: 'https/cert.pem' +gitea_tls_key_file: 'https/key.pem' +gitea_enable_acme: false +gitea_acme_url: '' +gitea_acme_accepttos: false +gitea_acme_directory: 'https' +gitea_acme_email: '' +gitea_acme_ca_root: '' gitea_server_extra_config: '' # Database (database) diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 58cab05..1f8effe 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -81,26 +81,34 @@ DOMAIN = {{ gitea_http_domain }} ROOT_URL = {{ gitea_root_url }} HTTP_ADDR = {{ gitea_http_listen }} HTTP_PORT = {{ gitea_http_port }} -{% if gitea_http_port == 443 %} -PORT_TO_REDIRECT = 80 -{% endif %} -{% if gitea_http_letsencrypt_mail is defined %} -ENABLE_LETSENCRYPT = true -LETSENCRYPT_ACCEPTTOS = true -LETSENCRYPT_EMAIL = {{ gitea_http_letsencrypt_mail }} -{% endif %} START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }} SSH_DOMAIN = {{ gitea_ssh_domain }} SSH_PORT = {{ gitea_ssh_port }} SSH_LISTEN_HOST = {{ gitea_ssh_listen }} OFFLINE_MODE = {{ gitea_offline_mode | ternary('true', 'false') }} APP_DATA_PATH = {{ gitea_home }}/data +LANDING_PAGE = {{ gitea_landing_page }} {% if gitea_lfs_server_enabled | bool -%} LFS_START_SERVER = true -LFS_CONTENT_PATH = {{ gitea_lfs_content_path }} LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }} -{% endif %} -{{ gitea_server_extra_config }} +{% endif -%} +REDIRECT_OTHER_PORT = {{ gitea_redirect_other_port | ternary('true', 'false') }} +PORT_TO_REDIRECT = {{ gitea_port_to_redirect }} +{%- if gitea_enable_tls_certs | bool %} +CERT_FILE = {{ gitea_tls_cert_file }} +KEY_FILE = {{ gitea_tls_key_file }} +{%- endif %} +ENABLE_ACME = {{ gitea_enable_acme | ternary('true', 'false') }} +{%- if gitea_enable_acme | bool %} +{%- if gitea_acme_url != '' %} +ACME_URL = {{ gitea_acme_url }} +{%- endif %} +ACME_ACCEPTTOS = {{ gitea_acme_accepttos | ternary('true', 'false') }} +ACME_DIRECTORY = {{ gitea_acme_directory }} +ACME_EMAIL = {{ gitea_acme_email }} +ACME_CA_ROOT = {{ gitea_acme_ca_root }} +{%- endif %} +{% if gitea_server_extra_config != '' %}{{ gitea_server_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#database-database From bab343172470738745c97e15ee150f76f9e9f1ce Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 26 Jan 2023 01:18:15 +0100 Subject: [PATCH 4/8] update issue indexing --- README.md | 7 ++++--- defaults/main.yml | 1 + templates/gitea.ini.j2 | 12 +++++++++--- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 5579f49..23ad026 100644 --- a/README.md +++ b/README.md @@ -172,11 +172,12 @@ Either you define exactly which release you install. Or you use the option ``lat | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_repo_indexer_enabled` | `false` | Enables code search *(uses a lot of disk space, about 6 times more than the repository size).* | -| `gitea_repo_indexer_include` | `''` |Glob patterns to include in the index *(comma-separated list)*. An empty list means include all files. | -| `gitea_repo_indexer_exclude` | `''` | Glob patterns to exclude from the index (comma-separated list). | +| `gitea_repo_indexer_include` | |Glob patterns to include in the index *(comma-separated list)*. An empty list means include all files. | +| `gitea_repo_indexer_exclude` | | Glob patterns to exclude from the index (comma-separated list). | | `gitea_repo_exclude_vendored` | `true` | Exclude vendored files from index. | | `gitea_repo_indexer_max_file_size` | `1048576` | Maximum size in bytes of files to be indexed. | -| `gitea_indexer_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[indexer]` section of the config. | +| `gitea_indexer_extra_config` | | you can use this variable to pass additional config parameters in the `[indexer]` section of the config. | +| `gitea_queue_issue_indexer_extra_config` | | | you can use this variable to pass additional config parameters in the `[queue.issue_indexer]` section of the config. | ### Security ([security](https://docs.gitea.io/en-us/config-cheat-sheet/#security-security)) | variable name | default value | description | diff --git a/defaults/main.yml b/defaults/main.yml index c46e0f4..041dfa3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -130,6 +130,7 @@ gitea_repo_indexer_exclude: '' gitea_repo_exclude_vendored: true gitea_repo_indexer_max_file_size: '1048576' gitea_indexer_extra_config: '' +gitea_queue_issue_indexer_extra_config: '' # Security (security) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#security-security diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 1f8effe..eb28765 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -121,20 +121,26 @@ PASSWD = {{ gitea_db_password }} SSL_MODE = {{ gitea_db_ssl }} PATH = {{ gitea_db_path }} LOG_SQL = {{ gitea_db_log_sql | ternary('true', 'false') }} -{{ gitea_database_extra_config }} +{% if gitea_database_extra_config != '' %}{{ gitea_database_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#indexer-indexer [indexer] ISSUE_INDEXER_PATH = {{ gitea_home }}/indexers/issues.bleve -ISSUE_INDEXER_QUEUE_DIR = {{ gitea_home }}/indexers/issues.queue REPO_INDEXER_ENABLED = {{ gitea_repo_indexer_enabled | ternary('true', 'false') }} REPO_INDEXER_PATH = {{ gitea_home }}/indexers/repos.bleve REPO_INDEXER_INCLUDE = {{ gitea_repo_indexer_include }} REPO_INDEXER_EXCLUDE = {{ gitea_repo_indexer_exclude }} REPO_INDEXER_EXCLUDE_VENDORED = {{ gitea_repo_exclude_vendored | ternary('true', 'false') }} MAX_FILE_SIZE = {{ gitea_repo_indexer_max_file_size }} -{{ gitea_indexer_extra_config }} +{% if gitea_indexer_extra_config != '' %}{{ gitea_indexer_extra_config }}{% else %};{% endif %} +; +; +; Queue (queue and queue.*) +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#queue-queue-and-queue +[queue.issue_indexer] +DATADIR = {{ gitea_home }}/indexers/issues.queue +{% if gitea_queue_issue_indexer_extra_config != '' %}{{ gitea_queue_issue_indexer_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#security-security From b81a2d8dffcc64bfe97aae969089ebe51bc703e8 Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 26 Jan 2023 01:57:07 +0100 Subject: [PATCH 5/8] BREAKING Mail variables updated Updated variables for sending mail. This changed between gitea 1.17 and 1.18. --- README.md | 26 ++++++++++++++++---------- defaults/main.yml | 18 ++++++++++++------ templates/gitea.ini.j2 | 38 ++++++++++++++++++++++++-------------- 3 files changed, 52 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 23ad026..54daa70 100644 --- a/README.md +++ b/README.md @@ -183,8 +183,9 @@ Either you define exactly which release you install. Or you use the option ``lat | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_secret_key` | `''` | Global secret key. Will be autogenerated if not defined. Should be unique. | -| `gitea_internal_token` | `''` | Internal API token. Will be autogenerated if not defined. Should be unique. | | `gitea_disable_git_hooks` | `true` | Set to false to enable users with git hook privilege to create custom git hooks. Can be dangerous. | +| `gitea_disable_webhooks` | `false` | Set to true to disable webhooks feature. | +| `gitea_internal_token` | `''` | Internal API token. Will be autogenerated if not defined. Should be unique. | | `gitea_password_check_pwn` | `false` | Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed. | | `gitea_security_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[security]` section of the config. | @@ -206,15 +207,20 @@ Either you define exactly which release you install. Or you use the option ``lat | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_mailer_enabled` | `false` | Whether to enable the mailer. | -| `gitea_mailer_host` | `localhost:25` | SMTP server hostname and port | -| `gitea_mailer_skip_verify` | `false` | Skip SMTP TLS certificate verification (true/false) | -| `gitea_mailer_tls_enabled` | `true` | Forcibly use TLS to connect even if not on a default SMTPS port. | -| `gitea_mailer_from` | `noreply@{{ gitea_http_domain }}` | Mail from address, RFC 5322. This can be just an email address, or the “Name” format. | -| `gitea_mailer_user` | `''` | Username of mailing user *(usually the sender’s e-mail address)*. | -| `gitea_mailer_password` | `''` | SMTP server password | -| `gitea_subject_prefix` | `''` | Prefix to be placed before e-mail subject lines | -| `gitea_mailer_type` | `smtp` | `[smtp, sendmail, dummy]` | -| `gitea_mailer_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[mailer]` section of the config. | +| `gitea_mailer_protocol` | `dummy` |Mail server protocol. One of “smtp”, “smtps”, “smtp+starttls”, “smtp+unix”, “sendmail”, “dummy”.