1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
This commit is contained in:
L3D 2021-03-21 00:27:27 +01:00
parent ab415b8027
commit fb884c7263
Signed by: l3d
GPG key ID: CD08445BFF4313D1
4 changed files with 43 additions and 8 deletions

View file

@ -68,6 +68,7 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
* `gitea_disable_gravatar`: Do you want to disable Gravatar ? (privacy and so on) (true/false)
* `gitea_offline_mode`: Same but for disabling CDNs for frontend assets (true/false)
* `gitea_disable_registration`: Do you want to disable user registration ? (true/false)
* `gitea_register_email_confirm`: Enable this to ask for mail confirmation of registration. Requires `gitea_mailer_enabled` to be enabled (Default: `false`)
* `gitea_only_allow_external_registration`: Do you want to force registration only using third-party services ? (true/false)
* `gitea_show_registration_button`: Do you want to show the registration button? (true/false)
* `gitea_require_signin`: Do you require a signin to see repo's (even public ones) ? (true/false)
@ -90,8 +91,9 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
* `gitea_root_url`: Root URL used to access your web app (full URL)
* `gitea_protocol`: Listening protocol (http/https)
* `gitea_http_listen`: Bind address
* `gitea_http_port`: Bind port
* `gitea_http_port`: Bind port (redirect from `80` will be activated if value is `443` - Default: `3000`)
* `gitea_disable_http_git`: Disable the use of Git over HTTP ? (true/false)
* `gitea_http_letsencrypt_mail` Enable Let`s Encrypt if a email address is given
### SSH configuration
@ -119,6 +121,7 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
* `gitea_mailer_user`: SMTP server username
* `gitea_mailer_password`: SMTP server password
* `gitea_mailer_from`: Sender mail address
* `gitea_subject_prefix`: Prefix to be placed before e-mail subject lines (Default: ``)
* `gitea_enable_notify_mail`: Whether e-mail should be send to watchers of a repository when something happens. Default: `false`
### LFS configuration
@ -127,6 +130,9 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
* `gitea_lfs_content_path`: path where the lfs files are stored
* `gitea_lfs_secret`: JWT secret for remote LFS usage. Can be generated with ``gitea generate secret JWT_SECRET``
### Log configuration
* `gitea_log_systemd` Disable logging into `file`, use systemd-journald
* `gitea_log_only_warning` Log only warnings or above, no http access or sql logging (Default: `true`)
### Fail2Ban configuration

View file

@ -20,6 +20,7 @@ gitea_root_url: http://localhost:3000
gitea_protocol: http
gitea_http_listen: 127.0.0.1
gitea_http_port: 3000
# gitea_http_letsencrypt_mail: - required
gitea_disable_http_git: false
gitea_offline_mode: true
@ -47,6 +48,7 @@ gitea_disable_git_hooks: true
gitea_show_user_email: false
gitea_disable_gravatar: true
gitea_disable_registration: false
gitea_register_email_confirm: false
gitea_show_registration_button: true
gitea_require_signin: true
gitea_enable_captcha: true
@ -62,8 +64,12 @@ gitea_mailer_host: localhost:25
gitea_mailer_from: noreply@your.domain
gitea_mailer_user: ""
gitea_mailer_password: ""
gitea_subject_prefix: ""
gitea_mailer_type: smtp
gitea_log_systemd: false
gitea_log_only_warning: true
gitea_fail2ban_enabled: false
gitea_fail2ban_jail_maxretry: 10
gitea_fail2ban_jail_findtime: 3600

View file

@ -35,8 +35,16 @@ PROTOCOL = {{ gitea_protocol }}
DOMAIN = {{ gitea_http_domain }}
ROOT_URL = {{ gitea_root_url }}
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = {{ gitea_http_listen }}
HTTP_ADDR = {{ gitea_http_listen }}
HTTP_PORT = {{ gitea_http_port }}
{% if gitea_http_port == 443 %}
PORT_TO_REDIRECT = 80
{% endif %}
{% if gitea_http_letsencrypt_mail is defined %}
ENABLE_LETSENCRYPT = true
LETSENCRYPT_ACCEPTTOS = true
LETSENCRYPT_EMAIL = {{ gitea_http_letsencrypt_mail }}
{% endif %}
; Disable SSH feature when not available
DISABLE_SSH = false
; Whether to use the builtin SSH server or not.
@ -75,6 +83,9 @@ PASSWD = {{ gitea_db_password }}
SSL_MODE = {{ gitea_db_ssl }}
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
PATH = {{ gitea_db_path }}
{% if gitea_log_only_warning %}
LOG_SQL = false
{% endif %}
[indexer]
; Issue indexer storage path, available when ISSUE_INDEXER_TYPE is bleve
@ -105,6 +116,7 @@ DISABLE_GIT_HOOKS = {{ gitea_disable_git_hooks | ternary('true', 'false') }}
[service]
; Disallow registration, only allow admins to create accounts.
DISABLE_REGISTRATION = {{ gitea_disable_registration }}
REGISTER_EMAIL_CONFIRM = {{ gitea_register_email_confirm }}
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW = {{ gitea_require_signin | ternary('true', 'false') }}
; Enable captcha validation for registration
@ -143,6 +155,7 @@ USER = {{ gitea_mailer_user }}
PASSWD = {{ gitea_mailer_password }}
; Send mails as plain text
SEND_AS_PLAIN_TEXT = false
SUBJECT_PREFIX = {{ gitea_subject_prefix }}
; Set Mailer Type (either SMTP, sendmail or dummy to just send to the log)
MAILER_TYPE = {{ gitea_mailer_type }}
; Specify an alternative sendmail binary
@ -173,12 +186,22 @@ PATH = {{ gitea_home }}/data/attachments
ROOT_PATH = {{ gitea_home }}/log
; Either "console", "file", "conn", "smtp" or "database", default is "console"
; Use comma to separate multiple modes, e.g. "console, file"
{% if gitea_log_systemd %}
MODE = console
MACARON = console
{% else %}
MODE = file
{% endif %}
; Buffer length of the channel, keep it as it is if you don't know what it is.
BUFFER_LEN = 10000
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
LEVEL = {{ gitea_log_level }}
{% if gitea_log_only_warning %}
LEVEL = Warn
REDIRECT_MACARON_LOG = true
{% else %}
LEVEL = Info
REDIRECT_MACARON_LOG = false
{% endif %}
[oauth2]
ENABLE = {{ gitea_oauth2_enabled }}

View file

@ -5,7 +5,7 @@ After=network.target
[Service]
User={{ gitea_user }}
Group={{ gitea_group }}
ExecStart=/usr/local/bin/gitea web -c /etc/gitea/gitea.ini
ExecStart=/usr/local/bin/gitea web -c /etc/gitea/gitea.ini --custom-path {{ gitea_home }}/custom/
Restart=on-failure
WorkingDirectory={{ gitea_home }}
{% if gitea_systemd_cap_net_bind_service %}