86 lines
3.2 KiB
Markdown
86 lines
3.2 KiB
Markdown
# Ansible Role: SCM
|
|
|
|
|
|
Software Code Management role. Currently installs and manages [Gitea](https://about.gitea.com/) on Debian and Ubuntu systems. The role downloads a versioned upstream binary, keeps a previous version for quick rollback via a symlink, creates a dedicated system user, writes `app.ini` fully from variables, and manages the systemd unit.
|
|
|
|
Requirements
|
|
------------
|
|
|
|
This role requires Ansible 2.12 or higher. The target system should be Debian or Ubuntu.
|
|
|
|
Role Variables
|
|
--------------
|
|
|
|
The following variables are defined in `defaults/main.yml`:
|
|
|
|
| Variable | Description | Default Value |
|
|
|----------|-------------|---------------|
|
|
| `gitea_name` | Service name (used for binary, unit, paths) | `gitea` |
|
|
| `gitea_version` | Gitea version to install (no leading `v`) | `1.25.5` |
|
|
| `gitea_arch` | Architecture suffix of the upstream release | `amd64` |
|
|
| `gitea_opt` | Install directory (holds versioned binaries + symlink) | `/opt/{{ gitea_name }}` |
|
|
| `gitea_etc` | Config directory (`app.ini` lives here) | `/etc/{{ gitea_name }}` |
|
|
| `gitea_home` | Data directory / `WorkingDirectory` | `/var/lib/{{ gitea_name }}` |
|
|
| `gitea_url` | Full download URL of the `linux-<arch>` binary | upstream GitHub release URL |
|
|
| `gitea_keep_versions` | Previous versioned binaries to keep for rollback | `1` |
|
|
| `gitea_user_create` | Whether this role should create the system user/group | `true` |
|
|
| `gitea_user` / `gitea_group` | Service user and group | `git` / `git` |
|
|
| `gitea_uid` / `gitea_gid` | Optional fixed uid/gid | unset (system-assigned) |
|
|
| `gitea_user_home` | Home directory for the service user | `/home/{{ gitea_user }}` |
|
|
| `gitea_user_shell` | Login shell for the service user | `/bin/bash` |
|
|
| `gitea_app_ini` | Dict rendered verbatim into `app.ini` | minimal sqlite3 defaults |
|
|
|
|
### About `gitea_app_ini`
|
|
|
|
`app.ini` is fully driven from this dictionary. Keys become INI sections; the reserved key `DEFAULT` is rendered at the top of the file **without** a section header (matching Gitea's convention). Section names with dots (e.g. `cron.update_checker`, `repository.signing`) are preserved verbatim. Override this dict in your playbook to inject any setting Gitea supports.
|
|
|
|
Dependencies
|
|
------------
|
|
|
|
None.
|
|
|
|
Example Playbook
|
|
----------------
|
|
|
|
```yaml
|
|
- hosts: gitea_servers
|
|
roles:
|
|
- role: ansible_role_scm
|
|
vars:
|
|
gitea_version: '1.25.5'
|
|
gitea_user: 'git'
|
|
gitea_app_ini:
|
|
DEFAULT:
|
|
APP_NAME: 'My Gitea'
|
|
RUN_USER: 'git'
|
|
WORK_PATH: '/var/lib/gitea'
|
|
RUN_MODE: 'prod'
|
|
server:
|
|
DOMAIN: 'git.example.com'
|
|
HTTP_PORT: 3000
|
|
ROOT_URL: 'https://git.example.com/'
|
|
DISABLE_SSH: true
|
|
database:
|
|
DB_TYPE: 'postgres'
|
|
HOST: '127.0.0.1:5432'
|
|
NAME: 'giteadb'
|
|
USER: 'gitea'
|
|
PASSWD: '{{ vault_gitea_db_password }}'
|
|
SSL_MODE: 'disable'
|
|
security:
|
|
INSTALL_LOCK: true
|
|
INTERNAL_TOKEN: '{{ vault_gitea_internal_token }}'
|
|
```
|
|
|
|
License
|
|
-------
|
|
|
|
GPL-3.0-only
|
|
|
|
Author Information
|
|
------------------
|
|
|
|
+ Luciano Giacchetta
|
|
+ Giacchetta Networks LLC
|
|
+ https://gianet.us/engineering/ansible_role_scm
|