Cleaner Gitea playbook + 2 tasks/main.yml's

roles/gitea/README.rst

@@ -2,7 +2,7 @@
 Gitea README
 ============
 
-This Ansible role installs Gitea - a self-hosted Git service written in Go.
+This Ansible role installs Gitea — a self-hosted Git service written in Go.
 
 Using It
 --------

roles/gitea/defaults/main.yml

@@ -7,7 +7,8 @@
 # Using @coolaj86's script as a template
 # https://git.coolaj86.com/coolaj86/gitea-installer.sh
 
-# Information needed to install Gitea
+# Info needed to install Gitea:
+
 gitea_version: 1.10.3
 iset_suffixes:
   i386: 386
@@ -20,7 +21,7 @@ gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture] | default('unknown')
 gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}"
 gitea_integrity_url: "{{ gitea_download_url }}.asc"
 
-gitea_root_directory: /library/gitea
+gitea_root_directory: "{{ content_base }}/gitea"    # /library/gitea
 gitea_subdirectories:
   - bin
   - custom
@@ -31,19 +32,9 @@ gitea_subdirectories:
 gitea_install_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}"
 gitea_checksum_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}.asc"
 
-gitea_link_path: "{{ gitea_root_directory }}/gitea"
+# Info needed to verify Gitea
-
-# Information needed to verify Gitea
 gitea_gpg_key: 7C9E68152594688862D62AF62D9AE806EC1592E2
 
-# Information needed to run Gitea
-gitea_user: gitea
-gitea_home: "/home/{{ gitea_user }}"    # SSH credentials stored here
-gitea_run_directory: "{{ gitea_root_directory }}"
-
-gitea_url: /gitea
-gitea_port: 61734    # leet for GITEA
-
 # Data locations
 gitea_db_path: "{{ gitea_root_directory }}/data/gitea.db"
 gitea_repo_root: "{{ gitea_root_directory }}/data/repositories"
@@ -55,3 +46,14 @@ gitea_log_root: "{{ gitea_root_directory }}/log"
 # Extra configuration
 gitea_display_name: Internet-in-a-Box Gitea
 skip_install_screen: true    # lowercase for Gitea's own /etc/gitea/app.ini
+
+gitea_link_path: "{{ gitea_root_directory }}/gitea"
+
+# Info needed to run Gitea:
+
+gitea_user: gitea
+gitea_home: "/home/{{ gitea_user }}"    # SSH credentials stored here
+gitea_run_directory: "{{ gitea_root_directory }}"
+
+gitea_url: /gitea
+gitea_port: 61734    # leet for GITEA

roles/gitea/tasks/apache.yml

@@ -0,0 +1,12 @@
+- name: Enable http://box{{ gitea_url }} via Apache    # http://box/gitea
+  command: a2ensite gitea.conf
+  when: gitea_enabled | bool
+
+- name: Disable http://box{{ gitea_url }} via Apache    # http://box/gitea
+  command: a2dissite gitea.conf
+  when: not gitea_enabled
+
+- name: Restart '{{ apache_service }}' systemd service
+  systemd:
+    name: "{{ apache_service }}"    # apache2 or httpd, as set in /opt/iiab/iiab/vars/<OS>.yml
+    state: restarted

