Merge pull request #169 from adrinux/issue165-fix-themes

Fix for Issue #165 missing themes

.github/workflows/ansible-linting-check.yml

@@ -16,7 +16,7 @@ jobs:
           fetch-depth: 0
 
       - name: Run ansible-lint
-        uses: ansible-actions/ansible-lint-action@v1.0.2
+        uses: ansible-actions/ansible-lint-action@v1.0.3
         with:
           target: "./"
           collections_yml: 'requirements.yml'

.github/workflows/yamllint-check.yml

@@ -17,6 +17,6 @@ jobs:
           fetch-depth: 0
 
       - name: Run yamllint
-        uses: ansible-actions/yamllint-action@v0.0.1
+        uses: ansible-actions/yamllint-action@v0.0.2
         with:
           target: "./"

README.md

@@ -1,4 +1,4 @@
-[![Ansible Galaxy](https://ansible.l3d.space/svg/l3d.gitea.svg)](https://galaxy.ansible.com/ui/standalone/roles/l3d/gitea/)
+[![Ansible Galaxy](https://ansible.l3d.space/svg/l3d.gitea.svg)](https://galaxy.ansible.com/ui/standalone/roles/roles-ansible/gitea/)
 [![BSD-3 Clause](https://ansible.l3d.space/svg/l3d.gitea_license.svg)](LICENSE)
 [![Maintainance](https://ansible.l3d.space/svg/l3d.gitea_maintainance.svg)](https://ansible.l3d.space/#l3d.gitea)
 
@@ -7,9 +7,15 @@
 
 This role installs and manages [gitea](https://gitea.io) or [forgejo](https://forgejo.org). A painless self-hosted Git service. Gitea is a community managed lightweight code hosting solution written in Go. Forgejo is a fork of it.
 [Source code & screenshots gitea](https://github.com/go-gitea/gitea).
-[Source code forgejo](https://codeberg.org/forgejo/forgejo).
+[Source code forgejo](https://code.forgejo.org/forgejo/forgejo).
 This role is also Part of the Ansible-Collection [l3d.git](https://galaxy.ansible.com/l3d/git). [![l3d.git](https://ansible.l3d.space/svg/l3d.git_ansible-collection_collection.svg)](https://github.com/roles-ansible/ansible_collection_git.git).
 
+## Mirrors
+The role is mirrored to:
++ Github: [github.com/roles-ansible/ansible_role_gitea](https://github.com/roles-ansible/ansible_role_gitea.git)
++ Gitea: [git.l3d.ch/ansible/ansible_role_gitea](https://git.l3d.ch/ansible/ansible_role_gitea.git)
+More about it at [ansible.l3d.space](https://ansible.l3d.space/#l3d.gitea)
+
 ## Sample Usage in a playbook
 
 The following code has been tested with the latest Debian Stable, it should work on Ubuntu and RedHat as well.
@@ -31,6 +37,26 @@ The following code has been tested with the latest Debian Stable, it should work
     gitea_start_ssh: true
 ```
 
+## Choosing between Gitea's built-in SSH and host SSH Server
+
+Gitea has a built-in SSH server which is running on port 2222 (to not conflict with the host SSH server which usually running on port 22).
+This one is used by default in this role and results in a SSH clone URL of `gitea@<fqdn>:2222:<user>/<repo>.git` because `gitea` is the default `RUN_AS` user.
+
+Often enough, one wants to have a "clean" SSH URL like `git@<fqdn>:<user>/<repo>.git`.
+This is possible by using the host SSH server with the following variable configuration:
+
+```yaml
+gitea_ssh_port: 22 # assuming the host SSH server is running on port 22
+gitea_user: git # otherwise there will be permission issues
+gitea_start_ssh: false # to not start the built-in SSH server
+```
+
+The above configuration works out of the box for new installations.
