1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00

Improve linting and cleanup

This commit is contained in:
L3D 2023-10-29 16:11:12 +01:00
parent e58f32996f
commit db3c5e99f0
No known key found for this signature in database
GPG key ID: AD65B920933B4B20
12 changed files with 66 additions and 53 deletions

View file

@ -1,4 +1,4 @@
--- ---
collections: collections:
- name: community.general - name: 'community.general'
source: https://galaxy.ansible.com version: ">=7.5.0,<=8.0.0"

View file

@ -11,20 +11,18 @@
- name: Stopping gitea before upgrade - name: Stopping gitea before upgrade
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: gitea name: 'gitea.service'
state: stopped state: 'stopped'
when: ansible_service_mgr == "systemd" when: ansible_service_mgr == "systemd"
- name: "Create backup directory" - name: "Create backup directory"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ gitea_backup_location }}"
state: directory state: 'directory'
owner: "{{ gitea_user }}" owner: "{{ gitea_user }}"
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: 'u=rwx,g=rx,o=' mode: 'u=rwx,g=rx,o='
with_items:
- "{{ gitea_backup_location }}"
- name: Backing up gitea before upgrade - name: Backing up gitea before upgrade
become: true become: true
@ -36,10 +34,10 @@
- name: Starting gitea because backup failed - name: Starting gitea because backup failed
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: gitea name: 'gitea.service'
state: stopped state: 'started'
when: ansible_service_mgr == "systemd" when: ansible_service_mgr == "systemd"
- name: Print updateing error - name: Print updateing error and cancel
ansible.builtin.debug: ansible.builtin.fail:
msg: "failed to backup gitea" msg: "failed to backup gitea"

View file

@ -7,7 +7,7 @@
owner: "{{ gitea_user }}" owner: "{{ gitea_user }}"
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: 'u=rwX,g=rX,o=' mode: 'u=rwX,g=rX,o='
with_items: loop:
- "{{ gitea_custom }}/templates" - "{{ gitea_custom }}/templates"
- "{{ gitea_custom }}/templates/custom" - "{{ gitea_custom }}/templates/custom"
@ -19,6 +19,6 @@
owner: "{{ gitea_user }}" owner: "{{ gitea_user }}"
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: '0644' mode: '0644'
ignore_errors: true failed_when: false
tags: skip_ansible_lint tags: skip_ansible_lint
notify: "Restart gitea" notify: "Restart gitea"

View file

@ -7,7 +7,7 @@
owner: "{{ gitea_user }}" owner: "{{ gitea_user }}"
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: 'u=rwX,g=rX,o=' mode: 'u=rwX,g=rX,o='
with_items: loop:
- "{{ gitea_custom }}/public" - "{{ gitea_custom }}/public"
- "{{ gitea_custom }}/public/img" - "{{ gitea_custom }}/public/img"
@ -20,7 +20,7 @@
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: '0644' mode: '0644'
tags: skip_ansible_lint tags: skip_ansible_lint
ignore_errors: true failed_when: false
- name: Transfer custom logo.png - name: Transfer custom logo.png
become: true become: true
@ -31,7 +31,7 @@
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: '0644' mode: '0644'
tags: skip_ansible_lint tags: skip_ansible_lint
ignore_errors: true failed_when: false
- name: Transfer custom favicon.png - name: Transfer custom favicon.png
become: true become: true
@ -42,7 +42,7 @@
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: '0644' mode: '0644'
tags: skip_ansible_lint tags: skip_ansible_lint
ignore_errors: true failed_when: false
- name: Transfer custom apple-touch-icon.png - name: Transfer custom apple-touch-icon.png
become: true become: true
@ -53,4 +53,4 @@
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: '0644' mode: '0644'
tags: skip_ansible_lint tags: skip_ansible_lint
ignore_errors: true failed_when: false

View file

@ -7,7 +7,7 @@
owner: "{{ gitea_user }}" owner: "{{ gitea_user }}"
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: 'u=rwX,g=rX,o=' mode: 'u=rwX,g=rX,o='
with_items: loop:
- "{{ gitea_custom }}/public" - "{{ gitea_custom }}/public"
- name: Transfer custom public web data - name: Transfer custom public web data
@ -19,6 +19,6 @@
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
directory_mode: true directory_mode: true
mode: 'u=rwX,g=rX,o=' mode: 'u=rwX,g=rX,o='
ignore_errors: true failed_when: false
tags: skip_ansible_lint tags: skip_ansible_lint
notify: "Restart gitea" notify: "Restart gitea"

View file

@ -7,7 +7,7 @@
owner: "{{ gitea_user }}" owner: "{{ gitea_user }}"
group: "{{ gitea_group }}" group: "{{ gitea_group }}"
mode: 'u=rwX,g=rX,o=' mode: 'u=rwX,g=rX,o='
with_items: loop:
- "{{ gitea_configuration_path }}" - "{{ gitea_configuration_path }}"
- "{{ gitea_user_home }}" - "{{ gitea_user_home }}"
- "{{ gitea_home }}" - "{{ gitea_home }}"

View file

@ -25,5 +25,5 @@
ansible.builtin.fail: ansible.builtin.fail:
msg: "the package fail2ban is not installed. no fail2ban filters deployed." msg: "the package fail2ban is not installed. no fail2ban filters deployed."
when: "'fail2ban' not in ansible_facts.packages" when: "'fail2ban' not in ansible_facts.packages"
ignore_errors: true failed_when: false
tags: skip_ansible_lint_ignore-errors tags: skip_ansible_lint_ignore-errors

View file

@ -54,7 +54,7 @@
become: false become: false
failed_when: _gitea_gpg_key_status.rc not in (0, 2) failed_when: _gitea_gpg_key_status.rc not in (0, 2)
- name: Print gpg key status on verbosity - name: Print gpg key status on verbosity # noqa: H500
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ _gitea_gpg_key_status.stdout }}" msg: "{{ _gitea_gpg_key_status.stdout }}"
verbosity: 1 verbosity: 1

View file

@ -53,7 +53,7 @@
changed_when: false changed_when: false
failed_when: _gitea_gpg_key_status.rc not in (0, 2) failed_when: _gitea_gpg_key_status.rc not in (0, 2)
- name: Print gpg key status on verbosity - name: Print gpg key status on verbosity # noqa: H500
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ _gitea_gpg_key_status.stdout }}" msg: "{{ _gitea_gpg_key_status.stdout }}"
verbosity: 1 verbosity: 1

View file

@ -1,65 +1,81 @@
--- ---
- name: Perform optional versionscheck - name: Perform optional versionscheck
ansible.builtin.include_tasks: versioncheck.yml ansible.builtin.include_tasks:
file: 'versioncheck.yml'
when: submodules_versioncheck|bool when: submodules_versioncheck|bool
- name: Gather installed packages for checks later on - name: Gather installed packages for checks later on
ansible.builtin.package_facts: ansible.builtin.package_facts:
manager: auto manager: 'auto'
- name: Prepare gitea/forgejo variable import - name: Prepare gitea/forgejo variable import
block: block:
- name: Gather variables for gitea or forgejo - name: Gather variables for gitea or forgejo
ansible.builtin.include_vars: "{{ lookup('first_found', gitea_fork_variables) }}" ansible.builtin.include_vars:
file: "{{ lookup('first_found', gitea_fork_variables) }}"
rescue: rescue:
- name: Gitea/Forejo import info - name: Gitea/Forejo import info
ansible.builtin.fail: ansible.builtin.fail:
msg: "Currently only {{ gitea_supported_forks }} are supported." msg: "Currently only {{ gitea_supported_forks }} are supported."
- name: Gather variables for each operating system - name: Gather variables for each operating system
ansible.builtin.include_vars: "{{ lookup('first_found', gitea_variables) }}" ansible.builtin.include_vars:
file: "{{ lookup('first_found', gitea_variables) }}"
- name: Gather versioning information - name: Gather versioning information
ansible.builtin.include_tasks: "set_{{ gitea_fork | lower }}_version.yml" ansible.builtin.include_tasks:
file: "set_{{ gitea_fork | lower }}_version.yml"
- name: Backup gitea before update - name: Backup gitea before update
ansible.builtin.include_tasks: backup.yml ansible.builtin.include_tasks:
file: 'backup.yml'
when: gitea_backup_on_upgrade|bool when: gitea_backup_on_upgrade|bool
- name: Create gitea user and role - name: Create gitea user and role
ansible.builtin.include_tasks: create_user.yml ansible.builtin.include_tasks:
file: 'create_user.yml'
- name: "Install or update {{ gitea_fork }}" - name: "Install or update {{ gitea_fork }}"
ansible.builtin.include_tasks: "install_{{ gitea_fork | lower }}.yml" ansible.builtin.include_tasks:
file: "install_{{ gitea_fork | lower }}.yml"
- name: Create directories - name: Create directories
ansible.builtin.include_tasks: directory.yml ansible.builtin.include_tasks:
file: 'directory.yml'
- name: Setup gitea systemd service - name: Setup gitea systemd service
ansible.builtin.include_tasks: install_systemd.yml ansible.builtin.include_tasks:
file: 'install_systemd.yml'
when: ansible_service_mgr == "systemd" when: ansible_service_mgr == "systemd"
- name: Generate JWT Secrets if undefined - name: Generate JWT Secrets if undefined
ansible.builtin.include_tasks: jwt_secrets.yml ansible.builtin.include_tasks:
file: 'jwt_secrets.yml'
- name: Generate gitea secrets if undefined - name: Generate gitea secrets if undefined
ansible.builtin.include_tasks: gitea_secrets.yml ansible.builtin.include_tasks:
file: 'gitea_secrets.yml'
- name: Configure gitea - name: Configure gitea
ansible.builtin.include_tasks: configure.yml ansible.builtin.include_tasks:
file: 'configure.yml'
- name: Deploy optional fail2ban rules - name: Deploy optional fail2ban rules
ansible.builtin.include_tasks: fail2ban.yml ansible.builtin.include_tasks:
when: gitea_fail2ban_enabled|bool file: 'fail2ban.yml'
when: gitea_fail2ban_enabled | bool
- name: Optionally customize gitea - name: Optionally customize gitea
ansible.builtin.include_tasks: customize_logo.yml ansible.builtin.include_tasks:
when: gitea_customize_logo|bool file: 'customize_logo.yml'
when: gitea_customize_logo | bool
- name: Optionally customize footer - name: Optionally customize footer
ansible.builtin.include_tasks: customize_footer.yml ansible.builtin.include_tasks:
when: gitea_customize_footer|bool file: 'customize_footer.yml'
when: gitea_customize_footer | bool
- name: Optionally deploy public files - name: Optionally deploy public files
ansible.builtin.include_tasks: customize_public_files.yml ansible.builtin.include_tasks:
when: gitea_customize_files|bool file: 'customize_public_files.yml'
when: gitea_customize_files | bool