roles/gitea/tasks/enable.yml

@@ -1,69 +0,0 @@
-- name: Enable & Restart 'gitea' systemd service
-  systemd:
-    name: gitea
-    daemon_reload: yes
-    enabled: yes
-    state: restarted
-  when: gitea_enabled | bool
-
-- name: Disable & Restart 'gitea' systemd service
-  systemd:
-    name: gitea
-    enabled: no
-    state: stopped
-  when: not gitea_enabled
-
-# Apache
-
-- name: Enable http://box{{ gitea_url }} via Apache    # i.e. http://box/gitea
-  command: a2ensite gitea.conf
-  when: apache_install and gitea_enabled
-
-- name: Disable http://box{{ gitea_url }} via Apache
-  command: a2dissite gitea.conf
-  when: apache_install and not gitea_enabled
-
-- name: Restart Apache systemd service ({{ apache_service }})
-  systemd:
-    name: "{{ apache_service }}"    # apache2 or httpd, as set in /opt/iiab/iiab/vars/<OS>.yml
-    state: restarted
-  when: apache_enabled | bool
-
-# NGINX
-
-- name: Enable http://box{{ gitea_url }} via NGINX, by installing {{ nginx_conf_dir }}/gitea-nginx.conf from template
-  template:
-    src: gitea-nginx.conf.j2
-    dest: "{{ nginx_conf_dir }}/gitea-nginx.conf"
-  when: nginx_install and gitea_enabled
-
-- name: Disable http://box{{ gitea_url }} via NGINX, by removing {{ nginx_conf_dir }}/gitea-nginx.conf
-  file:
-    path: "{{ nginx_conf_dir }}/gitea-nginx.conf"
-    state: absent
-  when: nginx_install and not gitea_enabled
-
-- name: Restart 'nginx' systemd service
-  systemd:
-    name: nginx
-    state: restarted
-  when: nginx_enabled | bool
-
-
-- name: Add 'gitea' to list of services at {{ iiab_ini_file }}
-  ini_file:
-    path: "{{ iiab_ini_file }}"
-    section: gitea
-    option: "{{ item.option }}"
-    value: "{{ item.value | string }}"
-  with_items:
-    - option: name
-      value: Gitea
-    - option: description
-      value: '"Gitea is like GitHub for more offline communities: Git with a cup of tea"'
-    - option: gitea_run_directory
-      value: "{{ gitea_run_directory }}"
-    - option: gitea_url
-      value: "{{ gitea_url }}"
-    - option: gitea_enabled
-      value: "{{ gitea_enabled }}"

roles/gitea/tasks/install.yml

@@ -1,4 +1,4 @@
-# Prepare to install Gitea: create user and directory structure
+# 1. Prepare to install Gitea: create user and directory structure
 
 - name: Shut down existing Gitea instance (if we're reinstalling)
   systemd:
@@ -16,11 +16,11 @@
     name: gitea
     comment: Gitea daemon account
     groups: gitea
-    home: "{{ gitea_home }}"
+    home: "{{ gitea_home }}"    # /home/gitea
 
 - name: Create Gitea directory structure
   file:
-    path: "{{ gitea_root_directory }}/{{ item }}"
+    path: "{{ gitea_root_directory }}/{{ item }}"    # /library/gitea
     state: directory
     owner: gitea
     group: gitea
@@ -28,14 +28,15 @@
 
 - name: Make directories data, indexers, and log writable
   file:
-    path: "{{ gitea_root_directory }}/{{ item }}"
+    path: "{{ gitea_root_directory }}/{{ item }}"    # /library/gitea
     mode: '0750'
   with_items:
     - data
     - indexers
     - log
 
-# Download, verify, and link Gitea binary
+
+# 2. Download, verify, and link Gitea binary
 
 - name: Fail if we detect unknown architecture
   fail:
@@ -69,7 +70,8 @@
     group: gitea
     state: link
 
-# Configure Gitea
+
+# 3. Configure Gitea
 
 # For security reasons, the Gitea developers recommend removing group write
 # permissions from /etc/gitea/ and /etc/gitea/app.ini after the first run of 
@@ -92,7 +94,8 @@
     group: gitea
     mode: '0664'
 
-# Create systemd service & prepare Apache for http://box/gitea
+
+# 4. Create systemd service & prepare Apache for http://box/gitea
 
 - name: "Install from templates: /etc/systemd/system/gitea.service, /etc/apache2/sites-available/gitea.conf"
   template:
@@ -103,7 +106,7 @@
     - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_conf_dir }}/gitea.conf" }
 
 
-# RECORD Gitea AS INSTALLED
+# 5. RECORD Gitea AS INSTALLED
 
 - name: "Set 'gitea_installed: True'"
   set_fact:

roles/gitea/tasks/main.yml

@@ -1,7 +1,67 @@
-- name: Install Gitea {{ gitea_version }} if gitea_install
+# "How do i fail a task in Ansible if the variable contains a boolean value?
-  include_tasks: install.yml
+# I want to perform input validation for Ansible playbooks"
-  when: gitea_install and not (gitea_installed is defined)
+# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
 
