From 12e8f29ca00d3fcd7bd078589a0e2535d2e70cbf Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 01:46:12 -0400 Subject: [PATCH 01/76] Start creating Gitea role --- roles/gitea/README.rst | 10 ++++++++ roles/gitea/defaults/main.yml | 19 +++++++++++++++ roles/gitea/tasks/main.yml | 3 +++ roles/gitea/templates/gitea.service.j2 | 32 ++++++++++++++++++++++++++ 4 files changed, 64 insertions(+) create mode 100644 roles/gitea/README.rst create mode 100644 roles/gitea/defaults/main.yml create mode 100644 roles/gitea/tasks/main.yml create mode 100644 roles/gitea/templates/gitea.service.j2 diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst new file mode 100644 index 000000000..44f9f337d --- /dev/null +++ b/roles/gitea/README.rst @@ -0,0 +1,10 @@ +============= +Gitea README +============= + +This Ansible role installs Gitea. + +Using It +-------- + +Lokole should be accessible at http://box/gitea/. diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml new file mode 100644 index 000000000..cadc8cbfe --- /dev/null +++ b/roles/gitea/defaults/main.yml @@ -0,0 +1,19 @@ +--- +# Using @coolaj86's script as a template +# https://git.coolaj86.com/coolaj86/gitea-installer.sh + +# Information needed to install Gitea +gitea_version: "1.6" +gitea_install_path: "/usr/local/bin/gitea" + +# Information needed to run Gitea +gitea_user: gitea +gitea_run_directory: /var/lib/gitea + +gitea_install: True +gitea_enabled: True + +gitea_url: /gitea +gitea_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ gitea_url }}" + +gitea_port: 1776 diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml new file mode 100644 index 000000000..211db861b --- /dev/null +++ b/roles/gitea/tasks/main.yml @@ -0,0 +1,3 @@ +- name: Include the install playbook + include_tasks: install.yml + when: gitea_install diff --git a/roles/gitea/templates/gitea.service.j2 b/roles/gitea/templates/gitea.service.j2 new file mode 100644 index 000000000..f8f1a2f0a --- /dev/null +++ b/roles/gitea/templates/gitea.service.j2 @@ -0,0 +1,32 @@ +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target +After=network.target +#After=mysqld.service +#After=postgresql.service +#After=memcached.service +#After=redis.service + +[Service] +# Modify these two values and uncomment them if you have +# repos with lots of files and get an HTTP error 500 because +# of that +### +#LimitMEMLOCK=infinity +#LimitNOFILE=65535 +RestartSec=2s +Type=simple +User={{gitea_user}} +Group={{gitea_user}} +WorkingDirectory={{gitea_run_directory}} +ExecStart={{gitea_install_path}} web -c /etc/gitea/app.ini +Restart=always +Environment=USER={{gitea_user}} HOME=/home/{{gitea_user}} GITEA_WORK_DIR={{gitea_run_directory}} +# If you want to bind Gitea to a port below 1024 uncomment +# the two values below +### +#CapabilityBoundingSet=CAP_NET_BIND_SERVICE +#AmbientCapabilities=CAP_NET_BIND_SERVICE + +[Install] +WantedBy=multi-user.target From a7e4b04eba8456de3ca843a0b771ab09391914c1 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 02:03:19 -0400 Subject: [PATCH 02/76] Use a less random port number --- roles/gitea/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index cadc8cbfe..50646fe58 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -16,4 +16,4 @@ gitea_enabled: True gitea_url: /gitea gitea_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ gitea_url }}" -gitea_port: 1776 +gitea_port: 61734 # leet for GITEA From a66d4ed6360afff6585b068c57eab7a3ccdf07ea Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 02:03:45 -0400 Subject: [PATCH 03/76] Add Apache config file (might need more tweaks) --- roles/gitea/templates/gitea.conf.j2 | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 roles/gitea/templates/gitea.conf.j2 diff --git a/roles/gitea/templates/gitea.conf.j2 b/roles/gitea/templates/gitea.conf.j2 new file mode 100644 index 000000000..ac9d9753f --- /dev/null +++ b/roles/gitea/templates/gitea.conf.j2 @@ -0,0 +1,13 @@ +# All URLs go to Gitea web server. Static content is bundled in the executable. +ProxyRequests off +ProxyPass {{ gitea_url }}/ http://localhost:{{ gitea_port }}/ + + + ProxyPassReverse / + ProxyHTMLEnable On + ProxyHTMLURLMap / {{ gitea_url }}/ + RequestHeader unset Accept-Encoding + + +# Disable TRACE to prevent cross-site tracing +TraceEnable off From e351a1c7c1a3b06f2642a6e9334970c9f059fcff Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 03:26:39 -0400 Subject: [PATCH 04/76] Add play for downloading Gitea binary - Convert ansible_architecture variable to filename suffix --- roles/gitea/defaults/main.yml | 10 +++++ roles/gitea/tasks/install.yml | 73 +++++++++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 roles/gitea/tasks/install.yml diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 50646fe58..f7ce9f003 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -6,6 +6,16 @@ gitea_version: "1.6" gitea_install_path: "/usr/local/bin/gitea" +iset_suffixes: + i386: "386" + x86_64: "amd64" + armv6l: "arm-6" + armv7l: "arm-7" + +gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture | default("unknown architecture")] }}" + +gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}" + # Information needed to run Gitea gitea_user: gitea gitea_run_directory: /var/lib/gitea diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml new file mode 100644 index 000000000..8c0a130aa --- /dev/null +++ b/roles/gitea/tasks/install.yml @@ -0,0 +1,73 @@ +- name: Download Gitea binary + get_url: + url: "{{ gitea_download_url }}" + dest: "{{ gitea_install_path }}" + mode: 0775 + tags: + - install + when: internet_available + +- name: Create 'gitea' service + template: + src: gitea.service.j2 + dest: "/etc/systemd/system/gitea.service" + tags: + - systemd + +- name: Enable 'gitea' service + systemd: + daemon_reload: yes + name: gitea + enabled: yes + state: restarted + when: gitea_enabled + +- name: Disable 'gitea' service + systemd: + name: gitea + enabled: no + state: stopped + when: not gitea_enabled + +- name: Copy gitea httpd conf file + template: + src: gitea.conf.j2 + dest: "/etc/{{ apache_config_dir }}/gitea.conf" + +- name: Enable httpd conf file if we are disabled (debuntu) + file: + src: /etc/{{ apache_config_dir }}/gitea.conf + dest: /etc/apache2/sites-enabled/gitea.conf + state: link + when: gitea_enabled and is_debuntu + +- name: Remove httpd conf file if we are disabled (OS's other than debuntu) + file: + path: /etc/apache2/sites-enabled/gitea.conf + state: absent + when: not gitea_enabled and is_debuntu + +- name: Restart Apache, so it picks up the new aliases + service: + name: "{{ apache_service }}" + state: restarted + +- name: Add 'gitea' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: gitea + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + - option: name + value: gitea + - option: description + value: '"gitea is an email service."' + - option: gitea_run_directory + value: "{{ gitea_run_directory }}" + - option: gitea_url + value: "{{ gitea_url }}" + - option: gitea_full_url + value: "{{ gitea_full_url }}" + - option: gitea_enabled + value: "{{ gitea_enabled }}" From fc7ff3bc3baccba978c0008d2837ccf1acbdfddb Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 03:36:00 -0400 Subject: [PATCH 05/76] Add plays to verify Gitea binary --- roles/gitea/defaults/main.yml | 1 + roles/gitea/tasks/install.yml | 15 +++++++++++++++ 2 files changed, 16 insertions(+) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index f7ce9f003..28ff33985 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -15,6 +15,7 @@ iset_suffixes: gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture | default("unknown architecture")] }}" gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}" +gitea_integrity_url: "{{ gitea_download_url }}.asc" # Information needed to run Gitea gitea_user: gitea diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 8c0a130aa..c5ee4be1a 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -7,6 +7,21 @@ - install when: internet_available +- name: Download Gitea GPG signature + get_url: + url: "{{ gitea_integrity_url }}" + dest: "{{ gitea_install_path }}.asc" + tags: + - install + when: internet_available + +- name: Verify Gitea binary with GPG signature + shell: | + gpg --keyserver pgp.mit.edu --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 + gpg --verify {{ gitea_install_path }}.asc {{ gitea_install_path }} + tags: + - install + - name: Create 'gitea' service template: src: gitea.service.j2 From a6d4990079e7babd2614ff43a649dc66dd03df49 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 12:35:16 -0400 Subject: [PATCH 06/76] Move everything to /library/gitea, create more variables --- roles/gitea/defaults/main.yml | 11 ++++++++--- roles/gitea/tasks/install.yml | 12 ++++++++++-- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 28ff33985..16e6fbb72 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -4,8 +4,6 @@ # Information needed to install Gitea gitea_version: "1.6" -gitea_install_path: "/usr/local/bin/gitea" - iset_suffixes: i386: "386" x86_64: "amd64" @@ -17,9 +15,16 @@ gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture | default("unknown arc gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}" gitea_integrity_url: "{{ gitea_download_url }}.asc" +gitea_root_directory: "/library/gitea" +gitea_install_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}" +gitea_checksum_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}.asc" + +gitea_link_path: "{{ gitea_root_directory }}/gitea" + # Information needed to run Gitea gitea_user: gitea -gitea_run_directory: /var/lib/gitea +gitea_run_directory: "{{ gitea_root_directory }}" +gitea_db_directory: "/library/dbdata/gitea" gitea_install: True gitea_enabled: True diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index c5ee4be1a..d537b097f 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,3 +1,10 @@ +- name: Create Gitea root directory + file: + path: "{{ gitea_root_directory }}" + state: directory + # owner: gitea + # group: gitea + - name: Download Gitea binary get_url: url: "{{ gitea_download_url }}" @@ -10,7 +17,7 @@ - name: Download Gitea GPG signature get_url: url: "{{ gitea_integrity_url }}" - dest: "{{ gitea_install_path }}.asc" + dest: "{{ gitea_checksum_path }}" tags: - install when: internet_available @@ -18,9 +25,10 @@ - name: Verify Gitea binary with GPG signature shell: | gpg --keyserver pgp.mit.edu --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 - gpg --verify {{ gitea_install_path }}.asc {{ gitea_install_path }} + gpg --verify {{ gitea_checksum_path }} {{ gitea_install_path }} tags: - install + - verify - name: Create 'gitea' service template: From 3ad8facee34c88c2bfe14955539b496309732901 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 12:41:16 -0400 Subject: [PATCH 07/76] Create Gitea user --- roles/gitea/tasks/install.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index d537b097f..c5f2787ff 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,3 +1,10 @@ +- name: Create user gitea + user: + name: gitea + comment: Gitea daemon account + groups: gitea + home: "{{ gitea_root_directory }}" + - name: Create Gitea root directory file: path: "{{ gitea_root_directory }}" From 0e8e1c44b35da84af2a36ad9259cd5902f304df0 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 12:42:14 -0400 Subject: [PATCH 08/76] Add variable for subdirectories --- roles/gitea/defaults/main.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 16e6fbb72..7f07955c9 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -16,6 +16,13 @@ gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gite gitea_integrity_url: "{{ gitea_download_url }}.asc" gitea_root_directory: "/library/gitea" +gitea_subdirectories: + - bin + - custom + - data + - indexers + - public + - log gitea_install_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}" gitea_checksum_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}.asc" From 2fb142e5bfe893715231fbeb6256ba19de763fc1 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 12:50:17 -0400 Subject: [PATCH 09/76] Create Gitea subdirectories with owner and group --- roles/gitea/tasks/install.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index c5f2787ff..430217bca 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -7,10 +7,11 @@ - name: Create Gitea root directory file: - path: "{{ gitea_root_directory }}" + path: "{{ gitea_root_directory }}/{{item.item}}" state: directory - # owner: gitea - # group: gitea + owner: gitea + group: gitea + with_items: "{{ gitea_subdirectories }}" - name: Download Gitea binary get_url: From 522d4d5c7ea2032ec5b0f6f2d6da9253daf56e24 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 12:52:51 -0400 Subject: [PATCH 10/76] Create symlink --- roles/gitea/tasks/install.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 430217bca..f18545a24 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -38,6 +38,14 @@ - install - verify +- name: Link Gitea + file: + src: "{{ gitea_install_path }}" + dest: "{{ gitea_link_path }}" + owner: gitea + group: gitea + state: link + - name: Create 'gitea' service template: src: gitea.service.j2 From 23dfa8b2975dd04cde8389e62fbe24c35d79c7fa Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 12:57:54 -0400 Subject: [PATCH 11/76] Set permissions, create /etc/gitea --- roles/gitea/tasks/install.yml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index f18545a24..98b7f53ba 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -5,7 +5,7 @@ groups: gitea home: "{{ gitea_root_directory }}" -- name: Create Gitea root directory +- name: Create Gitea directory structure file: path: "{{ gitea_root_directory }}/{{item.item}}" state: directory @@ -13,6 +13,23 @@ group: gitea with_items: "{{ gitea_subdirectories }}" +- name: Make directories data, indexers, and log writable + file: + path: "{{ gitea_root_directory }}/{{item.item}}" + mode: 0750 + with_items: + - data + - indexers + - log + +- name: Create Gitea config directory + file: + path: /etc/gitea + state: directory + owner: root + group: gitea + mode: 0770 + - name: Download Gitea binary get_url: url: "{{ gitea_download_url }}" From 2c1339fc3a88968e6be9927e5cddefc90e6b3273 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 13:13:16 -0400 Subject: [PATCH 12/76] Add pre-install tag --- roles/gitea/tasks/install.