c5a0653264
* Add condition to only configure fail2ban if it is installed * Add package_facts to determine if fail2ban is installed * Added warning message by @DO1JLR + Warning message by @DO1JLR -> The message will prompt a warning to the user if fail2ban is not installed without stopping the execution. + removed trailing whitespaces
91 lines
2.4 KiB
YAML
91 lines
2.4 KiB
YAML
---
|
|
- name: Gather variables for each operating system
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
|
|
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
|
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
|
- "{{ ansible_distribution | lower }}.yml"
|
|
- "{{ ansible_os_family | lower }}.yml"
|
|
|
|
- name: Gather installed packages for checks in the role (fail2ban)
|
|
ansible.builtin.package_facts:
|
|
manager: auto
|
|
|
|
- name: "Check gitea version"
|
|
ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
|
|
args:
|
|
executable: /bin/bash
|
|
register: gitea_active_version
|
|
changed_when: false
|
|
failed_when: false
|
|
when: gitea_version_check|bool
|
|
|
|
- name: "Download the binary"
|
|
ansible.builtin.get_url:
|
|
url: "{{ gitea_dl_url }}"
|
|
dest: /usr/local/bin/gitea
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
force: true
|
|
notify: "Restart gitea"
|
|
when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version))
|
|
|
|
- include: create_user.yml
|
|
|
|
- name: "Create config and data directory"
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ gitea_user }}"
|
|
group: "{{ gitea_group }}"
|
|
mode: '0755'
|
|
with_items:
|
|
- "/etc/gitea"
|
|
|
|
- name: "Create data directory"
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ gitea_user }}"
|
|
group: "{{ gitea_group }}"
|
|
mode: 'u=rwX,g=rX,o='
|
|
recurse: true
|
|
with_items:
|
|
- "{{ gitea_home }}"
|
|
- "{{ gitea_home }}/data"
|
|
- "{{ gitea_home }}/custom"
|
|
- "{{ gitea_home }}/custom/https"
|
|
- "{{ gitea_home }}/custom/mailer"
|
|
- "{{ gitea_home }}/indexers"
|
|
- "{{ gitea_home }}/log"
|
|
- "{{ gitea_repository_root }}"
|
|
|
|
- include: install_systemd.yml
|
|
when: ansible_service_mgr == "systemd"
|
|
|
|
- include_tasks: jwt_secrets.yml
|
|
- name: 'Install git'
|
|
ansible.builtin.package:
|
|
name: 'git'
|
|
state: 'present'
|
|
|
|
- name: "Configure gitea"
|
|
ansible.builtin.template:
|
|
src: gitea.ini.j2
|
|
dest: /etc/gitea/gitea.ini
|
|
owner: "{{ gitea_user }}"
|
|
group: "{{ gitea_group }}"
|
|
mode: 0600
|
|
notify: "Restart gitea"
|
|
|
|
- name: "Service gitea"
|
|
ansible.builtin.service:
|
|
name: gitea
|
|
state: started
|
|
enabled: true
|
|
when: ansible_service_mgr == "systemd"
|
|
|
|
- include: fail2ban.yml
|
|
when: gitea_fail2ban_enabled|bool
|