gitea: migrate from gogs
This commit is contained in:
parent
7a58869a2f
commit
488fb29275
@ -23,10 +23,12 @@ drone_secret: "{{ vault_drone_secret }}"
|
|||||||
dss_domain: dss.binary-kitchen.de
|
dss_domain: dss.binary-kitchen.de
|
||||||
dss_secret: "{{ vault_dss_secret }}"
|
dss_secret: "{{ vault_dss_secret }}"
|
||||||
|
|
||||||
gogs_domain: git.binary-kitchen.de
|
gitea_domain: git.binary-kitchen.de
|
||||||
gogs_dbname: gogs
|
gitea_dbname: gogs
|
||||||
gogs_dbuser: gogs
|
gitea_dbuser: gogs
|
||||||
gogs_dbpass: "{{ vault_gogs_dbpass }}"
|
gitea_dbpass: "{{ vault_gitea_dbpass }}"
|
||||||
|
gitea_secret: "{{ vault_gitea_secret }}"
|
||||||
|
gitea_jwt_secret: "{{ vault_gitea_jwt_secret }}"
|
||||||
|
|
||||||
hackmd_domain: pad.binary-kitchen.de
|
hackmd_domain: pad.binary-kitchen.de
|
||||||
hackmd_dbname: hackmd
|
hackmd_dbname: hackmd
|
||||||
|
@ -1,44 +1,49 @@
|
|||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
30386437633139313730633863633362386233316337653461616364623334323339626533333939
|
61616165323233313361366635333363646636653837656664383166313435393339373265343064
|
||||||
6466623963336361343337333831646635383437376435620a363836386664623430303836366666
|
3432313033613134363266376239323638666663303434340a653366623135333234613932306361
|
||||||
64356564333864643030636438636364646666633662306236666131653962653235623961376436
|
31623634356237333161343566613962346430313763386165303635626163316132333331396431
|
||||||
6534623031633033360a343535653032366130343132646430393734613838303364613632366434
|
3232663838306133350a613866316563363462633765303966646263316634363938633832643635
|
||||||
36646438316131386536363834356438353034636362316535613362383362326133353937356437
|
31343030353134616663616161343532356265303764626639366638323331366162383636386361
|
||||||
63643731333738653232613961663831663339333935393562656665343035343039636132346438
|
37333937623263396361316232396130376130633439303263323132633263333330303836656562
|
||||||
32646633353238346335353436633363363365376564663736316365396330383337663030616165
|
39363464333036346331613162373638663036383835376561326638366461363464363739323733
|
||||||
64313534346261663238613663356637363161663639386364366531623837633163616438326138
|
34386339383666646136303563353761386336646636396139626430386438306133643032396264
|
||||||
37306134326165346238343535666336353931646236373364303866623335653330336364353536
|
62343738336561323765333863643162303433633338623833306339343436656435333531353639
|
||||||
32393138656165393939323937633038633336653162666566623932333864383733656235633561
|
36353130653966633832343662366537353264613536616531363764323936313137663834613661
|
||||||
32366364363463316665653835363063386138303866393065633637373936623433356565376130
|
32386365346566363366326637386536313064363166336265383738626130626432313339376564
|
||||||
66323464656534386462663835373661326139356666353031363164393564323563326637626639
|
31303863363231383933643533393837656262633565323532616335383831663233386331653131
|
||||||
37306336616533383235326433326631303463313665356431636366306533623438383566346463
|
63303030306433623237386234323431623539646231626636363962633431306330313463613532
|
||||||
61363732316465643432376465356363356165383833666432353235363737303634626166366465
|
65633063366431373335396433623261643538323135343862323638613931336461346164333930
|
||||||
33373332373166646365343232323962343531303565656165333662613238363731376264663130
|
64623130643939353732633035396438326664653330373361386537336461636363643662353738
|
||||||
61316662646431633135633531646538616435323835346566623839336638333930333066663734