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 98b7f53ba..f3403363d 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -4,6 +4,8 @@ comment: Gitea daemon account groups: gitea home: "{{ gitea_root_directory }}" + tags: + - pre-install - name: Create Gitea directory structure file: @@ -12,6 +14,8 @@ owner: gitea group: gitea with_items: "{{ gitea_subdirectories }}" + tags: + - pre-install - name: Make directories data, indexers, and log writable file: @@ -21,6 +25,8 @@ - data - indexers - log + tags: + - pre-install - name: Create Gitea config directory file: @@ -29,6 +35,8 @@ owner: root group: gitea mode: 0770 + tags: + - pre-install - name: Download Gitea binary get_url: @@ -62,6 +70,8 @@ owner: gitea group: gitea state: link + tags: + - install - name: Create 'gitea' service template: From 447b33f854733979d8ffc253cc68724aaff39be9 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 13:23:18 -0400 Subject: [PATCH 13/76] Add app.ini template and configuration plays --- roles/gitea/tasks/install.yml | 42 +- roles/gitea/templates/app.ini.j2 | 656 +++++++++++++++++++++++++++++++ 2 files changed, 688 insertions(+), 10 deletions(-) create mode 100644 roles/gitea/templates/app.ini.j2 diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index f3403363d..4c06f226f 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,3 +1,5 @@ +# Prepare to install Gitea: create user and directory structure + - name: Create user gitea user: name: gitea @@ -28,15 +30,7 @@ tags: - pre-install -- name: Create Gitea config directory - file: - path: /etc/gitea - state: directory - owner: root - group: gitea - mode: 0770 - tags: - - pre-install +# Download, verify, and link Gitea binary - name: Download Gitea binary get_url: @@ -73,6 +67,30 @@ tags: - install +# Configure Gitea + +- name: Create Gitea config directory + file: + path: /etc/gitea + state: directory + owner: root + group: gitea + mode: 0750 + tags: + - config + +- name: Create app.ini + template: + src: app.ini.j2 + dest: /etc/gitea/app.ini + owner: root + group: gitea + mode: 0644 + tags: + - config + +# Create systemd service + - name: Create 'gitea' service template: src: gitea.service.j2 @@ -95,6 +113,8 @@ state: stopped when: not gitea_enabled +# Configure HTTPD + - name: Copy gitea httpd conf file template: src: gitea.conf.j2 @@ -118,6 +138,8 @@ name: "{{ apache_service }}" state: restarted +# Add Gitea to registry + - name: Add 'gitea' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" @@ -128,7 +150,7 @@ - option: name value: gitea - option: description - value: '"gitea is an email service."' + value: '"Gitea: Git with a cup of tea"' - option: gitea_run_directory value: "{{ gitea_run_directory }}" - option: gitea_url diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 new file mode 100644 index 000000000..47d7bcb6a --- /dev/null +++ b/roles/gitea/templates/app.ini.j2 @@ -0,0 +1,656 @@ +; This file lists the default values used by Gitea +; Copy required sections to your own app.ini (default is custom/conf/app.ini) +; and modify as needed. + +; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation. + +; App name that shows in every page title +APP_NAME = Gitea: Git with a cup of tea +; Change it if you run locally +RUN_USER = git +; Either "dev", "prod" or "test", default is "dev" +RUN_MODE = dev + +[repository] +ROOT = +SCRIPT_TYPE = bash +; Default ANSI charset +ANSI_CHARSET = +; Force every new repository to be private +FORCE_PRIVATE = false +; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used. +DEFAULT_PRIVATE = last +; Global limit of repositories per user, applied at creation time. -1 means no limit +MAX_CREATION_LIMIT = -1 +; Mirror sync queue length, increase if mirror syncing starts hanging +MIRROR_QUEUE_LENGTH = 1000 +; Patch test queue length, increase if pull request patch testing starts hanging +PULL_REQUEST_QUEUE_LENGTH = 1000 +; Preferred Licenses to place at the top of the List +; The name here must match the filename in conf/license or custom/conf/license +PREFERRED_LICENSES = Apache License 2.0,MIT License +; Disable the ability to interact with repositories using the HTTP protocol +DISABLE_HTTP_GIT = false +; Force ssh:// clone url instead of scp-style uri when default SSH port is used +USE_COMPAT_SSH_URI = false + +[repository.editor] +; List of file extensions for which lines should be wrapped in the CodeMirror editor +; Separate extensions with a comma. To line wrap files without an extension, just put a comma +LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd, +; Valid file modes that have a preview API associated with them, such as api/v1/markdown +; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match +PREVIEWABLE_FILE_MODES = markdown + +[repository.local] +; Path for local repository copy. Defaults to `tmp/local-repo` +LOCAL_COPY_PATH = tmp/local-repo +; Path for local wiki copy. Defaults to `tmp/local-wiki` +LOCAL_WIKI_PATH = tmp/local-wiki + +[repository.upload] +; Whether repository file uploads are enabled. Defaults to `true` +ENABLED = true +; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart) +TEMP_PATH = data/tmp/uploads +; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type +ALLOWED_TYPES = +; Max size of each file in megabytes. Defaults to 3MB +FILE_MAX_SIZE = 3 +; Max number of files per upload. Defaults to 5 +MAX_FILES = 5 + +[repository.pull-request] +; List of prefixes used in Pull Request title to mark them as Work In Progress +WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP] + +[ui] +; Number of repositories that are displayed on one explore page +EXPLORE_PAGING_NUM = 20 +; Number of issues that are displayed on one page +ISSUE_PAGING_NUM = 10 +; Number of maximum commits displayed in one activity feed +FEED_MAX_COMMIT_NUM = 5 +; Number of maximum commits displayed in commit graph. +GRAPH_MAX_COMMIT_NUM = 100 +; Number of line of codes shown for a code comment +CODE_COMMENT_LINES = 4 +; Value of `theme-color` meta tag, used by Android >= 5.0 +; An invalid color like "none" or "disable" will have the default style +; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android +THEME_COLOR_META_TAG = `#6cc644` +; Max size of files to be displayed (default is 8MiB) +MAX_DISPLAY_FILE_SIZE = 8388608 +; Whether the email of the user should be shown in the Explore Users page +SHOW_USER_EMAIL = true +; Set the default theme for the Gitea install +DEFAULT_THEME = gitea + +[ui.admin] +; Number of users that are displayed on one page +USER_PAGING_NUM = 50 +; Number of repos that are displayed on one page +REPO_PAGING_NUM = 50 +; Number of notices that are displayed on one page +NOTICE_PAGING_NUM = 25 +; Number of organizations that are displayed on one page +ORG_PAGING_NUM = 50 + +[ui.user] +; Number of repos that are displayed on one page +REPO_PAGING_NUM = 15 + +[ui.meta] +AUTHOR = Gitea - Git with a cup of tea +DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go +KEYWORDS = go,git,self-hosted,gitea + +[markdown] +; Enable hard line break extension +ENABLE_HARD_LINE_BREAK = false +; List of custom URL-Schemes that are allowed as links when rendering Markdown +; for example git,magnet +CUSTOM_URL_SCHEMES = +; List of file extensions that should be rendered/edited as Markdown +; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma +FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd + +[server] +; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'. +PROTOCOL = http +DOMAIN = localhost +ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ +; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket. +HTTP_ADDR = 0.0.0.0 +HTTP_PORT = 3000 +; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server +; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main +; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for +; PORT_TO_REDIRECT. +REDIRECT_OTHER_PORT = false +PORT_TO_REDIRECT = 80 +; Permission for unix socket +UNIX_SOCKET_PERMISSION = 666 +; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service. +; In most cases you do not need to change the default value. +; Alter it only if your SSH server node is not the same as HTTP node. +; Do not set this variable if PROTOCOL is set to 'unix'. +LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/ +; Disable SSH feature when not available +DISABLE_SSH = false +; Whether to use the builtin SSH server or not. +START_SSH_SERVER = false +; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER. +BUILTIN_SSH_SERVER_USER = +; Domain name to be exposed in clone URL +SSH_DOMAIN = %(DOMAIN)s +; THe network interface the builtin SSH server should listen on +SSH_LISTEN_HOST = +; Port number to be exposed in clone URL +SSH_PORT = 22 +; The port number the builtin SSH server should listen on +SSH_LISTEN_PORT = %(SSH_PORT)s +; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'. +SSH_ROOT_PATH = +; For the built-in SSH server, choose the ciphers to support for SSH connections, +; for system SSH this setting has no effect +SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128 +; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections, +; for system SSH this setting has no effect +SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org +; For the built-in SSH server, choose the MACs to support for SSH connections, +; for system SSH this setting has no effect +SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96 +; Directory to create temporary files in when testing public keys using ssh-keygen, +; default is the system temporary directory. +SSH_KEY_TEST_PATH = +; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call. +SSH_KEYGEN_PATH = ssh-keygen +; Enable SSH Authorized Key Backup when rewriting all keys, default is true +SSH_BACKUP_AUTHORIZED_KEYS = true +; Enable exposure of SSH clone URL to anonymous visitors, default is false +SSH_EXPOSE_ANONYMOUS = false +; Indicate whether to check minimum key size with corresponding type +MINIMUM_KEY_SIZE_CHECK = false +; Disable CDN even in "prod" mode +OFFLINE_MODE = false +DISABLE_ROUTER_LOG = false +; Generate steps: +; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com +; +; Or from a .pfx file exported from the Windows certificate store (do +; not forget to export the private key): +; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys +; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes +CERT_FILE = custom/https/cert.pem +KEY_FILE = custom/https/key.pem +; Root directory containing templates and static files. +; default is the path where Gitea is executed +STATIC_ROOT_PATH = +; Default path for App data +APP_DATA_PATH = data +; Application level GZIP support +ENABLE_GZIP = false +; Application profiling (memory and cpu) +; For "web" command it listens on localhost:6060 +; For "serve" command it dumps to disk at PPROF_DATA_PATH as (cpuprofile|memprofile)__ +ENABLE_PPROF = false +; PPROF_DATA_PATH, use an absolute path when you start gitea as service +PPROF_DATA_PATH = data/tmp/pprof +; Landing page, can be "home", "explore", or "organizations" +LANDING_PAGE = home +; Enables git-lfs support. true or false, default is false. +LFS_START_SERVER = false +; Where your lfs files reside, default is data/lfs. +LFS_CONTENT_PATH = data/lfs +; LFS authentication secret, change this yourself +LFS_JWT_SECRET = +; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail. +LFS_HTTP_AUTH_EXPIRY = 20m + +; Define allowed algorithms and their minimum key length (use -1 to disable a type) +[ssh.minimum_key_sizes] +ED25519 = 256 +ECDSA = 256 +RSA = 2048 +DSA = 1024 + +[database] +; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice +DB_TYPE = mysql +HOST = 127.0.0.1:3306 +NAME = gitea +USER = root +; Use PASSWD = `your password` for quoting if you use special characters in the password. +PASSWD = +; For Postgres, either "disable" (default), "require", or "verify-full" +; For MySQL, either "false" (default), "true", or "skip-verify" +SSL_MODE = disable +; For "sqlite3" and "tidb", use an absolute path when you start gitea as service +PATH = data/gitea.db +; For "sqlite3" only. Query timeout +SQLITE_TIMEOUT = 500 +; For iterate buffer, default is 50 +ITERATE_BUFFER_SIZE = 50 +; Show the database generated SQL +LOG_SQL = true + +[indexer] +ISSUE_INDEXER_PATH = indexers/issues.bleve +; repo indexer by default disabled, since it uses a lot of disk space +REPO_INDEXER_ENABLED = false +REPO_INDEXER_PATH = indexers/repos.bleve +UPDATE_BUFFER_LEN = 20 +MAX_FILE_SIZE = 1048576 + +[admin] +; Disallow regular (non-admin) users from creating organizations. +DISABLE_REGULAR_ORG_CREATION = false + +[security] +; Whether the installer is disabled +INSTALL_LOCK = false +; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! +SECRET_KEY = !#@FDEWREWR&*( +; How long to remember that an user is logged in before requiring relogin (in days) +LOGIN_REMEMBER_DAYS = 7 +COOKIE_USERNAME = gitea_awesome +COOKIE_REMEMBER_NAME = gitea_incredible +; Reverse proxy authentication header name of user name +REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER +; The minimum password length for new Users +MIN_PASSWORD_LENGTH = 6 +; True when users are allowed to import local server paths +IMPORT_LOCAL_PATHS = false +; Prevent all users (including admin) from creating custom git hooks +DISABLE_GIT_HOOKS = false + +[openid] +; +; OpenID is an open, standard and decentralized authentication protocol. +; Your identity is the address of a webpage you provide, which describes +; how to prove you are in control of that page. +; +; For more info: https://en.wikipedia.org/wiki/OpenID +; +; Current implementation supports OpenID-2.0 +; +; Tested to work providers at the time of writing: +; - Any GNUSocial node (your.hostname.tld/username) +; - Any SimpleID provider (http://simpleid.koinic.net) +; - http://openid.org.cn/ +; - openid.stackexchange.com +; - login.launchpad.net +; - .livejournal.com +; +; Whether to allow signin in via OpenID +ENABLE_OPENID_SIGNIN = true +; Whether to allow registering via OpenID +; Do not include to rely on rhw DISABLE_REGISTRATION setting +;ENABLE_OPENID_SIGNUP = true +; Allowed URI patterns (POSIX regexp). +; Space separated. +; Only these would be allowed if non-blank. +; Example value: trusted.domain.org trusted.domain.net +WHITELISTED_URIS = +; Forbidden URI patterns (POSIX regexp). +; Space separated. +; Only used if WHITELISTED_URIS is blank. +; Example value: loadaverage.org/badguy stackexchange.com/.