diff --git a/README.md b/README.md index 3ad1a7a..d28a54e 100644 --- a/README.md +++ b/README.md @@ -123,13 +123,10 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we * `gitea_mailer_password`: SMTP server password * `gitea_mailer_from`: Sender mail address * `gitea_enable_notify_mail`: Whether e-mail should be send to watchers of a repository when something happens. Default: `false` - -### LFS configuration - -* `gitea_lfs_enabled`: Enable GIT LFS *(git large file storeage: [git-lfs](https://git-lfs.github.com/))*. Default: `false` -* `gitea_lfs_content_path`: path where the lfs files are stored -* `gitea_lfs_secret`: JWT secret for remote LFS usage. Can be generated with ``gitea generate secret JWT_SECRET`` - +* `gitea_mail_default`: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disable (Default: `onmention` ) +* `gitea_autowatch_new_repo`: Enable this to let all organisation users watch new repos when they are created (Default: `false`) +* `gitea_autowatch_on_change`: Enable this to make users watch a repository after their first commit to it (Default: `true`) +* `gitea_show_mailstones_dashboard`: Enable this to show the milestones dashboard page - a view of all the user’s milestones (Default: `true`) ### Fail2Ban configuration @@ -148,6 +145,10 @@ As this will only deploy config files, fail2ban already has to be installed or o * `gitea_oauth2_enabled`: Enable the Oauth2 provider (true/false) * `gitea_oauth2_jwt_secret`: Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET`` +### GIT LFS configuration +* `gitea_lfs_enabled`: Enable GIT LFS (large filesystem) +* `gitea_lfs_mode`: should lfs be in offline mode (true/false) +* `gitea_lfs_secret`: JWT secret for remote LFS usage ### Metrics endpoint configuration diff --git a/defaults/main.yml b/defaults/main.yml index 483bd67..b2f00b4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -26,6 +26,9 @@ gitea_offline_mode: true gitea_lfs_server_enabled: false gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" gitea_lfs_jwt_secret: '' +gitea_lfs_content_path: "data/lfs" +gitea_lfs_secret: SomethingVeryLong +gitea_lfs_mode: true gitea_db_type: sqlite3 gitea_db_host: 127.0.0.0:3306 @@ -52,6 +55,10 @@ gitea_require_signin: true gitea_enable_captcha: true gitea_only_allow_external_registration: false gitea_enable_notify_mail: false +gitea_mail_default: onmention +gitea_autowatch_new_repo: false +gitea_autowatch_on_change: true +gitea_show_mailstones_dashboard: true gitea_force_private: false diff --git a/handlers/main.yml b/handlers/main.yml index eade7a3..7ca4bd8 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,17 +1,17 @@ --- - name: "Restart gitea" - service: + ansible.builtin.service: name: gitea state: restarted when: ansible_service_mgr == "systemd" - name: "Reload systemd" - systemd: + ansible.builtin.systemd: daemon_reload: true when: ansible_service_mgr == "systemd" - name: "Restart fail2ban" - service: + ansible.builtin.service: name: fail2ban state: restarted when: ansible_service_mgr == "systemd" diff --git a/meta/main.yml b/meta/main.yml index 827fab6..efe1a1e 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -2,7 +2,7 @@ galaxy_info: author: Thomas Maurice description: Ansible Role - Gitea - min_ansible_version: 2.9.8 + min_ansible_version: 2.10 license: BSD-3-Clause galaxy_tags: - git diff --git a/requirements-travis.txt b/requirements-travis.txt index 80ed251..e9dd407 100644 --- a/requirements-travis.txt +++ b/requirements-travis.txt @@ -1,10 +1,6 @@ -ansible==2.10.7 -ansible-lint==5.0.0 -anyconfig==0.10.0 -atomicwrites==1.4.0 -attrs==20.3.0 -autopep8==1.5.5 -bcrypt==3.2.0 +ansible==2.10 +ansible-lint==4.2.0 +anyconfig==0.9.7 arrow==0.15.5 asn1crypto==0.24.0 binaryornot==0.4.4 diff --git a/tasks/create_user.yml b/tasks/create_user.yml index 50d308a..f962229 100644 --- a/tasks/create_user.yml +++ b/tasks/create_user.yml @@ -6,7 +6,7 @@ state: "present" - name: "Create Gitea user" - user: + ansible.builtin.user: name: "{{ gitea_user }}" comment: "Gitea