ansible-role-gitea/tasks/main.yml
firesoft-de c5a0653264
fail2ban only if installed (#98)
* Add condition to only configure fail2ban if it is installed

* Add package_facts to determine if fail2ban is installed

* Added warning message by @DO1JLR 

+ Warning message by @DO1JLR 
   -> The message will prompt a warning to the user if fail2ban is not installed without stopping the execution.
+ removed trailing whitespaces
2021-04-12 18:06:19 +01:00

91 lines
2.4 KiB
YAML

---
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}.yml"
- name: Gather installed packages for checks in the role (fail2ban)
ansible.builtin.package_facts:
manager: auto
- name: "Check gitea version"
ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
args:
executable: /bin/bash
register: gitea_active_version
changed_when: false
failed_when: false
when: gitea_version_check|bool
- name: "Download the binary"
ansible.builtin.get_url:
url: "{{ gitea_dl_url }}"
dest: /usr/local/bin/gitea
owner: root
group: root
mode: 0755
force: true
notify: "Restart gitea"
when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version))
- include: create_user.yml
- name: "Create config and data directory"
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ gitea_user }}"
group: "{{ gitea_group }}"
mode: '0755'
with_items:
- "/etc/gitea"
- name: "Create data directory"
file:
path: "{{ item }}"
state: directory
owner: "{{ gitea_user }}"
group: "{{ gitea_group }}"
mode: 'u=rwX,g=rX,o='
recurse: true
with_items:
- "{{ gitea_home }}"
- "{{ gitea_home }}/data"
- "{{ gitea_home }}/custom"
- "{{ gitea_home }}/custom/https"
- "{{ gitea_home }}/custom/mailer"
- "{{ gitea_home }}/indexers"
- "{{ gitea_home }}/log"
- "{{ gitea_repository_root }}"
- include: install_systemd.yml
when: ansible_service_mgr == "systemd"
- include_tasks: jwt_secrets.yml
- name: 'Install git'
ansible.builtin.package:
name: 'git'
state: 'present'
- name: "Configure gitea"
ansible.builtin.template:
src: gitea.ini.j2
dest: /etc/gitea/gitea.ini
owner: "{{ gitea_user }}"
group: "{{ gitea_group }}"
mode: 0600
notify: "Restart gitea"
- name: "Service gitea"
ansible.builtin.service:
name: gitea
state: started
enabled: true
when: ansible_service_mgr == "systemd"
- include: fail2ban.yml
when: gitea_fail2ban_enabled|bool