*spammer +BLACKLISTED_URIS = + +[service] +; Time limit to confirm account/email registration +ACTIVE_CODE_LIVE_MINUTES = 180 +; Time limit to perform the reset of a forgotten password +RESET_PASSWD_CODE_LIVE_MINUTES = 180 +; Whether a new user needs to confirm their email when registering. +REGISTER_EMAIL_CONFIRM = false +; Disallow registration, only allow admins to create accounts. +DISABLE_REGISTRATION = false +; Allow registration only using third part services, it works only when DISABLE_REGISTRATION is false +ALLOW_ONLY_EXTERNAL_REGISTRATION = false +; User must sign in to view anything. +REQUIRE_SIGNIN_VIEW = false +; Mail notification +ENABLE_NOTIFY_MAIL = false +; More detail: https://github.com/gogits/gogs/issues/165 +ENABLE_REVERSE_PROXY_AUTHENTICATION = false +ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false +; Enable captcha validation for registration +ENABLE_CAPTCHA = false +; Type of captcha you want to use. Options: image, recaptcha +CAPTCHA_TYPE = image +; Enable recaptcha to use Google's recaptcha service +; Go to https://www.google.com/recaptcha/admin to sign up for a key +RECAPTCHA_SECRET = +RECAPTCHA_SITEKEY = +; Default value for KeepEmailPrivate +; Each new user will get the value of this setting copied into their profile +DEFAULT_KEEP_EMAIL_PRIVATE = false +; Default value for AllowCreateOrganization +; Every new user will have rights set to create organizations depending on this setting +DEFAULT_ALLOW_CREATE_ORGANIZATION = true +; Default value for EnableDependencies +; Repositories will use depencies by default depending on this setting +DEFAULT_ENABLE_DEPENDENCIES = true +; Enable Timetracking +ENABLE_TIMETRACKING = true +; Default value for EnableTimetracking +; Repositories will use timetracking by default depending on this setting +DEFAULT_ENABLE_TIMETRACKING = true +; Default value for AllowOnlyContributorsToTrackTime +; Only users with write permissions can track time if this is true +DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true +; Default value for the domain part of the user's email address in the git log +; if he has set KeepEmailPrivate to true. The user's email will be replaced with a +; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS. +NO_REPLY_ADDRESS = noreply.example.org + +[webhook] +; Hook task queue length, increase if webhook shooting starts hanging +QUEUE_LENGTH = 1000 +; Deliver timeout in seconds +DELIVER_TIMEOUT = 5 +; Allow insecure certification +SKIP_TLS_VERIFY = false +; Number of history information in each page +PAGING_NUM = 10 + +[mailer] +ENABLED = false +; Buffer length of channel, keep it as it is if you don't know what it is. +SEND_BUFFER_LEN = 100 +; Name displayed in mail title +SUBJECT = %(APP_NAME)s +; Mail server +; Gmail: smtp.gmail.com:587 +; QQ: smtp.qq.com:465 +; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used. +HOST = +; Disable HELO operation when hostnames are different. +DISABLE_HELO = +; Custom hostname for HELO operation, if no value is provided, one is retrieved from system. +HELO_HOSTNAME = +; Do not verify the certificate of the server. Only use this for self-signed certificates +SKIP_VERIFY = +; Use client certificate +USE_CERTIFICATE = false +CERT_FILE = custom/mailer/cert.pem +KEY_FILE = custom/mailer/key.pem +; Mail from address, RFC 5322. This can be just an email address, or the `"Name" ` format +FROM = +; Mailer user name and password +USER = +; Use PASSWD = `your password` for quoting if you use special characters in the password. +PASSWD = +; Send mails as plain text +SEND_AS_PLAIN_TEXT = false +; Enable sendmail (override SMTP) +USE_SENDMAIL = false +; Specify an alternative sendmail binary +SENDMAIL_PATH = sendmail +; Specify any extra sendmail arguments +SENDMAIL_ARGS = + +[cache] +; Either "memory", "redis", or "memcache", default is "memory" +ADAPTER = memory +; For "memory" only, GC interval in seconds, default is 60 +INTERVAL = 60 +; For "redis" and "memcache", connection host address +; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 +; memcache: `127.0.0.1:11211` +HOST = +; Time to keep items in cache if not used, default is 16 hours. +; Setting it to 0 disables caching +ITEM_TTL = 16h + +[session] +; Either "memory", "file", or "redis", default is "memory" +PROVIDER = memory +; Provider config options +; memory: doesn't have any config yet +; file: session file path, e.g. `data/sessions` +; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 +; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table` +PROVIDER_CONFIG = data/sessions +; Session cookie name +COOKIE_NAME = i_like_gitea +; If you use session in https only, default is false +COOKIE_SECURE = false +; Enable set cookie, default is true +ENABLE_SET_COOKIE = true +; Session GC time interval in seconds, default is 86400 (1 day) +GC_INTERVAL_TIME = 86400 +; Session life time in seconds, default is 86400 (1 day) +SESSION_LIFE_TIME = 86400 + +[picture] +AVATAR_UPLOAD_PATH = data/avatars +; Max Width and Height of uploaded avatars. This is to limit the amount of RAM +; used when resizing the image. +AVATAR_MAX_WIDTH = 4096 +AVATAR_MAX_HEIGHT = 3072 +; Chinese users can choose "duoshuo" +; or a custom avatar source, like: http://cn.gravatar.com/avatar/ +GRAVATAR_SOURCE = gravatar +; This value will always be true in offline mode. +DISABLE_GRAVATAR = false +; Federated avatar lookup uses DNS to discover avatar associated +; with emails, see https://www.libravatar.org +; This value will always be false in offline mode or when Gravatar is disabled. +ENABLE_FEDERATED_AVATAR = false + +[attachment] +; Whether attachments are enabled. Defaults to `true` +ENABLED = true +; Path for attachments. Defaults to `data/attachments` +PATH = data/attachments +; One or more allowed types, e.g. image/jpeg|image/png +ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip +; Max size of each file. Defaults to 4MB +MAX_SIZE = 4 +; Max number of files per upload. Defaults to 5 +MAX_FILES = 5 + +[time] +; Specifies the format for fully outputted dates. Defaults to RFC1123 +; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano +; For more information about the format see http://golang.org/pkg/time/#pkg-constants +FORMAT = + +[log] +ROOT_PATH = +; Either "console", "file", "conn", "smtp" or "database", default is "console" +; Use comma to separate multiple modes, e.g. "console, file" +MODE = console +; Buffer length of the channel, keep it as it is if you don't know what it is. +BUFFER_LEN = 10000 +; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" +LEVEL = Trace + +; For "console" mode only +[log.console] +LEVEL = + +; For "file" mode only +[log.file] +LEVEL = +; This enables automated log rotate(switch of following options), default is true +LOG_ROTATE = true +; Max number of lines in a single file, default is 1000000 +MAX_LINES = 1000000 +; Max size shift of a single file, default is 28 means 1 << 28, 256MB +MAX_SIZE_SHIFT = 28 +; Segment log daily, default is true +DAILY_ROTATE = true +; delete the log file after n days, default is 7 +MAX_DAYS = 7 + +; For "conn" mode only +[log.conn] +LEVEL = +; Reconnect host for every single message, default is false +RECONNECT_ON_MSG = false +; Try to reconnect when connection is lost, default is false +RECONNECT = false +; Either "tcp", "unix" or "udp", default is "tcp" +PROTOCOL = tcp +; Host address +ADDR = + +; For "smtp" mode only +[log.smtp] +LEVEL = +; Name displayed in mail title, default is "Diagnostic message from server" +SUBJECT = Diagnostic message from server +; Mail server +HOST = +; Mailer user name and password +USER = +; Use PASSWD = `your