From 4dfd30306104ada0c38f126d39a3727b1739713d Mon Sep 17 00:00:00 2001
From: Anton <github@therojam.tech>
Date: Sat, 10 Apr 2021 19:07:02 +0200
Subject: [PATCH] Upgrade/ansible version 2.10 (#84)

* added new vars for lfs remote usage
git lfs can be hosted elsewhere and therefore need some config

* added configuration describtion for lfs vars

* added new vars for notifications

* added describtion for new vars for mail notis

* added gitea_lfs_secret describtion to README

* remove whitespaces and lines

* upgraded minimum ansible version to 2.10

* refactored coansible to use minimum version 2.10

* Cleanup template (#85)

improve template and create loglevel variable

* update requirements for molecule (#78)

* start upgrading requirements

* add some more updated requirements

* add another junk

* add another junk

* update ansible version

* modify backup on upgrade (#81)

* create backup direcotry

create a backup folder and move the gitea backup to backup.yml

* make the backup on update optional

Documentation and introduction of the variable `gitea_backup_on_upgrade: false`

* change become_method to sudo

change become_method to sudo as suggested by @wzzrd. removed become_flags.

* Full path to gitea binary in backup task. thanks to @wzzrd

* update gitea to 1.13.4 (#86)

The current release of gitea is [v1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4).

The current master of this role is not able to do a version update properly. PLEASE first merge https://github.com/thomas-maurice/ansible-role-gitea/pull/81

* Bump pyyaml from 5.3.1 to 5.4 (#89)

Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* bump gitea version (#87)

fixes security issues https://github.com/go-gitea/gitea/releases/tag/v1.13.6

* added new vars for lfs remote usage
git lfs can be hosted elsewhere and therefore need some config

added configuration describtion for lfs vars

added new vars for notifications

added describtion for new vars for mail notis

added gitea_lfs_secret describtion to README

remove whitespaces and lines

upgraded minimum ansible version to 2.10

refactored coansible to use minimum version 2.10

Co-authored-by: L3D <l3d@c3woc.de>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Timmerman <jens.timmerman@gmail.com>
---
 README.md                 | 15 ++++++++-------
 defaults/main.yml         |  7 +++++++
 handlers/main.yml         |  6 +++---
 meta/main.yml             |  2 +-
 requirements-travis.txt   | 10 +++-------
 tasks/create_user.yml     |  2 +-
 tasks/fail2ban.yml        |  4 ++--
 tasks/install_systemd.yml |  4 ++--
 tasks/main.yml            | 30 +++++++++++++++++++-----------
 templates/gitea.ini.j2    | 15 ++++++++++++---
 10 files changed, 58 insertions(+), 37 deletions(-)

diff --git a/README.md b/README.md
index 3ad1a7a..d28a54e 100644
--- a/README.md
+++ b/README.md
@@ -123,13 +123,10 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
 * `gitea_mailer_password`: SMTP server password
 * `gitea_mailer_from`: Sender mail address
 * `gitea_enable_notify_mail`:  Whether e-mail should be send to watchers of a repository when something happens. Default: `false`
-
-### LFS configuration
-
-* `gitea_lfs_enabled`: Enable GIT LFS *(git large file storeage: [git-lfs](https://git-lfs.github.com/))*. Default: `false`
-* `gitea_lfs_content_path`: path where the lfs files are stored
-* `gitea_lfs_secret`: JWT secret for remote LFS usage. Can be generated with ``gitea generate secret JWT_SECRET``
-
+* `gitea_mail_default`: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disable  (Default: `onmention` )
+* `gitea_autowatch_new_repo`: Enable this to let all organisation users watch new repos when they are created (Default: `false`)
+* `gitea_autowatch_on_change`: Enable this to make users watch a repository after their first commit to it (Default: `true`)
+* `gitea_show_mailstones_dashboard`: Enable this to show the milestones dashboard page - a view of all the user’s milestones (Default: `true`)
 
 ### Fail2Ban configuration
 
@@ -148,6 +145,10 @@ As this will only deploy config files, fail2ban already has to be installed or o
 * `gitea_oauth2_enabled`: Enable the Oauth2 provider (true/false)
 * `gitea_oauth2_jwt_secret`: Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``
 