|
64303734366339366166333131353434343066326339346231356462383833333963633634363838
|
||||||
62616166643362626565643566313161656265323561666533623664666263613034653038336465
|
62376231653363383137356136643139643534663837646261333565376234383335626137613930
|
||||||
66326639323135333435326230663432656662386439653635303832386262373263306132383463
|
33633731383938343161313830376432653432616335303333656262353936353563633461393965
|
||||||
36656535336231316462366636646564633835306331663466363165383564313838396264316637
|
39336263636361663064636431613565323433663535633136653663326138626534636563363931
|
||||||
64336464636537653962366563303164623964366536633938366130353064303737363533656362
|
66323530316134353137303131356263306363316661366665313934303032313633646537393334
|
||||||
63326663383438613264373635303864353237623436333631353337383865623162656265633930
|
39333562386533646239646362666436376334353730643864313535333562653361356431636437
|
||||||
37653466393831303761386434363563313939313234623434633865356134663831376666656262
|
36313965336334333434613033366161333033626336393238386331653665633238353366336339
|
||||||
33353265376138623834643430643139336566666634333834333839383234663964306636356365
|
33333465666437636362626330346335363439633132646636633565663432303437393236663965
|
||||||
36643763353831376136636164373133303939373062643335316264396137363234383835383936
|
39376630386366363739616266653864613636316535323332666135366264316335623630663161
|
||||||
38383630373432616131303231303662396132313562356532613538303234376235313330303734
|
66666265656664616365336662633532346662653662656361303633386265643433333463616332
|
||||||
36323464373533336637393566626334343764336536323337643930393137643636346639656435
|
39363636333361323235393839383963656234346530383864326337323333323234643632323439
|
||||||
61626465383436303131646436643437633836366265316437306331663537616236633336353236
|
34373664303639326331363865353562376630666464353534393432663161666634386430343330
|
||||||
30386230633930356231376264313263646135306537353932656663643432363637316132303666
|
33356364616437306435396634343433353730316562613135363833663463616139323364663839
|
||||||
66613531393562353735613136396432303430636131373163376562383066326430313639383038
|
38356232333337336138366538656337303765393934356531333432373532643964363838303235
|
||||||
35643031613934663966343437616566346464336263326566353565346432633762646439373636
|
66346439333937633261376231336662623033623334646561373963653737646531363837316533
|
||||||
36336232363261313862353465336332623432656239646331393661613730396163626166643233
|
30626532626664623335626531663762386663663732373537653361346638643833643365646330
|
||||||
38636138663432313965613831333730626532376261636239303366383463633138393431616433
|
33383830343765346536383564663961656437383231653433613964643531316339653061346432
|
||||||
62636333373765366436343663666637643032373662616166363634653430346361646535323834
|
62363533663234343237616461386333333632343063616530363363373834396661396365316631
|
||||||
66393437363635393564353131343361373232336638633164396262366135643766653432303566
|
39363632643563386233316338626238386539393866346666616531663432383866313835646237
|
||||||
34313432343965653138653634373966343337623865303937613363303237383632313334363532
|
35663339623061643138373864326139666438663464636665656235656435346561656535343562
|
||||||
61393061616237623064333263373634373764313963396636633661623764363332333837613661
|
38323537376636333035616431643733386166636235646135653433386565663931356363656538
|
||||||
