diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index 4adf7fb78..366dc6947 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -2,7 +2,7 @@ Gitea README ============ -This Ansible role installs Gitea - a self-hosted Git service written in Go. +This Ansible role installs Gitea — a self-hosted Git service written in Go. Using It -------- diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index c0d34d05e..441104d01 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -7,7 +7,8 @@ # Using @coolaj86's script as a template # https://git.coolaj86.com/coolaj86/gitea-installer.sh -# Information needed to install Gitea +# Info needed to install Gitea: + gitea_version: 1.10.3 iset_suffixes: i386: 386 @@ -20,7 +21,7 @@ gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture] | default('unknown') gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}" gitea_integrity_url: "{{ gitea_download_url }}.asc" -gitea_root_directory: /library/gitea +gitea_root_directory: "{{ content_base }}/gitea" # /library/gitea gitea_subdirectories: - bin - custom @@ -31,19 +32,9 @@ gitea_subdirectories: gitea_install_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}" gitea_checksum_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}.asc" -gitea_link_path: "{{ gitea_root_directory }}/gitea" - -# Information needed to verify Gitea +# Info needed to verify Gitea gitea_gpg_key: 7C9E68152594688862D62AF62D9AE806EC1592E2 -# Information needed to run Gitea -gitea_user: gitea -gitea_home: "/home/{{ gitea_user }}" # SSH credentials stored here -gitea_run_directory: "{{ gitea_root_directory }}" - -gitea_url: /gitea -gitea_port: 61734 # leet for GITEA - # Data locations gitea_db_path: "{{ gitea_root_directory }}/data/gitea.db" gitea_repo_root: "{{ gitea_root_directory }}/data/repositories" @@ -55,3 +46,14 @@ gitea_log_root: "{{ gitea_root_directory }}/log" # Extra configuration gitea_display_name: Internet-in-a-Box Gitea skip_install_screen: true # lowercase for Gitea's own /etc/gitea/app.ini + +gitea_link_path: "{{ gitea_root_directory }}/gitea" + +# Info needed to run Gitea: + +gitea_user: gitea +gitea_home: "/home/{{ gitea_user }}" # SSH credentials stored here +gitea_run_directory: "{{ gitea_root_directory }}" + +gitea_url: /gitea +gitea_port: 61734 # leet for GITEA diff --git a/roles/gitea/tasks/apache.yml b/roles/gitea/tasks/apache.yml new file mode 100644 index 000000000..9c4214c86 --- /dev/null +++ b/roles/gitea/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box{{ gitea_url }} via Apache # http://box/gitea + command: a2ensite gitea.conf + when: gitea_enabled | bool + +- name: Disable http://box{{ gitea_url }} via Apache # http://box/gitea + command: a2dissite gitea.conf + when: not gitea_enabled + +- name: Restart '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml deleted file mode 100644 index c72f5f065..000000000 --- a/roles/gitea/tasks/enable.yml +++ /dev/null @@ -1,69 +0,0 @@ -- name: Enable & Restart 'gitea' systemd service - systemd: - name: gitea - daemon_reload: yes - enabled: yes - state: restarted - when: gitea_enabled | bool - -- name: Disable & Restart 'gitea' systemd service - systemd: - name: gitea - enabled: no - state: stopped - when: not gitea_enabled - -# Apache - -- name: Enable http://box{{ gitea_url }} via Apache # i.e. http://box/gitea - command: a2ensite gitea.conf - when: apache_install and gitea_enabled - -- name: Disable http://box{{ gitea_url }} via Apache - command: a2dissite gitea.conf - when: apache_install and not gitea_enabled - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: Enable http://box{{ gitea_url }} via NGINX, by installing {{ nginx_conf_dir }}/gitea-nginx.conf from template - template: - src: gitea-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/gitea-nginx.conf" - when: nginx_install and gitea_enabled - -- name: Disable http://box{{ gitea_url }} via NGINX, by removing {{ nginx_conf_dir }}/gitea-nginx.conf - file: - path: "{{ nginx_conf_dir }}/gitea-nginx.conf" - state: absent - when: nginx_install and not gitea_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'gitea' to list of services at {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: gitea - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Gitea - - option: description - value: '"Gitea is like GitHub for more offline communities: Git with a cup of tea"' - - option: gitea_run_directory - value: "{{ gitea_run_directory }}" - - option: gitea_url - value: "{{ gitea_url }}" - - option: gitea_enabled - value: "{{ gitea_enabled }}" diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 7f3b94815..9b8ea9868 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,4 +1,4 @@ -# Prepare to install Gitea: create user and directory structure +# 1. Prepare to install Gitea: create user and directory structure - name: Shut down existing Gitea instance (if we're reinstalling) systemd: @@ -16,11 +16,11 @@ name: gitea comment: Gitea daemon account groups: gitea - home: "{{ gitea_home }}" + home: "{{ gitea_home }}" # /home/gitea - name: Create Gitea directory structure file: - path: "{{ gitea_root_directory }}/{{ item }}" + path: "{{ gitea_root_directory }}/{{ item }}" # /library/gitea state: directory owner: gitea group: gitea @@ -28,14 +28,15 @@ - name: Make directories data, indexers, and log writable file: - path: "{{ gitea_root_directory }}/{{ item }}" + path: "{{ gitea_root_directory }}/{{ item }}" # /library/gitea mode: '0750' with_items: - data - indexers - log -# Download, verify, and link Gitea binary + +# 2. Download, verify, and link Gitea binary - name: Fail if we detect unknown architecture fail: @@ -69,7 +70,8 @@ group: gitea state: link -# Configure Gitea + +# 3. Configure Gitea # For security reasons, the Gitea developers recommend removing group write # permissions from /etc/gitea/ and /etc/gitea/app.ini after the first run of @@ -92,7 +94,8 @@ group: gitea mode: '0664' -# Create systemd service & prepare Apache for http://box/gitea + +# 4. Create systemd service & prepare Apache for http://box/gitea - name: "Install from templates: /etc/systemd/system/gitea.service, /etc/apache2/sites-available/gitea.conf" template: @@ -103,7 +106,7 @@ - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_conf_dir }}/gitea.conf" } -# RECORD Gitea AS INSTALLED +# 5. RECORD Gitea AS INSTALLED - name: "Set 'gitea_installed: True'" set_fact: diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml index 94caaffe5..e62580de6 100644 --- a/roles/gitea/tasks/main.yml +++ b/roles/gitea/tasks/main.yml @@ -1,7 +1,67 @@ -- name: Install Gitea {{ gitea_version }} if gitea_install - include_tasks: install.yml - when: gitea_install and not (gitea_installed is defined) +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: Enable Gitea {{ gitea_version }} if gitea_install - include_tasks: enable.yml - when: gitea_install or gitea_installed is defined +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "gitea_install is sameas true" (boolean not string etc) + assert: + that: gitea_install is sameas true + fail_msg: "PLEASE SET 'gitea_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "gitea_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: gitea_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'gitea_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +- name: Install Gitea {{ gitea_version }} if 'gitea_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: gitea_installed is undefined + + +- name: Enable & Restart 'gitea' systemd service, if gitea_enabled + systemd: + name: gitea + daemon_reload: yes + enabled: yes + state: restarted + when: gitea_enabled | bool + +- name: Disable & Stop 'gitea' systemd service, if not gitea_enabled + systemd: + name: gitea + enabled: no + state: stopped + when: not gitea_enabled + +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'gitea' to list of services at {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab_state.yml + section: gitea + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Gitea + - option: description + value: '"Gitea is like GitHub for more offline communities: Git with a cup of tea"' + - option: gitea_run_directory + value: "{{ gitea_run_directory }}" + - option: gitea_url + value: "{{ gitea_url }}" + - option: gitea_enabled + value: "{{ gitea_enabled }}" diff --git a/roles/gitea/tasks/nginx.yml b/roles/gitea/tasks/nginx.yml new file mode 100644 index 000000000..e0a16c567 --- /dev/null +++ b/roles/gitea/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box{{ gitea_url }} via NGINX, by installing {{ nginx_conf_dir }}/gitea-nginx.conf from template + template: + src: gitea-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/gitea-nginx.conf" # /etc/nginx/conf.d + when: gitea_enabled | bool + +- name: Disable http://box{{ gitea_url }} via NGINX, by removing {{ nginx_conf_dir }}/gitea-nginx.conf + file: + path: "{{ nginx_conf_dir }}/gitea-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not gitea_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml index ba6321aed..603982713 100644 --- a/roles/lokole/tasks/main.yml +++ b/roles/lokole/tasks/main.yml @@ -19,12 +19,12 @@ quiet: yes -- name: Install Lokole {{ lokole_version }} if lokole_installed is not defined +- name: Install Lokole if lokole_installed is not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: lokole_installed is undefined -- name: Enable & Restart 'lokole' systemd service +- name: Enable & Restart 'lokole' systemd service, if lokole_enabled systemd: name: lokole daemon_reload: yes @@ -32,7 +32,7 @@ state: restarted when: lokole_enabled | bool -- name: Disable & Stop 'lokole' systemd service +- name: Disable & Stop 'lokole' systemd service, if not lokole_enabled systemd: name: lokole enabled: no diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index 9aeb1945e..1a0d5d6e6 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -24,9 +24,6 @@ when: osm_vector_maps_installed is undefined -#- name: Install countries.json, map_functions.js & 2 index.html's under-or-in {{ vector_map_path }}/maplist # /library/www/osm-vector-maps -# include_tasks: enable-or-disable.yml - - name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled include_tasks: nginx.yml when: nginx_enabled | bool