+### GIT LFS configuration
+* `gitea_lfs_enabled`: Enable GIT LFS (large filesystem)
+* `gitea_lfs_mode`: should lfs be in offline mode (true/false)
+* `gitea_lfs_secret`: JWT secret for remote LFS usage 
 
 ### Metrics endpoint configuration
 
diff --git a/defaults/main.yml b/defaults/main.yml
index 483bd67..b2f00b4 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -26,6 +26,9 @@ gitea_offline_mode: true
 gitea_lfs_server_enabled: false
 gitea_lfs_content_path: "{{ gitea_home }}/data/lfs"
 gitea_lfs_jwt_secret: ''
+gitea_lfs_content_path: "data/lfs"
+gitea_lfs_secret: SomethingVeryLong
+gitea_lfs_mode: true
 
 gitea_db_type: sqlite3
 gitea_db_host: 127.0.0.0:3306
@@ -52,6 +55,10 @@ gitea_require_signin: true
 gitea_enable_captcha: true
 gitea_only_allow_external_registration: false
 gitea_enable_notify_mail: false
+gitea_mail_default: onmention
+gitea_autowatch_new_repo: false
+gitea_autowatch_on_change: true
+gitea_show_mailstones_dashboard: true
 
 gitea_force_private: false
 
diff --git a/handlers/main.yml b/handlers/main.yml
index eade7a3..7ca4bd8 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,17 +1,17 @@
 ---
 - name: "Restart gitea"
-  service:
+  ansible.builtin.service:
     name: gitea
     state: restarted
   when: ansible_service_mgr == "systemd"
 
 - name: "Reload systemd"
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: true
   when: ansible_service_mgr == "systemd"
 
 - name: "Restart fail2ban"
-  service:
+  ansible.builtin.service:
     name: fail2ban
     state: restarted
   when: ansible_service_mgr == "systemd"
diff --git a/meta/main.yml b/meta/main.yml
index 827fab6..efe1a1e 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -2,7 +2,7 @@
 galaxy_info:
   author: Thomas Maurice
   description: Ansible Role - Gitea
-  min_ansible_version: 2.9.8
+  min_ansible_version: 2.10
   license: BSD-3-Clause
   galaxy_tags:
     - git
diff --git a/requirements-travis.txt b/requirements-travis.txt
index 80ed251..e9dd407 100644
--- a/requirements-travis.txt
+++ b/requirements-travis.txt
@@ -1,10 +1,6 @@
-ansible==2.10.7
-ansible-lint==5.0.0
-anyconfig==0.10.0
-atomicwrites==1.4.0
-attrs==20.3.0
-autopep8==1.5.5
-bcrypt==3.2.0
+ansible==2.10
+ansible-lint==4.2.0
+anyconfig==0.9.7
 arrow==0.15.5
 asn1crypto==0.24.0
 binaryornot==0.4.4
diff --git a/tasks/create_user.yml b/tasks/create_user.yml
index 50d308a..f962229 100644
--- a/tasks/create_user.yml
+++ b/tasks/create_user.yml
@@ -6,7 +6,7 @@
     state: "present"
 
 - name: "Create Gitea user"
-  user:
+  ansible.builtin.user:
     name: "{{ gitea_user }}"
     comment: "Gitea user"
     home: "{{ gitea_home }}"
diff --git a/tasks/fail2ban.yml b/tasks/fail2ban.yml
index 5a9837e..5825cfb 100644
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@@ -1,6 +1,6 @@
 ---
 - name: Install fail2ban filter
-  template:
+  ansible.builtin.template:
     src: fail2ban/filter.conf.j2
     dest: /etc/fail2ban/filter.d/gitea.conf
     owner: root
@@ -9,7 +9,7 @@
   notify: Restart fail2ban
 
