1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
Commit graph

279 commits

Author SHA1 Message Date
L3D
db9c8c4341
reorder variables based on config-cheat-sheet 2021-03-21 17:08:17 +01:00
L3D
8ed69febc1
Merge pull request from roles-ansible/docs
start updating docs and generate undefined secrets
2021-03-21 02:35:40 +01:00
L3D
5accc668ca
Merge branch 'docs' of github.com:roles-ansible/ansible_role_gitea into docs 2021-03-21 02:30:14 +01:00
L3D
1a8164b5ac
resolve linting error 2021-03-21 02:29:29 +01:00
L3D
d8653d9439
Update README.md 2021-03-21 02:27:20 +01:00
L3D
6ec2f8ed04
change secret mechanism and continue with README clenaup 2021-03-21 02:22:36 +01:00
L3D
154a0ac752
Start reordering variables and gitea_auto_watch_new_repos variable 2021-03-21 02:02:15 +01:00
L3D
d6cefc21d5
Merge pull request from roles-ansible/geno
picking merge request
2021-03-21 00:32:13 +01:00
L3D
fb884c7263
resolve merge conflicts from https://github.com/thomas-maurice/ansible-role-gitea/pull/62 2021-03-21 00:27:27 +01:00
L3D
ab415b8027
Merge remote-tracking branch 'genofire/fix-repo-path' 2021-03-21 00:18:43 +01:00
L3D
216088b15f
Release role at ansible galaxy 2021-03-21 00:08:49 +01:00
L3D
2eaccfe2a8
improve yamllinting 2021-03-21 00:08:32 +01:00
L3D
bb6ae52acd
Change meta and README Information 2021-03-21 00:07:30 +01:00
L3D
406538ff1a
Add myself to License 2021-03-20 23:38:39 +01:00
L3D
fe43c45e1e
Merge branch 'version' 2021-03-20 23:35:02 +01:00
L3D
9333d622c5
update gitea to 1.13.4
The current release of gitea is [v1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4).

The current master of this role is not able to do a version update properly. PLEASE first merge https://github.com/thomas-maurice/ansible-role-gitea/pull/81
2021-03-20 23:31:09 +01:00
L3D
8b71e3f137
update requirements for molecule ()
* start upgrading requirements

* add some more updated requirements

* add another junk

* add another junk

* update ansible version
2021-03-02 09:38:20 +00:00
L3D
2fa3f51eb4
Cleanup template ()
improve template and create loglevel variable
2021-03-02 09:35:13 +00:00
Maxim Burgerhout
183e58f0e5
Add / correct accepted SSL modes for PostgreSQL ()
Supported SSL modues for PostgreSQL are: disabled, require, verify-ca
and verify-full.

This fix adds `verify-ca` to README.md and gitea.ini.j2, and corrects
`require` to `required` in README.md.
2021-02-15 18:35:27 +00:00
L3D
1127d83778
make the backup on update optional
Documentation and introduction of the variable `gitea_backup_on_upgrade: false`
2021-02-13 05:41:32 +01:00
L3D
0ffd14ccf0
create backup direcotry
create a backup folder and move the gitea backup to backup.yml
2021-02-13 05:32:27 +01:00
Finwë
56375819a7
Improve ARM Support ()
* Gitea user should be a system user

* Improve installation system

* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading

* Improve ARM support

* Improve support for Vault Encrypted JWT tokens

* Fix spacing in gitea configuration template

When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.

* add proper redhat/debian deps for molecule testing

* Gitea group should be a system group

* fix linting for CI

* Update CI and meta information for up-to-date tests and distros

* molecule: fix typo for redhat packages

* fix typo

* bump gitea version to 1.13.1

* Use Ubuntu keyservers to play nicely with everyone

* Update minimum required ansible version to 2.9.8

This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8

* Replace yes by True to please the linting

* Truthy values needs to be lower-case

* bump gitea version to 1.13.2

* perform gitea dump as gitea user

* need to set become to yes

* autogenerate JWT_SECRETS ()

* autogenerate JWT_SECRETS

Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.

The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.

* drop ansible.builtin. syntax

* Update file permissions for "{{ gitea_home }}" ()

The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files.

This should be done better. And I have done here now.

By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me
```
find . -type f -exec chmod a-x {} \+;
find . -type f -exec chmod u=rwX {} \+;
```

* Bump cryptography from 3.2 to 3.3.2 ()

Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Gitea user should be a system user

* Improve installation system

* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading

* Improve ARM support

* Fix spacing in gitea configuration template

When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.

* add proper redhat/debian deps for molecule testing

* Gitea group should be a system group

* fix linting for CI

* Update CI and meta information for up-to-date tests and distros

* molecule: fix typo for redhat packages

* fix typo

* bump gitea version to 1.13.1

* Use Ubuntu keyservers to play nicely with everyone

* Update minimum required ansible version to 2.9.8

This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8

* Replace yes by True to please the linting

* Truthy values needs to be lower-case

* bump gitea version to 1.13.2

* perform gitea dump as gitea user

* need to set become to yes

* check-variables.yml doesn't exists anymore

Co-authored-by: L3D <l3d@c3woc.de>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 17:56:31 +00:00
dependabot[bot]
f6f5e733f0
Bump cryptography from 3.2 to 3.3.2 ()
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 19:07:04 +00:00
L3D
7d91337447
Update file permissions for "{{ gitea_home }}" ()
The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files.