35373730316463383835303837663136616262316161626362353437343661346266313937623931
|
31323339306261663664633137633235653362623434643633373534663237323864346466333233
|
||||||
30316235626236383861333931353333383237623233373135613465623865313339373533323631
|
66343432346264643130363764373964326435383134353166363135303564303032353636326238
|
||||||
35386337646539326531396438613233636561326231643030633536333635626132393463663032
|
35346638323764353062383130393264346435616465626633623938396333386362366465666539
|
||||||
66343235626266333739366637336434306331626163316335633231656232343763323836396331
|
63646338623035643238633730656237313265633764613338366234323663333637623238646431
|
||||||
65366434346635373865313562663666653166393631373864363934653535653265653534656266
|
34323638643734623634666662653639333165313166373932326434313238663666363937393862
|
||||||
65303336653439336430373864343962396430623531623262326136616164633532616432663034
|
62326164636664336630616134316333623035663030636665396537623563323133363632613934
|
||||||
363338326234396132643564306665303937
|
32393163333737613965646630666433363333303265313561353534313335346563316265663464
|
||||||
|
66303034356634633764663739353839626333316336313639393463363030393261313834653464
|
||||||
|
38613363646161643661306137396262616436663838313437626530666336383637356365336366
|
||||||
|
31336562303539333231626239346666646262386238353066323861363063353437326364653934
|
||||||
|
32663762623732343565336535366361383232636636666438326462626339613933666633316366
|
||||||
|
33386262323461653938
|
||||||
|
6
roles/gitea/defaults/main.yml
Normal file
6
roles/gitea/defaults/main.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
gitea_user: gogs
|
||||||
|
gitea_group: gogs
|
||||||
|
gitea_version: 1.11.6
|
||||||
|
gitea_url: https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64
|
13
roles/gitea/handlers/main.yml
Normal file
13
roles/gitea/handlers/main.yml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Run acertmgr
|
||||||
|
command: /usr/bin/acertmgr
|
||||||
|
|
||||||
|
- name: Restart gitea
|
||||||
|
service: name=gitea state=restarted
|
||||||
|
|
||||||
|
- name: Restart nginx
|
||||||
|
service: name=nginx state=restarted
|
||||||
|
|
||||||
|
- name: Reload systemd
|
||||||
|
command: systemctl daemon-reload
|
60
roles/gitea/tasks/main.yml
Normal file
60
roles/gitea/tasks/main.yml
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Create group
|
||||||
|
group: name={{ gitea_group }}
|
||||||
|
|
||||||
|
- name: Create user
|
||||||
|
user: name={{ gitea_user }} home=/home/{{ gitea_user }} group={{ gitea_group }}
|
||||||
|
|
||||||
|
- name: Create gitea directories
|
||||||
|
file: path={{ item }} state=directory owner={{ gitea_user }}
|
||||||
|
with_items:
|
||||||
|
- /opt/gitea
|
||||||
|
- /opt/gitea/custom
|
||||||
|
- /opt/gitea/custom/conf
|
||||||
|
|
||||||
|
# TODO fetch gitea binary
|
||||||
|
|
||||||
|
- name: Configure gitea
|
||||||
|
template: src=app.ini.j2 dest=/opt/gitea/custom/conf/app.ini force=no owner={{ gitea_user }}
|
||||||
|
|
||||||
|
- name: Install systemd unit
|
||||||
|
template: src=gitea.service.j2 dest=/lib/systemd/system/gitea.service
|
||||||
|
notify:
|
||||||
|
- Reload systemd
|
||||||
|
- Restart gitea
|
||||||
|
|
||||||
|
- name: Install PostgreSQL
|
||||||
|
apt: name={{ item }}
|
||||||
|
with_items:
|
||||||
|
- postgresql
|
||||||
|
- python-psycopg2
|
||||||
|
|
||||||
|
- name: Configure PostgreSQL database
|
||||||
|
postgresql_db: name={{ gitea_dbname }}
|
||||||
|
become: true
|
||||||
|
become_user: postgres
|
||||||
|
|
