1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
Commit graph

103 commits

Author SHA1 Message Date
Finwë
56375819a7
Improve ARM Support (#74)
* Gitea user should be a system user

* Improve installation system

* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading

* Improve ARM support

* Improve support for Vault Encrypted JWT tokens

* Fix spacing in gitea configuration template

When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.

* add proper redhat/debian deps for molecule testing

* Gitea group should be a system group

* fix linting for CI

* Update CI and meta information for up-to-date tests and distros

* molecule: fix typo for redhat packages

* fix typo

* bump gitea version to 1.13.1

* Use Ubuntu keyservers to play nicely with everyone

* Update minimum required ansible version to 2.9.8

This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8

* Replace yes by True to please the linting

* Truthy values needs to be lower-case

* bump gitea version to 1.13.2

* perform gitea dump as gitea user

* need to set become to yes

* autogenerate JWT_SECRETS (#77)

* autogenerate JWT_SECRETS

Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.

The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.

* drop ansible.builtin. syntax

* Update file permissions for "{{ gitea_home }}" (#75)

The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files.

This should be done better. And I have done here now.

By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me
```
find . -type f -exec chmod a-x {} \+;
find . -type f -exec chmod u=rwX {} \+;
```

* Bump cryptography from 3.2 to 3.3.2 (#79)

Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Gitea user should be a system user

* Improve installation system

* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading

* Improve ARM support

* Fix spacing in gitea configuration template

When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.

* add proper redhat/debian deps for molecule testing

* Gitea group should be a system group

* fix linting for CI

* Update CI and meta information for up-to-date tests and distros

* molecule: fix typo for redhat packages

* fix typo

* bump gitea version to 1.13.1

* Use Ubuntu keyservers to play nicely with everyone

* Update minimum required ansible version to 2.9.8

This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8

* Replace yes by True to please the linting

* Truthy values needs to be lower-case

* bump gitea version to 1.13.2

* perform gitea dump as gitea user

* need to set become to yes

* check-variables.yml doesn't exists anymore

Co-authored-by: L3D <l3d@c3woc.de>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 17:56:31 +00:00
L3D
9cd664d91f
autogenerate JWT_SECRETS (#77)
* autogenerate JWT_SECRETS

Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.

The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.

* drop ansible.builtin. syntax
2021-02-10 19:04:13 +00:00
L3D
67afb71160
add default "gitea_group: gitea" (#71)
* delete trailing whitespace

* Add gitea_group

This will add the `gitea_group: gitea` and will probably
RESOLVE https://github.com/thomas-maurice/ansible-role-gitea/issues/70

* update variable length

update variable length to make this role idempotent

* vars should not include special character
2021-01-27 14:13:02 +00:00
L3D
cde4a964d5 add LFS_JWT_SECRET option
+ Add comments about git-lfs to the README.
+ New variable for LFS_JWT_SECRET.
+ absolute path for gitea_lfs_content_path.
+ maybe some help to resolve https://github.com/thomas-maurice/ansible-role-gitea/issues/70
2021-01-22 11:07:28 +00:00
Simeon Keske
aa75493677 add option to specify extra configuration 2020-12-06 21:39:19 +00:00
Leo Maroni
8af72e355e Add disable_git_hooks config option to security 2020-12-06 21:37:51 +00:00
Jens Timmerman
ecfff9cbc0 bump gitea version
gitea 1.13.0 was released which fixes security issues

some breaking changes were reported in the release notes but I didn't find any issues with them on my system, caution is advised

