mirror of
https://github.com/CPunch/openpunk-ansible.git
synced 2024-12-22 14:00:04 +00:00
roles/gitea: support giteaUninstall variable
This commit is contained in:
parent
e8fe024b77
commit
af53eb4637
@ -18,6 +18,10 @@
|
||||
- zsh # :D
|
||||
- python3-certbot-nginx
|
||||
|
||||
- name: Grab package facts
|
||||
package_facts:
|
||||
manager: auto
|
||||
|
||||
- name: Setup zsh
|
||||
user:
|
||||
name: "{{ ansible_user }}"
|
||||
|
@ -24,7 +24,7 @@
|
||||
mode: u=rw,g=,o=
|
||||
|
||||
# this keypair is trusted under my github account, so it allows my vps to make pushes
|
||||
# to the main branch of my openpunk repository. (see roles/deadswitchfiles/imdead.sh)
|
||||
# to the main branch of my openpunk repository. (see roles/deadswitch/files/imdead.sh)
|
||||
|
||||
- name: Install ssh priv key
|
||||
copy:
|
||||
|
3
roles/gitea/defaults/main.yml
Normal file
3
roles/gitea/defaults/main.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
giteaPort: 3000
|
||||
giteaUninstall: false
|
@ -1,40 +1,63 @@
|
||||
---
|
||||
- name: Check if Gitea is installed
|
||||
shell: gitea --version
|
||||
register: validate_gitea
|
||||
changed_when: no
|
||||
- name: Check for Gitea gpg key
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg.d/morph027-gitea.gpg
|
||||
register: gitea_key
|
||||
|
||||
- name: Add Gitea key && repository
|
||||
- name: Install Gitea
|
||||
block:
|
||||
- name: Check for Gitea gpg key
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg.d/morph027-gitea.gpg
|
||||
register: gitea_key
|
||||
- name: Add Gitea key, repository && install
|
||||
block:
|
||||
- name: Import Gitea key
|
||||
shell: curl -s https://packaging.gitlab.io/gitea/gpg.key | sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/morph027-gitea.gpg --import && sudo chmod 644 /etc/apt/trusted.gpg.d/morph027-gitea.gpg
|
||||
when: gitea_key.stat.exists == false or gitea_key.stat.mode != "0644"
|
||||
|
||||
- name: Import Gitea key
|
||||
shell: curl -s https://packaging.gitlab.io/gitea/gpg.key | sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/morph027-gitea.gpg --import && sudo chmod 644 /etc/apt/trusted.gpg.d/morph027-gitea.gpg
|
||||
when: gitea_key.stat.exists == false or gitea_key.stat.mode != "0644"
|
||||
- name: Add Gitea repository
|
||||
apt_repository:
|
||||
filename: morph027-gitea
|
||||
repo: deb https://packaging.gitlab.io/gitea gitea main
|
||||
|
||||
- name: Add Gitea repository
|
||||
- name: Add Gitea package
|
||||
package:
|
||||
name: gitea
|
||||
when: "'gitea' not in ansible_facts.packages"
|
||||
|
||||
- name: Configure Gitea
|
||||
template:
|
||||
src: templates/app.ini
|
||||
dest: /etc/gitea/app.ini
|
||||
owner: gitea
|
||||
force: no # we don't want to kill our existing config D:
|
||||
|
||||
- name: Reload Gitea
|
||||
systemd:
|
||||
name: gitea
|
||||
enabled: yes
|
||||
state: started
|
||||
when: giteaUninstall == false
|
||||
|
||||
- name: Uninstall Gitea
|
||||
block:
|
||||
- name: Stop Gitea
|
||||
systemd:
|
||||
name: gitea
|
||||
enabled: no
|
||||
state: stopped
|
||||
|
||||
- name: Remove Gitea package
|
||||
package:
|
||||
name: gitea
|
||||
state: absent
|
||||
|
||||
- name: Remove Gitea repository
|
||||
apt_repository:
|
||||
filename: morph027-gitea
|
||||
repo: deb https://packaging.gitlab.io/gitea gitea main