password` for quoting if you use special characters in the password. +PASSWD = +; Receivers, can be one or more, e.g. 1@example.com,2@example.com +RECEIVERS = + +; For "database" mode only +[log.database] +LEVEL = +; Either "mysql" or "postgres" +DRIVER = +; Based on xorm, e.g.: root:root@localhost/gitea?charset=utf8 +CONN = + +[cron] +; Enable running cron tasks periodically. +ENABLED = true +; Run cron tasks when Gitea starts. +RUN_AT_START = false + +; Update mirrors +[cron.update_mirrors] +SCHEDULE = @every 10m + +; Repository health check +[cron.repo_health_check] +SCHEDULE = @every 24h +TIMEOUT = 60s +; Arguments for command 'git fsck', e.g. "--unreachable --tags" +; see more on http://git-scm.com/docs/git-fsck/1.7.5 +ARGS = + +; Check repository statistics +[cron.check_repo_stats] +RUN_AT_START = true +SCHEDULE = @every 24h + +; Clean up old repository archives +[cron.archive_cleanup] +; Whether to enable the job +ENABLED = true +; Whether to always run at least once at start up time (if ENABLED) +RUN_AT_START = true +; Time interval for job to run +SCHEDULE = @every 24h +; Archives created more than OLDER_THAN ago are subject to deletion +OLDER_THAN = 24h + +; Synchronize external user data (only LDAP user synchronization is supported) +[cron.sync_external_users] +; Synchronize external user data when starting server (default false) +RUN_AT_START = false +; Interval as a duration between each synchronization (default every 24h) +SCHEDULE = @every 24h +; Create new users, update existing user data and disable users that are not in external source anymore (default) +; or only create new users if UPDATE_EXISTING is set to false +UPDATE_EXISTING = true + +[git] +; Disables highlight of added and removed changes +DISABLE_DIFF_HIGHLIGHT = false +; Max number of lines allowed in a single file in diff view +MAX_GIT_DIFF_LINES = 1000 +; Max number of allowed characters in a line in diff view +MAX_GIT_DIFF_LINE_CHARACTERS = 5000 +; Max number of files shown in diff view +MAX_GIT_DIFF_FILES = 100 +; Arguments for command 'git gc', e.g. "--aggressive --auto" +; see more on http://git-scm.com/docs/git-gc/1.7.5 +GC_ARGS = + +; Operation timeout in seconds +[git.timeout] +MIGRATE = 600 +MIRROR = 300 +CLONE = 300 +PULL = 300 +GC = 60 + +[mirror] +; Default interval as a duration between each check +DEFAULT_INTERVAL = 8h +; Min interval as a duration must be > 1m +MIN_INTERVAL = 10m + +[api] +; Enables Swagger. True or false; default is true. +ENABLE_SWAGGER = true +; Max number of items in a page +MAX_RESPONSE_ITEMS = 50 + +[i18n] +LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR +NAMES = English,简体中文,繁體中文(香港),繁體中文(台灣),Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어 + +; Used for datetimepicker +[i18n.datelang] +en-US = en +zh-CN = zh +zh-HK = zh-HK +zh-TW = zh-TW +de-DE = de +fr-FR = fr +nl-NL = nl +lv-LV = lv +ru-RU = ru +uk-UA = uk +ja-JP = ja +es-ES = es +pt-BR = pt-BR +pl-PL = pl +bg-BG = bg +it-IT = it +fi-FI = fi +tr-TR = tr +cs-CZ = cs-CZ +sr-SP = sr +sv-SE = sv +ko-KR = ko + +[U2F] +; Two Factor authentication with security keys +; https://developers.yubico.com/U2F/App_ID.html +APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ +; Comma seperated list of truisted facets +TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ + +; Extension mapping to highlight class +; e.g. .toml=ini +[highlight.mapping] + +[other] +SHOW_FOOTER_BRANDING = false +; Show version information about Gitea and Go in the footer +SHOW_FOOTER_VERSION = true +; Show template execution time in the footer +SHOW_FOOTER_TEMPLATE_LOAD_TIME = true + +[markup.asciidoc] +ENABLED = false +; List of file extensions that should be rendered by an external command +FILE_EXTENSIONS = .adoc,.asciidoc +; External command to render all matching extensions +RENDER_COMMAND = "asciidoc --out-file=- -" +; Don't pass the file on STDIN, pass the filename as argument instead. +IS_INPUT_FILE = false From 8e4dc59367533e4a41fd1a19e127f763d11348b9 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 18 Oct 2018 17:10:41 -0400 Subject: [PATCH 14/76] Fail if we detect unknown architecture --- roles/gitea/defaults/main.yml | 2 +- roles/gitea/tasks/install.yml | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 7f07955c9..adc9b4a06 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -10,7 +10,7 @@ iset_suffixes: armv6l: "arm-6" armv7l: "arm-7" -gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture | default("unknown architecture")] }}" +gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture] | default("unknown") }}" gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}" gitea_integrity_url: "{{ gitea_download_url }}.asc" diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 4c06f226f..bd66f7d10 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -32,6 +32,11 @@ # Download, verify, and link Gitea binary +- name: Fail if we detect unknown architecture + fail: + msg: "Could not find a binary for the CPU architecture \"{{ ansible_architecture }}\"" + when: gitea_iset_suffix == "unknown" + - name: Download Gitea binary get_url: url: "{{ gitea_download_url }}" From 4dbd984366d62151f85d032a373ba0d2beedbf3d Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 25 Oct 2018 23:04:17 -0400 Subject: [PATCH 15/76] Update roles/gitea/tasks/install.yml Co-Authored-By: aidan-fitz --- roles/gitea/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index bd66f7d10..ad5b0f311 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -145,7 +145,7 @@ # Add Gitea to registry -- name: Add 'gitea' to list of services at /etc/iiab/iiab.ini +- name: Add 'gitea' to list of services at {{ iiab_ini_file }} ini_file: dest: "{{ service_filelist }}" section: gitea From 6f6bad7f2ccdcc5f1ee13861012d5555f74e8ef9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 25 Oct 2018 23:04:21 -0400 Subject: [PATCH 16/76] Update roles/gitea/tasks/install.yml Co-Authored-By: aidan-fitz --- roles/gitea/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index ad5b0f311..a061c553d 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -147,7 +147,7 @@ - name: Add 'gitea' to list of services at {{ iiab_ini_file }} ini_file: - dest: "{{ service_filelist }}" + dest: "{{ iiab_ini_file }}" section: gitea option: "{{ item.option }}" value: "{{ item.value }}" From eaf59b0e87bfb1ebe1dc58fd5333233b17fe215c Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 27 Feb 2019 16:39:14 -0500 Subject: [PATCH 17/76] Update Gitea readme --- roles/gitea/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index 44f9f337d..063f02015 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -2,9 +2,9 @@ Gitea README ============= -This Ansible role installs Gitea. +This Ansible role installs Gitea - a self-hosted Git service written in Go. Using It -------- -Lokole should be accessible at http://box/gitea/. +Gitea should be accessible at http://box/gitea/. From 733f3819961209291dd6774b400afaf77c70e2ab Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 27 Feb 2019 17:02:55 -0500 Subject: [PATCH 18/76] Move GPG key to main.yml --- roles/gitea/defaults/main.yml | 3 +++ roles/gitea/tasks/install.yml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index adc9b4a06..cabd032be 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -28,6 +28,9 @@ gitea_checksum_path: "{{ gitea_root_directory }}/bin/gitea-{{ gitea_version }}.a gitea_link_path: "{{ gitea_root_directory }}/gitea" +# Information needed to verify Gitea +gitea_gpg_key: 7C9E68152594688862D62AF62D9AE806EC1592E2 + # Information needed to run Gitea gitea_user: gitea gitea_run_directory: "{{ gitea_root_directory }}" diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index a061c553d..ac3eb3118 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -56,7 +56,7 @@ - name: Verify Gitea binary with GPG signature shell: | - gpg --keyserver pgp.mit.edu --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 + gpg --keyserver pgp.mit.edu --recv {{ gitea_gpg_key }} gpg --verify {{ gitea_checksum_path }} {{ gitea_install_path }} tags: - install From 9b8af6b494c7771adf41d894291a8b3fe8de8d56 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 28 Feb 2019 11:50:56 -0500 Subject: [PATCH 19/76] Uncomment MySQL --- roles/gitea/templates/gitea.