| +| `gitea_mailer_smtp_addr` | | Mail server address. e.g. smtp.gmail.com. For smtp+unix, this should be a path to a unix socket instead. | +| `gitea_mailer_smtp_port` | | Mail server port | +| `gitea_mailer_use_client_cert` | `false` | Use client certificate for TLS/SSL. | +| `gitea_mailer_client_cert_file` | | Client certificate file. | +| `gitea_mailer_client_key_file` | | Client key file. | +| `gitea_mailer_force_trust_server_cert` | `false` | completely ignores server certificate validation errors. This option is unsafe. Consider adding the certificate to the system trust store instead. | +| `gitea_mailer_user` | | Username of mailing user (usually the sender’s e-mail address). | +| `gitea_mailer_password ` | |Password of mailing user. Use `your password` for quoting if you use special characters in the password. | +| `gitea_mailer_enable_helo` | `true` |Enable HELO operation. | +| `gitea_mailer_from` | `noreply@{{ gitea_http_domain }}` | Mail from address, RFC 5322. | +| `gitea_subject_prefix` | |Prefix to be placed before e-mail subject lines. | +| `gitea_mailer_send_as_plaintext` | `false` | Send mails only in plain text, without HTML alternative. | +| `gitea_mailer_extra_config` | | you can use this variable to pass additional config parameters in the `[mailer]` section of the config. | ### Session ([session](https://docs.gitea.io/en-us/config-cheat-sheet/#session-session)) | variable name | default value | description | diff --git a/defaults/main.yml b/defaults/main.yml index 041dfa3..71e4ae9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -135,8 +135,9 @@ gitea_queue_issue_indexer_extra_config: '' # Security (security) # -> https://docs.gitea.io/en-us/config-cheat-sheet/#security-security gitea_secret_key: '' -gitea_internal_token: '' gitea_disable_git_hooks: true +gitea_disable_webhooks: false +gitea_internal_token: '' gitea_password_check_pwn: false gitea_security_extra_config: '' @@ -156,14 +157,19 @@ gitea_service_extra_config: '' # Mailer [mailer] # -> https://docs.gitea.io/en-us/config-cheat-sheet/#mailer-mailer gitea_mailer_enabled: false -gitea_mailer_host: 'localhost:25' -gitea_mailer_skip_verify: false -gitea_mailer_tls_enabled: true -gitea_mailer_from: "noreply@{{ gitea_http_domain }}" +gitea_mailer_protocol: 'dummy' +gitea_mailer_smtp_addr: '' +gitea_mailer_smtp_port: '' +gitea_mailer_use_client_cert: false +gitea_mailer_client_cert_file: '' +gitea_mailer_client_key_file: '' +gitea_mailer_force_trust_server_cert: false gitea_mailer_user: '' gitea_mailer_password: '' +gitea_mailer_enable_helo: true +gitea_mailer_from: "noreply@{{ gitea_http_domain }}" gitea_subject_prefix: '' -gitea_mailer_type: smtp +gitea_mailer_send_as_plaintext: false gitea_mailer_extra_config: '' # Session (session) diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index eb28765..72c54d3 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -147,10 +147,11 @@ DATADIR = {{ gitea_home }}/indexers/issues.queue [security] INSTALL_LOCK = true SECRET_KEY = {{ gitea_secret_key }} -INTERNAL_TOKEN = {{ gitea_internal_token }} DISABLE_GIT_HOOKS = {{ gitea_disable_git_hooks | ternary('true', 'false') }} +DISABLE_WEBHOOKS = { gitea_disable_webhooks | ternary('true', 'false') } +INTERNAL_TOKEN = {{ gitea_internal_token }} PASSWORD_CHECK_PWN = {{ gitea_password_check_pwn | ternary('true', 'false') }} -{{ gitea_security_extra_config }} +{% if gitea_security_extra_config != '' %}{{ gitea_security_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#service-service @@ -164,28 +165,37 @@ SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button | ternary( ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }} ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail | ternary('true', 'false') }} AUTO_WATCH_NEW_REPOS = {{ gitea_auto_watch_new_repos | ternary('true', 'false') }} -{{ gitea_service_extra_config }} +{% if gitea_service_extra_config != '' %}{{ gitea_service_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#mailer-mailer [mailer] -ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }} -HOST = {{ gitea_mailer_host }} -SKIP_VERIFY = {{ gitea_mailer_skip_verify | ternary('true', 'false') }} -IS_TLS_ENABLED = {{ gitea_mailer_tls_enabled | ternary('true', 'false') }} -FROM = {{ gitea_mailer_from }} -USER = {{ gitea_mailer_user }} -PASSWD = `{{ gitea_mailer_password }}` -SUBJECT_PREFIX = {{ gitea_subject_prefix }} -MAILER_TYPE = {{ gitea_mailer_type }} -{{ gitea_mailer_extra_config }} +ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }} +{%- if gitea_mailer_enabled | bool %} +PROTOCOL = {{ gitea_mailer_protocol }} +SMTP_ADDR = {{ gitea_mailer_smtp_addr }} +SMTP_PORT = {{ gitea_mailer_smtp_port }} +USE_CLIENT_CERT = {{ gitea_mailer_use_client_cert | ternary('true', 'false') }} +{%- if gitea_mailer_use_client_cert | bool %} +CLIENT_CERT_FILE = {{ gitea_mailer_client_cert_file }} +CLIENT_KEY_FILE = {{ gitea_mailer_client_key_file }} +{%- endif %} +FORCE_TRUST_SERVER_CERT = {{ gitea_mailer_force_trust_server_cert | ternary('true', 'false') }} +USER = {{ gitea_mailer_user }} +PASSWD = `{{ gitea_mailer_password }}` +ENABLE_HELO = {{ gitea_mailer_enable_helo | ternary('true', 'false') }} +FROM = {{ gitea_mailer_from }} +SUBJECT_PREFIX = {{ gitea_subject_prefix }} +SEND_AS_PLAIN_TEXT = {{ gitea_mailer_send_as_plaintext | ternary('true', 'false') }} +{% if gitea_mailer_extra_config != '' %}{{ gitea_mailer_extra_config }}{% else %};{% endif %} +{%- endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#session-session [session] PROVIDER = {{ gitea_session_provider }} PROVIDER_CONFIG = {{ gitea_home }}/data/sessions -{{ gitea_session_extra_config }} +{% if gitea_session_extra_config != '' %}{{ gitea_session_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture From 93da14fc2a273048814c68cece49586777098d72 Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 26 Jan 2023 02:17:53 +0100 Subject: [PATCH 6/8] Add option for federation feature --- README.md | 17 ++++++++++++----- defaults/main.yml | 13 ++++++++++++- templates/gitea.ini.j2 | 18 +++++++++++++----- 3 files changed, 37 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 54daa70..aae51fa 100644 --- a/README.md +++ b/README.md @@ -231,7 +231,6 @@ Either you define exactly which release you install. Or you use the option ``lat ### Picture ([picture](https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture)) | variable name | default value | description | | ------------- | ------------- | ----------- | -| `gitea_disable_gravatar` | `true` | Do you want to disable Gravatar ? (privacy and so on) (true/false) | | `gitea_picture_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[picture]` section of the config. | ### Issue and pull request attachments ([attachment](https://docs.gitea.io/en-us/config-cheat-sheet/#issue-and-pull-request-attachments-attachment)) @@ -245,20 +244,28 @@ Either you define exactly which release you install. Or you use the option ``lat | ------------- | ------------- | ----------- | | `gitea_log_systemd` | `false` | Disable logging into `file`, use systemd-journald | | `gitea_log_level` | `Warn` | General log level. `[Trace, Debug, Info, Warn, Error, Critical, Fatal, None]` | -| `gitea_log_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[log]` section of the config. | +| `gitea_log_extra_config` | | you can use this variable to pass additional config parameters in the `[log]` section of the config. | ### Metrics ([metrics](https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_metrics_enabled`| `false` | Enable the metrics endpoint | -| `gitea_metrics_token`| `''` | Bearer token for the Prometheus scrape job | +| `gitea_metrics_token`| | Bearer token for the Prometheus scrape job | +| `gitea_metrics_extra` | | you can use this variable to pass additional config parameters in the `[metrics]` section of the config. | ### OAuth2 ([oauth2](https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2)) | variable name | default value | description | | ------------- | ------------- | ----------- | | `gitea_oauth2_enabled` | `true` | Enable the Oauth2 provider (true/false) | -| `gitea_oauth2_jwt_secret` | `''` | Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined. | -| `gitea_oauth2_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[oauth2]` section of the config. | +| `gitea_oauth2_jwt_secret` | | Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined. | +| `gitea_oauth2_extra_config` | | you can use this variable to pass additional config parameters in the `[oauth2]` section of the config. | + +### Federation ([federation](https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_federation_enabled` | `false` | Enable/Disable federation capabilities | +| `gitea_federation_share_user_stats` | `false` | Enable/Disable user statistics for nodeinfo if federation is enabled | +| `gitea_federation_extra` | | you can use this variable to pass additional config parameters in the `[federation]` section of the config. | ### additional gitea config | variable name | default value | description | diff --git a/defaults/main.yml b/defaults/main.yml index 71e4ae9..087e799 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -178,27 +178,38 @@ gitea_session_provider: 'file' gitea_session_extra_config: '' # Picture (picture) -gitea_disable_gravatar: true +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture gitea_picture_extra_config: '' # Issue and pull request attachments (attachment) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#issue-and-pull-request-attachments-attachment gitea_attachment_enabled: true gitea_attachment_extra_config: '' # Log (log) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#log-log gitea_log_systemd: false gitea_log_level: 'Warn' gitea_log_extra_config: '' # Metrics (metrics) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics gitea_metrics_enabled: false gitea_metrics_token: '' +gitea_metrics_extra: '' # OAuth2 (oauth2) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 gitea_oauth2_enabled: true gitea_oauth2_jwt_secret: '' gitea_oauth2_extra_config: '' +# Federation (federation) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation +gitea_federation_enabled: false +gitea_federation_share_user_stats: false +gitea_federation_extra: '' + # additional gitea config gitea_extra_config: "" diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 72c54d3..74581d5 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -201,15 +201,14 @@ PROVIDER_CONFIG = {{ gitea_home }}/data/sessions ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture [picture] AVATAR_UPLOAD_PATH = {{ gitea_home }}/data/avatars -DISABLE_GRAVATAR = {{ gitea_disable_gravatar | ternary('true', 'false') }} -{{ gitea_picture_extra_config }} +{% if gitea_picture_extra_config != '' %}{{ gitea_picture_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#issue-and-pull-request-attachments-attachment [attachment] ENABLED = {{ gitea_attachment_enabled | ternary('true', 'false') }} PATH = {{ gitea_home }}/data/attachments -{{ gitea_attachment_extra_config }} +{% if gitea_attachment_extra_config != '' %}{{ gitea_attachment_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#log-log @@ -221,20 +220,29 @@ MODE = console MODE = file {% endif %} LEVEL = {{ gitea_log_level }} -{{ gitea_log_extra_config }} +{% if gitea_log_extra_config != '' %}{{ gitea_log_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics [metrics] ENABLED = {{ gitea_metrics_enabled | ternary('true', 'false') }} TOKEN = {{ gitea_metrics_token }} +{% if gitea_metrics_extra != '' %}{{ gitea_metrics_extra }}{% else %};{% endif %} ; ; ; https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 [oauth2] ENABLE = {{ gitea_oauth2_enabled | ternary('true', 'false') }} JWT_SECRET = {{ gitea_oauth2_jwt_secret }} -{{ gitea_oauth2_extra_config }} +{% if gitea_oauth2_extra_config != '' %}{{ gitea_oauth2_extra_config }}{% else %};{% endif %} +; +; +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation +[federation] +ENABLED = {{ gitea_federation_enabled | ternary('true', 'false') }} +SHARE_USER_STATISTICS = {{ gitea_federation_share_user_stats | ternary('true', 'false') }} +{% if gitea_federation_extra != '' %}{{ gitea_federation_extra }}{% else %};{% endif %} +; ; ; ; Optional additional config From 672f7c906e97363b220562498366099e25ac7922 Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 26 Jan 2023 02:53:50 +0100 Subject: [PATCH 7/8] configutre lfs and other options --- README.md | 23 +++++++++++++++++++++++ defaults/main.yml | 20 ++++++++++++++++++++ templates/gitea.ini.j2 | 32 +++++++++++++++++++++++++++++++- 3 files changed, 74 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index aae51fa..3543ad9 100644 --- a/README.md +++ b/README.md @@ -267,6 +267,29 @@ Either you define exactly which release you install. Or you use the option ``lat | `gitea_federation_share_user_stats` | `false` | Enable/Disable user statistics for nodeinfo if federation is enabled | | `gitea_federation_extra` | | you can use this variable to pass additional config parameters in the `[federation]` section of the config. | +### Packages ([packages](https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_packages_enabled` | `true` | Enable/Disable package registry capabilities | +| `gitea_packages_extra` | |you can use this variable to pass additional config parameters in the `[packages]` section of the config. | + +### LFS ([lfs](https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_lfs_storage_type` | `local` | Storage type for lfs | +| `gitea_lfs_serve_direct` | `false` | Allows the storage driver to redirect to authenticated URLs to serve files directly. *(only Minio/S3)* | +| `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | Where to store LFS files | +| `gitea_lfs_extra` ||you can use this variable to pass additional config parameters in the `[lfs]` section of the config. | + +### Other ([other](https://docs.gitea.io/en-us/config-cheat-sheet/#other-other)) +| variable name | default value | description | +| ------------- | ------------- | ----------- | +| `gitea_other_show_footer_branding` | `false` | Show Gitea branding in the footer. | +| `gitea_other_show_footer_version` | `true` | Show Gitea and Go version information in the footer. | +| `gitea_other_show_footer_template_load_time` | `true` | Show time of template execution in the footer. | +| `gitea_other_enable_sitemap` | `true` | Generate