2019-03-16 06:51:32 -05:00
|
|
|
---
|
Improve ARM Support (#74)
* Gitea user should be a system user
* Improve installation system
* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading
* Improve ARM support
* Improve support for Vault Encrypted JWT tokens
* Fix spacing in gitea configuration template
When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.
* add proper redhat/debian deps for molecule testing
* Gitea group should be a system group
* fix linting for CI
* Update CI and meta information for up-to-date tests and distros
* molecule: fix typo for redhat packages
* fix typo
* bump gitea version to 1.13.1
* Use Ubuntu keyservers to play nicely with everyone
* Update minimum required ansible version to 2.9.8
This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8
* Replace yes by True to please the linting
* Truthy values needs to be lower-case
* bump gitea version to 1.13.2
* perform gitea dump as gitea user
* need to set become to yes
* autogenerate JWT_SECRETS (#77)
* autogenerate JWT_SECRETS
Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.
The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.
* drop ansible.builtin. syntax
* Update file permissions for "{{ gitea_home }}" (#75)
The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files.
This should be done better. And I have done here now.
By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me
```
find . -type f -exec chmod a-x {} \+;
find . -type f -exec chmod u=rwX {} \+;
```
* Bump cryptography from 3.2 to 3.3.2 (#79)
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Gitea user should be a system user
* Improve installation system
* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading
* Improve ARM support
* Fix spacing in gitea configuration template
When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.
* add proper redhat/debian deps for molecule testing
* Gitea group should be a system group
* fix linting for CI
* Update CI and meta information for up-to-date tests and distros
* molecule: fix typo for redhat packages
* fix typo
* bump gitea version to 1.13.1
* Use Ubuntu keyservers to play nicely with everyone
* Update minimum required ansible version to 2.9.8
This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8
* Replace yes by True to please the linting
* Truthy values needs to be lower-case
* bump gitea version to 1.13.2
* perform gitea dump as gitea user
* need to set become to yes
* check-variables.yml doesn't exists anymore
Co-authored-by: L3D <l3d@c3woc.de>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 11:56:31 -06:00
|
|
|
gitea_version: "1.13.2"
|
2019-04-29 19:57:14 -05:00
|
|
|
gitea_version_check: true
|
2020-05-17 08:56:23 -05:00
|
|
|
gitea_dl_url: "https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_arch }}"
|
Improve ARM Support (#74)
* Gitea user should be a system user
* Improve installation system
* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading
* Improve ARM support
* Improve support for Vault Encrypted JWT tokens
* Fix spacing in gitea configuration template
When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.
* add proper redhat/debian deps for molecule testing
* Gitea group should be a system group
* fix linting for CI
* Update CI and meta information for up-to-date tests and distros
* molecule: fix typo for redhat packages
* fix typo
* bump gitea version to 1.13.1
* Use Ubuntu keyservers to play nicely with everyone
* Update minimum required ansible version to 2.9.8
This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8
* Replace yes by True to please the linting
* Truthy values needs to be lower-case
* bump gitea version to 1.13.2
* perform gitea dump as gitea user
* need to set become to yes
* autogenerate JWT_SECRETS (#77)
* autogenerate JWT_SECRETS
Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined.
In my opinion a much better idea than writing a value in the default config.
The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit.
* drop ansible.builtin. syntax
* Update file permissions for "{{ gitea_home }}" (#75)
The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files.
This should be done better. And I have done here now.
By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me
```
find . -type f -exec chmod a-x {} \+;
find . -type f -exec chmod u=rwX {} \+;
```
* Bump cryptography from 3.2 to 3.3.2 (#79)
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Gitea user should be a system user
* Improve installation system
* Download archive instead of binary
* Add checksum validation
* Add GPG check
* Add backup process before upgrading
* Improve ARM support
* Fix spacing in gitea configuration template
When Gitea rewrite the configuration file (e.g.: the JWT token is not
set or doesn't fit their criteria), it'll align space on a per-section
basis in the .ini file.
If the template is not properly spaced, at the next Ansible run, you'll
have an enormous diff, hidding what the real changes are.