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/templates/gitea.service.j2 b/roles/gitea/templates/gitea.service.j2 index f8f1a2f0a..47dfaae6c 100644 --- a/roles/gitea/templates/gitea.service.j2 +++ b/roles/gitea/templates/gitea.service.j2 @@ -2,7 +2,7 @@ Description=Gitea (Git with a cup of tea) After=syslog.target After=network.target -#After=mysqld.service +After=mysqld.service #After=postgresql.service #After=memcached.service #After=redis.service From 110688f77245cf383158c13b940dd897debea6fa Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 2 Mar 2019 00:03:26 -0500 Subject: [PATCH 20/76] Remove commented out code; add configuration instructions --- roles/gitea/README.rst | 14 ++++++++++++++ roles/gitea/templates/gitea.service.j2 | 3 --- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index 063f02015..c9b664d5f 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -8,3 +8,17 @@ Using It -------- Gitea should be accessible at http://box/gitea/. + +Configuration +------------- + +Gitea has been configured to work with MySQL; it can also be used with SQLite or +Postgres. If you want to use it with a different database, change the +``DB_TYPE`` property in ``app.ini`` and change the line ``After=mysqld.service`` +in ``gitea.service`` to one of the following: + +* SQLite: comment it out. +* Postgres: ``After=postgresql.service`` + +Further information about configuring Gitea can be found at the +`documentation `. diff --git a/roles/gitea/templates/gitea.service.j2 b/roles/gitea/templates/gitea.service.j2 index 47dfaae6c..61780f6ea 100644 --- a/roles/gitea/templates/gitea.service.j2 +++ b/roles/gitea/templates/gitea.service.j2 @@ -3,9 +3,6 @@ Description=Gitea (Git with a cup of tea) After=syslog.target After=network.target After=mysqld.service -#After=postgresql.service -#After=memcached.service -#After=redis.service [Service] # Modify these two values and uncomment them if you have From dbd4a61e2f70ada384ee67ae563fb2a5c443ce05 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 2 Mar 2019 02:54:49 -0500 Subject: [PATCH 21/76] fix quoting issue --- roles/gitea/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index cabd032be..471869e7a 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -10,7 +10,7 @@ iset_suffixes: armv6l: "arm-6" armv7l: "arm-7" -gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture] | default("unknown") }}" +gitea_iset_suffix: "{{ iset_suffixes[ansible_architecture] | default('unknown') }}" gitea_download_url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_iset_suffix }}" gitea_integrity_url: "{{ gitea_download_url }}.asc" From 3510bc0b9e6002dd743cf606e98f9c8c787b5083 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 2 Mar 2019 03:07:19 -0500 Subject: [PATCH 22/76] Create gitea group --- roles/gitea/tasks/install.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index ac3eb3118..afd3d250e 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,5 +1,12 @@ # Prepare to install Gitea: create user and directory structure +- name: Ensure group gitea exists + group: + name: gitea + state: present + tags: + - pre-install + - name: Create user gitea user: name: gitea From 9a0ada733b0a80d31f702c6c8db9d023965f4787 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Sat, 2 Mar 2019 03:16:12 -0500 Subject: [PATCH 23/76] Add to default_vars and local_vars_* --- roles/6-generic-apps/tasks/main.yml | 6 ++++++ roles/gitea/defaults/main.yml | 6 +++--- vars/default_vars.yml | 4 ++++ vars/local_vars_big.yml | 3 +++ vars/local_vars_medium.yml | 3 +++ vars/local_vars_min.yml | 3 +++ 6 files changed, 22 insertions(+), 3 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 01fcd7340..f9573ec69 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -45,6 +45,12 @@ when: wordpress_install tags: wordpress +- name: GITEA + include_role: + name: gitea + when: gitea_install + tags: gitea + - name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: dest: "{{ iiab_env_file }}" diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 471869e7a..2bcbcfda2 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -1,4 +1,7 @@ --- +#gitea_install: True +#gitea_enabled: True + # Using @coolaj86's script as a template # https://git.coolaj86.com/coolaj86/gitea-installer.sh @@ -36,9 +39,6 @@ gitea_user: gitea gitea_run_directory: "{{ gitea_root_directory }}" gitea_db_directory: "/library/dbdata/gitea" -gitea_install: True -gitea_enabled: True - gitea_url: /gitea gitea_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ gitea_url }}" diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 2bbd8fe7b..32df38398 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -290,6 +290,10 @@ elgg_mysql_password: elgg4kids ejabberd_install: False ejabberd_enabled: False +# Gitea +gitea_install: False +gitea_enabled: False + # Nextcloud nextcloud_install: True nextcloud_enabled: False diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 5548682bb..1dde57bed 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -170,6 +170,9 @@ elgg_enabled: True ejabberd_install: True ejabberd_enabled: False +gitea_install: True +gitea_enabled: True + nextcloud_install: True nextcloud_enabled: True diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 26e3e3b0d..917e9892c 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -170,6 +170,9 @@ elgg_enabled: True ejabberd_install: False ejabberd_enabled: False +gitea_install: True +gitea_enabled: False + nextcloud_install: True nextcloud_enabled: True diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 71d10826f..feea2748e 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -170,6 +170,9 @@ elgg_enabled: False ejabberd_install: False ejabberd_enabled: False +gitea_install: False +gitea_enabled: False + nextcloud_install: False nextcloud_enabled: False From 9558b42bfd3fd83dccc068e04d5c0e5ffc8e5b8e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 4 Mar 2019 15:49:12 -0500 Subject: [PATCH 24/76] fix with_items loop --- roles/gitea/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index afd3d250e..b46674f45 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -18,7 +18,7 @@ - name: Create Gitea directory structure file: - path: "{{ gitea_root_directory }}/{{item.item}}" + path: "{{ gitea_root_directory }}/{{ item }}" state: directory owner: gitea group: gitea @@ -28,7 +28,7 @@ - name: Make directories data, indexers, and log writable file: - path: "{{ gitea_root_directory }}/{{item.item}}" + path: "{{ gitea_root_directory }}/{{ item }}" mode: 0750 with_items: - data From 26399a4c268f2836da8e2b961c089e2af059fad1 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 4 Mar 2019 16:18:59 -0500 Subject: [PATCH 25/76] Set HTTP_PORT --- roles/gitea/templates/app.ini.