+When migrating from a running instance with existing SSH keys from the built-in SSH server to the host SSH server, you need to make sure that the host SSH server is running and that the `gitea_user` has the necessary permissions to access the repository data and the keys (stored in `<gitea_home>/.ssh/`)
+
+NB: To use `git@` as described above, `gitea_user` must be `git` and it does not suffice to set `gitea_ssh_user: git`.
+See [this issue](https://github.com/go-gitea/gitea/issues/28563) for more information..
+
  Variables
 -----------
 Here is a deeper insight into the variables of this gitea role. For the exact function of some variables and the possibility to add more options we recommend a look at this [config cheat sheet](https://docs.gitea.com/administration/config-cheat-sheet).
@@ -46,6 +72,11 @@ You have the option to choose between [gitea](https://gitea.io) and [forgejo](ht
 To determine which gitea version to install, you can choose between two variants.
 Either you define exactly which release you install. Or you use the option ``latest`` to always install the latest release from the [gitea releases](https://github.com/go-gitea/gitea/releases/latest).
 
+### Forgejo update mechanism
+It is advisable to define exactly which Forgejo release you want to install. See [Forgejo releases](https://forgejo.org/releases/) for the correct value to use in `gitea_version` eg `v1.21.5`.
+
+This is because the Forgejo project maintains both `stable` and `old stable` releases and the `latest` tag will refer to the *most recent release* regardless of whether it is `stable` or `old stable`. This can lead to a situation where `latest` refers to an *older release* than the version you have installed.
+
 ### gitea update
 | variable name | default value | description |
 | ------------- | ------------- | ----------- |
@@ -134,8 +165,8 @@ Either you define exactly which release you install. Or you use the option ``lat
 | variable name | default value | description |
 | ------------- | ------------- | ----------- |
 | `gitea_show_user_email` | `false` | Do you want to display email addresses ? (true/false) |
-| `gitea_theme_default` | `auto` | Default theme |
-| `gitea_themes` | `auto,gitea,arc-green` | List of enabled themes |
+| `gitea_theme_default` | `gitea-auto` or `forgejo-auto` | Default theme |
+| `gitea_themes` | (See `defaults/gitea.yml` or `defaults/forgejo.yml`)| List of enabled themes |
 | `gitea_ui_extra_config` | | you can use this variable to pass additional config parameters in the `[ui]` section of the config. |
 
 ### UI - Meta ([ui.meta](https://docs.gitea.com/administration/config-cheat-sheet#ui---metadata-uimeta))
@@ -223,7 +254,7 @@ Either you define exactly which release you install. Or you use the option ``lat
 | `gitea_auto_watch_new_repos` | `true` | Enable this to let all organisation users watch new repos when they are created (true/false) |
 | `gitea_autowatch_on_change` | `true` | Enable this to make users watch a repository after their first commit to it (true/false) |
 | `gitea_register_manual_confirm` | `false` | Enable this to manually confirm new registrations. Requires REGISTER_EMAIL_CONFIRM to be disabled. |
-| `gitea_default_allow_create_organization` | `true` | Allow new users to create organizations by default (true/false) |
+| `gitea_default_allow_create_organization` | `false` | Allow new users to create organizations by default (true/false) |
 | `gitea_email_domain_allowlist` | | If non-empty, comma separated list of domain names that can only be used to register on this instance, wildcard is supported. |