-- name: Enable Gitea {{ gitea_version }} if gitea_install
+# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
-  include_tasks: enable.yml
+# to re-check whether vars are defined here.  As Ansible vars cannot be unset:
-  when: gitea_install or gitea_installed is defined
+# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
+
+- name: Assert that "gitea_install is sameas true" (boolean not string etc)
+  assert:
+    that: gitea_install is sameas true
+    fail_msg: "PLEASE SET 'gitea_install: True' e.g. IN: /etc/iiab/local_vars.yml"
+    quiet: yes
+
+- name: Assert that "gitea_enabled | type_debug == 'bool'" (boolean not string etc)
+  assert:
+    that: gitea_enabled | type_debug == 'bool'
+    fail_msg: "PLEASE GIVE VARIABLE 'gitea_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
+    quiet: yes
+
+
+- name: Install Gitea {{ gitea_version }} if 'gitea_installed' not defined, e.g. in {{ iiab_state_file }}    # /etc/iiab/iiab_state.yml
+  include_tasks: install.yml
+  when: gitea_installed is undefined
+
+
+- name: Enable & Restart 'gitea' systemd service, if gitea_enabled
+  systemd:
+    name: gitea
+    daemon_reload: yes
+    enabled: yes
+    state: restarted
+  when: gitea_enabled | bool
+
+- name: Disable & Stop 'gitea' systemd service, if not gitea_enabled
+  systemd:
+    name: gitea
+    enabled: no
+    state: stopped
+  when: not gitea_enabled
+
+- name: Enable/Disable/Restart Apache if primary
+  include_tasks: apache.yml
+  when: not nginx_enabled
+
+- name: Enable/Disable/Restart NGINX if primary
+  include_tasks: nginx.yml
+  when: nginx_enabled | bool
+
+
+- name: Add 'gitea' to list of services at {{ iiab_ini_file }}
+  ini_file:
+    path: "{{ iiab_ini_file }}"    # /etc/iiab/iiab_state.yml
+    section: gitea
+    option: "{{ item.option }}"
+    value: "{{ item.value | string }}"
+  with_items:
+    - option: name
+      value: Gitea
+    - option: description
+      value: '"Gitea is like GitHub for more offline communities: Git with a cup of tea"'
+    - option: gitea_run_directory
+      value: "{{ gitea_run_directory }}"
+    - option: gitea_url
+      value: "{{ gitea_url }}"
+    - option: gitea_enabled
+      value: "{{ gitea_enabled }}"

roles/gitea/tasks/nginx.yml

@@ -0,0 +1,16 @@
+- name: Enable http://box{{ gitea_url }} via NGINX, by installing {{ nginx_conf_dir }}/gitea-nginx.conf from template
+  template:
+    src: gitea-nginx.conf.j2
+    dest: "{{ nginx_conf_dir }}/gitea-nginx.conf"    # /etc/nginx/conf.d
+  when: gitea_enabled | bool
+
+- name: Disable http://box{{ gitea_url }} via NGINX, by removing {{ nginx_conf_dir }}/gitea-nginx.conf
+  file:
+    path: "{{ nginx_conf_dir }}/gitea-nginx.conf"    # /etc/nginx/conf.d
+    state: absent
+  when: not gitea_enabled
+
+- name: Restart 'nginx' systemd service
+  systemd:
+    name: nginx
+    state: restarted

roles/lokole/tasks/main.yml

@@ -19,12 +19,12 @@
     quiet: yes
 
 
-- name: Install Lokole {{ lokole_version }} if lokole_installed is not defined
+- name: Install Lokole if lokole_installed is not defined, e.g. in {{ iiab_state_file }}    # /etc/iiab/iiab_state.yml
   include_tasks: install.yml
   when: lokole_installed is undefined
 
 
-- name: Enable & Restart 'lokole' systemd service
+- name: Enable & Restart 'lokole' systemd service, if lokole_enabled
   systemd:
     name: lokole
     daemon_reload: yes
@@ -32,7 +32,7 @@
     state: restarted
   when: lokole_enabled | bool
 
-- name: Disable & Stop 'lokole' systemd service
+- name: Disable & Stop 'lokole' systemd service, if not lokole_enabled
   systemd:
     name: lokole
     enabled: no

roles/osm-vector-maps/tasks/main.yml

@@ -24,9 +24,6 @@
   when: osm_vector_maps_installed is undefined
 
 
-#- name: Install countries.json, map_functions.js & 2 index.html's under-or-in {{ vector_map_path }}/maplist    # /library/www/osm-vector-maps
-#  include_tasks: enable-or-disable.yml
-
 - name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled
   include_tasks: nginx.yml
   when: nginx_enabled | bool