1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00

CHANGING - update acme variables

updated server variables and most important replaced letsencrypt with acme.
This commit is contained in:
L3D 2023-01-26 01:01:54 +01:00
parent fe1a26cd9e
commit a1c047b341
Signed by: l3d
GPG key ID: CD08445BFF4313D1
3 changed files with 44 additions and 15 deletions

View file

@ -133,15 +133,26 @@ Either you define exactly which release you install. Or you use the option ``lat
| `gitea_root_url` | `http://localhost:3000` | Root URL used to access your web app (full URL) | | `gitea_root_url` | `http://localhost:3000` | Root URL used to access your web app (full URL) |
| `gitea_http_listen` | `127.0.0.1` | HTTP listen address | | `gitea_http_listen` | `127.0.0.1` | HTTP listen address |
| `gitea_http_port` | `3000` | Bind port *(redirect from `80` will be activated if value is `443`)* | | `gitea_http_port` | `3000` | Bind port *(redirect from `80` will be activated if value is `443`)* |
| `gitea_http_letsencrypt_mail` | `undefined` | Enable Let`s Encrypt if a email address is given |
| `gitea_start_ssh` | `true` | When enabled, use the built-in SSH server. | | `gitea_start_ssh` | `true` | When enabled, use the built-in SSH server. |
| `gitea_ssh_domain` | `{{ gitea_http_domain ` | Domain name of this server, used for displayed clone URL | | `gitea_ssh_domain` | `{{ gitea_http_domain ` | Domain name of this server, used for displayed clone URL |
| `gitea_ssh_port` | `2222` | SSH port displayed in clone URL. | | `gitea_ssh_port` | `2222` | SSH port displayed in clone URL. |
| `gitea_ssh_listen` | `0.0.0.0` | Listen address for the built-in SSH server. | | `gitea_ssh_listen` | `0.0.0.0` | Listen address for the built-in SSH server. |
| `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) | | `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) |
| `gitea_landing_page` | `home` | Landing page for unauthenticated users |
| `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. | | `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. |
| `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` | LFS content path. *(if it is on local storage.)* |
| `gitea_lfs_jwt_secret` | | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined | | `gitea_lfs_jwt_secret` | | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined |
| `gitea_redirect_other_port` | `false` | If true and `gitea_protocol` is https, allows redirecting http requests on `gitea_port_to_redirect` to the https port Gitea listens on. |
| `gitea_port_to_redirect` | `80` | Port for the http redirection service to listen on, if enabled |
| `gitea_enable_tls_certs` | `false` | Write TLS Cert and Key Path to config file |
| `gitea_tls_cert_file` | `https/cert.pem` | Cert file path used for HTTPS. |
| `gitea_tls_key_file` | `https/key.pem` | Key file path used for HTTPS. |
| `gitea_enable_acme` | `false` | Flag to enable automatic certificate management via an ACME capable CA Server. *(default is letsencrypt)* |
| `gitea_acme_url` | | The CAs ACME directory URL |
| `gitea_acme_accepttos` | `false` | This is an explicit check that you accept the terms of service of the ACME provider. |
| `gitea_acme_directory` | `https` | Directory that the certificate manager will use to cache information such as certs and private keys. |
| `gitea_acme_email` | | Email used for the ACME registration |
| `gitea_acme_ca_root` | | The CAs root certificate. If left empty, it defaults to using the systems trust chain. |
| `gitea_server_extra_config` | | you can use this variable to pass additional config parameters in the `[server]` section of the config. | | `gitea_server_extra_config` | | you can use this variable to pass additional config parameters in the `[server]` section of the config. |
### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database)) ### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database))

View file

@ -89,15 +89,25 @@ gitea_http_domain: "{{ gitea_fqdn }}"
gitea_root_url: "http://{{ gitea_fqdn }}:3000" gitea_root_url: "http://{{ gitea_fqdn }}:3000"
gitea_http_listen: '127.0.0.1' gitea_http_listen: '127.0.0.1'
gitea_http_port: '3000' gitea_http_port: '3000'
# gitea_http_letsencrypt_mail: 'mail@example.com'
gitea_start_ssh: true gitea_start_ssh: true
gitea_ssh_domain: "{{ gitea_fqdn }}" gitea_ssh_domain: "{{ gitea_fqdn }}"
gitea_ssh_port: '2222' gitea_ssh_port: '2222'
gitea_ssh_listen: '0.0.0.0' gitea_ssh_listen: '0.0.0.0'
gitea_offline_mode: true gitea_offline_mode: true
gitea_landing_page: 'home'
gitea_lfs_server_enabled: false gitea_lfs_server_enabled: false
gitea_lfs_content_path: "{{ gitea_home }}/data/lfs"
gitea_lfs_jwt_secret: '' gitea_lfs_jwt_secret: ''
gitea_redirect_other_port: false
gitea_port_to_redirect: '80'
gitea_enable_tls_certs: false
gitea_tls_cert_file: 'https/cert.pem'
gitea_tls_key_file: 'https/key.pem'
gitea_enable_acme: false
gitea_acme_url: ''
gitea_acme_accepttos: false
gitea_acme_directory: 'https'
gitea_acme_email: ''
gitea_acme_ca_root: ''
gitea_server_extra_config: '' gitea_server_extra_config: ''
# Database (database) # Database (database)

View file

@ -81,26 +81,34 @@ DOMAIN = {{ gitea_http_domain }}
ROOT_URL = {{ gitea_root_url }} ROOT_URL = {{ gitea_root_url }}
HTTP_ADDR = {{ gitea_http_listen }} HTTP_ADDR = {{ gitea_http_listen }}
HTTP_PORT = {{ gitea_http_port }} HTTP_PORT = {{ gitea_http_port }}
{% if gitea_http_port == 443 %}
PORT_TO_REDIRECT = 80
{% endif %}
{% if gitea_http_letsencrypt_mail is defined %}
ENABLE_LETSENCRYPT = true
LETSENCRYPT_ACCEPTTOS = true
LETSENCRYPT_EMAIL = {{ gitea_http_letsencrypt_mail }}
{% endif %}
START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }} START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }}
SSH_DOMAIN = {{ gitea_ssh_domain }} SSH_DOMAIN = {{ gitea_ssh_domain }}
SSH_PORT = {{ gitea_ssh_port }} SSH_PORT = {{ gitea_ssh_port }}
SSH_LISTEN_HOST = {{ gitea_ssh_listen }} SSH_LISTEN_HOST = {{ gitea_ssh_listen }}
OFFLINE_MODE = {{ gitea_offline_mode | ternary('true', 'false') }} OFFLINE_MODE = {{ gitea_offline_mode | ternary('true', 'false') }}
APP_DATA_PATH = {{ gitea_home }}/data APP_DATA_PATH = {{ gitea_home }}/data
LANDING_PAGE = {{ gitea_landing_page }}
{% if gitea_lfs_server_enabled | bool -%} {% if gitea_lfs_server_enabled | bool -%}
LFS_START_SERVER = true LFS_START_SERVER = true
LFS_CONTENT_PATH = {{ gitea_lfs_content_path }}
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }} LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
{% endif %} {% endif -%}
{{ gitea_server_extra_config }} REDIRECT_OTHER_PORT = {{ gitea_redirect_other_port | ternary('true', 'false') }}
PORT_TO_REDIRECT = {{ gitea_port_to_redirect }}
{%- if gitea_enable_tls_certs | bool %}
CERT_FILE = {{ gitea_tls_cert_file }}
KEY_FILE = {{ gitea_tls_key_file }}
{%- endif %}
ENABLE_ACME = {{ gitea_enable_acme | ternary('true', 'false') }}
{%- if gitea_enable_acme | bool %}
{%- if gitea_acme_url != '' %}
ACME_URL = {{ gitea_acme_url }}
{%- endif %}
ACME_ACCEPTTOS = {{ gitea_acme_accepttos | ternary('true', 'false') }}
ACME_DIRECTORY = {{ gitea_acme_directory }}
ACME_EMAIL = {{ gitea_acme_email }}
ACME_CA_ROOT = {{ gitea_acme_ca_root }}
{%- endif %}
{% if gitea_server_extra_config != '' %}{{ gitea_server_extra_config }}{% else %};{% endif %}
; ;
; ;
; -> https://docs.gitea.io/en-us/config-cheat-sheet/#database-database ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#database-database