 | `gitea_default_user_visibility` | `public` | Set default visibility mode for users, either "public", "limited" or "private". |
 | `gitea_default_org_visibility` | `public` | Set default visibility mode for organisations, either "public", "limited" or "private". |
@@ -317,7 +348,7 @@ Either you define exactly which release you install. Or you use the option ``lat
 | variable name | default value | description |
 | ------------- | ------------- | ----------- |
 | `gitea_actions_enabled` | `false` | Enable/Disable actions capabilities globaly. You may want to add `repo.actions` to `gitea_default_repo_units` to enable actions on all new repositories |
-| `gitea_actions_default_actions_url` | `https://gitea.com/` | Default address to get action plugins, e.g. the default value means downloading from `https://gitea.com/actions/checkout` for `uses: actions/checkout@v3` |
+| `gitea_actions_default_actions_url` | `github` | Default address to get action plugins, e.g. the default value means downloading from `https://github.com/actions/checkout` for `uses: actions/checkout@v3` |
 | `gitea_actions_extra` | | you can use this variable to pass additional config parameters in the `[actions]` section of the config. |
 
 ### Other ([other](https://docs.gitea.com/administration/config-cheat-sheet#other-other))
@@ -347,6 +378,17 @@ As this will only deploy config files, fail2ban already has to be installed or o
 | `gitea_fail2ban_jail_bantime` | `900` | fail2ban jail `bantime` setting. |
 | `gitea_fail2ban_jail_action` | `iptables-allports` | fail2ban jail `action` setting. |
 
+### local gitea Users
+| variable | option | description |
+| -------- | ------ | ----------- |
+| ``gitea_users`` | | dict to create local gitea or forgejo users |
+| | ``name`` | name for local gitea/forgejo user |
+| | ``password`` | user for local git user |
+| | ``email`` | email for local git user |
+| | ``admin`` | give user admin permissions |
+| | ``must_change_password`` | user should change password after first login |
+| | ``state`` | set to ``absent`` to delete user |
+
 ### optional customisation
 You can optionally customize your gitea using this ansible role. We got our information about customisation from [docs.gitea.io/en-us/customizing-gitea](https://docs.gitea.io/en-us/customizing-gitea/).
 To deploy multiple files we created the ``gitea_custom_search`` variable, that can point to the path where you put the custom gitea files *( default ``"files/host_files/{{ inventory_hostname }}/gitea"``)*.
@@ -375,6 +417,15 @@ To deploy multiple files we created the ``gitea_custom_search`` variable, that c
   - Set ``gitea_customize_files`` to ``true``
   - Create a directory with the files you want to deploy.
   - Point ``gitea_customize_files_path`` to this directory. *(Default ``{{ gitea_custom_search }}/gitea_files/``)*
++ **CUSTOM THEMES**:
+  - Set `gitea_custom_themes` to a list with URLs for custom theme CSS files. You usually want three individual files per theme. Example:
+    ```yaml
+    gitea_custom_themes:
+      - https://example.com/theme-custom-auto.css
+      - https://example.com/theme-custom-dark.css
+      - https://example.com/theme-custom-light.css
+    ```
+  - Set `gitea_themes` variable and include the names of the new themes. To keep the existing ones, you need to pass all themes names, e.g. `auto,gitea,arc-green,<custom-auto>,<custom-light>,<custom-dark>`
 
 ## Requirements
 This role uses the ``ansible.builtin`` and ``community.general`` ansible Collections. To download the latest forgejo/gitea release we use json_query. This requires ``jmespath`` to be available.

