mirror of
https://github.com/roles-ansible/ansible_role_gitea.git
synced 2024-08-16 11:39:50 +02:00
Improve linting and cleanup
This commit is contained in:
parent
e58f32996f
commit
db3c5e99f0
12 changed files with 66 additions and 53 deletions
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
collections:
|
collections:
|
||||||
- name: community.general
|
- name: 'community.general'
|
||||||
source: https://galaxy.ansible.com
|
version: ">=7.5.0,<=8.0.0"
|
||||||
|
|
|
@ -11,20 +11,18 @@
|
||||||
- name: Stopping gitea before upgrade
|
- name: Stopping gitea before upgrade
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: gitea
|
name: 'gitea.service'
|
||||||
state: stopped
|
state: 'stopped'
|
||||||
when: ansible_service_mgr == "systemd"
|
when: ansible_service_mgr == "systemd"
|
||||||
|
|
||||||
- name: "Create backup directory"
|
- name: "Create backup directory"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ item }}"
|
path: "{{ gitea_backup_location }}"
|
||||||
state: directory
|
state: 'directory'
|
||||||
owner: "{{ gitea_user }}"
|
owner: "{{ gitea_user }}"
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: 'u=rwx,g=rx,o='
|
mode: 'u=rwx,g=rx,o='
|
||||||
with_items:
|
|
||||||
- "{{ gitea_backup_location }}"
|
|
||||||
|
|
||||||
- name: Backing up gitea before upgrade
|
- name: Backing up gitea before upgrade
|
||||||
become: true
|
become: true
|
||||||
|
@ -36,10 +34,10 @@
|
||||||
- name: Starting gitea because backup failed
|
- name: Starting gitea because backup failed
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: gitea
|
name: 'gitea.service'
|
||||||
state: stopped
|
state: 'started'
|
||||||
when: ansible_service_mgr == "systemd"
|
when: ansible_service_mgr == "systemd"
|
||||||
|
|
||||||
- name: Print updateing error
|
- name: Print updateing error and cancel
|
||||||
ansible.builtin.debug:
|
ansible.builtin.fail:
|
||||||
msg: "failed to backup gitea"
|
msg: "failed to backup gitea"
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
owner: "{{ gitea_user }}"
|
owner: "{{ gitea_user }}"
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: 'u=rwX,g=rX,o='
|
mode: 'u=rwX,g=rX,o='
|
||||||
with_items:
|
loop:
|
||||||
- "{{ gitea_custom }}/templates"
|
- "{{ gitea_custom }}/templates"
|
||||||
- "{{ gitea_custom }}/templates/custom"
|
- "{{ gitea_custom }}/templates/custom"
|
||||||
|
|
||||||
|
@ -19,6 +19,6 @@
|
||||||
owner: "{{ gitea_user }}"
|
owner: "{{ gitea_user }}"
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
tags: skip_ansible_lint
|
tags: skip_ansible_lint
|
||||||
notify: "Restart gitea"
|
notify: "Restart gitea"
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
owner: "{{ gitea_user }}"
|
owner: "{{ gitea_user }}"
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: 'u=rwX,g=rX,o='
|
mode: 'u=rwX,g=rX,o='
|
||||||
with_items:
|
loop:
|
||||||
- "{{ gitea_custom }}/public"
|
- "{{ gitea_custom }}/public"
|
||||||
- "{{ gitea_custom }}/public/img"
|
- "{{ gitea_custom }}/public/img"
|
||||||
|
|
||||||
|
@ -20,7 +20,7 @@
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
tags: skip_ansible_lint
|
tags: skip_ansible_lint
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
|
|
||||||
- name: Transfer custom logo.png
|
- name: Transfer custom logo.png
|
||||||
become: true
|
become: true
|
||||||
|
@ -31,7 +31,7 @@
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
tags: skip_ansible_lint
|
tags: skip_ansible_lint
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
|
|
||||||
- name: Transfer custom favicon.png
|
- name: Transfer custom favicon.png
|
||||||
become: true
|
become: true
|
||||||
|
@ -42,7 +42,7 @@
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
tags: skip_ansible_lint
|
tags: skip_ansible_lint
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
|
|
||||||
- name: Transfer custom apple-touch-icon.png
|
- name: Transfer custom apple-touch-icon.png
|
||||||
become: true
|
become: true
|
||||||
|
@ -53,4 +53,4 @@
