Skip to content

Commit

Permalink
Upgrade/ansible version 2.10 (#84)
Browse files Browse the repository at this point in the history
* added new vars for lfs remote usage
git lfs can be hosted elsewhere and therefore need some config

* added configuration describtion for lfs vars

* added new vars for notifications

* added describtion for new vars for mail notis

* added gitea_lfs_secret describtion to README

* remove whitespaces and lines

* upgraded minimum ansible version to 2.10

* refactored coansible to use minimum version 2.10

* Cleanup template (#85)

improve template and create loglevel variable

* update requirements for molecule (#78)

* start upgrading requirements

* add some more updated requirements

* add another junk

* add another junk

* update ansible version

* modify backup on upgrade (#81)

* create backup direcotry

create a backup folder and move the gitea backup to backup.yml

* make the backup on update optional

Documentation and introduction of the variable `gitea_backup_on_upgrade: false`

* change become_method to sudo

change become_method to sudo as suggested by @wzzrd. removed become_flags.

* Full path to gitea binary in backup task. thanks to @wzzrd

* update gitea to 1.13.4 (#86)

The current release of gitea is [v1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4).

The current master of this role is not able to do a version update properly. PLEASE first merge #81

* Bump pyyaml from 5.3.1 to 5.4 (#89)

Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](yaml/pyyaml@5.3.1...5.4)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* bump gitea version (#87)

fixes security issues https://github.com/go-gitea/gitea/releases/tag/v1.13.6

* added new vars for lfs remote usage
git lfs can be hosted elsewhere and therefore need some config

added configuration describtion for lfs vars

added new vars for notifications

added describtion for new vars for mail notis

added gitea_lfs_secret describtion to README

remove whitespaces and lines

upgraded minimum ansible version to 2.10

refactored coansible to use minimum version 2.10

Co-authored-by: L3D <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Timmerman <[email protected]>
  • Loading branch information
4 people authored Apr 10, 2021
1 parent b04f4ca commit 4dfd303
Show file tree
Hide file tree
Showing 10 changed files with 58 additions and 37 deletions.
15 changes: 8 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -123,13 +123,10 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
* `gitea_mailer_password`: SMTP server password
* `gitea_mailer_from`: Sender mail address
* `gitea_enable_notify_mail`: Whether e-mail should be send to watchers of a repository when something happens. Default: `false`

### LFS configuration

* `gitea_lfs_enabled`: Enable GIT LFS *(git large file storeage: [git-lfs](https://git-lfs.github.com/))*. Default: `false`
* `gitea_lfs_content_path`: path where the lfs files are stored
* `gitea_lfs_secret`: JWT secret for remote LFS usage. Can be generated with ``gitea generate secret JWT_SECRET``

* `gitea_mail_default`: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disable (Default: `onmention` )
* `gitea_autowatch_new_repo`: Enable this to let all organisation users watch new repos when they are created (Default: `false`)
* `gitea_autowatch_on_change`: Enable this to make users watch a repository after their first commit to it (Default: `true`)
* `gitea_show_mailstones_dashboard`: Enable this to show the milestones dashboard page - a view of all the user’s milestones (Default: `true`)

### Fail2Ban configuration

Expand All @@ -148,6 +145,10 @@ As this will only deploy config files, fail2ban already has to be installed or o
* `gitea_oauth2_enabled`: Enable the Oauth2 provider (true/false)
* `gitea_oauth2_jwt_secret`: Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``

### GIT LFS configuration
* `gitea_lfs_enabled`: Enable GIT LFS (large filesystem)
* `gitea_lfs_mode`: should lfs be in offline mode (true/false)
* `gitea_lfs_secret`: JWT secret for remote LFS usage

### Metrics endpoint configuration

Expand Down
7 changes: 7 additions & 0 deletions defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ gitea_offline_mode: true
gitea_lfs_server_enabled: false
gitea_lfs_content_path: "{{ gitea_home }}/data/lfs"
gitea_lfs_jwt_secret: ''
gitea_lfs_content_path: "data/lfs"
gitea_lfs_secret: SomethingVeryLong
gitea_lfs_mode: true

gitea_db_type: sqlite3
gitea_db_host: 127.0.0.0:3306
Expand All @@ -52,6 +55,10 @@ gitea_require_signin: true
gitea_enable_captcha: true
gitea_only_allow_external_registration: false
gitea_enable_notify_mail: false
gitea_mail_default: onmention
gitea_autowatch_new_repo: false
gitea_autowatch_on_change: true
gitea_show_mailstones_dashboard: true

gitea_force_private: false

Expand Down
6 changes: 3 additions & 3 deletions handlers/main.yml
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
---
- name: "Restart gitea"
service:
ansible.builtin.service:
name: gitea
state: restarted
when: ansible_service_mgr == "systemd"

- name: "Reload systemd"
systemd:
ansible.builtin.systemd:
daemon_reload: true
when: ansible_service_mgr == "systemd"