View file

@ -2,7 +2,7 @@
- name: "Check forgejo installed version" - name: "Check forgejo installed version"
ansible.builtin.shell: "set -eo pipefail; {{ gitea_full_executable_path }} -v | cut -d' ' -f 3" ansible.builtin.shell: "set -eo pipefail; {{ gitea_full_executable_path }} -v | cut -d' ' -f 3"
args: args:
executable: /bin/bash executable: '/bin/bash'
register: gitea_active_version register: gitea_active_version
changed_when: false changed_when: false
failed_when: false failed_when: false
@ -97,11 +97,11 @@
gitea_forgejo_signed_url: ['https://codeberg.org/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f'] gitea_forgejo_signed_url: ['https://codeberg.org/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f']
when: ansible_check_mode when: ansible_check_mode
- name: Show Download URLs - name: Show Download URLs # noqa: H500
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ item }}" msg: "{{ item }}"
verbosity: 1 verbosity: 1
with_items: loop:
- "gitea_forgejo_dl_url: {{ gitea_forgejo_dl_url | first }}" - "gitea_forgejo_dl_url: {{ gitea_forgejo_dl_url | first }}"
- "gitea_forgejo_checksum: {{ gitea_forgejo_checksum }}" - "gitea_forgejo_checksum: {{ gitea_forgejo_checksum }}"
- "gitea_forgejo_signed_url: {{ gitea_forgejo_signed_url | first }}" - "gitea_forgejo_signed_url: {{ gitea_forgejo_signed_url | first }}"

View file

@ -7,7 +7,7 @@
ansible.builtin.file: ansible.builtin.file:
path: '/etc/.ansible-version' path: '/etc/.ansible-version'
state: directory state: directory
mode: 0755 mode: '0755'
when: submodules_versioncheck | bool when: submodules_versioncheck | bool
- name: Check playbook version - name: Check playbook version
@ -16,15 +16,14 @@
src: "/etc/.ansible-version/{{ playbook_version_path }}" src: "/etc/.ansible-version/{{ playbook_version_path }}"
register: playbook_version register: playbook_version
when: submodules_versioncheck | bool when: submodules_versioncheck | bool
ignore_errors: true
failed_when: false failed_when: false
- name: Print remote role version - name: Print remote role version # noqa: H500
ansible.builtin.debug: ansible.builtin.debug:
msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}" msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
when: submodules_versioncheck | bool when: submodules_versioncheck | bool
- name: Print locale role version - name: Print locale role version # noqa: H500
ansible.builtin.debug: ansible.builtin.debug:
msg: "Local role version: '{{ playbook_version_number | string }}'." msg: "Local role version: '{{ playbook_version_number | string }}'."
when: submodules_versioncheck | bool when: submodules_versioncheck | bool