 - name: Install fail2ban jail
-  template:
+  ansible.builtin.template:
     src: fail2ban/jail.conf.j2
     dest: /etc/fail2ban/jail.d/gitea.conf
     owner: root
diff --git a/tasks/install_systemd.yml b/tasks/install_systemd.yml
index 4079aac..a058d6f 100644
--- a/tasks/install_systemd.yml
+++ b/tasks/install_systemd.yml
@@ -1,6 +1,6 @@
 ---
 - name: "Setup systemd service"
-  template:
+  ansible.builtin.template:
     src: gitea.service.j2
     dest: /lib/systemd/system/gitea.service
     owner: root
@@ -13,5 +13,5 @@
 # systemd to be reloaded the first time because
 #  it is the only way Systemd is going to be aware of the new unit file.
 - name: "Reload systemd"
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: true
diff --git a/tasks/main.yml b/tasks/main.yml
index dfb5a58..e03371c 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -9,7 +9,7 @@
     - "{{ ansible_os_family | lower }}.yml"
 
 - name: "Check gitea version"
-  shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
+  ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
   args:
     executable: /bin/bash
   register: gitea_active_version
@@ -17,17 +17,21 @@
   failed_when: false
   when: gitea_version_check|bool
 
-- name: backup gitea before update
-  include_tasks: backup.yml
-  when: gitea_backup_on_upgrade|bool
-
-- name: install or update gitea
-  include_tasks: install.yml
+- name: "Download the binary"
+  ansible.builtin.get_url:
+    url: "{{ gitea_dl_url }}"
+    dest: /usr/local/bin/gitea
+    owner: root
+    group: root
+    mode: 0755
+    force: true
+  notify: "Restart gitea"
+  when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version))
 
 - include: create_user.yml
 
-- name: "Create config directory"
-  file:
+- name: "Create config and data directory"
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     owner: "{{ gitea_user }}"
@@ -58,9 +62,13 @@
   when: ansible_service_mgr == "systemd"
 
 - include_tasks: jwt_secrets.yml
+- name: 'Install git'
+  ansible.builtin.package:
+    name: 'git'
+    state: 'present'
 
 - name: "Configure gitea"
-  template:
+  ansible.builtin.template:
     src: gitea.ini.j2
     dest: /etc/gitea/gitea.ini
     owner: "{{ gitea_user }}"
@@ -69,7 +77,7 @@
   notify: "Restart gitea"
 
 - name: "Service gitea"
-  service:
+  ansible.builtin.service:
     name: gitea
     state: started
     enabled: true
diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2
index 3030715..06ead1a 100644
--- a/templates/gitea.ini.j2
+++ b/templates/gitea.ini.j2
@@ -62,6 +62,11 @@ LFS_CONTENT_PATH = {{ gitea_lfs_content_path }}
 LFS_JWT_SECRET   = {{ gitea_lfs_jwt_secret }}
 {% endif %}
 
+LFS_CONTENT_PATH      = {{ gitea_lfs_content_path }}
+; if the LFS sotre is not offline/local
+LFS_JWT_SECRET       = {{ gitea_lfs_secret }} 
+OFFLINE_MODE         = {{ gitea_lfs_mode }}
+{%- endif %}
 [database]
 ; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
 DB_TYPE  = {{ gitea_db_type }}
@@ -116,9 +121,13 @@ CAPTCHA_TYPE                     = image
 RECAPTCHA_SECRET                 =
 RECAPTCHA_SITEKEY                =
 ; Show Registration button
-SHOW_REGISTRATION_BUTTON         = {{ gitea_show_registration_button | ternary('true', 'false') }}
-ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }}
-ENABLE_NOTIFY_MAIL               = {{ gitea_enable_notify_mail | ternary('true', 'false') }}
+SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button }}
+ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration }}
+ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail }}
+DEFAULT_EMAIL_NOTIFICATIONS       = {{ gitea_mail_default }} 
+AUTO_WATCH_NEW_REPOS              = {{ gitea_autowatch_new_repo }} 
+AUTO_WATCH_ON_CHANGES             = {{ gitea_autowatch_on_change }} 
+SHOW_MILESTONES_DASHBOARD_PAGE    = {{ gitea_show_mailstones_dashboard }} 
 
 [mailer]
 ENABLED            = {{ gitea_mailer_enabled | ternary('true', 'false') }}