- name: "Restart fail2ban"
service:
ansible.builtin.service:
name: fail2ban
state: restarted
when: ansible_service_mgr == "systemd"
2 changes: 1 addition & 1 deletion meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
galaxy_info:
author: Thomas Maurice
description: Ansible Role - Gitea
min_ansible_version: 2.9.8
min_ansible_version: 2.10
license: BSD-3-Clause
galaxy_tags:
- git
Expand Down
10 changes: 3 additions & 7 deletions requirements-travis.txt
Original file line number Diff line number Diff line change
@@ -1,10 +1,6 @@
ansible==2.10.7
ansible-lint==5.0.0
anyconfig==0.10.0
atomicwrites==1.4.0
attrs==20.3.0
autopep8==1.5.5
bcrypt==3.2.0
ansible==2.10
ansible-lint==4.2.0
anyconfig==0.9.7
arrow==0.15.5
asn1crypto==0.24.0
binaryornot==0.4.4
Expand Down
2 changes: 1 addition & 1 deletion tasks/create_user.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
state: "present"

- name: "Create Gitea user"
user:
ansible.builtin.user:
name: "{{ gitea_user }}"
comment: "Gitea user"
home: "{{ gitea_home }}"
Expand Down
4 changes: 2 additions & 2 deletions tasks/fail2ban.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
- name: Install fail2ban filter
template:
ansible.builtin.template:
src: fail2ban/filter.conf.j2
dest: /etc/fail2ban/filter.d/gitea.conf
owner: root
Expand All @@ -9,7 +9,7 @@
notify: Restart fail2ban

- name: Install fail2ban jail
template:
ansible.builtin.template:
src: fail2ban/jail.conf.j2
dest: /etc/fail2ban/jail.d/gitea.conf
owner: root
Expand Down
4 changes: 2 additions & 2 deletions tasks/install_systemd.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
- name: "Setup systemd service"
template:
ansible.builtin.template:
src: gitea.service.j2
dest: /lib/systemd/system/gitea.service
owner: root
Expand All @@ -13,5 +13,5 @@
# systemd to be reloaded the first time because
# it is the only way Systemd is going to be aware of the new unit file.
- name: "Reload systemd"
systemd:
ansible.builtin.systemd:
daemon_reload: true
30 changes: 19 additions & 11 deletions tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,25 +9,29 @@
- "{{ ansible_os_family | lower }}.yml"

- name: "Check gitea version"
shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
args:
executable: /bin/bash
register: gitea_active_version
changed_when: false
failed_when: false
when: gitea_version_check|bool

- name: backup gitea before update
include_tasks: backup.yml
when: gitea_backup_on_upgrade|bool

- name: install or update gitea
include_tasks: install.yml
- name: "Download the binary"
ansible.builtin.get_url:
url: "{{ gitea_dl_url }}"
dest: /usr/local/bin/gitea
owner: root
group: root
mode: 0755
force: true
notify: "Restart gitea"
when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version))

- include: create_user.yml

- name: "Create config directory"
file:
- name: "Create config and data directory"
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ gitea_user }}"
Expand Down Expand Up @@ -58,9 +62,13 @@
when: ansible_service_mgr == "systemd"

- include_tasks: jwt_secrets.yml
- name: 'Install git'
ansible.builtin.package:
name: 'git'
state: 'present'

- name: "Configure gitea"
template:
ansible.builtin.template:
src: gitea.ini.j2
dest: /etc/gitea/gitea.ini
owner: "{{ gitea_user }}"
Expand All @@ -69,7 +77,7 @@
notify: "Restart gitea"

- name: "Service gitea"
service:
ansible.builtin.service:
name: gitea
state: started
enabled: true
Expand Down
15 changes: 12 additions & 3 deletions templates/gitea.ini.j2
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@ LFS_CONTENT_PATH = {{ gitea_lfs_content_path }}
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
{% endif %}

LFS_CONTENT_PATH = {{ gitea_lfs_content_path }}
; if the LFS sotre is not offline/local
LFS_JWT_SECRET = {{ gitea_lfs_secret }}
OFFLINE_MODE = {{ gitea_lfs_mode }}
{%- endif %}
[database]
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
DB_TYPE = {{ gitea_db_type }}
Expand Down Expand Up @@ -116,9 +121,13 @@ CAPTCHA_TYPE = image
RECAPTCHA_SECRET =
RECAPTCHA_SITEKEY =
; Show Registration button
SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button | ternary('true', 'false') }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }}
ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail | ternary('true', 'false') }}
SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration }}
ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail }}
DEFAULT_EMAIL_NOTIFICATIONS = {{ gitea_mail_default }}
AUTO_WATCH_NEW_REPOS = {{ gitea_autowatch_new_repo }}
AUTO_WATCH_ON_CHANGES = {{ gitea_autowatch_on_change }}
SHOW_MILESTONES_DASHBOARD_PAGE = {{ gitea_show_mailstones_dashboard }}

[mailer]
ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }}
Expand Down

0 comments on commit 4dfd303

Please sign in to comment.