defaults/forgejo.yml

@@ -0,0 +1,5 @@
+---
+gitea_theme_default: "forgejo-auto"
+# yamllint disable rule:line-length
+gitea_themes: "forgejo-auto,forgejo-light,forgejo-dark,gitea-auto,gitea-light,gitea-dark,forgejo-auto-deuteranopia-protanopia,forgejo-light-deuteranopia-protanopia,forgejo-dark-deuteranopia-protanopia,forgejo-auto-tritanopia,forgejo-light-tritanopia,forgejo-dark-tritanopia"
+# yamllint enable rule:line-length

defaults/gitea.yml

@@ -0,0 +1,3 @@
+---
+gitea_theme_default: "gitea-auto"
+gitea_themes: "gitea-auto,gitea-light,gitea-dark"

defaults/main.yml

@@ -25,6 +25,16 @@ gitea_configuration_path: '/etc/gitea'
 gitea_shell: '/bin/false'
 gitea_systemd_cap_net_bind_service: false
 
+# optional users on gitea instance
+gitea_users: []
+# example of entry
+#  - name: johndoe
+#    password: verysecret
+#    email: "johndoe@example.com"
+#    admin: false
+#    must_change_password: true
+#    state: present
+
 # Overall (DEFAULT)
 # -> https://docs.gitea.io/en-us/config-cheat-sheet/#overall-default
 gitea_app_name: 'Gitea'
@@ -82,8 +92,6 @@ gitea_cors_extra: ''
 # UI (ui)
 # -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui
 gitea_show_user_email: false
-gitea_theme_default: 'auto'
-gitea_themes: 'auto,gitea,arc-green'
 gitea_ui_extra_config: ''
 
 # UI - Metadata (ui.meta)
@@ -248,7 +256,7 @@ gitea_lfs_extra: ''
 # Actions (actions)
 # -> https://docs.gitea.io/en-us/config-cheat-sheet/#actions-actions
 gitea_actions_enabled: false
-gitea_actions_default_actions_url: "https://gitea.com"
+gitea_actions_default_actions_url: github
 gitea_actions_extra: ''
 
 # Other (other)
@@ -274,4 +282,4 @@ gitea_customize_logo: false
 gitea_custom: "{{ gitea_home }}/custom"
 gitea_customize_footer: false
 gitea_customize_files: false
-gitea_customize_files_path: "{{ gitea_custom_search }}/gitea_files"
+gitea_customize_files_path: "{{ gitea_custom_search }}/gitea_files/"

tasks/configure.yml

@@ -14,7 +14,7 @@
     dest: "{{ gitea_configuration_path }}/gitea.ini"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: 0600
+    mode: '0640'
   notify: "Restart gitea"
 
 - name: "Service gitea"

tasks/customize_footer.yml

@@ -18,7 +18,7 @@
     dest: "{{ gitea_custom }}/templates/custom/extra_links_footer.tmpl"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: '0644'
+    mode: '0640'
   failed_when: false
   tags: skip_ansible_lint
   notify: "Restart gitea"

tasks/customize_logo.yml

@@ -6,19 +6,20 @@
     state: directory
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: 'u=rwX,g=rX,o='
+    mode: "u=rwX,g=rX,o="
   loop:
     - "{{ gitea_custom }}/public"
-    - "{{ gitea_custom }}/public/img"
+    - "{{ gitea_custom }}/public/assets"
+    - "{{ gitea_custom }}/public/assets/img"
 
 - name: Transfer custom logo.svg
   become: true
   ansible.builtin.copy:
     src: "{{ lookup('first_found', transfer_custom_logo_logosvg) }}"
-    dest: "{{ gitea_custom }}/public/img/logo.svg"
+    dest: "{{ gitea_custom }}/public/assets/img/logo.svg"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: '0644'
+    mode: "0640"
   tags: skip_ansible_lint
   failed_when: false
 
@@ -26,10 +27,10 @@
   become: true
   ansible.builtin.copy:
     src: "{{ lookup('first_found', transfer_custom_logo_logopng) }}"
-    dest: "{{ gitea_custom }}/public/img/logo.png"
+    dest: "{{ gitea_custom }}/public/assets/img/logo.png"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: '0644'
+    mode: "0640"
   tags: skip_ansible_lint
   failed_when: false
 
@@ -37,10 +38,10 @@
   become: true
   ansible.builtin.copy:
     src: "{{ lookup('first_found', transfer_custom_logo_faviconpng) }}"
-    dest: "{{ gitea_custom }}/public/img/favicon.png"
+    dest: "{{ gitea_custom }}/public/assets/img/favicon.png"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: '0644'
+    mode: "0640"
   tags: skip_ansible_lint
   failed_when: false
 
@@ -48,9 +49,9 @@
   become: true
   ansible.builtin.copy:
     src: "{{ lookup('first_found', transfer_custom_logo_appletouchiconpng) }}"
-    dest: "{{ gitea_custom }}/public/img/apple-touch-icon.png"
+    dest: "{{ gitea_custom }}/public/assets/img/apple-touch-icon.png"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: '0644'
+    mode: "0640"
   tags: skip_ansible_lint
   failed_when: false

tasks/customize_public_files.yml

@@ -6,19 +6,39 @@
     state: directory
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: 'u=rwX,g=rX,o='
+    mode: "u=rwX,g=rX,o="
   loop:
-    - "{{ gitea_custom }}/public"
+    - "{{ gitea_custom }}/public/assets/"
 
 - name: Transfer custom public web data
   become: true
   ansible.builtin.copy:
     src: "{{ gitea_customize_files_path }}"
-    dest: "{{ gitea_custom }}/public/"
+    dest: "{{ gitea_custom }}/public/assets/"
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
     directory_mode: true
-    mode: 'u=rwX,g=rX,o='
+    mode: "u=rwX,g=rX,o="
   failed_when: false
   tags: skip_ansible_lint
   notify: "Restart gitea"
+
+- name: Create css directory for custom themes
+  when: gitea_custom_themes is defined
+  ansible.builtin.file:
+    path: "{{ gitea_custom }}/public/css"
+    state: directory
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: "u=rwX,g=rX,o="
+
+- name: Get custom themes
+  when: gitea_custom_themes is defined
+  ansible.builtin.get_url:
+    url: "{{ item.name }}"
+    dest: "{{ gitea_custom }}/css/{{ item.name | basename }}"
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: "u=rwX,g=rX,o="
+  loop: "{{ gitea_custom_themes }}"
+  notify: "Restart gitea"

tasks/directory.yml

@@ -6,9 +6,9 @@
     state: directory
     owner: "{{ gitea_user }}"
     group: "{{ gitea_group }}"
-    mode: 'u=rwX,g=rX,o='
+    mode: "u=rwX,g=rX"
+    recurse: true
   loop:
-    - "{{ gitea_configuration_path }}"
     - "{{ gitea_user_home }}"
     - "{{ gitea_home }}"
     - "{{ gitea_home }}/data"
@@ -18,3 +18,15 @@
     - "{{ gitea_home }}/indexers"
     - "{{ gitea_home }}/log"
     - "{{ gitea_repository_root }}"
+
+- name: "Create config and data directory"
+  become: true
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: "u=rwX,g=rX,o="
+    recurse: true
+  loop:
+    - "{{ gitea_configuration_path }}"

tasks/install_systemd.yml

@@ -1,23 +1,9 @@
 ---
 - name: "Setup systemd service"
   become: true
-  when: ansible_os_family == "Debian"
   ansible.builtin.template:
     src: gitea.service.j2
-    dest: /lib/systemd/system/gitea.service
-    owner: root
-    group: root
-    mode: 0644
-  notify:
-    - "Reload systemd"
-    - "Restart gitea"
-
-- name: "Setup systemd service"
-  become: true
-  when: ansible_os_family == "Suse"
-  ansible.builtin.template:
-    src: gitea.service.j2
-    dest: /etc/systemd/system/gitea.service
+    dest: "{{ gitea_systemd_path }}/gitea.service"
     owner: root
     group: root
     mode: 0644

tasks/local_git_users.yml

@@ -0,0 +1,36 @@
+---
+- name: Identify gitea users
+  ansible.builtin.command: su - {{ gitea_user }} -c '{{ gitea_full_executable_path }} -c {{ gitea_configuration_path }}/gitea.ini admin user list'
+  become: true
+  register: _giteausers
+  changed_when: false
+
+- name: Use gitea cli to create user
