--- - hosts: all gather_facts: false tasks: - name: Load variables include_vars: dir: "{{ dokku_lib_root }}/data/ansible/gitea/vars/" extensions: - yml - name: Set HTTP 80 port proxy dokku_ports: app: gitea mappings: - "http:80:3000" - "http:222:2222" state: present - name: Setup LE certificates shell: dokku letsencrypt gitea args: creates: /home/dokku/gitea/letsencrypt/certs - name: Setup LE certificates renew cron job shell: dokku letsencrypt:cron-job --add args: creates: /home/dokku/gitea/letsencrypt/cron-job - name: Remove automatically configured ports dokku_ports: app: gitea mappings: - "http:3000:3000" - "http:2222:2222" state: absent - name: Set HTTP 443 port dokku_ports: app: gitea mappings: - "https:443:3000" state: present - name: Ensure jq package is installed apt: name: jq state: present - name: Retrieve application container IP address shell: "dokku ps:inspect gitea | jq -r .[0].NetworkSettings.IPAddress" register: dokku_ps_inspect - name: Setup the SSH passthrough script vars: ssh_listen_port: "{{ ssh_listen_port }}" dokku_container_ip: "{{ dokku_ps_inspect.stdout }}" template: src: gitea.j2 dest: /app/gitea/gitea owner: git group: git mode: "+x" force: true become: true - name: Set authorized_keys file for git user lineinfile: path: /var/lib/gitea/git/.ssh/authorized_keys regexp: "^{{ lookup('file', '/home/git/.ssh/id_rsa.pub') }}" line: "{{ lookup('file', '/home/git/.ssh/id_rsa.pub') }}{{ lookup('file', '/var/lib/gitea/git/.ssh/authorized_keys') }}" state: present insertbefore: BOF create: true become: true - name: Symlink the authorized keys configuration file: src: /var/lib/gitea/git/.ssh/authorized_keys dest: /home/git/.ssh/authorized_keys state: link force: true owner: git become: true