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
tags: skip_ansible_lint
|
tags: skip_ansible_lint
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
owner: "{{ gitea_user }}"
|
owner: "{{ gitea_user }}"
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: 'u=rwX,g=rX,o='
|
mode: 'u=rwX,g=rX,o='
|
||||||
with_items:
|
loop:
|
||||||
- "{{ gitea_custom }}/public"
|
- "{{ gitea_custom }}/public"
|
||||||
|
|
||||||
- name: Transfer custom public web data
|
- name: Transfer custom public web data
|
||||||
|
@ -19,6 +19,6 @@
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
directory_mode: true
|
directory_mode: true
|
||||||
mode: 'u=rwX,g=rX,o='
|
mode: 'u=rwX,g=rX,o='
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
tags: skip_ansible_lint
|
tags: skip_ansible_lint
|
||||||
notify: "Restart gitea"
|
notify: "Restart gitea"
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
owner: "{{ gitea_user }}"
|
owner: "{{ gitea_user }}"
|
||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: 'u=rwX,g=rX,o='
|
mode: 'u=rwX,g=rX,o='
|
||||||
with_items:
|
loop:
|
||||||
- "{{ gitea_configuration_path }}"
|
- "{{ gitea_configuration_path }}"
|
||||||
- "{{ gitea_user_home }}"
|
- "{{ gitea_user_home }}"
|
||||||
- "{{ gitea_home }}"
|
- "{{ gitea_home }}"
|
||||||
|
|
|
@ -25,5 +25,5 @@
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: "the package fail2ban is not installed. no fail2ban filters deployed."
|
msg: "the package fail2ban is not installed. no fail2ban filters deployed."
|
||||||
when: "'fail2ban' not in ansible_facts.packages"
|
when: "'fail2ban' not in ansible_facts.packages"
|
||||||
ignore_errors: true
|
failed_when: false
|
||||||
tags: skip_ansible_lint_ignore-errors
|
tags: skip_ansible_lint_ignore-errors
|
||||||
|
|
|
@ -54,7 +54,7 @@
|
||||||
become: false
|
become: false
|
||||||
failed_when: _gitea_gpg_key_status.rc not in (0, 2)
|
failed_when: _gitea_gpg_key_status.rc not in (0, 2)
|
||||||
|
|
||||||
- name: Print gpg key status on verbosity
|
- name: Print gpg key status on verbosity # noqa: H500
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
msg: "{{ _gitea_gpg_key_status.stdout }}"
|
msg: "{{ _gitea_gpg_key_status.stdout }}"
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
|
|
|
@ -53,7 +53,7 @@
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: _gitea_gpg_key_status.rc not in (0, 2)
|
failed_when: _gitea_gpg_key_status.rc not in (0, 2)
|
||||||
|
|
||||||
- name: Print gpg key status on verbosity
|
- name: Print gpg key status on verbosity # noqa: H500
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
msg: "{{ _gitea_gpg_key_status.stdout }}"
|
msg: "{{ _gitea_gpg_key_status.stdout }}"
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
|
|
|
@ -1,65 +1,81 @@
|
||||||
---
|
---
|
||||||
- name: Perform optional versionscheck
|
- name: Perform optional versionscheck
|
||||||
ansible.builtin.include_tasks: versioncheck.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'versioncheck.yml'
|
||||||
when: submodules_versioncheck|bool
|
when: submodules_versioncheck|bool
|
||||||
|
|
||||||
- name: Gather installed packages for checks later on
|
- name: Gather installed packages for checks later on
|
||||||
ansible.builtin.package_facts:
|
ansible.builtin.package_facts:
|
||||||
manager: auto
|
manager: 'auto'
|
||||||
|
|
||||||
- name: Prepare gitea/forgejo variable import
|
- name: Prepare gitea/forgejo variable import
|
||||||
block:
|
block:
|
||||||
- name: Gather variables for gitea or forgejo
|
- name: Gather variables for gitea or forgejo
|
||||||
ansible.builtin.include_vars: "{{ lookup('first_found', gitea_fork_variables) }}"
|
ansible.builtin.include_vars:
|
||||||
|
file: "{{ lookup('first_found', gitea_fork_variables) }}"
|
||||||
rescue:
|
rescue:
|
||||||
- name: Gitea/Forejo import info
|
- name: Gitea/Forejo import info
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: "Currently only {{ gitea_supported_forks }} are supported."