+  become: true
+  ansible.builtin.command: |
+    su - {{ gitea_user }} -c \
+    '{{ gitea_full_executable_path }} -c {{ gitea_configuration_path }}/gitea.ini \
+    admin user create --username "{{ item.name }}" \
+    --password "{{ item.password }}" --email "{{ item.email }}" \
+    --must-change-password={{ item.must_change_password }} --admin={{ item.admin }}'
+  register: _gitearesult
+  failed_when:
+    - '"successfully created" not in _gitearesult.stdout'
+  changed_when:
+    - '"successfully created!" in _gitearesult.stdout'
+  when: "_giteausers is defined and item.name not in _giteausers.stdout and item.state | default('present') == 'present'"
+  loop: "{{ gitea_users }}"
+
+- name: Use gitea cli to delete user
+  become: true
+  ansible.builtin.command: |
+    su - {{ gitea_user }} -c \
+    '{{ gitea_full_executable_path }} -c {{ gitea_configuration_path }}/gitea.ini \
+    admin user delete --username "{{ item.name }}"'
+  register: _giteadelresult
+  failed_when:
+    - '"error" in _giteadelresult.stdout'
+  changed_when:
+    "_giteausers is defined and item.name in _giteausers.stdout"
+  when: "_giteausers is defined and item.name in _giteausers.stdout and item.state | default('present') == 'absent'"
+  loop: "{{ gitea_users }}"

tasks/main.yml

@@ -1,12 +1,12 @@
 ---
 - name: Perform optional versionscheck
   ansible.builtin.include_tasks:
-    file: 'versioncheck.yml'
+    file: "versioncheck.yml"
   when: submodules_versioncheck|bool
 
 - name: Gather installed packages for checks later on
   ansible.builtin.package_facts:
-    manager: 'auto'
+    manager: "auto"
 
 - name: Prepare gitea/forgejo variable import
   block:
@@ -18,6 +18,15 @@
       ansible.builtin.fail:
         msg: "Currently only {{ gitea_supported_forks }} are supported."
 
+- name: Gather Gitea/Forgejo UI Theme variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ gitea_fork }}.yml"
+      paths:
+        - "defaults"
+
 - name: Gather variables for each operating system
   ansible.builtin.include_vars:
     file: "{{ lookup('first_found', gitea_variables) }}"
@@ -28,12 +37,12 @@
 
 - name: Backup gitea before update
   ansible.builtin.include_tasks:
-    file: 'backup.yml'
+    file: "backup.yml"
   when: gitea_backup_on_upgrade|bool
 
-- name: Create gitea user and role
+- name: Create gitea user and group
   ansible.builtin.include_tasks:
-    file: 'create_user.yml'
+    file: "create_user.yml"
 
 - name: "Install or update {{ gitea_fork }}"
   ansible.builtin.include_tasks:
@@ -41,41 +50,46 @@
 
 - name: Create directories
   ansible.builtin.include_tasks:
-    file: 'directory.yml'
+    file: "directory.yml"
 
 - name: Setup gitea systemd service
   ansible.builtin.include_tasks:
-    file: 'install_systemd.yml'
+    file: "install_systemd.yml"
   when: ansible_service_mgr == "systemd"
 
 - name: Generate JWT Secrets if undefined
   ansible.builtin.include_tasks:
-    file: 'jwt_secrets.yml'
+    file: "jwt_secrets.yml"
 
 - name: Generate gitea secrets if undefined
   ansible.builtin.include_tasks:
-    file: 'gitea_secrets.yml'
+    file: "gitea_secrets.yml"
 
 - name: Configure gitea
   ansible.builtin.include_tasks:
-    file: 'configure.yml'
+    file: "configure.yml"
 
 - name: Deploy optional fail2ban rules
   ansible.builtin.include_tasks:
-    file: 'fail2ban.yml'
+    file: "fail2ban.yml"
   when: gitea_fail2ban_enabled | bool
 
 - name: Optionally customize gitea
   ansible.builtin.include_tasks:
-    file: 'customize_logo.yml'
+    file: "customize_logo.yml"
   when: gitea_customize_logo | bool
 