||||||
|
- name: Configure PostgreSQL user
|
||||||
|
postgresql_user: db={{ gitea_dbname }} name={{ gitea_dbuser }} password={{ gitea_dbpass }} priv=ALL state=present
|
||||||
|
become: true
|
||||||
|
become_user: postgres
|
||||||
|
|
||||||
|
- name: Ensure certificates are available
|
||||||
|
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ gitea_domain }}.key -out /etc/nginx/ssl/{{ gitea_domain }}.crt -days 730 -subj "/CN={{ gitea_domain }}" creates=/etc/nginx/ssl/{{ gitea_domain }}.crt
|
||||||
|
notify: Restart nginx
|
||||||
|
|
||||||
|
- name: Configure certificate manager for gitea
|
||||||
|
template: src=certs.j2 dest=/etc/acertmgr/{{ gitea_domain }}.conf
|
||||||
|
notify: Run acertmgr
|
||||||
|
|
||||||
|
- name: Configure vhost
|
||||||
|
template: src=vhost.j2 dest=/etc/nginx/sites-available/gitea
|
||||||
|
notify: Restart nginx
|
||||||
|
|
||||||
|
- name: Enable vhost
|
||||||
|
file: src=/etc/nginx/sites-available/gitea dest=/etc/nginx/sites-enabled/gitea state=link
|
||||||
|
notify: Restart nginx
|
||||||
|
|
||||||
|
- name: Enable gitea
|
||||||
|
service: name=gitea enabled=yes
|
30
roles/gitea/templates/app.ini.j2
Normal file
30
roles/gitea/templates/app.ini.j2
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
APP_NAME = Binary Kitchen Git Service
|
||||||
|
RUN_USER = {{ gitea_user }}
|
||||||
|
RUN_MODE = prod
|
||||||
|
|
||||||
|
[repository]
|
||||||
|
ROOT = /home/{{ gitea_user }}/repositories
|
||||||
|
|
||||||
|
[server]
|
||||||
|
PROTOCOL = http
|
||||||
|
DOMAIN = localhost
|
||||||
|
ROOT_URL = https://{{ gitea_domain }}
|
||||||
|
HTTP_ADDR = 127.0.0.1
|
||||||
|
|
||||||
|
[database]
|
||||||
|
DB_TYPE = postgres
|
||||||
|
HOST = localhost
|
||||||
|
NAME = {{ gitea_dbname }}
|
||||||
|
USER = {{ gitea_dbuser }}
|
||||||
|
PASSWD = {{ gitea_dbpass }}
|
||||||
|
LOG_SQL = false
|
||||||
|
|
||||||
|
[security]
|
||||||
|
INSTALL_LOCK = true
|
||||||
|
SECRET_KEY = {{ gitea_secret }}
|
||||||
|
|
||||||
|
[service]
|
||||||
|
DISABLE_REGISTRATION = true
|
||||||
|
|
||||||
|
[oauth2]
|
||||||
|
JWT_SECRET = {{ gitea_jwt_secret }}
|
@ -1,13 +1,13 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
{{ gogs_domain }}:
|
{{ gitea_domain }}:
|
||||||
- path: /etc/nginx/ssl/{{ gogs_domain }}.key
|
- path: /etc/nginx/ssl/{{ gitea_domain }}.key
|
||||||
user: root
|
user: root
|
||||||
group: root
|
group: root
|
||||||
perm: '400'
|
perm: '400'
|
||||||
format: key
|
format: key
|
||||||
action: '/usr/sbin/service nginx restart'
|
action: '/usr/sbin/service nginx restart'
|
||||||
- path: /etc/nginx/ssl/{{ gogs_domain }}.crt
|
- path: /etc/nginx/ssl/{{ gitea_domain }}.crt
|
||||||
user: root
|
user: root
|
||||||
group: root
|
group: root
|
||||||
perm: '400'
|
perm: '400'
|
18
roles/gitea/templates/gitea.service.j2
Normal file
18
roles/gitea/templates/gitea.service.j2
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Gitea (Git with a cup of tea)
|
||||||
|
After=syslog.target
|
||||||
|
After=network.target
|
||||||
|
Requires=postgresql.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
RestartSec=2s
|
||||||
|
Type=simple
|
||||||
|
User={{ gitea_user }}
|
||||||
|
Group={{ gitea_user }}
|
||||||
|
WorkingDirectory=/opt/gitea/
|
||||||
|
ExecStart=/opt/gitea/gitea web
|
||||||
|
Restart=always
|
||||||
|
Environment=USER={{ gitea_user }} HOME=/home/{{ gitea_user }} GITEA_WORK_DIR=/opt/gitea/
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
@ -2,7 +2,7 @@ server {
|
|||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
|
|
||||||
server_name {{ gogs_domain }};
|