Support Gitea development, we now have a shop for Swag

    SECURITY
        Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776)
        Prevent git operations for inactive users (#13527) (#13536)
        Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524)
        Mitigate Security vulnerability in the git hook feature (#13058)
        Disable DSA ssh keys by default (#13056)
        Set TLS minimum version to 1.2 (#12689)
        Use argon as default password hash algorithm (#12688)
    BREAKING
        Set RUN_MODE prod by default (#13765) (#13767)
        Don't replace underscores in auto-generated IDs in goldmark (#12805)
        Add Primary Key to Topic and RepoTopic tables (#12639)
        Disable password complexity check default (#12557)
        Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid (#12500)
        Add extension Support to Attachments (allow all types for releases) (#12465)
        Remove IE11 Support (#11470)
2020-12-06 21:36:06 +00:00
genofire
373b5c237c fix repo path 2020-09-24 18:27:29 +02:00
Jens Timmerman
73d72a8264 1.12.4 was released which fixes security issues 2020-09-24 15:59:48 +01:00
Leo Maroni
8f2e1bcd6a
Add configuration option for enabling notify email 2020-07-28 12:23:26 +02:00
Martin Borer
f48402354f issue #53: define mailer type 2020-07-21 14:18:08 +02:00
Thomas Maurice
c7dca823c9
Merge pull request #50 from em0lar/repo_indexer
Add config options for repository indexer
2020-06-20 15:47:56 +01:00
L3D
50fa6f1db5
Merge branch 'master' into 1.12.0 2020-06-18 21:59:19 +02:00
L3D
815d06b7d8
Update gitea to 1.12.0
New gitea release [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) is available \o/
2020-06-18 21:58:09 +02:00
Leo Maroni
1df6bd8e23
Add config options for repository indexer 2020-06-18 07:41:59 +02:00
Leo Maroni
2b665bdb1d Add variable to enable adding CAP_NET_BIND_SERVICE to systemd service 2020-06-03 15:16:57 +01:00
L3D
c3891fc4b3 Update gitea to v1.11.6
New Release available:
https://github.com/go-gitea/gitea/releases/tag/v1.11.6
2020-06-03 10:51:26 +01:00
Simeon Keske
16707f4a38 Allow to set a custom Download-URL for gitea 2020-05-19 14:21:12 +01:00
Leo Maroni
8506ca4f2b Add config option to set repository path different to home_path 2020-05-19 14:19:23 +01:00
Simeon Keske
259d761eb2 add variable gitea_only_allow_external_registration 2020-05-19 14:13:01 +01:00
Simeon Keske
1f88e7238a Allow to specify default theme 2020-05-19 14:13:01 +01:00
L3D
cdb6f4974d Update default version to 1.11.5
Gitea Release [v1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) is available \o/
2020-05-15 09:46:35 +01:00
L3D
fb6606e87e Update main.yml 2020-04-20 15:02:11 +01:00
L3D
3ee72ea310 Update RELEASE to 1.11.3
https://github.com/go-gitea/gitea/releases/tag/v1.11.3
2020-04-20 15:02:11 +01:00
L3D
8ae0401aa1 Update gitea version to 1.11.2
Update Gitea Version to [v1.11.2](https://github.com/go-gitea/gitea/releases/tag/v1.11.2)
2020-04-20 15:02:11 +01:00
Mathias Merscher
c50f79cf4a adds metrics endpoint config support 2020-01-06 11:37:50 +00:00
L3D
4e42778158 New gitea verseion '1.6.4'
https://github.com/go-gitea/gitea/releases/tag/v1.9.4
2019-10-11 19:14:44 +01:00
L3D
39e94854ed update gitea from 1.9.0 to 1.9.3
Update gitea:
https://github.com/go-gitea/gitea/releases

 What changed:

> 1.9.3
    BUGFIXES
        Fix go get from a private repository with Go 1.13 (#8100)
        Strict name matching for Repository.GetTagID() (#8082)
        Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
        Add change title notification for issues (#8064)
        Run CORS handler first for /api routes (#7967) (#8053)
        Evaluate emojis in commit messages in list view (#8044)
        Fix failed to synchronize tags to releases for repository (#7990) (#7994)
        Fix adding default Telegram webhook (#7972) (#7992)
        Abort synchronization from LDAP source if there is some error (#7965)
        Fix deformed emoji in commit message (#8071)
    ENHANCEMENT
        Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)
> 1.9.2


    BUGFIXES
        Fix wrong sender when send slack webhook (#7918) (#7924)
        Upload support text/plain; charset=utf8 (#7899)
        Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
        Fix non existent milestone with 500 error (#7867) (#7873)
    SECURITY
        Fix No PGP signature on 1.9.1 tag (#7874)
        Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
    ENHANCEMENT
        Fix pull creation with empty changes (#7920) (#7926)
    BUILD
        Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)