|
msg: "Currently only {{ gitea_supported_forks }} are supported."
|
||||||
|
|
||||||
- name: Gather variables for each operating system
|
- name: Gather variables for each operating system
|
||||||
ansible.builtin.include_vars: "{{ lookup('first_found', gitea_variables) }}"
|
ansible.builtin.include_vars:
|
||||||
|
file: "{{ lookup('first_found', gitea_variables) }}"
|
||||||
|
|
||||||
- name: Gather versioning information
|
- name: Gather versioning information
|
||||||
ansible.builtin.include_tasks: "set_{{ gitea_fork | lower }}_version.yml"
|
ansible.builtin.include_tasks:
|
||||||
|
file: "set_{{ gitea_fork | lower }}_version.yml"
|
||||||
|
|
||||||
- name: Backup gitea before update
|
- name: Backup gitea before update
|
||||||
ansible.builtin.include_tasks: backup.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'backup.yml'
|
||||||
when: gitea_backup_on_upgrade|bool
|
when: gitea_backup_on_upgrade|bool
|
||||||
|
|
||||||
- name: Create gitea user and role
|
- name: Create gitea user and role
|
||||||
ansible.builtin.include_tasks: create_user.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'create_user.yml'
|
||||||
|
|
||||||
- name: "Install or update {{ gitea_fork }}"
|
- name: "Install or update {{ gitea_fork }}"
|
||||||
ansible.builtin.include_tasks: "install_{{ gitea_fork | lower }}.yml"
|
ansible.builtin.include_tasks:
|
||||||
|
file: "install_{{ gitea_fork | lower }}.yml"
|
||||||
|
|
||||||
- name: Create directories
|
- name: Create directories
|
||||||
ansible.builtin.include_tasks: directory.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'directory.yml'
|
||||||
|
|
||||||
- name: Setup gitea systemd service
|
- name: Setup gitea systemd service
|
||||||
ansible.builtin.include_tasks: install_systemd.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'install_systemd.yml'
|
||||||
when: ansible_service_mgr == "systemd"
|
when: ansible_service_mgr == "systemd"
|
||||||
|
|
||||||
- name: Generate JWT Secrets if undefined
|
- name: Generate JWT Secrets if undefined
|
||||||
ansible.builtin.include_tasks: jwt_secrets.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'jwt_secrets.yml'
|
||||||
|
|
||||||
- name: Generate gitea secrets if undefined
|
- name: Generate gitea secrets if undefined
|
||||||
ansible.builtin.include_tasks: gitea_secrets.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'gitea_secrets.yml'
|
||||||
|
|
||||||
- name: Configure gitea
|
- name: Configure gitea
|
||||||
ansible.builtin.include_tasks: configure.yml
|
ansible.builtin.include_tasks:
|
||||||
|
file: 'configure.yml'
|
||||||
|
|
||||||
- name: Deploy optional fail2ban rules
|
- name: Deploy optional fail2ban rules
|
||||||
ansible.builtin.include_tasks: fail2ban.yml
|
ansible.builtin.include_tasks:
|
||||||
when: gitea_fail2ban_enabled|bool
|
file: 'fail2ban.yml'
|
||||||
|
when: gitea_fail2ban_enabled | bool
|
||||||
|
|
||||||
- name: Optionally customize gitea
|
- name: Optionally customize gitea
|
||||||
ansible.builtin.include_tasks: customize_logo.yml
|
ansible.builtin.include_tasks:
|
||||||
when: gitea_customize_logo|bool
|
file: 'customize_logo.yml'
|
||||||
|
when: gitea_customize_logo | bool
|
||||||
|
|
||||||
- name: Optionally customize footer
|
- name: Optionally customize footer
|
||||||
ansible.builtin.include_tasks: customize_footer.yml
|
ansible.builtin.include_tasks:
|
||||||