 - name: Optionally customize footer
   ansible.builtin.include_tasks:
-    file: 'customize_footer.yml'
+    file: "customize_footer.yml"
   when: gitea_customize_footer | bool
 
 - name: Optionally deploy public files
   ansible.builtin.include_tasks:
-    file: 'customize_public_files.yml'
-  when: gitea_customize_files | bool
+    file: "customize_public_files.yml"
+  when: gitea_customize_files | bool or gitea_custom_themes is defined
+
+- name: Optionally create local Users on git instance
+  ansible.builtin.include_tasks:
+    file: 'local_git_users.yml'
+  when: gitea_users | length > 0

tasks/set_forgejo_version.yml

@@ -12,7 +12,7 @@
   block:
     - name: "Get latest forgejo release metadata"
       ansible.builtin.uri:
-        url: 'https://codeberg.org/api/v1/repos/forgejo/forgejo/releases?limit=1'
+        url: 'https://{{ gitea_forgejo_repo }}/api/v1/repos/forgejo/forgejo/releases?limit=1'
         return_content: true
       register: gitea_forgejo_remote_metadata
       become: false
@@ -45,14 +45,17 @@
   block:
     - name: "Get specific forgejo release metadata"
       ansible.builtin.uri:
-        url: 'https://codeberg.org/api/v1/repos/forgejo/forgejo/releases/tags/v{{ gitea_version_target }}'
+        url: 'https://{{ gitea_forgejo_repo }}/api/v1/repos/forgejo/forgejo/releases/tags/v{{ gitea_version_target }}'
         return_content: true
       register: gitea_forgejo_remote_tags_metadata
       become: false
   rescue:
-    - name: "Error Downloading https://codeberg.org/api/v1/repos/forgejo/forgejo/releases/tags/v{{ gitea_version_target }}"
+    - name: "Error Downloading v{{ gitea_version_target }}"
       ansible.builtin.fail:
-        msg: "We did not find the forgejo version you specified. Are you sure that '{{ gitea_version_target }}' is a valid forgejo version?"
+        msg: |
+          We did not find the forgejo version you specified.
+          Are you sure that '{{ gitea_version_target }}' is a valid forgejo version?
+          Please verify 'https://{{ gitea_forgejo_repo }}/api/v1/repos/forgejo/forgejo/releases/tags/v{{ gitea_version_target }}' is a valid URL!
 
 - name: "Generate forgejo download url"
   ansible.builtin.set_fact:
@@ -84,7 +87,7 @@
 
 - name: "Set a example forgejo download link if in check mode"
   ansible.builtin.set_fact:
-    gitea_forgejo_dl_url: ['https://codeberg.org/attachments/a00333ad-250a-4d30-a764-9a37fb24f419']
+    gitea_forgejo_dl_url: ['https://{{ gitea_forgejo_repo }}/attachments/a00333ad-250a-4d30-a764-9a37fb24f419']
   when: ansible_check_mode
 
 - name: "Set a example forgejo checksum link if in check mode"
@@ -94,7 +97,7 @@
 
 - name: "Set a example forgejo checksum link if in check mode"
   ansible.builtin.set_fact:
-    gitea_forgejo_signed_url: ['https://codeberg.org/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f']
+    gitea_forgejo_signed_url: ['https://{{ gitea_forgejo_repo }}/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f']
   when: ansible_check_mode
 
 - name: 'Assert that remote version is higher'
@@ -102,6 +105,7 @@
     that:
       - gitea_active_version is version(gitea_remote_version, 'lt')
     fail_msg: ERROR - Remote version is lower then current version!
+  when: gitea_version == "latest" and gitea_active_version.stderr == "" | bool
 
 - name: Show Download URLs  # noqa: H500
   ansible.builtin.debug:

tasks/set_gitea_version.yml

@@ -45,6 +45,7 @@
     that:
       - gitea_active_version is version(gitea_remote_version, 'lt')
     fail_msg: ERROR - Remote version is lower then current version!
+  when: gitea_version == "latest" and gitea_active_version.stderr == "" | bool
 
 - name: "Generate gitea download URL"
   ansible.builtin.set_fact:

templates/gitea.ini.j2

@@ -174,7 +174,6 @@ ENABLE_CAPTCHA = {{ gitea_enable_captcha | ternary('true', 'false') }}
 DEFAULT_KEEP_EMAIL_PRIVATE = {{ gitea_default_keep_mail_private | ternary('true', 'false') }}
 SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button | ternary('true', 'false') }}
 AUTO_WATCH_NEW_REPOS = {{ gitea_auto_watch_new_repos | ternary('true', 'false') }}
-ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }}
 AUTO_WATCH_ON_CHANGES = {{ gitea_autowatch_on_change | ternary('true', 'false') }}
 SHOW_MILESTONES_DASHBOARD_PAGE = {{ gitea_show_milestones_dashboard_page | ternary('true', 'false') }}
 REGISTER_MANUAL_CONFIRM = {{ gitea_register_manual_confirm | ternary('true', 'false') }}
@@ -257,7 +256,7 @@ TOKEN = {{ gitea_metrics_token }}
 ;
 ; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#oauth2-oauth2
 [oauth2]
-ENABLE = {{ gitea_oauth2_enabled | ternary('true', 'false') }}
+ENABLED = {{ gitea_oauth2_enabled | ternary('true', 'false') }}
 JWT_SECRET = {{ gitea_oauth2_jwt_secret }}
 {{ gitea_oauth2_extra_config }}
 ;

templates/gitea.service.j2

@@ -1,3 +1,4 @@
+{{ ansible_managed | comment }}
 [Unit]
 Description={{ gitea_fork }} git server
 After=network.target

vars/debian.yml

@@ -3,3 +3,5 @@ gitea_dependencies:
   - git
   - gnupg2
   - xz-utils
+
+gitea_systemd_path: '/lib/systemd/system'

vars/fork_forgejo.yml

@@ -5,3 +5,4 @@ gitea_filename: "forgejo-{{ gitea_version_target }}-linux-{{ gitea_arch }}"
 gitea_forgejo_query_download: "assets[?name==`{{ gitea_filename }}`].browser_download_url"
 gitea_forgejo_query_checksum: "assets[?name==`{{ gitea_filename }}.sha256`].browser_download_url"
 gitea_forgejo_query_signed: "assets[?name==`{{ gitea_filename }}.asc`].browser_download_url"
+gitea_forgejo_repo: 'code.forgejo.org'

vars/main.yml

@@ -23,6 +23,7 @@ gitea_variables:
     - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
     - "{{ ansible_distribution | lower }}.yml"
     - "{{ ansible_os_family | lower }}.yml"
+    - 'os_fallback_defaults.yml'
   paths:
     - 'vars'
 
@@ -62,5 +63,5 @@ transfer_custom_footer:
     - 'files/gitea_footer/extra_links_footer.tmpl'
     - 'files/extra_links_footer.tmpl'
 
-playbook_version_number: 53  # should be int
+playbook_version_number: 60
 playbook_version_path: 'do1jlr.gitea.version'

vars/os_fallback_defaults.yml

@@ -0,0 +1,7 @@
+---
+gitea_dependencies:
+  - git
+  - gnupg2
+  - xz-utils
+
+gitea_systemd_path: '/lib/systemd/system'

vars/redhat.yml

@@ -3,3 +3,5 @@ gitea_dependencies:
   - git
   - gnupg2
   - xz
+
+gitea_systemd_path: '/lib/systemd/system'

vars/suse.yml

@@ -3,3 +3,5 @@ gitea_dependencies:
   - git
   - gpg2
   - xz
+
+gitea_systemd_path: '/etc/systemd/system'