New vars, new tasks, new app!
This commit is contained in:
Luke Murphy
parent
0742d6ea12
commit
cdca1c47ea
@ -1,5 +1,34 @@
|
||||
---
|
||||
- hosts: all
|
||||
tasks:
|
||||
- name: Echo test
|
||||
shell: echo 'post-deploy!'
|
||||
- name: Load variables
|
||||
include_vars:
|
||||
dir: "{{ dokku_lib_root }}/data/ansible/gitea/vars/"
|
||||
extensions:
|
||||
- yaml
|
||||
|
||||
- name: Set HTTP 80 port proxy
|
||||
dokku_ports:
|
||||
app: gitea
|
||||
mappings:
|
||||
- "http:80:3000"
|
||||
state: present
|
||||
|
||||
- name: Setup LE certificates
|
||||
shell: dokku letsencrypt gitea
|
||||
args:
|
||||
creates: /home/dokku/gitea/letsencrypt/certs
|
||||
|
||||
- name: Set HTTP 443 port
|
||||
dokku_ports:
|
||||
app: gitea
|
||||
mappings:
|
||||
- "https:443:3000"
|
||||
state: present
|
||||
|
||||
- name: Remove automatically configured ports
|
||||
dokku_ports:
|
||||
app: gitea
|
||||
mappings:
|
||||
- "http:3000:3000"
|
||||
state: absent
|
||||
|
||||
@ -3,7 +3,18 @@
|
||||
tasks:
|
||||
- name: Load variables
|
||||
include_vars:
|
||||
file: "{{ dokku_lib_root }}/data/ansible/gitea/vars.yml"
|
||||
dir: "{{ dokku_lib_root }}/data/ansible/gitea/vars/"
|
||||
extensions:
|
||||
- yaml
|
||||
|
||||
- name: Create mariadb database
|
||||
shell: |
|
||||
dokku mariadb:create
|
||||
--custom-env "USER=gitea"
|
||||
--password {{ db_paswd }}
|
||||
--root-password {{ root_db_passwd }}
|
||||
args:
|
||||
creates: /var/lib/dokku/services/mariadb/gitea
|
||||
|
||||
- name: Setup host Gitea group
|
||||
group:
|
||||
@ -33,6 +44,46 @@
|
||||
split: ":"
|
||||
become: true
|
||||
|
||||
- name: Create volume mount configuration directory
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: dokku
|
||||
group: dokku
|
||||
with_items:
|
||||
- /var/lib/gitea/gitea/
|
||||
- /var/lib/gitea/gitea/conf
|
||||
become: true
|
||||
|
||||
- name: Copy over app.ini gitea configuration
|
||||
vars:
|
||||
DISABLE_REGISTRATION: true
|
||||
ENABLE_OPENID_SIGNIN: true
|
||||
ENABLE_OPENID_SIGNUP: false
|
||||
INTERNAL_TOKEN: "{{ internal_token }}"
|
||||
JWT_SECRET: "{{ jwt_secret }}"
|
||||
REQUIRE_SIGNIN_VIEW: false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION: true
|
||||
RUN_MODE: prod
|
||||
SECRET_KEY: "{{ secret_key }}"
|
||||
template:
|
||||
src: app.ini.j2
|
||||
dest: /var/lib/gitea/gitea/conf/app.ini
|
||||
owner: dokku
|
||||
group: dokku
|
||||
become: true
|
||||
|
||||
- name: Specify docker volume mounts
|
||||
dokku_storage:
|
||||
app: gitea
|
||||
mounts:
|
||||
- /var/lib/gitea:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /var/lib/dokku/services/mariadb/gitea:/var/lib/mysql
|
||||
become: true
|
||||
become_user: dokku
|
||||
|
||||
- name: Store gitea git user uid/guid
|
||||
set_fact:
|
||||
gitea_user_uid: "{{ getent_passwd['gitea'][1] }}"
|
||||
@ -45,3 +96,25 @@
|
||||
config:
|
||||
USER_GID: "{{ gitea_user_guid }}"
|
||||
USER_UID: "{{ gitea_user_uid }}"
|
||||
|
||||
- name: Configure the docker env vars
|
||||
dokku_config:
|
||||
app: gitea
|
||||
restart: false
|
||||
config:
|
||||
ADMIN_MAIL: "{{ autonomic_admin_mail }}"
|
||||
ADMIN_PASS: "{{ autonomic_admin_pass }}"
|
||||
ADMIN_USER: "{{ autonomic_add_user }}"
|
||||
DB_TYPE: mysql
|
||||
DB_HOST: "dokku-mariadb-gitea:3306"
|
||||
DB_NAME: gitea
|
||||
DB_USER: gitea
|
||||
DB_PASSWD: "{{ db_passwd }}"
|
||||
DISABLE_REGISTRATION: true
|
||||
DOMAIN: git.autonomic.zone
|
||||
INSTALL_LOCK: true
|
||||
RUN_MODE: prod
|
||||
USER_GID: "{{ gitea_user_guid }}"
|
||||
USER_UID: "{{ gitea_user_uid }}"
|
||||
become: true
|
||||
become_user: dokku
|
||||
|
||||
60
ansible/templates/app.ini.j2
Normal file
60
ansible/templates/app.ini.j2
Normal file
@ -0,0 +1,60 @@
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
RUN_MODE = {{ RUN_MODE }}
|
||||
|
||||
[repository]
|
||||
ROOT = /data/git/repositories
|
||||
|
||||
[repository.local]
|
||||
