1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
Commit graph

84 commits

Author SHA1 Message Date
L3D
c6b70f22d4
change gitea key server
based on https://docs.gitea.io/en-us/install-from-binary/ gitea is recomending keys.openpgp.org as key server.

Thanks to @DC7IA for noticing it!
2021-04-07 18:02:13 +02:00
L3D
f8fc1a8fe3
New Gitea Release 1.13.6
https://github.com/go-gitea/gitea/releases/tag/v1.13.6
2021-03-23 22:06:58 +01:00
L3D
6f4b740a43
new gitea version 2021-03-22 03:05:17 +01:00
L3D
8e1735117d
Merge pull request #9 from roles-ansible/v
add optional versionscheck
2021-03-22 02:26:10 +01:00
L3D
791ae23361
add optional versionscheck
a simple version check that can prevent you from accidentally running an older version of this role.
2021-03-22 02:22:22 +01:00
L3D
ff2cfb1edc
improve default privacy rules 2021-03-22 02:16:11 +01:00
L3D
42f6a4e594
cleanup README 2021-03-22 00:35:16 +01:00
L3D
7d8ff11f5e
reorder metrics and oauth2 variables 2021-03-22 00:17:13 +01:00
L3D
889c3ac713
reorder logging variables 2021-03-22 00:06:53 +01:00
L3D
9f867af9ca
reorder Issue and pull request attachments variables 2021-03-21 23:45:20 +01:00
L3D
4aa5562c49
reorder pictures variables 2021-03-21 23:34:25 +01:00
L3D
f568d8f13c
reorder session variables 2021-03-21 23:26:42 +01:00
L3D
fc7025755a
reorder mailer variables 2021-03-21 23:17:13 +01:00
L3D
9e98056b43
reorder service variables 2021-03-21 22:58:34 +01:00
L3D
ced73dde98
reorder security variables and add have I been pwned var 2021-03-21 22:45:27 +01:00
L3D
1ca44426ff
add missing variable 2021-03-21 21:06:05 +01:00
L3D
62b0bc8ef8
improve linting 2021-03-21 17:57:41 +01:00
L3D
0b23826553
reorder gitea indexer config 2021-03-21 17:56:16 +01:00
L3D
32a1532f7a
reorder gitea database config 2021-03-21 17:42:28 +01:00
L3D
1cb903924a
reorder gitea server variables 2021-03-21 17:29:04 +01:00
L3D
db9c8c4341
reorder variables based on config-cheat-sheet 2021-03-21 17:08:17 +01:00
L3D
1a8164b5ac
resolve linting error 2021-03-21 02:29:29 +01:00
L3D
6ec2f8ed04
change secret mechanism and continue with README clenaup 2021-03-21 02:22:36 +01:00
L3D
154a0ac752
Start reordering variables and gitea_auto_watch_new_repos variable 2021-03-21 02:02:15 +01:00
L3D
fb884c7263
resolve merge conflicts from https://github.com/thomas-maurice/ansible-role-gitea/pull/62 2021-03-21 00:27:27 +01:00
L3D
ab415b8027
Merge remote-tracking branch 'genofire/fix-repo-path' 2021-03-21 00:18:43 +01:00
L3D
fe43c45e1e
Merge branch 'version' 2021-03-20 23:35:02 +01:00
L3D
9333d622c5
update gitea to 1.13.4
The current release of gitea is [v1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4).

The current master of this role is not able to do a version update properly. PLEASE first merge https://github.com/thomas-maurice/ansible-role-gitea/pull/81
2021-03-20 23:31:09 +01:00
L3D
2fa3f51eb4
Cleanup template (#85)
improve template and create loglevel variable
2021-03-02 09:35:13 +00:00
L3D
1127d83778
make the backup on update optional
Documentation and introduction of the variable `gitea_backup_on_upgrade: false`
2021-02-13 05:41:32 +01:00
L3D
0ffd14ccf0
create backup direcotry
create a backup folder and move the gitea backup to backup.yml
2021-02-13 05:32:27 +01:00
Finwë
56375819a7
Improve ARM Support (#74)
* Gitea user should be a system user

* Improve installation system

* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading

* Improve ARM support

* Improve support for Vault Encrypted JWT tokens

* Fix spacing in gitea configuration template

When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.

* add proper redhat/debian deps for molecule testing

* Gitea group should be a system group

* fix linting for CI

* Update CI and meta information for up-to-date tests and distros

* molecule: fix typo for redhat packages

* fix typo

* bump gitea version to 1.13.1

* Use Ubuntu keyservers to play nicely with everyone

* Update minimum required ansible version to 2.9.8

This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8

* Replace yes by True to please the linting

* Truthy values needs to be lower-case

* bump gitea version to 1.13.2

* perform gitea dump as gitea user

* need to set become to yes

* autogenerate JWT_SECRETS (#77)

* autogenerate JWT_SECRETS

Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.

The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.