|
||||
when: '"not found" in validate_gitea.stdout'
|
||||
state: absent
|
||||
|
||||
- name: Install Gitea
|
||||
package:
|
||||
name:
|
||||
- gitea
|
||||
|
||||
- name: Configure Gitea
|
||||
template:
|
||||
src: templates/app.ini
|
||||
dest: /etc/gitea/app.ini
|
||||
owner: gitea
|
||||
force: no # we don't want to kill our existing config D:
|
||||
|
||||
- name: Reload Gitea
|
||||
systemd:
|
||||
name: gitea
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Remove Gitea key
|
||||
file:
|
||||
path: /etc/apt/trusted.gpg.d/morph027-gitea.gpg
|
||||
state: absent
|
||||
when: gitea_key.stat.exists == false or gitea_key.stat.mode != "0644"
|
||||
when: giteaUninstall == true and ('gitea' in ansible_facts.packages)
|
@ -18,7 +18,7 @@ ROOT = /var/lib/gitea/gitea-repositories
|
||||
[server]
|
||||
SSH_DOMAIN = git.{{ domain }}
|
||||
DOMAIN = git.{{ domain }}
|
||||
HTTP_PORT = 3000
|
||||
HTTP_PORT = {{ giteaPort }}
|
||||
ROOT_URL = https://git.{{ domain }}/
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 22
|
||||
|
3
roles/nginx/defaults/main.yml
Normal file
3
roles/nginx/defaults/main.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
giteaPort: 3000
|
||||
giteaUninstall: false
|
@ -22,6 +22,14 @@
|
||||
dest: /etc/nginx/conf.d/git.{{ domain }}.conf
|
||||
force: no
|
||||
notify: setup nginx
|
||||
when: giteaPort is defined and giteaUninstall == false
|
||||
|
||||
- name: Uninstall nginx config for git.{{ domain }}
|
||||
file:
|
||||
path: /etc/nginx/conf.d/git.{{ domain }}.conf
|
||||
state: absent
|
||||
notify: setup nginx
|
||||
when: giteaPort is not defined or (giteaUninstall is defined and giteaUninstall)
|
||||
|
||||
- name: Install nginx config for our Hidden Service
|
||||
template:
|
||||
|
@ -1,6 +1,10 @@
|
||||
---
|
||||
- name: Setup certbot
|
||||
shell: "certbot --nginx --non-interactive --agree-tos -m {{ contact_email }} -d {{ domain }} -d git.{{ domain }}"
|
||||
- name: Setup certbot for {{ domain }}
|
||||
shell: "certbot --nginx --non-interactive --agree-tos -m {{ contact_email }} -d {{ domain }}"
|
||||
|
||||
- name: Setup certbot for git.{{ domain }}
|
||||
shell: "certbot --nginx --non-interactive --agree-tos -m {{ contact_email }} -d git.{{ domain }}"
|
||||
when: giteaPort is defined and giteaUninstall == false
|
||||
|
||||
- name: Reload Nginx
|
||||
systemd:
|
||||
|
@ -4,7 +4,7 @@ server {
|
||||
|
||||
location / {
|
||||
add_header Permissions-Policy interest-cohort=();
|
||||
proxy_pass http://localhost:3000;
|
||||
proxy_pass http://localhost:{{ giteaPort }};
|
||||
}
|
||||
|
||||
client_max_body_size 100M;
|
||||
|
22
run.yml
22
run.yml
@ -1,6 +1,10 @@
|
||||
---
|
||||
- hosts: all
|
||||
become: yes
|
||||
vars:
|
||||
- giteaPort: 3000
|
||||
- giteaUninstall: false
|
||||
|
||||
vars_files:
|
||||
- group_vars/all.yml
|
||||
|
||||
@ -10,12 +14,12 @@
|
||||
private: no
|
||||
|
||||
roles:
|
||||
- essential
|
||||
- git
|
||||
- deadswitch
|
||||
- firewall
|
||||
- blog
|
||||
- gitea
|
||||
- nginx
|
||||
- goaccess
|
||||
- tor
|
||||
- role: essential
|
||||
- role: firewall
|
||||
- role: git
|
||||
- role: deadswitch
|
||||
- role: blog
|
||||
- role: gitea
|
||||
- role: nginx
|
||||
- role: goaccess
|
||||
- role: tor
|
Loading…
Reference in New Issue
Block a user