Added gitea_user_home, gitea_executable_path and gitea_configuration_path for gitea role

defaults/main.yml

@@ -13,6 +13,9 @@ submodules_versioncheck: false
 gitea_group: 'gitea'
 # gitea_groups: []  # Optional a list of groups user gitea will be added to
 gitea_home: '/var/lib/gitea'
+gitea_user_home: /home/gitea
+gitea_executable_path: '/usr/local/bin/gitea'
+gitea_configuraion_path: '/etc/gitea'
 gitea_shell: '/bin/false'
 gitea_systemd_cap_net_bind_service: false
 

tasks/backup.yml

@@ -25,7 +25,7 @@
     - name: Backing up gitea before upgrade
       become: true
       ansible.builtin.command:
-        cmd: "sudo -u {{ gitea_user }} /usr/local/bin/gitea dump -c /etc/gitea/gitea.ini"
+        cmd: "sudo -u {{ gitea_user }} {{ gitea_executable_path }} dump -c {{ gitea_configuraion_path }}/gitea.ini"
         chdir: "{{ gitea_backup_location }}"
       changed_when: true
   rescue:

tasks/configure.yml

@@ -3,7 +3,7 @@
   become: true
   ansible.builtin.template:
     src: gitea.ini.j2
-    dest: /etc/gitea/gitea.ini
+    dest: "{{ gitea_configuraion_path }}/gitea.ini"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
     mode: 0600

tasks/create_user.yml

@@ -18,6 +18,6 @@
     comment: "Gitea user"
     group: "{{ gitea_group }}"
     groups: "{{ gitea_groups | default(omit) }}"
-    home: "{{ gitea_home }}"
+    home: "{{ gitea_user_home }}"
     shell: "{{ gitea_shell }}"
     system: true

tasks/directory.yml

@@ -8,7 +8,8 @@
     group: "{{ gitea_group }}"
     mode: 'u=rwX,g=rX,o='
   with_items:
-    - "/etc/gitea"
+    - "{{ gitea_configuraion_path }}"
+    - "{{ gitea_user_home }}"
     - "{{ gitea_home }}"
     - "{{ gitea_home }}/data"
     - "{{ gitea_custom }}"

tasks/gitea_secrets.yml

@@ -1,15 +1,15 @@
 ---
 - name: generate gitea SECRET_KEY if not provided
   become: true
-  ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret SECRET_KEY > /etc/gitea/gitea_secret_key'
+  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret SECRET_KEY > {{ gitea_configuraion_path }}/gitea_secret_key'
   args:
-    creates: '/etc/gitea/gitea_secret_key'
+    creates: '{{ gitea_configuraion_path }}/gitea_secret_key'
   when: gitea_secret_key | string | length == 0
 
 - name: read gitea SECRET_KEY from file
   become: true
   ansible.builtin.slurp:
-    src: '/etc/gitea/gitea_secret_key'
+    src: '{{ gitea_configuraion_path }}/gitea_secret_key'
   register: remote_secret_key
   when: gitea_secret_key | string | length == 0
 
@@ -20,15 +20,15 @@
 
 - name: generate gitea INTERNAL_TOKEN if not provided
   become: true
-  ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret INTERNAL_TOKEN > /etc/gitea/gitea_internal_token'
+  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret INTERNAL_TOKEN > {{ gitea_configuraion_path }}/gitea_internal_token'
   args:
-    creates: '/etc/gitea/gitea_internal_token'
+    creates: '{{ gitea_configuraion_path }}/gitea_internal_token'
   when: gitea_internal_token | string | length == 0
 
 - name: read gitea INTERNAL_TOKEN from file
   become: true
   ansible.builtin.slurp:
-    src: '/etc/gitea/gitea_internal_token'
+    src: '{{ gitea_configuraion_path }}/gitea_internal_token'
   register: remote_internal_token
   when: gitea_internal_token | string | length == 0
 

tasks/install.yml

@@ -70,7 +70,7 @@
       ansible.builtin.copy:
         src: "/tmp/{{ gitea_filename }}"
         remote_src: true
-        dest: "/usr/local/bin/gitea"
+        dest: "{{ gitea_executable_path }}"
         mode: 0755
         owner: root
         group: root

tasks/jwt_secrets.yml

@@ -1,15 +1,15 @@
 ---
 - name: generate OAuth2 JWT_SECRET if not provided
   become: true
-  ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_oauth_jwt_secret'
+  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
   args:
-    creates: '/etc/gitea/gitea_oauth_jwt_secret'
+    creates: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
   when: gitea_oauth2_jwt_secret | length == 0
 
 - name: read OAuth2 JWT_SECRET from file
   become: true
   ansible.builtin.slurp:
-    src: '/etc/gitea/gitea_oauth_jwt_secret'
+    src: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
   register: oauth_jwt_secret
   when: gitea_oauth2_jwt_secret | length == 0
 
@@ -20,15 +20,15 @@
 
 - name: generate LFS JWT_SECRET if not provided
   become: true
-  ansible.builtin.shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_lfs_jwt_secret'
+  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
   args:
-    creates: '/etc/gitea/gitea_lfs_jwt_secret'
+    creates: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
   when: gitea_lfs_jwt_secret | length == 0
 
 - name: read LFS JWT_SECRET from file
   become: true
   ansible.builtin.slurp:
-    src: '/etc/gitea/gitea_lfs_jwt_secret'
+    src: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
   register: lfs_jwt_secret
   when: gitea_lfs_jwt_secret | length == 0
 

tasks/set_version.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Check gitea installed version"
-  ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
+  ansible.builtin.shell: "set -eo pipefail; {{ gitea_executable_path }} -v | cut -d' ' -f 3"
   args:
     executable: /bin/bash
   register: gitea_active_version

templates/gitea.service.j2

@@ -5,7 +5,7 @@ After=network.target
 [Service]
 User={{ gitea_user }}
 Group={{ gitea_group }}
-ExecStart=/usr/local/bin/gitea web -c /etc/gitea/gitea.ini --custom-path {{ gitea_custom }}/
+ExecStart={{ gitea_executable_path }} web -c {{ gitea_configuraion_path }}/gitea.ini --custom-path {{ gitea_custom }}/
 Restart=on-failure
 WorkingDirectory={{ gitea_home }}
 {% if gitea_systemd_cap_net_bind_service %}