self-hosting/roles/gitea/tasks/main.yml

---
- include_vars: vault.yml

- name: Install git and gpg
  become: true
  apt:
    name:
      - git
      - gpg
    state: present

- name: Create git group
  become: true
  group:
    name: git
    system: true

- name: Create git user
  become: true
  user:
    name: git
    group: git
    append: true
    groups:
      - sudo
      - mail
    create_home: true
    home: /home/git
    shell: /bin/bash
    system: true

- name: Create /var/lib/gitea directory
  become: true
  file:
    path: /var/lib/gitea
    state: directory
    owner: git
    group: git
    mode: 0750
    recurse: true

- name: Create /var/lib/gitea subdirectories
  become: true
  file:
    path: "/var/lib/gitea/{{ item }}"
    state: directory
    owner: git
    group: git
    mode: 0750
    recurse: true
  with_items:
    - custom
    - data
    - log

- name: Create /etc/gitea directory
  become: true
  file:
    path: /etc/gitea
    state: directory
    owner: root
    group: git
    mode: 0750
    recurse: false

- name: Copy /etc/gitea/app.ini
  become: true
  template:
    src: app.ini.j2
    dest: /etc/gitea/app.ini
    owner: root
    group: git
    mode: 0640

- name: Find latest gitea version
  uri:
    url: https://dl.gitea.io/gitea/version.json
  register: gitea_binary

- name: Set gitea binary architecture to amd64
  set_fact:
    gitea_binary_arch: amd64
  when: ansible_facts['architecture'] == 'x86_64'

- name: Set gitea binary architecture to arm-6
  set_fact:
    gitea_binary_arch: arm-6
  when: ansible_facts['architecture'] != 'x86_64'

- name: Get latest gitea binary
  become: true
  get_url:
    url: "https://dl.gitea.io/gitea/{{ gitea_binary.json.latest.version }}/gitea-{{ gitea_binary.json.latest.version }}-linux-{{ gitea_binary_arch }}"
    dest: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"
    owner: git
    group: git
    mode: 0664
  notify:
    - Receive gitea pgp key
    - Download gitea asc file
    - Verify gitea binary with gpg

- name: Verify downloaded binary
  meta: flush_handlers

- name: Copy gitea binary to global location
  become: true
  copy:
    src: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"
    dest: /usr/local/bin/gitea
    remote_src: true
    owner: root
    group: root
    mode: 0755

- name: Copy /etc/gitea/app.ini
  become: true
  copy:
    src: gitea.service
    dest: /etc/systemd/system/gitea.service
    owner: root
    group: root
    mode: 0644
  notify:
    - Reload systemd daemon
    - Start gitea service

- name: Make sure gitea is running
  meta: flush_handlers

- name: Copy gitea_backup.sh script
  become: true
  template:
    src: gitea_backup.sh.j2
    dest:
    owner: git
    group: git
    mode: 0775
Add git user and group 2022-04-07 21:00:33 +02:00			`---`
Add app.ini template for gitea with vars 2022-04-07 22:34:22 +02:00			`- include_vars: vault.yml`

Verify gitea binary 2022-04-08 00:10:43 +02:00			`- name: Install git and gpg`
Add git user and group 2022-04-07 21:00:33 +02:00			`become: true`
			`apt:`
Verify gitea binary 2022-04-08 00:10:43 +02:00			`name:`
			`- git`
			`- gpg`
Add git user and group 2022-04-07 21:00:33 +02:00			`state: present`

			`- name: Create git group`
			`become: true`
			`group:`
			`name: git`
			`system: true`

			`- name: Create git user`
			`become: true`
			`user:`
			`name: git`
			`group: git`
			`append: true`
			`groups:`
			`- sudo`
			`- mail`
			`create_home: true`
			`home: /home/git`
			`shell: /bin/bash`
			`system: true`
Create gitea directories 2022-04-07 21:07:45 +02:00
			`- name: Create /var/lib/gitea directory`
			`become: true`
			`file:`
			`path: /var/lib/gitea`
			`state: directory`
			`owner: git`
			`group: git`
			`mode: 0750`
			`recurse: true`

			`- name: Create /var/lib/gitea subdirectories`
			`become: true`
			`file:`
			`path: "/var/lib/gitea/{{ item }}"`
			`state: directory`
			`owner: git`
			`group: git`
			`mode: 0750`
			`recurse: true`
			`with_items:`
			`- custom`
			`- data`
			`- log`

			`- name: Create /etc/gitea directory`
			`become: true`
			`file:`
			`path: /etc/gitea`
			`state: directory`
			`owner: root`
			`group: git`
Add app.ini template for gitea with vars 2022-04-07 22:34:22 +02:00			`mode: 0750`
Create gitea directories 2022-04-07 21:07:45 +02:00			`recurse: false`

Add app.ini template for gitea with vars 2022-04-07 22:34:22 +02:00			`- name: Copy /etc/gitea/app.ini`
			`become: true`
			`template:`
			`src: app.ini.j2`
			`dest: /etc/gitea/app.ini`
			`owner: root`
			`group: git`
			`mode: 0640`
Download gitea binary 2022-04-07 23:18:20 +02:00
			`- name: Find latest gitea version`
			`uri:`
			`url: https://dl.gitea.io/gitea/version.json`
			`register: gitea_binary`

			`- name: Set gitea binary architecture to amd64`
			`set_fact:`
			`gitea_binary_arch: amd64`
			`when: ansible_facts['architecture'] == 'x86_64'`

			`- name: Set gitea binary architecture to arm-6`
			`set_fact:`
Fix arch for arm 2022-04-09 13:03:23 +02:00			`gitea_binary_arch: arm-6`
Download gitea binary 2022-04-07 23:18:20 +02:00			`when: ansible_facts['architecture'] != 'x86_64'`

			`- name: Get latest gitea binary`
			`become: true`
			`get_url:`
			`url: "https://dl.gitea.io/gitea/{{ gitea_binary.json.latest.version }}/gitea-{{ gitea_binary.json.latest.version }}-linux-{{ gitea_binary_arch }}"`
			`dest: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"`
			`owner: git`
			`group: git`
			`mode: 0664`
Move gpg verification to handlers 2022-04-09 11:04:23 +02:00			`notify:`
Rename handlers 2022-04-09 12:51:52 +02:00			`- Receive gitea pgp key`
			`- Download gitea asc file`
			`- Verify gitea binary with gpg`
Download gitea binary 2022-04-07 23:18:20 +02:00
Move gpg verification to handlers 2022-04-09 11:04:23 +02:00			`- name: Verify downloaded binary`
			`meta: flush_handlers`
Verify gitea binary 2022-04-08 00:10:43 +02:00
Download gitea binary 2022-04-07 23:18:20 +02:00			`- name: Copy gitea binary to global location`
			`become: true`
			`copy:`
			`src: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"`
			`dest: /usr/local/bin/gitea`
			`remote_src: true`
			`owner: root`
			`group: root`
			`mode: 0755`

			`- name: Copy /etc/gitea/app.ini`
			`become: true`
			`copy:`
			`src: gitea.service`
			`dest: /etc/systemd/system/gitea.service`
			`owner: root`
			`group: root`
			`mode: 0644`
			`notify:`
			`- Reload systemd daemon`
			`- Start gitea service`
Copy gitea_backup.sh script 2022-04-09 13:30:32 +02:00
			`- name: Make sure gitea is running`
			`meta: flush_handlers`

			`- name: Copy gitea_backup.sh script`
			`become: true`
			`template:`
			`src: gitea_backup.sh.j2`
			`dest:`
			`owner: git`
			`group: git`
			`mode: 0775`