> 1.9.1


    BREAKING
        Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752)
    SECURITY
        Be more strict with git arguments (#7715) (#7762)
        Release built with go 1.12.8 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA
    BUGFIXES
        Fix local runs of ssh-requiring integration tests (#7855) (#7857)
        Fix hook problem (#7856) (#7754)
        Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846)
        Do not fetch all refs (#7797) (#7837)
        Fix duplicate call of webhook (#7824) (#7821)
        Enable switching to a different source branch when PR already exists (#7823)
        Rewrite existing repo units if setting is not included in api body (#7811)
        Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808)
        API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807)
        Fix Slack webhook fork message (1.9 release backport) (#7783)
        Fix approvals counting (#7757) (#7777)
        Fix rename failed when rewrite public keys (#7761) (#7769)
        Fix dropTableColumns sqlite implementation (#7710) (#7765)
        Fix repo_index_status lingering when deleting a repository (#7738)
        Fix milestone completness calculation when migrating (#7725) (#7732)
        Fixes indexed repos keeping outdated indexes when files grow too large (#7731)
        Skip non-regular files (e.g. submodules) on repo indexing (#7717)
        Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704)
        Correct wrong datetime format for git (#7689) (#7690)
2019-09-24 09:35:33 +01:00
Thomas Maurice
0722d97e7f Updates gitea to 1.9.0 2019-08-01 19:58:44 +01:00
L3D
afbd034f50 Enable git lfs options
With this change it is possible to enable the git-lfs server.
And to configure where data are stored.
2019-07-12 21:16:01 +01:00
L3D
736e33bb37 Update Version to v1.8.3
A New Version of gitea is available:
https://github.com/go-gitea/gitea/releases/tag/v1.8.3
2019-07-12 21:15:23 +01:00
Bèr Kessels
fe4db0bb07 Add username and password for smpt servers. Defaulting to blank 2019-06-16 19:19:24 +01:00
Thomas Maurice
b15b242dde Update gitea to v1.8.2 2019-06-03 22:02:47 +02:00
Thomas Maurice
ccec85feab Upgrade the installed version of gitea to 1.8.1 2019-05-12 11:40:14 +01:00
Trysdyn Black
6cbbbfdf0e Switch gitea_version_check to true by default
Pursuant to the conversation in https://github.com/thomas-maurice/ansible-role-gitea/pull/16
2019-04-30 08:55:21 +01:00
Trysdyn Black
3226a76d94 Add toggle to do a version check before download
Old behavior is to download the binary of `gitea_version` every run,
then checksum it against the currently installed version to see if it needs
to be copied over.

New behavior is to attempt to extract the current running version of gitea
and only initiate the old behavior if the running version != `gitea_version`.

Default is old behavior due to the major logic change involved.
2019-04-30 08:55:21 +01:00
Lilian Roller
609a47de72 Update gitea and create shell variable
The current gitea version is updated to 1.7.5.

And now you are able to customize the shell of your gitea user.
[Issue 14](https://github.com/thomas-maurice/ansible-role-gitea/issues/14)
2019-04-09 13:40:38 +01:00
L3D
b812f562b0 update current stable version of gitea
Based on https://github.com/go-gitea/gitea/releases the current stable version of gitea is ``1.7.4``.

Thank you realy much @thomas-maurice and @madddi for updating this role.
2019-03-25 19:26:05 +00:00
Thomas Maurice
168be1f6bb Bunch of improvements around testing and ansible galaxy
* added a license info
 * added galaxy tags/platforms
 * added travis test support
 * testing the playbook using molecule
2019-03-16 12:11:02 +00:00
Mathias Merscher
b2a6429823 adds template variable for SHOW_REGISTRATION_BUTTON 2019-03-16 10:07:04 +00:00
Mathias Merscher
1997360f71 adds template variables for oauth config 2019-03-16 10:07:04 +00:00
Mathias Merscher
d339c620e9 adds template variable for IS_TLS_ENABLED 2019-03-16 10:07:04 +00:00
Mathias Merscher
ac01b1e467 add new ini parameter INTERNAL_TOKEN 2019-03-16 10:07:04 +00:00
Mathias Merscher
559efa281f more fail2ban config options 2019-03-15 17:05:09 +00:00
Mathias Merscher
41797ebdfd rename gitea_install_fail2ban_config to gitea_fail2ban_enabled 2019-03-15 17:05:09 +00:00
Mathias Merscher
11374216ac adds support for optional deployment of fail2ban jail 2019-03-15 17:05:09 +00:00
Mathias Merscher
de4e7fa6e8 bump default version to 1.7.3 2019-03-15 17:03:52 +00:00
Mathias Merscher
af20311115 adds mailer config parameters 2019-03-09 13:38:43 +00:00
Mathias Merscher
fb63b41825 fix gitea_db_passord typo 2019-03-09 13:37:48 +00:00
h0chi
dc87ede53f Update main.yml 2019-02-22 17:39:12 +00:00
ikarulus
ebddb8b7d4 add version var 2019-01-10 21:45:34 +00:00
Thomas Maurice
9d685ab7a5
Add the support for mysql and postgres databases and documentation 2017-01-11 08:01:37 +01:00
Thomas Maurice
59d3cfc7c8
First commit 2017-01-10 22:09:34 +01:00