Add git role
This commit is contained in:
parent
303e188e24
commit
5dd519d88a
9 changed files with 215 additions and 0 deletions
109
roles/git-server/tasks/main.yaml
Normal file
109
roles/git-server/tasks/main.yaml
Normal file
|
|
@ -0,0 +1,109 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name:
|
||||
- git
|
||||
- nginx
|
||||
- xq
|
||||
state: present
|
||||
|
||||
- name: Clear default nginx site
|
||||
file:
|
||||
state: absent
|
||||
path: /etc/nginx/sites-enabled/default
|
||||
notify: reload nginx
|
||||
|
||||
- name: Install nginx site
|
||||
template:
|
||||
src: nginx-site.conf
|
||||
dest: /etc/nginx/sites-available/forgejo
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: reload nginx
|
||||
|
||||
- name: Enable nginx site
|
||||
file:
|
||||
src: /etc/nginx/sites-available/forgejo
|
||||
dest: /etc/nginx/sites-enabled/forgejo
|
||||
state: link
|
||||
notify: reload nginx
|
||||
|
||||
- name: Create user
|
||||
user:
|
||||
name: "{{ git_server_user }}"
|
||||
home: "{{ git_server_working_dir }}"
|
||||
shell: /bin/bash
|
||||
comment: Git server
|
||||
|
||||
- name: Create logging dir
|
||||
file:
|
||||
state: directory
|
||||
path: /var/log/forgejo
|
||||
owner: "{{ git_server_user }}"
|
||||
group: "{{ git_server_user }}"
|
||||
mode: 0755
|
||||
|
||||
|
||||
# TODO: Install initial config
|
||||
|
||||
- name: Install service file
|
||||
template:
|
||||
src: forgejo.service
|
||||
dest: /etc/systemd/system/forgejo.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: reload forgejo
|
||||
|
||||
- name: Install update script
|
||||
template:
|
||||
src: update.sh
|
||||
dest: "{{ git_server_working_dir }}/update.sh"
|
||||
owner: "{{ git_server_user }}"
|
||||
group: "{{ git_server_user }}"
|
||||
mode: 0755
|
||||
|
||||
- name: Perform initial update
|
||||
command: "{{ git_server_working_dir }}/update.sh"
|
||||
args:
|
||||
creates: "{{ git_server_working_dir }}/forgejo"
|
||||
notify: reload forgejo
|
||||
|
||||
- name: Enable service
|
||||
systemd:
|
||||
name: forgejo
|
||||
enabled: yes
|
||||
daemon_reload: true
|
||||
|
||||
- name: Start service
|
||||
systemd:
|
||||
name: forgejo
|
||||
state: started
|
||||
daemon_reload: true
|
||||
|
||||
- name: Install cronjob
|
||||
template:
|
||||
src: cronjob
|
||||
dest: /etc/cron.d/forgejo
|
||||
|
||||
- name: Allow Git SSH, HTTP and HTTPS
|
||||
iptables:
|
||||
chain: INPUT
|
||||
protocol: tcp
|
||||
destination_port: "{{ item.port }}"
|
||||
ctstate: NEW
|
||||
jump: ACCEPT
|
||||
ip_version: "{{ item.ip }}"
|
||||
action: insert
|
||||
with_items:
|
||||
- { ip: ipv4, port: 80 }
|
||||
- { ip: ipv4, port: 22 }
|
||||
- { ip: ipv4, port: 443 }
|
||||
- { ip: ipv6, port: 80 }
|
||||
- { ip: ipv6, port: 22 }
|
||||
- { ip: ipv6, port: 443 }
|
||||
notify: persist iptables
|
||||
|
||||
- debug:
|
||||
msg: If Forgejo has not been setup yet, please do so manually.
|
||||
Loading…
Add table
Add a link
Reference in a new issue