* drop ansible.builtin. syntax

* Update file permissions for "{{ gitea_home }}" (#75)

The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files.

This should be done better. And I have done here now.

By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me
```
find . -type f -exec chmod a-x {} \+;
find . -type f -exec chmod u=rwX {} \+;
```

* Bump cryptography from 3.2 to 3.3.2 (#79)

Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Gitea user should be a system user

* Improve installation system

* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading

* Improve ARM support

* Fix spacing in gitea configuration template

When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.

* add proper redhat/debian deps for molecule testing

* Gitea group should be a system group

* fix linting for CI

* Update CI and meta information for up-to-date tests and distros

* molecule: fix typo for redhat packages

* fix typo

* bump gitea version to 1.13.1

* Use Ubuntu keyservers to play nicely with everyone

* Update minimum required ansible version to 2.9.8

This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8

* Replace yes by True to please the linting

* Truthy values needs to be lower-case

* bump gitea version to 1.13.2

* perform gitea dump as gitea user

* need to set become to yes

* check-variables.yml doesn't exists anymore

Co-authored-by: L3D <l3d@c3woc.de>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 17:56:31 +00:00
L3D
9cd664d91f
autogenerate JWT_SECRETS (#77)
* autogenerate JWT_SECRETS

Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.

The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.

* drop ansible.builtin. syntax
2021-02-10 19:04:13 +00:00
L3D
67afb71160
add default "gitea_group: gitea" (#71)
* delete trailing whitespace

* Add gitea_group

This will add the `gitea_group: gitea` and will probably
RESOLVE https://github.com/thomas-maurice/ansible-role-gitea/issues/70

* update variable length

update variable length to make this role idempotent

* vars should not include special character
2021-01-27 14:13:02 +00:00
L3D
cde4a964d5 add LFS_JWT_SECRET option
+ Add comments about git-lfs to the README.
+ New variable for LFS_JWT_SECRET.
+ absolute path for gitea_lfs_content_path.
+ maybe some help to resolve https://github.com/thomas-maurice/ansible-role-gitea/issues/70
2021-01-22 11:07:28 +00:00
Simeon Keske
aa75493677 add option to specify extra configuration 2020-12-06 21:39:19 +00:00
Leo Maroni
8af72e355e Add disable_git_hooks config option to security 2020-12-06 21:37:51 +00:00
Jens Timmerman
ecfff9cbc0 bump gitea version
gitea 1.13.0 was released which fixes security issues

some breaking changes were reported in the release notes but I didn't find any issues with them on my system, caution is advised

Support Gitea development, we now have a shop for Swag

    SECURITY
        Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776)
        Prevent git operations for inactive users (#13527) (#13536)
        Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524)
        Mitigate Security vulnerability in the git hook feature (#13058)
        Disable DSA ssh keys by default (#13056)
        Set TLS minimum version to 1.2 (#12689)
        Use argon as default password hash algorithm (#12688)
    BREAKING
        Set RUN_MODE prod by default (#13765) (#13767)
        Don't replace underscores in auto-generated IDs in goldmark (#12805)
        Add Primary Key to Topic and RepoTopic tables (#12639)
        Disable password complexity check default (#12557)
        Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid (#12500)
        Add extension Support to Attachments (allow all types for releases) (#12465)
        Remove IE11 Support (#11470)
2020-12-06 21:36:06 +00:00
genofire
373b5c237c fix repo path 2020-09-24 18:27:29 +02:00
Jens Timmerman
73d72a8264 1.12.4 was released which fixes security issues 2020-09-24 15:59:48 +01:00
Leo Maroni
8f2e1bcd6a
Add configuration option for enabling notify email 2020-07-28 12:23:26 +02:00
Martin Borer
f48402354f issue #53: define mailer type 2020-07-21 14:18:08 +02:00
Thomas Maurice
c7dca823c9
Merge pull request #50 from em0lar/repo_indexer
Add config options for repository indexer
2020-06-20 15:47:56 +01:00
L3D
50fa6f1db5
Merge branch 'master' into 1.12.0 2020-06-18 21:59:19 +02:00
L3D
815d06b7d8
Update gitea to 1.12.0
New gitea release [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) is available \o/
2020-06-18 21:58:09 +02:00
Leo Maroni
1df6bd8e23
Add config options for repository indexer 2020-06-18 07:41:59 +02:00
Leo Maroni
2b665bdb1d Add variable to enable adding CAP_NET_BIND_SERVICE to systemd service 2020-06-03 15:16:57 +01:00
L3D
c3891fc4b3 Update gitea to v1.11.6
New Release available:
https://github.com/go-gitea/gitea/releases/tag/v1.11.6
2020-06-03 10:51:26 +01:00
Simeon Keske
16707f4a38 Allow to set a custom Download-URL for gitea 2020-05-19 14:21:12 +01:00
Leo Maroni
8506ca4f2b Add config option to set repository path different to home_path 2020-05-19 14:19:23 +01:00