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
||||
|
||||
[repository.upload]
|
||||
TEMP_PATH = /data/gitea/uploads
|
||||
|
||||
[server]
|
||||
APP_DATA_PATH = /data/gitea
|
||||
SSH_DOMAIN = localhost
|
||||
HTTP_PORT = 3000
|
||||
ROOT_URL =
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 22
|
||||
SSH_LISTEN_PORT = 22
|
||||
LFS_START_SERVER = false
|
||||
LFS_CONTENT_PATH = /data/git/lfs
|
||||
|
||||
[database]
|
||||
PATH = /data/gitea/gitea.db
|
||||
DB_TYPE = sqlite3
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
||||
|
||||
[session]
|
||||
PROVIDER_CONFIG = /data/gitea/sessions
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
||||
|
||||
[attachment]
|
||||
PATH = /data/gitea/attachments
|
||||
|
||||
[log]
|
||||
ROOT_PATH = /data/gitea/log
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = true
|
||||
SECRET_KEY = {{ SECRET_KEY }}
|
||||
INTERNAL_TOKEN = {{ INTERNAL_TOKEN }}
|
||||
|
||||
[service]
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ ALLOW_ONLY_EXTERNAL_REGISTRATION }}
|
||||
DISABLE_REGISTRATION = {{ DISABLE_REGISTRATION }}
|
||||
REQUIRE_SIGNIN_VIEW = {{ REQUIRE_SIGNIN_VIEW }}
|
||||
|
||||
[oauth2]
|
||||
JWT_SECRET = {{ JWT_SECRET }}
|
||||
|
||||
[openid]
|
||||
ENABLE_OPENID_SIGNIN = {{ ENABLE_OPENID_SIGNIN }}
|
||||
ENABLE_OPENID_SIGNUP = {{ ENABLE_OPENID_SIGNUP }}
|
||||
WHITELISTED_URIS = {{ WHITELISTED_URIS }}
|
||||
@ -1,15 +0,0 @@
|
||||
---
|
||||
ansible_become_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
63313938306136313835386235363961633861386361656632313666316430353337323539333935
|
||||
6366343537386432376136373161333530333735316662350a343438396334616637376437333138
|
||||
66643064333562363538633466313261383266613463633138393338393765393330316264363363
|
||||
3237663464633262320a373337303461663938616332653664306364396263326566383665303263
|
||||
38313261323833636662333934343463353433333866353835343264626631633266393032633030
|
||||
34313230363838353138643266643830356633306235643032383665323436366534303931373866
|
||||
31633038363033336262376134653561303666353066393431623035313839363937623839646236
|
||||
66626162643231346265653263343733333434623036376536633264626464363664663436396239
|
||||
39646336386238343931653661333665653637363232623432313962653936366637343261373065
|
||||
66366532636234656437373164326130393434396332636162363838653264376233313036633865
|
||||
32623131393030643861616333653734323762626638613134626366646662363365616137333131
|
||||
30346463353066303961
|
||||
3
ansible/vars/all.yml
Normal file
3
ansible/vars/all.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
autonomic_admin_mail: helo@autonomic.zone
|
||||
autonomic_admin_user: autonomic
|
||||
8
ansible/vars/ansible_become_pass.yml
Normal file
8
ansible/vars/ansible_become_pass.yml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
ansible_become_pass: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
34396236353735666531323238656533643465303131663464613162396333313836363630666266
|
||||
6539323631656635333864316166633064633366323936610a656137616334313534333635313232
|
||||
35323561303763366563316631313638363333393763323935343563303963616334336639386462
|
||||
3837383830616637360a373539613630356564363662393836366462666430353439353637303035
|
||||
63396633303166343433313439303539313637306637663137313533316531616434
|
||||
9
ansible/vars/autonomic_admin_pass.yml
Normal file
9
ansible/vars/autonomic_admin_pass.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
autonomic_admin_pass: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
63346230633033616135653638346366333063316161643339646134653435633631616133383838
|
||||
3334323934346239333237323164383437366633663338620a636662396131343838356637376266
|
||||
63306462613233393863363066343532623139313965323830313535376136373138396364363536
|
||||
3163393262656339640a613630346234313063393130636663353038303266663964653765373134
|
||||