* add proper redhat/debian deps for molecule testing
* Gitea group should be a system group
* fix linting for CI
* Update CI and meta information for up-to-date tests and distros
* molecule: fix typo for redhat packages
* fix typo
* bump gitea version to 1.13.1
* Use Ubuntu keyservers to play nicely with everyone
* Update minimum required ansible version to 2.9.8
This is required for Ubuntu Focal, which comes with systemd >= 245
The Get Facts modules doesn't work well with it before the bugfix
introduced in 2.9.8
* Replace yes by True to please the linting
* Truthy values needs to be lower-case
* bump gitea version to 1.13.2
* perform gitea dump as gitea user
* need to set become to yes
* check-variables.yml doesn't exists anymore
Co-authored-by: L3D <l3d@c3woc.de>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 11:56:31 -06:00
|
|
|
gitea_gpg_key: "7C9E68152594688862D62AF62D9AE806EC1592E2"
|
|
|
|
|
gitea_gpg_server: "hkp://keyserver.ubuntu.com:80"
|
2019-01-07 07:56:08 -06:00
|
|
|
|
2017-01-10 15:09:34 -06:00
|
|
|
gitea_app_name: "Gitea"
|
|
|
|
|
gitea_user: "gitea"
|
2021-01-27 08:13:02 -06:00
|
|
|
gitea_group: "gitea"
|
2017-01-10 15:09:34 -06:00
|
|
|
gitea_home: "/var/lib/gitea"
|
2019-04-09 06:04:29 -05:00
|
|
|
gitea_shell: "/bin/false"
|
2020-05-20 07:13:11 -05:00
|
|
|
gitea_systemd_cap_net_bind_service: false
|
2017-01-10 15:09:34 -06:00
|
|
|
|
2020-05-18 16:37:17 -05:00
|
|
|
gitea_repository_root: "{{ gitea_home }}"
|
2017-01-10 15:09:34 -06:00
|
|
|
gitea_user_repo_limit: -1
|
|
|
|
|
|
|
|
|
|
gitea_http_domain: localhost
|
|
|
|
|
gitea_root_url: http://localhost:3000
|
|
|
|
|
gitea_protocol: http
|
|
|
|
|
gitea_http_listen: 127.0.0.1
|
|
|
|
|
gitea_http_port: 3000
|
|
|
|
|
gitea_disable_http_git: false
|
|
|
|
|
gitea_offline_mode: true
|
|
|
|
|
|
2019-07-05 11:46:41 -05:00
|
|
|
gitea_lfs_server_enabled: false
|
2021-01-14 04:51:58 -06:00
|
|
|
gitea_lfs_content_path: "{{ gitea_home }}/data/lfs"
|
2021-02-10 13:04:13 -06:00
|
|
|
gitea_lfs_jwt_secret: ''
|
2019-07-05 11:46:41 -05:00
|
|
|
|
2017-01-11 01:01:37 -06:00
|
|
|
gitea_db_type: sqlite3
|
|
|
|
|
gitea_db_host: 127.0.0.0:3306
|
|
|
|
|
gitea_db_name: root
|
|
|
|
|
gitea_db_user: gitea
|
2019-03-08 04:58:14 -06:00
|
|
|
gitea_db_password: lel
|
2017-01-11 01:01:37 -06:00
|
|
|
gitea_db_ssl: disable
|
|
|
|
|
gitea_db_path: "{{ gitea_home }}/data/gitea.db"
|
|
|
|
|
|
2017-01-10 15:09:34 -06:00
|
|
|
gitea_ssh_listen: 0.0.0.0
|
|
|
|
|
gitea_ssh_domain: localhost
|
|
|
|
|
gitea_start_ssh: true
|
|
|
|
|
gitea_ssh_port: 2222
|
|
|
|
|
|
|
|
|
|
gitea_secret_key: T0pS3cr31
|
2019-03-10 07:41:39 -05:00
|
|
|
gitea_internal_token: SomethingVeryLong
|
2020-12-03 15:00:18 -06:00
|
|
|
gitea_disable_git_hooks: true
|
2017-01-10 15:09:34 -06:00
|
|
|
|
|
|
|
|
gitea_show_user_email: false
|
|
|
|
|
gitea_disable_gravatar: true
|
|
|
|
|
gitea_disable_registration: false
|
2019-03-10 08:40:33 -05:00
|
|
|
gitea_show_registration_button: true
|
2017-01-10 15:09:34 -06:00
|
|
|
gitea_require_signin: true
|
|
|
|
|
gitea_enable_captcha: true
|
2020-05-09 21:18:59 -05:00
|
|
|
gitea_only_allow_external_registration: false
|
2020-07-28 05:22:35 -05:00
|
|
|
gitea_enable_notify_mail: false
|
2019-02-20 10:08:09 -06:00
|
|
|
|
|
|
|
|
gitea_force_private: false
|
2019-03-10 08:14:57 -05:00
|
|
|
|
2019-03-08 05:29:34 -06:00
|
|
|
gitea_mailer_enabled: false
|
2019-03-10 08:14:57 -05:00
|
|
|
gitea_mailer_skip_verify: false
|
|
|
|
|
gitea_mailer_tls_enabled: true
|
2019-03-16 06:51:32 -05:00
|
|
|
gitea_mailer_host: localhost:25
|
|
|
|
|
gitea_mailer_from: noreply@your.domain
|
2019-06-10 14:10:39 -05:00
|
|
|
gitea_mailer_user: ""
|
|
|
|
|
gitea_mailer_password: ""
|
2020-07-21 07:18:08 -05:00
|
|
|
gitea_mailer_type: smtp
|
2019-03-08 06:12:16 -06:00
|
|
|
|
2019-03-09 14:40:56 -06:00
|
|
|
gitea_fail2ban_enabled: false
|
2019-03-09 14:46:23 -06:00
|
|
|
gitea_fail2ban_jail_maxretry: 10
|
|
|
|
|
gitea_fail2ban_jail_findtime: 3600
|
|
|
|
|
gitea_fail2ban_jail_bantime: 900
|
|
|
|
|
gitea_fail2ban_jail_action: iptables-allports
|
|
|
|
|
|
2019-03-10 08:20:55 -05:00
|
|
|
gitea_oauth2_enabled: true
|
2021-02-10 13:04:13 -06:00
|
|
|
gitea_oauth2_jwt_secret: ''
|
2019-12-21 06:08:19 -06:00
|
|
|
|
|
|
|
|
gitea_metrics_enabled: false
|
|
|
|
|
gitea_metrics_token: ~
|
2020-05-09 16:01:51 -05:00
|
|
|
|
|
|
|
|
gitea_themes: gitea,arc-green
|
|
|
|
|
gitea_theme_default: gitea
|
2020-06-18 00:41:59 -05:00
|
|
|
|
|
|
|
|
gitea_repo_indexer_enabled: false
|
|
|
|
|
gitea_repo_indexer_include: ""
|
|
|
|
|
gitea_repo_indexer_exclude: ""
|
|
|
|
|
gitea_repo_exclude_vendored: true
|
|
|
|
|
gitea_repo_indexer_max_file_size: 1048576
|
2020-12-05 14:10:23 -06:00
|
|
|
|
|
|
|
|
gitea_extra_config: ""
|