diff --git a/README.md b/README.md index b8e1169..5579f49 100644 --- a/README.md +++ b/README.md @@ -133,15 +133,26 @@ Either you define exactly which release you install. Or you use the option ``lat | `gitea_root_url` | `http://localhost:3000` | Root URL used to access your web app (full URL) | | `gitea_http_listen` | `127.0.0.1` | HTTP listen address | | `gitea_http_port` | `3000` | Bind port *(redirect from `80` will be activated if value is `443`)* | -| `gitea_http_letsencrypt_mail` | `undefined` | Enable Let`s Encrypt if a email address is given | + | `gitea_start_ssh` | `true` | When enabled, use the built-in SSH server. | | `gitea_ssh_domain` | `{{ gitea_http_domain ` | Domain name of this server, used for displayed clone URL | | `gitea_ssh_port` | `2222` | SSH port displayed in clone URL. | | `gitea_ssh_listen` | `0.0.0.0` | Listen address for the built-in SSH server. | | `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) | +| `gitea_landing_page` | `home` | Landing page for unauthenticated users | | `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. | -| `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | LFS content path. *(if it is on local storage.)* | | `gitea_lfs_jwt_secret` | | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | +| `gitea_redirect_other_port` | `false` | If true and `gitea_protocol` is https, allows redirecting http requests on `gitea_port_to_redirect` to the https port Gitea listens on. | +| `gitea_port_to_redirect` | `80` | Port for the http redirection service to listen on, if enabled | +| `gitea_enable_tls_certs` | `false` | Write TLS Cert and Key Path to config file | +| `gitea_tls_cert_file` | `https/cert.pem` | Cert file path used for HTTPS. | +| `gitea_tls_key_file` | `https/key.pem` | Key file path used for HTTPS. | +| `gitea_enable_acme` | `false` | Flag to enable automatic certificate management via an ACME capable CA Server. *(default is letsencrypt)* | +| `gitea_acme_url` | | The CA’s ACME directory URL | +| `gitea_acme_accepttos` | `false` | This is an explicit check that you accept the terms of service of the ACME provider. | +| `gitea_acme_directory` | `https` | Directory that the certificate manager will use to cache information such as certs and private keys. | +| `gitea_acme_email` | | Email used for the ACME registration | +| `gitea_acme_ca_root` | | The CA’s root certificate. If left empty, it defaults to using the system’s trust chain. | | `gitea_server_extra_config` | | you can use this variable to pass additional config parameters in the `[server]` section of the config. | ### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database)) diff --git a/defaults/main.yml b/defaults/main.yml index 9dfcccf..c46e0f4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -89,15 +89,25 @@ gitea_http_domain: "{{ gitea_fqdn }}" gitea_root_url: "http://{{ gitea_fqdn }}:3000" gitea_http_listen: '127.0.0.1' gitea_http_port: '3000' -# gitea_http_letsencrypt_mail: 'mail@example.com' gitea_start_ssh: true gitea_ssh_domain: "{{ gitea_fqdn }}" gitea_ssh_port: '2222' gitea_ssh_listen: '0.0.0.0' gitea_offline_mode: true +gitea_landing_page: 'home' gitea_lfs_server_enabled: false -gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" gitea_lfs_jwt_secret: '' +gitea_redirect_other_port: false +gitea_port_to_redirect: '80' +gitea_enable_tls_certs: false +gitea_tls_cert_file: 'https/cert.pem' +gitea_tls_key_file: 'https/key.pem' +gitea_enable_acme: false +gitea_acme_url: '' +gitea_acme_accepttos: false +gitea_acme_directory: 'https' +gitea_acme_email: '' +gitea_acme_ca_root: '' gitea_server_extra_config: '' # Database (database) diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 58cab05..1f8effe 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -81,26 +81,34 @@ DOMAIN = {{ gitea_http_domain }} ROOT_URL = {{ gitea_root_url }} HTTP_ADDR = {{ gitea_http_listen }} HTTP_PORT = {{ gitea_http_port }} -{% if gitea_http_port == 443 %} -PORT_TO_REDIRECT = 80 -{% endif %} -{% if gitea_http_letsencrypt_mail is defined %} -ENABLE_LETSENCRYPT = true -LETSENCRYPT_ACCEPTTOS = true -LETSENCRYPT_EMAIL = {{ gitea_http_letsencrypt_mail }} -{% endif %} START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }} SSH_DOMAIN = {{ gitea_ssh_domain }} SSH_PORT = {{ gitea_ssh_port }} SSH_LISTEN_HOST = {{ gitea_ssh_listen }} OFFLINE_MODE = {{ gitea_offline_mode | ternary('true', 'false') }} APP_DATA_PATH = {{ gitea_home }}/data +LANDING_PAGE = {{ gitea_landing_page }} {% if gitea_lfs_server_enabled | bool -%} LFS_START_SERVER = true -LFS_CONTENT_PATH = {{ gitea_lfs_content_path }} LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }} -{% endif %} -{{ gitea_server_extra_config }} +{% endif -%} +REDIRECT_OTHER_PORT = {{ gitea_redirect_other_port | ternary('true', 'false') }} +PORT_TO_REDIRECT = {{ gitea_port_to_redirect }} +{%- if gitea_enable_tls_certs | bool %} +CERT_FILE = {{ gitea_tls_cert_file }} +KEY_FILE = {{ gitea_tls_key_file }} +{%- endif %} +ENABLE_ACME = {{ gitea_enable_acme | ternary('true', 'false') }} +{%- if gitea_enable_acme | bool %} +{%- if gitea_acme_url != '' %} +ACME_URL = {{ gitea_acme_url }} +{%- endif %} +ACME_ACCEPTTOS = {{ gitea_acme_accepttos | ternary('true', 'false') }} +ACME_DIRECTORY = {{ gitea_acme_directory }} +ACME_EMAIL = {{ gitea_acme_email }} +ACME_CA_ROOT = {{ gitea_acme_ca_root }} +{%- endif %} +{% if gitea_server_extra_config != '' %}{{ gitea_server_extra_config }}{% else %};{% endif %} ; ; ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#database-database