Merge pull request #157 from roles-ansible/user

Create local users in gitea/forgejo
2024-08-16 11:39:50 +02:00 · 2024-03-25 18:00:03 +01:00 · 2024-03-25 18:00:03 +01:00 · bf89f5b68c
commit bf89f5b68c
parent 8777751b55 8de31c4fbb
7 changed files with 43 additions and 7 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -25,6 +25,15 @@ gitea_configuration_path: '/etc/gitea'
 gitea_shell: '/bin/false'
 gitea_systemd_cap_net_bind_service: false
 # optional users on gitea instance
 gitea_users: []
 # example of entry
 #  - name: johndoe
 #    password: verysecret
 #    email: "johndoe@example.com"
 #    admin: false
 #    must_change_password: true
 # Overall (DEFAULT)
 # -> https://docs.gitea.io/en-us/config-cheat-sheet/#overall-default
 gitea_app_name: 'Gitea'
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@ -14,7 +14,7 @@
    dest: "{{ gitea_configuration_path }}/gitea.ini"
    owner: "{{ gitea_user }}"
    group: "{{ gitea_group }}"
-    mode: 0600
+    mode: '0640'
  notify: "Restart gitea"
 - name: "Service gitea"
--- a/tasks/customize_footer.yml
+++ b/tasks/customize_footer.yml
@ -18,7 +18,7 @@
    dest: "{{ gitea_custom }}/templates/custom/extra_links_footer.tmpl"
    owner: "{{ gitea_user }}"
    group: "{{ gitea_group }}"
-    mode: '0644'
+    mode: '0640'
  failed_when: false
  tags: skip_ansible_lint
  notify: "Restart gitea"
--- a/tasks/customize_logo.yml
+++ b/tasks/customize_logo.yml
@ -19,7 +19,7 @@
    dest: "{{ gitea_custom }}/public/assets/img/logo.svg"
    owner: "{{ gitea_user }}"
    group: "{{ gitea_group }}"
-    mode: "0644"
+    mode: "0640"
  tags: skip_ansible_lint
  failed_when: false
@ -30,7 +30,7 @@
    dest: "{{ gitea_custom }}/public/assets/img/logo.png"
    owner: "{{ gitea_user }}"
    group: "{{ gitea_group }}"
-    mode: "0644"
+    mode: "0640"
  tags: skip_ansible_lint
  failed_when: false
@ -41,7 +41,7 @@
    dest: "{{ gitea_custom }}/public/assets/img/favicon.png"
    owner: "{{ gitea_user }}"
    group: "{{ gitea_group }}"
-    mode: "0644"
+    mode: "0640"
  tags: skip_ansible_lint
  failed_when: false
@ -52,6 +52,6 @@
    dest: "{{ gitea_custom }}/public/assets/img/apple-touch-icon.png"
    owner: "{{ gitea_user }}"
    group: "{{ gitea_group }}"
-    mode: "0644"
+    mode: "0640"
  tags: skip_ansible_lint
  failed_when: false
--- a/tasks/local_git_users.yml
+++ b/tasks/local_git_users.yml
@ -0,0 +1,22 @@
 ---
 - name: Identify gitea users
  ansible.builtin.command: su - {{ gitea_user }} -c '{{ gitea_full_executable_path }} -c {{ gitea_configuration_path }}/gitea.ini admin user list'
  become: true
  register: _giteusers
  changed_when: false
 - name: Use gitea cli to create user
  become: true
  ansible.builtin.command: |
    su - {{ gitea_user }} -c
    '{{ gitea_full_executable_path }} -c {{ gitea_configuration_path }}/gitea.ini
    admin user create --username "{{ item.name }}"
    --password "{{ item.password }}" --email "{{ item.email }}"
    --must-change-password={{ item.must_change_password }} --admin={{ item.admin }}'
  register: _gitearesult
  failed_when:
    - '"successfully created" not in gitearesult.stdout'
  changed_when:
    - '"successfully created!" in gitearesult.stdout'
  when: "_giteusers is defined and item.name in _giteusers"
  loop: "{{ gitea_users }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -79,3 +79,8 @@
  ansible.builtin.include_tasks:
    file: "customize_public_files.yml"
  when: gitea_customize_files | bool or gitea_custom_themes is defined
 - name: Optionally create local Users on git instance
  ansible.builtin.include_tasks:
    file: 'local_git_users.yml'
  when: gitea_users | length > 0
--- a/vars/main.yml
+++ b/vars/main.yml
@ -63,5 +63,5 @@ transfer_custom_footer:
    - 'files/gitea_footer/extra_links_footer.tmpl'
    - 'files/extra_links_footer.tmpl'
-playbook_version_number: 57
+playbook_version_number: 58
 playbook_version_path: 'do1jlr.gitea.version'