sitemap. | +| `gitea_other_enable_feed` | `true` | Enable/Disable RSS/Atom feed. | + ### additional gitea config | variable name | default value | description | | ------------- | ------------- | ----------- | diff --git a/defaults/main.yml b/defaults/main.yml index 087e799..cc25b72 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -210,6 +210,26 @@ gitea_federation_enabled: false gitea_federation_share_user_stats: false gitea_federation_extra: '' +# Packages (packages) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages +gitea_packages_enabled: true +gitea_packages_extra: '' + +# LFS (lfs) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs +gitea_lfs_storage_type: 'local' +gitea_lfs_serve_direct: false +gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" +gitea_lfs_extra: '' + +# Other (other) +# -> https://docs.gitea.io/en-us/config-cheat-sheet/#other-other +gitea_other_show_footer_branding: false +gitea_other_show_footer_version: true +gitea_other_show_footer_template_load_time: true +gitea_other_enable_sitemap: true +gitea_other_enable_feed: true + # additional gitea config gitea_extra_config: "" diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 74581d5..7ca195c 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -230,7 +230,7 @@ TOKEN = {{ gitea_metrics_token }} {% if gitea_metrics_extra != '' %}{{ gitea_metrics_extra }}{% else %};{% endif %} ; ; -; https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 [oauth2] ENABLE = {{ gitea_oauth2_enabled | ternary('true', 'false') }} JWT_SECRET = {{ gitea_oauth2_jwt_secret }} @@ -244,6 +244,36 @@ SHARE_USER_STATISTICS = {{ gitea_federation_share_user_stats | ternary('true', ' {% if gitea_federation_extra != '' %}{{ gitea_federation_extra }}{% else %};{% endif %} ; ; +; Packages (packages) +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages +[packages] +ENABLED = {{ gitea_packages_enabled | ternary('true', 'false') }} +{%- if gitea_packages_enabled | bool %} +CHUNKED_UPLOAD_PATH = {{ gitea_home }}/data/tmp/package-upload +{% if gitea_packages_extra != '' %}{{ gitea_packages_extra }}{% else %};{% endif %} +;{% endif %} +; +; +{%- if gitea_lfs_server_enabled | bool %} +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs +[lfs] +STORAGE_TYPE = {{ gitea_lfs_storage_type }} +SERVE_DIRECT = {{ gitea_lfs_serve_direct | ternary('true', 'false') }} +PATH = {{ gitea_lfs_content_path }} +{% if gitea_lfs_extra != '' %}{{ gitea_lfs_extra }}{% else %};{% endif %} +{%- endif %} +; +; +; Other (other) +; -> https://docs.gitea.io/en-us/config-cheat-sheet/#other-other +[other] +SHOW_FOOTER_BRANDING = {{ gitea_other_show_footer_branding | ternary('true', 'false') }} +SHOW_FOOTER_VERSION = {{ gitea_other_show_footer_version | ternary('true', 'false') }} +SHOW_FOOTER_TEMPLATE_LOAD_TIME = {{ gitea_other_show_footer_template_load_time | ternary('true', 'false') }} +ENABLE_SITEMAP = {{ gitea_other_enable_sitemap | ternary('true', 'false') }} +ENABLE_FEED = {{ gitea_other_enable_feed | ternary('true', 'false') }} +; +; ; ; Optional additional config {{ gitea_extra_config }} From 47c3dedd1edfab4a9a8d18cf30a005758f32154f Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 26 Jan 2023 03:42:19 +0100 Subject: [PATCH 8/8] Update template layout and increase version --- templates/gitea.ini.j2 | 89 +++++++++++++++++++++++------------------- vars/main.yml | 2 +- 2 files changed, 49 insertions(+), 42 deletions(-) diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 7ca195c..6d0d033 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -24,13 +24,15 @@ ENABLE_PUSH_CREATE_USER = {{ gitea_enable_push_create_user | ternary('true', 'fa FORCE_PRIVATE = {{ gitea_force_private | ternary('true', 'false') }} MAX_CREATION_LIMIT = {{ gitea_user_repo_limit }} ROOT = {{ gitea_repository_root }} -{% if gitea_repository_extra_config != '' %}{{ gitea_repository_extra_config }}{% else %};{% endif %} +{{ gitea_repository_extra_config }} +; ; [repository.upload] TEMP_PATH = {{ gitea_home }}/data/tmp/uploads -{% if gitea_repository_upload_extra_config != '' %}{{ gitea_repository_upload_extra_config }}{% else %};{% endif %} +{{ gitea_repository_upload_extra_config }} ; -;{% if gitea_enable_repo_signing_options | bool %} +; +{% if gitea_enable_repo_signing_options | bool %} ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning [repository.signing] SIGNING_KEY = {{ gitea_repo_signing_key }} @@ -41,10 +43,12 @@ DEFAULT_TRUST_MODEL = {{ gitea_repo_default_trust_model }} WIKI = {{ gitea_repo_wiki }} CRUD_ACTIONS = {{ gitea_repo_crud_actions }} MERGES = {{ gitea_repo_merges }} -{% if