This should be done better. And I have done here now.

By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me
```
find . -type f -exec chmod a-x {} \+;
find . -type f -exec chmod u=rwX {} \+;
```
2021-02-10 19:05:04 +00:00
L3D
9cd664d91f
autogenerate JWT_SECRETS ()
* autogenerate JWT_SECRETS

Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.

The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.

* drop ansible.builtin. syntax
2021-02-10 19:04:13 +00:00
L3D
67afb71160
add default "gitea_group: gitea" ()
* delete trailing whitespace

* Add gitea_group

This will add the `gitea_group: gitea` and will probably
RESOLVE https://github.com/thomas-maurice/ansible-role-gitea/issues/70

* update variable length

update variable length to make this role idempotent

* vars should not include special character
2021-01-27 14:13:02 +00:00
L3D
cde4a964d5 add LFS_JWT_SECRET option
+ Add comments about git-lfs to the README.
+ New variable for LFS_JWT_SECRET.
+ absolute path for gitea_lfs_content_path.
+ maybe some help to resolve https://github.com/thomas-maurice/ansible-role-gitea/issues/70
2021-01-22 11:07:28 +00:00
L3D
c68565952a delete trailing whitespace 2021-01-22 11:07:28 +00:00
L3D
2500047d22 improve all easy to fix yaml warnings 2021-01-22 11:06:55 +00:00
L3D
fb45c4dfc5 add linting check and fix warning
There is this linting message:
```
[208] File permissions unset or incorrect
tasks/main.yml:27
Task/Handler: Create config and data directory
```

I fixed it in this commit and added a github action
to run the official™ ansible linting check!
2021-01-22 11:06:55 +00:00
Simeon Keske
aa75493677 add option to specify extra configuration 2020-12-06 21:39:19 +00:00
Leo Maroni
8af72e355e Add disable_git_hooks config option to security 2020-12-06 21:37:51 +00:00
Jens Timmerman
ecfff9cbc0 bump gitea version
gitea 1.13.0 was released which fixes security issues

some breaking changes were reported in the release notes but I didn't find any issues with them on my system, caution is advised

Support Gitea development, we now have a shop for Swag

    SECURITY
        Add Allow-/Block-List for Migrate & Mirrors () ()
        Prevent git operations for inactive users () ()
        Disallow urlencoded new lines in git protocol paths if there is a port () ()
        Mitigate Security vulnerability in the git hook feature ()
        Disable DSA ssh keys by default ()
        Set TLS minimum version to 1.2 ()
        Use argon as default password hash algorithm ()
    BREAKING
        Set RUN_MODE prod by default () ()
        Don't replace underscores in auto-generated IDs in goldmark ()
        Add Primary Key to Topic and RepoTopic tables ()
        Disable password complexity check default ()
        Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid ()
        Add extension Support to Attachments (allow all types for releases) ()
        Remove IE11 Support ()
2020-12-06 21:36:06 +00:00
dependabot[bot]
d5ca00bc21 Bump cryptography from 2.9 to 3.2
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.9 to 3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/2.9...3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2020-11-02 10:17:17 +00:00
genofire
373b5c237c fix repo path 2020-09-24 18:27:29 +02:00
genofire
883b6d958e fix logging path 2020-09-24 17:21:36 +01:00
Jens Timmerman
667c375a9d Update install_systemd.yml 2020-09-24 16:00:51 +01:00
Jens Timmerman
4976d531ba Update install_systemd.yml
reload systemd should be triggered via handler
2020-09-24 16:00:51 +01:00
Jens Timmerman
73d72a8264 1.12.4 was released which fixes security issues 2020-09-24 15:59:48 +01:00
Jens Timmerman
f2c8610cc4 Update README.md 2020-09-05 10:46:41 +01:00
Jens Timmerman
d517cd1e64 also create inders and logs directory as gitea
Recursively set the gitea user as owner of all it's directories (and create /indexers and /logs directories.
This is needed if one tried to start gitea as root before.
2020-08-21 23:16:35 +01:00
Jens Timmerman
56d9e08c64 make sure git is installed
gitea service fails to start if the git binary is not present on the system
2020-08-21 23:15:44 +01:00
Thomas Maurice
8b5ae578f4
Badges 2020-08-01 15:12:55 +01:00
Thomas Maurice
b4ecdb3563
Merge pull request from em0lar/notify_mail
Add configuration option for enabling notify email
2020-08-01 15:01:48 +01:00
Leo Maroni
8f2e1bcd6a
Add configuration option for enabling notify email 2020-07-28 12:23:26 +02:00
Thomas Maurice
b1550d80ce
Merge pull request from orangerkater/define-mailer-type
issue : define mailer type
2020-07-22 18:35:13 +01:00
Martin Borer
f48402354f issue : define mailer type 2020-07-21 14:18:08 +02:00
Thomas Maurice
c7dca823c9
Merge pull request from em0lar/repo_indexer
Add config options for repository indexer
2020-06-20 15:47:56 +01:00
Thomas Maurice
a14e4bbe4b
Merge pull request from DO1JLR/1.12.0
Update gitea to 1.12.0
2020-06-20 15:41:33 +01:00
L3D
50fa6f1db5
Merge branch 'master' into 1.12.0 2020-06-18 21:59:19 +02:00