server_name {{ gitea_domain }};
|
||||||
|
|
||||||
location /.well-known/acme-challenge {
|
location /.well-known/acme-challenge {
|
||||||
default_type "text/plain";
|
default_type "text/plain";
|
||||||
@ -10,7 +10,7 @@ server {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 301 https://{{ gogs_domain }}$request_uri;
|
return 301 https://{{ gitea_domain }}$request_uri;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -18,13 +18,13 @@ server {
|
|||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name {{ gogs_domain }};
|
server_name {{ gitea_domain }};
|
||||||
|
|
||||||
ssl_certificate_key /etc/nginx/ssl/{{ gogs_domain }}.key;
|
ssl_certificate_key /etc/nginx/ssl/{{ gitea_domain }}.key;
|
||||||
ssl_certificate /etc/nginx/ssl/{{ gogs_domain }}.crt;
|
ssl_certificate /etc/nginx/ssl/{{ gitea_domain }}.crt;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
client_max_body_size 128M;
|
client_max_body_size 1024M;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_pass http://localhost:3000;
|
proxy_pass http://localhost:3000;
|
||||||
}
|
}
|
@ -1,7 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Run acertmgr
|
|
||||||
command: /usr/bin/acertmgr
|
|
||||||
|
|
||||||
- name: Restart nginx
|
|
||||||
service: name=nginx state=restarted
|
|
@ -1,45 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Enable https for apt
|
|
||||||
apt: name=apt-transport-https
|
|
||||||
|
|
||||||
- name: Enable gogs apt-key
|
|
||||||
apt_key: url="https://dl.packager.io/srv/pkgr/gogs/key"
|
|
||||||
|
|
||||||
- name: Enable gogs repository
|
|
||||||
apt_repository: repo="deb https://dl.packager.io/srv/deb/gogs/gogs/master/debian 10 main"
|
|
||||||
|
|
||||||
- name: Install gogs
|
|
||||||
apt: name=gogs
|
|
||||||
|
|
||||||
- name: Install PostgreSQL
|
|
||||||
apt: name={{ item }}
|
|
||||||
with_items:
|
|
||||||
- postgresql
|
|
||||||
- python-psycopg2
|
|
||||||
|
|
||||||
- name: Configure PostgreSQL database
|
|
||||||
postgresql_db: name={{ gogs_dbname }}
|
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
|
|
||||||
- name: Configure PostgreSQL user
|
|
||||||
postgresql_user: db={{ gogs_dbname }} name={{ gogs_dbuser }} password={{ gogs_dbpass }} priv=ALL state=present
|
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
|
|
||||||
- name: Ensure certificates are available
|
|
||||||
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ gogs_domain }}.key -out /etc/nginx/ssl/{{ gogs_domain }}.crt -days 730 -subj "/CN={{ gogs_domain }}" creates=/etc/nginx/ssl/{{ gogs_domain }}.crt
|
|
||||||
notify: Restart nginx
|
|
||||||
|
|
||||||
- name: Configure certificate manager for gogs
|
|
||||||
template: src=certs.j2 dest=/etc/acertmgr/{{ gogs_domain }}.conf
|
|
||||||
notify: Run acertmgr
|
|
||||||
|
|
||||||
- name: Configure vhost
|
|
||||||
template: src=vhost.j2 dest=/etc/nginx/sites-available/gogs
|
|
||||||
notify: Restart nginx
|
|
||||||
|
|
||||||
- name: Enable vhost
|
|
||||||
file: src=/etc/nginx/sites-available/gogs dest=/etc/nginx/sites-enabled/gogs state=link
|
|
||||||
notify: Restart nginx
|
|
4
site.yml
4
site.yml
@ -53,10 +53,10 @@
|
|||||||
roles:
|
roles:
|
||||||
- web
|
- web
|
||||||
|
|
||||||
- name: Setup gogs server
|
- name: Setup gitea server
|
||||||
hosts: boron.binary-kitchen.net
|
hosts: boron.binary-kitchen.net
|
||||||
roles:
|
roles:
|
||||||
- gogs
|
- gitea
|
||||||
|
|
||||||
- name: Setup jabber server
|
- name: Setup jabber server
|
||||||
hosts: carbon.binary-kitchen.net
|
hosts: carbon.binary-kitchen.net
|
||||||
|
Loading…
Reference in New Issue
Block a user