gitea: fix outdated theme for v1.22.0^

gitea: enable LFS server
gitea backup: fix wrong dump cleanup path
2026-02-10 03:40:04 +00:00 · 2024-07-10 21:23:22 -05:00 · 2024-05-17 00:19:05 -05:00 · 2024-04-09 16:39:10 -05:00 · 2024-04-09 16:32:01 -05:00 · 2024-03-10 13:52:04 -05:00
6 changed files with 28 additions and 11 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -1,4 +1,5 @@
 ---
 domain: openpunk.com
 contact_email: openpunk@proton.me
-onionDomain: opnpnk6eutjiqy4ndpyvwxd5pncj2g2cmz6fkocr5uh3omnn4utvspad.onion
+onionDomain: opnpnk6eutjiqy4ndpyvwxd5pncj2g2cmz6fkocr5uh3omnn4utvspad.onion
+giteaPort: 3000
--- a/roles/gitea/tasks/backup.yml
+++ b/roles/gitea/tasks/backup.yml
@@ -17,7 +17,7 @@

 - name: Dump Gitea
  shell:
-    cmd: gitea dump -c /etc/gitea/app.ini --work-path=/etc/gitea --file=gitea-dump.zip --tempdir=/etc/gitea/temp
+    cmd: gitea dump -c /etc/gitea/gitea.ini --work-path=/etc/gitea --file=gitea-dump.zip --tempdir=/etc/gitea/temp
    chdir: /etc/gitea
  become: true
  become_method: su
@@ -33,7 +33,7 @@

 - name: Remove remote dump
  file:
-    path: "{{ giteaBackup }}"
+    path: /etc/gitea/gitea-dump.zip
    state: absent
  tags: backup

--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -6,7 +6,7 @@
    gitea_fqdn: 'git.{{ domain }}'
    gitea_home: '/var/lib/gitea'
    gitea_db_type: 'sqlite3'
-    gitea_theme_default: 'arc-green'
+    gitea_theme_default: 'gitea-dark'
    gitea_root_url: 'https://git.{{ domain }}'
    gitea_protocol: http
    gitea_http_port: "{{ giteaPort }}"
@@ -15,6 +15,7 @@
    gitea_allow_only_internal_registration: true
    gitea_disable_registration: true
    gitea_require_signin: false
+    gitea_lfs_server_enabled: true

 - name: Backup db
  include_tasks: backup.yml
--- a/roles/gitea/tasks/restore.yml
+++ b/roles/gitea/tasks/restore.yml
@@ -55,7 +55,7 @@
 - name: Install repositories
  copy:
    src: /etc/gitea/gitea-dump/repos/
-    dest: /var/lib/gitea/gitea-repositories/
+    dest: /var/lib/gitea/repos/
    remote_src: true
    owner: gitea
  tags: restore
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -20,13 +20,14 @@
  include_role:
    name: geerlingguy.nginx
  vars:
-    nginx_listen_ipv6: true
+    nginx_listen_ipv6: false
    nginx_vhosts:
      - listen: "443 ssl http2"
        server_name: "{{ domain }}"
        root: "/var/www/{{ domain }}/public"
        index: "index.html index.htm"
        extra_parameters: |
+          listen [::]:443 ssl http2;
          location / {
            add_header Permissions-Policy interest-cohort=();
            try_files $uri $uri/ =404;
@@ -35,19 +36,36 @@
          ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
          ssl_protocols       TLSv1.1 TLSv1.2 TLSv1.3;
          ssl_ciphers         HIGH:!aNULL:!MD5;
+      - listen: "80" # redirect http requests to https
+        server_name: "{{ domain }}"
+        return: "301 https://{{ domain }}$request_uri"
+        filename: "{{ domain }}.80.conf"
      - listen: "443 ssl http2"
        server_name: "git.{{ domain }}"
-        client_max_body_size: "100M"
+        client_max_body_size: "512M"
        extra_parameters: |
+          listen [::]:443 ssl http2;
+          listen 80;
+          listen [::]:80;
          location / {
            add_header Permissions-Policy interest-cohort=();
            proxy_pass http://localhost:{{ giteaPort }};
+            proxy_set_header Connection $http_connection;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
          }
          ssl_certificate     /etc/letsencrypt/live/{{ domain }}/fullchain.pem;
          ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
          ssl_protocols       TLSv1.1 TLSv1.2 TLSv1.3;
          ssl_ciphers         HIGH:!aNULL:!MD5;
-      - listen: "2171"
+      - listen: "80" # redirect http requests to https
+        server_name: "git.{{ domain }}"
+        return: "301 https://git.{{ domain }}$request_uri"
+        filename: "git.{{ domain }}.80.conf"
+      - listen: "127.0.0.1:2171"
        server_name: "{{ onionDomain }}"
        root: "/var/www/{{ domain }}/tor"
        index: "index.html index.htm"
--- a/run.yml
+++ b/run.yml
@@ -1,9 +1,6 @@
 ---
 - hosts: all
  become: yes
-  vars:
-    - giteaPort: 3000
-
  vars_files:
    - group_vars/all.yml
Author	SHA1	Message	Date
cpunch	f71c3f6233	gitea: fix outdated theme for v1.22.0^	2024-07-10 21:23:22 -05:00
cpunch	219bd304d6	gitea: enable LFS server	2024-05-17 00:19:05 -05:00
CPunch	5171a308be	gitea backup: fix wrong dump cleanup path	2024-04-09 16:39:10 -05:00
CPunch	2686eddf88	fix gitea backup	2024-04-09 16:32:01 -05:00
CPunch	ab5b7c1d29	nginx: add http redirect to https	2024-03-10 13:52:04 -05:00
CPunch	540f63cd85	nginx: fix gitea proxy headers	2024-02-27 18:11:03 -06:00
CPunch	262e350f7b	run: fix deprecated `vars` dictionary, moved giteaPort to group_vars	2024-02-24 15:51:25 -06:00
CPunch	454d91977c	nginx/tor: fix http proxy listen	2024-02-24 15:50:32 -06:00
CPunch	74e55ef1b9	gitea: fixed restore wrong repos path	2024-02-21 16:55:17 -06:00
cpunk	5212ca61bd	Merge pull request #1 from CPunch/rewrite REFACTOR: lots of changes	2024-02-21 15:58:24 -06:00