36653431303662616465303334386563643564663832353331623432363138323365666362313731
|
||||
6539306238396362333832343530383731313131383334653133
|
||||
9
ansible/vars/db_passwd.yml
Normal file
9
ansible/vars/db_passwd.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
db_passwd: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
36646464626462336534333030666665636436353163656230366337393435326337653663616539
|
||||
3361353565363637393166643763613762353465386336640a303335633330373266386639633562
|
||||
62393961653038306362656639373031666364353866653862623132633739373630396662386132
|
||||
3436366139613463310a353262613862663836653333376265363032303839383532666632653963
|
||||
66623031646566303130383935366332616662386365326133636163623338646232316433346266
|
||||
3166623035666362646565633265383737323238336531363766
|
||||
9
ansible/vars/internal_token.yml
Normal file
9
ansible/vars/internal_token.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
internal_token: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31616533343831326637383239663630626563303865393461613234366630326335383631656330
|
||||
6438653036313733616430653765396161636233336365630a373230653538613562373932393336
|
||||
32333430616136643734393038353430656335343331376330313832323963373264316638306566
|
||||
3735393932666461620a306465643439636433346363666462626335363638303564643236643033
|
||||
62323037643633346635353462613164303530646566313438646231646139373932653139326566
|
||||
3365393963393133633963643465363735333138646536393533
|
||||
9
ansible/vars/jwt_secret.yml
Normal file
9
ansible/vars/jwt_secret.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
jwt_secret: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37326331613162666263663465303937333038646436623830623464636235373433653334303063
|
||||
6165666262376130613533353130626432323637386364630a353836353536383337643463393138
|
||||
38613935373135366462366336626339326631646131396336303063616234616464363037336630
|
||||
3039363333363032310a336561353262356236666163323735396262383635373133356234653964
|
||||
63323830616431356438393938353161666533383635333131336137623638393937373934666232
|
||||
6636373735373761383430363161646337363335303637633861
|
||||
9
ansible/vars/root_db_passwd.yml
Normal file
9
ansible/vars/root_db_passwd.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
root_db_passwd: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37646665656335653735623538323830656432386530356633633761303636366433353131303633
|
||||
3939343564363931613466376538386237373166323133370a383962646538643664383166356338
|
||||
34643665336463376661303730376562376362396664313333626262653061633965333930383162
|
||||
6437626637616130360a393862633538333664396334646437353361626539353830326433373666
|
||||
64616238623563393531373236346634356334386461636536663337383666396130366465653335
|
||||
3432353230393164393030643836393164393235386638653537
|
||||
9
ansible/vars/secret_key.yml
Normal file
9
ansible/vars/secret_key.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
63336135353338386564333337313933323635393533663561373463346664323865303361333765
|
||||
3238656235613334323331616330326566626235393237300a666635313239356265623937356431
|
||||
38656336616665393035653133323130396236663466313330346666363130326361623738663330
|
||||
3631393536626266610a343765616361313137613264626433633765303033613437303865313865
|
||||
34343235346466383337386638623364386266626432613036396639653162663233323136613436
|
||||
3537306565356538626161373635613739363638383036366265
|
||||
5
app.json
5
app.json
@ -1,8 +1,5 @@
|
||||
{
|
||||
"name": "gitea",
|
||||
"description": "Gitea is a painless self-hosted Git service.",
|
||||
"repository": "https://gitlab.com/autonomic-cooperative/coop-cloud/gitea",
|
||||
"dokku": {
|
||||
"plugins": ["mariadb"]
|
||||
}
|
||||
"repository": "https://gitlab.com/autonomic-cooperative/coop-cloud/gitea"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user