thomas
/
sovereign


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122
							- name: Create temporary gitea directory
  file: state=directory path=/root/gitea

- name: Download gitea {{ gitea_version }} release
  get_url:
    url="{{ gitea_release }}"
    dest=/root/gitea/gitea-{{ gitea_version }}

- name: Make gitea release download executable
  file: path=/root/gitea/gitea-{{ gitea_version }} mode=0775

- name: Create /usr/local/bin
  file: state=directory path=/usr/local/bin

- name: Stop old gitea instance
  service: name=gitea state=stopped
  ignore_errors: True

- name: Copy gitea binary to /usr/local/bin
  shell: cp gitea/gitea-{{ gitea_version }} /usr/local/bin/gitea chdir=/root

- name: Add git user
  user:
    name: git
    home: /home/git
    create_home: yes
    shell: /bin/bash
    password_lock: yes
    state: present
    system: yes

- name: Create gitea data directories
  file:
    state: directory
    path: "/data/{{ item }}"
    owner: git
    group: git
    mode: 0750
  with_items:
    - gitea
    - gitea/custom
    - gitea/data
    - gitea/log
    - gitea/repos

- name: Create gitea config directory
  file:
    state: directory
    path: "/etc/gitea"
    owner: git
    group: git
    mode: 0750

- name: Add gitea config file
  template:
    src=etc_gitea_app_ini.j2
    dest=/etc/gitea/app.ini
    owner=git
    group=root
    mode=0644

- name: Add gitea postgres user
  postgresql_user:
    login_host=localhost
    login_user={{ db_admin_username }}
    login_password="{{ db_admin_password }}"
    name={{ gitea_db_username }}
    password="{{ gitea_db_password }}"
    encrypted=yes
    state=present

- name: Create gitea database
  postgresql_db:
    login_host=localhost
    login_user={{ db_admin_username }}
    login_password="{{ db_admin_password }}"
    name={{ gitea_db_database }}
    state=present
    owner={{ gitea_db_username }}

# Unfortunately, create-user is not idempotent, so this task will fail
# https://github.com/go-gitea/gitea/issues/6307
- name: Create gitea admin user account
  become: true
  become_user: git
  shell: /usr/local/bin/gitea admin create-user --admin --config /etc/gitea/app.ini --name {{ gitea_admin_username }} --password {{ gitea_admin_password }} --email {{ admin_email }}
  args:
    chdir: /data/gitea
  ignore_errors: True

- name: Add fail2ban script for gitea
  copy:
    src=etc_fail2ban_filter.d_gitea.conf
    dest=/etc/fail2ban/filter.d/gitea.conf
    owner=root
    group=root

- name: Add systemd service to start gitea automatically
  copy:
    src=etc_systemd_system_gitea.service
    dest=/etc/systemd/system/gitea.service
    owner=root
    group=root

- name: Register new gitea service
  systemd: name=gitea daemon_reload=yes enabled=yes

- name: Start new gitea instance
  service: name=gitea state=started

- name: Create the Apache gitea sites config files
  template:
    src=etc_apache2_sites-available_gitea.j2
    dest=/etc/apache2/sites-available/gitea_{{ item.name }}.conf
    owner=root
    group=root
  with_items: "{{ virtual_domains }}"

- name: Enable Apache sites (creates new sites-enabled symlinks)
  command: a2ensite gitea_{{ item }}.conf creates=/etc/apache2/sites-enabled/gitea_{{ item }}.conf
  notify: restart apache
  with_items: "{{ virtual_domains | json_query('[*].name') }}"