gitea_enable_repo_signing_extra != '' %}{{ gitea_enable_repo_signing_extra }}{% else %};{% endif %} -;{% endif %} +{{ gitea_enable_repo_signing_extra }} +; +{% endif %} +; +{% if gitea_enable_cors | bool %} ; -;{% if gitea_enable_cors | bool %} ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#cors-cors [cors] ENABLED = {{ gitea_enable_cors | ternary('true', 'false') }} @@ -56,22 +60,24 @@ MAX_AGE = {{ gitea_cors_max_age }} ALLOW_CREDENTIALS = {{ gitea_cors_allow_credentials | ternary('true', 'false') }} HEADERS = {{ gitea_cors_headers }} X_FRAME_OPTIONS = {{ gitea_cors_x_frame_options }} -{% if gitea_cors_extra != '' %}{{ gitea_cors_extra }}{% else %};{% endif %} -;{% endif %} +{{ gitea_cors_extra }} +; +{% endif %} ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui [ui] SHOW_USER_EMAIL = {{ gitea_show_user_email | ternary('true', 'false') }} DEFAULT_THEME = {{ gitea_theme_default }} THEMES = {{ gitea_themes }} -{% if gitea_ui_extra_config != '' %}{{ gitea_ui_extra_config }}{% else %};{% endif %} +{{ gitea_ui_extra_config }} +; ; ; [ui.meta] AUTHOR = {{ gitea_ui_author }} DESCRIPTION = {{ gitea_ui_description }} KEYWORDS = {{ gitea_ui_keywords }} -{% if gitea_ui_meta_extra_config != '' %}{{ gitea_ui_meta_extra_config }}{% else %};{% endif %} +{{ gitea_ui_meta_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server @@ -91,24 +97,24 @@ LANDING_PAGE = {{ gitea_landing_page }} {% if gitea_lfs_server_enabled | bool -%} LFS_START_SERVER = true LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }} -{% endif -%} +{% endif %} REDIRECT_OTHER_PORT = {{ gitea_redirect_other_port | ternary('true', 'false') }} PORT_TO_REDIRECT = {{ gitea_port_to_redirect }} -{%- if gitea_enable_tls_certs | bool %} +{% if gitea_enable_tls_certs | bool %} CERT_FILE = {{ gitea_tls_cert_file }} KEY_FILE = {{ gitea_tls_key_file }} -{%- endif %} +{% endif %} ENABLE_ACME = {{ gitea_enable_acme | ternary('true', 'false') }} -{%- if gitea_enable_acme | bool %} -{%- if gitea_acme_url != '' %} +{% if gitea_enable_acme | bool %} +{% if gitea_acme_url != '' %} ACME_URL = {{ gitea_acme_url }} -{%- endif %} +{% endif %} ACME_ACCEPTTOS = {{ gitea_acme_accepttos | ternary('true', 'false') }} ACME_DIRECTORY = {{ gitea_acme_directory }} ACME_EMAIL = {{ gitea_acme_email }} ACME_CA_ROOT = {{ gitea_acme_ca_root }} -{%- endif %} -{% if gitea_server_extra_config != '' %}{{ gitea_server_extra_config }}{% else %};{% endif %} +{% endif %} +{{ gitea_server_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#database-database @@ -121,7 +127,7 @@ PASSWD = {{ gitea_db_password }} SSL_MODE = {{ gitea_db_ssl }} PATH = {{ gitea_db_path }} LOG_SQL = {{ gitea_db_log_sql | ternary('true', 'false') }} -{% if gitea_database_extra_config != '' %}{{ gitea_database_extra_config }}{% else %};{% endif %} +{{ gitea_database_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#indexer-indexer @@ -133,14 +139,14 @@ REPO_INDEXER_INCLUDE = {{ gitea_repo_indexer_include }} REPO_INDEXER_EXCLUDE = {{ gitea_repo_indexer_exclude }} REPO_INDEXER_EXCLUDE_VENDORED = {{ gitea_repo_exclude_vendored | ternary('true', 'false') }} MAX_FILE_SIZE = {{ gitea_repo_indexer_max_file_size }} -{% if gitea_indexer_extra_config != '' %}{{ gitea_indexer_extra_config }}{% else %};{% endif %} +{{ gitea_indexer_extra_config }} ; ; ; Queue (queue and queue.*) ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#queue-queue-and-queue [queue.issue_indexer] DATADIR = {{ gitea_home }}/indexers/issues.queue -{% if gitea_queue_issue_indexer_extra_config != '' %}{{ gitea_queue_issue_indexer_extra_config }}{% else %};{% endif %} +{{ gitea_queue_issue_indexer_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#security-security @@ -151,7 +157,7 @@ DISABLE_GIT_HOOKS = {{ gitea_disable_git_hooks | ternary('true', 'false') }} DISABLE_WEBHOOKS = { gitea_disable_webhooks | ternary('true', 'false') } INTERNAL_TOKEN = {{ gitea_internal_token }} PASSWORD_CHECK_PWN = {{ gitea_password_check_pwn | ternary('true', 'false') }} -{% if gitea_security_extra_config != '' %}{{ gitea_security_extra_config }}{% else %};{% endif %} +{{ gitea_security_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#service-service @@ -165,21 +171,21 @@ SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button | ternary( ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }} ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail | ternary('true', 'false') }} AUTO_WATCH_NEW_REPOS = {{ gitea_auto_watch_new_repos | ternary('true', 'false') }} -{% if gitea_service_extra_config != '' %}{{ gitea_service_extra_config }}{% else %};{% endif %} +{{ gitea_service_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#mailer-mailer [mailer] ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }} -{%- if gitea_mailer_enabled | bool %} +{% if gitea_mailer_enabled | bool %} PROTOCOL = {{ gitea_mailer_protocol }} SMTP_ADDR = {{ gitea_mailer_smtp_addr }} SMTP_PORT = {{ gitea_mailer_smtp_port }} USE_CLIENT_CERT = {{ gitea_mailer_use_client_cert | ternary('true', 'false') }} -{%- if gitea_mailer_use_client_cert | bool %} +{% if gitea_mailer_use_client_cert | bool %} CLIENT_CERT_FILE = {{ gitea_mailer_client_cert_file }} CLIENT_KEY_FILE = {{ gitea_mailer_client_key_file }} -{%- endif %} +{% endif %} FORCE_TRUST_SERVER_CERT = {{ gitea_mailer_force_trust_server_cert | ternary('true', 'false') }} USER = {{ gitea_mailer_user }} PASSWD = `{{ gitea_mailer_password }}` @@ -187,28 +193,29 @@ ENABLE_HELO = {{ gitea_mailer_enable_helo | ternary('true', 'false') FROM = {{ gitea_mailer_from }} SUBJECT_PREFIX = {{ gitea_subject_prefix }} SEND_AS_PLAIN_TEXT = {{ gitea_mailer_send_as_plaintext | ternary('true', 'false') }} -{% if gitea_mailer_extra_config != '' %}{{ gitea_mailer_extra_config }}{% else %};{% endif %} -{%- endif %} +{{ gitea_mailer_extra_config }} +; +{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#session-session [session] PROVIDER = {{ gitea_session_provider }} PROVIDER_CONFIG = {{ gitea_home }}/data/sessions -{% if gitea_session_extra_config != '' %}{{ gitea_session_extra_config }}{% else %};{% endif %} +{{ gitea_session_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#picture-picture [picture] AVATAR_UPLOAD_PATH = {{ gitea_home }}/data/avatars -{% if gitea_picture_extra_config != '' %}{{ gitea_picture_extra_config }}{% else %};{% endif %} +{{ gitea_picture_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#issue-and-pull-request-attachments-attachment [attachment] ENABLED = {{ gitea_attachment_enabled | ternary('true', 'false') }} PATH = {{ gitea_home }}/data/attachments -{% if gitea_attachment_extra_config != '' %}{{ gitea_attachment_extra_config }}{% else %};{% endif %} +{{ gitea_attachment_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#log-log @@ -220,48 +227,48 @@ MODE = console MODE = file {% endif %} LEVEL = {{ gitea_log_level }} -{% if gitea_log_extra_config != '' %}{{ gitea_log_extra_config }}{% else %};{% endif %} +{{ gitea_log_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics [metrics] ENABLED = {{ gitea_metrics_enabled | ternary('true', 'false') }} TOKEN = {{ gitea_metrics_token }} -{% if gitea_metrics_extra != '' %}{{ gitea_metrics_extra }}{% else %};{% endif %} +{{ gitea_metrics_extra }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2 [oauth2] ENABLE = {{ gitea_oauth2_enabled | ternary('true', 'false') }} JWT_SECRET = {{ gitea_oauth2_jwt_secret }} -{% if gitea_oauth2_extra_config != '' %}{{ gitea_oauth2_extra_config }}{% else %};{% endif %} +{{ gitea_oauth2_extra_config }} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#federation-federation [federation] ENABLED = {{ gitea_federation_enabled | ternary('true', 'false') }} SHARE_USER_STATISTICS = {{ gitea_federation_share_user_stats | ternary('true', 'false') }} -{% if gitea_federation_extra != '' %}{{ gitea_federation_extra }}{% else %};{% endif %} +{{ gitea_federation_extra }} ; ; ; Packages (packages) ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#packages-packages [packages] ENABLED = {{ gitea_packages_enabled | ternary('true', 'false') }} -{%- if gitea_packages_enabled | bool %} +{% if gitea_packages_enabled | bool %} CHUNKED_UPLOAD_PATH = {{ gitea_home }}/data/tmp/package-upload -{% if gitea_packages_extra != '' %}{{ gitea_packages_extra }}{% else %};{% endif %} -;{% endif %} +{{ gitea_packages_extra }} +{% endif %} ; ; -{%- if gitea_lfs_server_enabled | bool %} +{% if gitea_lfs_server_enabled | bool %} ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#lfs-lfs [lfs] STORAGE_TYPE = {{ gitea_lfs_storage_type }} SERVE_DIRECT = {{ gitea_lfs_serve_direct | ternary('true', 'false') }} PATH = {{ gitea_lfs_content_path }} -{% if gitea_lfs_extra != '' %}{{ gitea_lfs_extra }}{% else %};{% endif %} -{%- endif %} +{{ gitea_lfs_extra }} +{% endif %} ; ; ; Other (other) diff --git a/vars/main.yml b/vars/main.yml index a00109c..fe6297c 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -56,5 +56,5 @@ transfer_custom_footer: - 'files/gitea_footer/extra_links_footer.tmpl' - 'files/extra_links_footer.tmpl' -playbook_version_number: 39 # should be int +playbook_version_number: 40 # should be int playbook_version_path: 'do1jlr.gitea.version'