user" home: "{{ gitea_home }}" diff --git a/tasks/fail2ban.yml b/tasks/fail2ban.yml index 5a9837e..5825cfb 100644 --- a/tasks/fail2ban.yml +++ b/tasks/fail2ban.yml @@ -1,6 +1,6 @@ --- - name: Install fail2ban filter - template: + ansible.builtin.template: src: fail2ban/filter.conf.j2 dest: /etc/fail2ban/filter.d/gitea.conf owner: root @@ -9,7 +9,7 @@ notify: Restart fail2ban - name: Install fail2ban jail - template: + ansible.builtin.template: src: fail2ban/jail.conf.j2 dest: /etc/fail2ban/jail.d/gitea.conf owner: root diff --git a/tasks/install_systemd.yml b/tasks/install_systemd.yml index 4079aac..a058d6f 100644 --- a/tasks/install_systemd.yml +++ b/tasks/install_systemd.yml @@ -1,6 +1,6 @@ --- - name: "Setup systemd service" - template: + ansible.builtin.template: src: gitea.service.j2 dest: /lib/systemd/system/gitea.service owner: root @@ -13,5 +13,5 @@ # systemd to be reloaded the first time because # it is the only way Systemd is going to be aware of the new unit file. - name: "Reload systemd" - systemd: + ansible.builtin.systemd: daemon_reload: true diff --git a/tasks/main.yml b/tasks/main.yml index dfb5a58..e03371c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -9,7 +9,7 @@ - "{{ ansible_os_family | lower }}.yml" - name: "Check gitea version" - shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3" + ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3" args: executable: /bin/bash register: gitea_active_version @@ -17,17 +17,21 @@ failed_when: false when: gitea_version_check|bool -- name: backup gitea before update - include_tasks: backup.yml - when: gitea_backup_on_upgrade|bool - -- name: install or update gitea - include_tasks: install.yml +- name: "Download the binary" + ansible.builtin.get_url: + url: "{{ gitea_dl_url }}" + dest: /usr/local/bin/gitea + owner: root + group: root + mode: 0755 + force: true + notify: "Restart gitea" + when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version)) - include: create_user.yml -- name: "Create config directory" - file: +- name: "Create config and data directory" + ansible.builtin.file: path: "{{ item }}" state: directory owner: "{{ gitea_user }}" @@ -58,9 +62,13 @@ when: ansible_service_mgr == "systemd" - include_tasks: jwt_secrets.yml +- name: 'Install git' + ansible.builtin.package: + name: 'git' + state: 'present' - name: "Configure gitea" - template: + ansible.builtin.template: src: gitea.ini.j2 dest: /etc/gitea/gitea.ini owner: "{{ gitea_user }}" @@ -69,7 +77,7 @@ notify: "Restart gitea" - name: "Service gitea" - service: + ansible.builtin.service: name: gitea state: started enabled: true diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2 index 3030715..06ead1a 100644 --- a/templates/gitea.ini.j2 +++ b/templates/gitea.ini.j2 @@ -62,6 +62,11 @@ LFS_CONTENT_PATH = {{ gitea_lfs_content_path }} LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }} {% endif %} +LFS_CONTENT_PATH = {{ gitea_lfs_content_path }} +; if the LFS sotre is not offline/local +LFS_JWT_SECRET = {{ gitea_lfs_secret }} +OFFLINE_MODE = {{ gitea_lfs_mode }} +{%- endif %} [database] ; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice DB_TYPE = {{ gitea_db_type }} @@ -116,9 +121,13 @@ CAPTCHA_TYPE = image RECAPTCHA_SECRET = RECAPTCHA_SITEKEY = ; Show Registration button -SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button | ternary('true', 'false') }} -ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }} -ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail | ternary('true', 'false') }} +SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button }} +ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration }} +ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail }} +DEFAULT_EMAIL_NOTIFICATIONS = {{ gitea_mail_default }} +AUTO_WATCH_NEW_REPOS = {{ gitea_autowatch_new_repo }} +AUTO_WATCH_ON_CHANGES = {{ gitea_autowatch_on_change }} +SHOW_MILESTONES_DASHBOARD_PAGE = {{ gitea_show_mailstones_dashboard }} [mailer] ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }}