35 lines
1.3 KiB
YAML
35 lines
1.3 KiB
YAML
---
|
|
- name: Receive forgejo pgp key
|
|
become: true
|
|
ansible.builtin.command: gpg --keyserver hkps://keys.openpgp.org --recv EB114F5E6C0DC2BCDD183550A4B61A2DC5923710
|
|
register: result
|
|
changed_when: '"not changed" not in result.stderr'
|
|
|
|
- name: Download forgejo asc file
|
|
become: true
|
|
ansible.builtin.get_url:
|
|
url: "https://codeberg.org/forgejo/forgejo/releases/download/{{ forgejo_latest_version }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}.asc"
|
|
dest: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}.asc"
|
|
owner: git
|
|
group: git
|
|
mode: 0644
|
|
|
|
- name: Verify forgejo binary with gpg
|
|
become: true
|
|
ansible.builtin.command: "gpg --verify {{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}.asc {{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}"
|
|
register: result
|
|
changed_when: false
|
|
failed_when: '"Good signature from" not in result.stderr'
|
|
|
|
- name: Start forgejo service
|
|
become: true
|
|
ansible.builtin.systemd:
|
|
name: forgejo
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Restart forgejo service
|
|
become: true
|
|
ansible.builtin.systemd:
|
|
name: forgejo
|
|
state: restarted
|