when: gitea_customize_footer|bool
|
file: 'customize_footer.yml'
|
||||||
|
when: gitea_customize_footer | bool
|
||||||
|
|
||||||
- name: Optionally deploy public files
|
- name: Optionally deploy public files
|
||||||
ansible.builtin.include_tasks: customize_public_files.yml
|
ansible.builtin.include_tasks:
|
||||||
when: gitea_customize_files|bool
|
file: 'customize_public_files.yml'
|
||||||
|
when: gitea_customize_files | bool
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
- name: "Check forgejo installed version"
|
- name: "Check forgejo installed version"
|
||||||
ansible.builtin.shell: "set -eo pipefail; {{ gitea_full_executable_path }} -v | cut -d' ' -f 3"
|
ansible.builtin.shell: "set -eo pipefail; {{ gitea_full_executable_path }} -v | cut -d' ' -f 3"
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: '/bin/bash'
|
||||||
register: gitea_active_version
|
register: gitea_active_version
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
@ -97,11 +97,11 @@
|
||||||
gitea_forgejo_signed_url: ['https://codeberg.org/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f']
|
gitea_forgejo_signed_url: ['https://codeberg.org/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f']
|
||||||
when: ansible_check_mode
|
when: ansible_check_mode
|
||||||
|
|
||||||
- name: Show Download URLs
|
- name: Show Download URLs # noqa: H500
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
msg: "{{ item }}"
|
msg: "{{ item }}"
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
with_items:
|
loop:
|
||||||
- "gitea_forgejo_dl_url: {{ gitea_forgejo_dl_url | first }}"
|
- "gitea_forgejo_dl_url: {{ gitea_forgejo_dl_url | first }}"
|
||||||
- "gitea_forgejo_checksum: {{ gitea_forgejo_checksum }}"
|
- "gitea_forgejo_checksum: {{ gitea_forgejo_checksum }}"
|
||||||
- "gitea_forgejo_signed_url: {{ gitea_forgejo_signed_url | first }}"
|
- "gitea_forgejo_signed_url: {{ gitea_forgejo_signed_url | first }}"
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: '/etc/.ansible-version'
|
path: '/etc/.ansible-version'
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0755
|
mode: '0755'
|
||||||
when: submodules_versioncheck | bool
|
when: submodules_versioncheck | bool
|
||||||
|
|
||||||
- name: Check playbook version
|
- name: Check playbook version
|
||||||
|
@ -16,15 +16,14 @@
|
||||||
src: "/etc/.ansible-version/{{ playbook_version_path }}"
|
src: "/etc/.ansible-version/{{ playbook_version_path }}"
|
||||||
register: playbook_version
|
register: playbook_version
|
||||||
when: submodules_versioncheck | bool
|
when: submodules_versioncheck | bool
|
||||||
ignore_errors: true
|
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
|
||||||
- name: Print remote role version
|
- name: Print remote role version # noqa: H500
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
|
msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
|
||||||
when: submodules_versioncheck | bool
|
when: submodules_versioncheck | bool
|
||||||
|
|
||||||
- name: Print locale role version
|
- name: Print locale role version # noqa: H500
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
msg: "Local role version: '{{ playbook_version_number | string }}'."
|
msg: "Local role version: '{{ playbook_version_number | string }}'."
|
||||||
when: submodules_versioncheck | bool
|
when: submodules_versioncheck | bool
|
||||||
|
|
Loading…
Reference in a new issue