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 47d7bcb6a..23c69c3ef 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -122,7 +122,7 @@ DOMAIN = localhost ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ ; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket. HTTP_ADDR = 0.0.0.0 -HTTP_PORT = 3000 +HTTP_PORT = {{ gitea_port }} ; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server ; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main ; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for From 7169072dd9580a1466e4218095923605bdc92b0c Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 4 Mar 2019 19:39:35 -0500 Subject: [PATCH 26/76] Don't abort if GPG verification fails --- roles/gitea/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index b46674f45..f0dcac44d 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -68,6 +68,7 @@ tags: - install - verify + ignore_errors: yes - name: Link Gitea file: From a089778d0bb6ecd163e218b801cd1181b462db8e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 4 Mar 2019 21:23:54 -0500 Subject: [PATCH 27/76] Need to create root directory before user --- roles/gitea/tasks/install.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index f0dcac44d..d80cc993d 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,5 +1,12 @@ # Prepare to install Gitea: create user and directory structure +- name: Ensure Gitea root directory exists + file: + name: "{{ gitea_root_directory }}" + state: directory + tags: + - pre-install + - name: Ensure group gitea exists group: name: gitea @@ -16,6 +23,14 @@ tags: - pre-install +- name: Ensure Gitea root directory is owned by user gitea:gitea + file: + name: "{{ gitea_root_directory }}" + owner: gitea + group: gitea + tags: + - pre-install + - name: Create Gitea directory structure file: path: "{{ gitea_root_directory }}/{{ item }}" From 4ad50b113d7254ad623040b8c253284fcf5f3f5a Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 4 Mar 2019 21:32:57 -0500 Subject: [PATCH 28/76] Revert "Need to create root directory before user" This reverts commit a089778d0bb6ecd163e218b801cd1181b462db8e. --- roles/gitea/tasks/install.yml | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index d80cc993d..f0dcac44d 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,12 +1,5 @@ # Prepare to install Gitea: create user and directory structure -- name: Ensure Gitea root directory exists - file: - name: "{{ gitea_root_directory }}" - state: directory - tags: - - pre-install - - name: Ensure group gitea exists group: name: gitea @@ -23,14 +16,6 @@ tags: - pre-install -- name: Ensure Gitea root directory is owned by user gitea:gitea - file: - name: "{{ gitea_root_directory }}" - owner: gitea - group: gitea - tags: - - pre-install - - name: Create Gitea directory structure file: path: "{{ gitea_root_directory }}/{{ item }}" From 5d5fea41fa57720d3b995ece93ebff754d21f148 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Mon, 4 Mar 2019 21:41:14 -0500 Subject: [PATCH 29/76] Use correct home directory --- roles/gitea/defaults/main.yml | 1 + roles/gitea/templates/gitea.service.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 2bcbcfda2..b65e4ff6e 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -36,6 +36,7 @@ gitea_gpg_key: 7C9E68152594688862D62AF62D9AE806EC1592E2 # Information needed to run Gitea gitea_user: gitea +gitea_home: "{{ gitea_root_directory }}" gitea_run_directory: "{{ gitea_root_directory }}" gitea_db_directory: "/library/dbdata/gitea" diff --git a/roles/gitea/templates/gitea.service.j2 b/roles/gitea/templates/gitea.service.j2 index 61780f6ea..4c2aa237e 100644 --- a/roles/gitea/templates/gitea.service.j2 +++ b/roles/gitea/templates/gitea.service.j2 @@ -18,7 +18,7 @@ Group={{gitea_user}} WorkingDirectory={{gitea_run_directory}} ExecStart={{gitea_install_path}} web -c /etc/gitea/app.ini Restart=always -Environment=USER={{gitea_user}} HOME=/home/{{gitea_user}} GITEA_WORK_DIR={{gitea_run_directory}} +Environment=USER={{gitea_user}} HOME={{gitea_home}} GITEA_WORK_DIR={{gitea_run_directory}} # If you want to bind Gitea to a port below 1024 uncomment # the two values below ### From d30cc24f443eb02e34ce477075d509a71441763d Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 15:26:05 -0500 Subject: [PATCH 30/76] Grant write permissions for group gitea --- roles/gitea/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index f0dcac44d..9c6102627 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -88,7 +88,7 @@ state: directory owner: root group: gitea - mode: 0750 + mode: 0770 tags: - config @@ -98,7 +98,7 @@ dest: /etc/gitea/app.ini owner: root group: gitea - mode: 0644 + mode: 0664 tags: - config From 86cd88de734d18792de7db0b07404c1935556c35 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 15:46:06 -0500 Subject: [PATCH 31/76] Add clarifying comment about /etc/gitea write permissions --- roles/gitea/tasks/install.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 9c6102627..182596a35 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -82,6 +82,11 @@ # Configure Gitea +# For security reasons, the Gitea developers recommend removing group write +# permissions from /etc/gitea/ and /etc/gitea/app.ini after the first run of +# Gitea. User gitea needs write permissions during the first run but not +# subsequent runs. + - name: Create Gitea config directory file: path: /etc/gitea From a1fd1feeb0700c32f1e45c4b972fd9a07826c8a7 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 15:50:13 -0500 Subject: [PATCH 32/76] 1.6 -> 1.7.3 --- roles/gitea/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index b65e4ff6e..31249470e 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -6,7 +6,7 @@ # https://git.coolaj86.com/coolaj86/gitea-installer.sh # Information needed to install Gitea -gitea_version: "1.6" +gitea_version: "1.7.3" iset_suffixes: i386: "386" x86_64: "amd64" From 6bb853c3146e7bd9ab64dea48ca9983de63ce878 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 16:01:33 -0500 Subject: [PATCH 33/76] Comment out problematic app.ini values --- roles/gitea/templates/app.ini.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 23c69c3ef..664162084 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -631,9 +631,9 @@ ko-KR = ko [U2F] ; Two Factor authentication with security keys ; https://developers.yubico.com/U2F/App_ID.html -APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ +;APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ ; Comma seperated list of truisted facets -TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ +;TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ ; Extension mapping to highlight class ; e.g. .toml=ini From f64a5bc718da6995fa50a955fa4e4bedc3c9e3ca Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 16:04:56 -0500 Subject: [PATCH 34/76] Only verify with GPG when requested by user --- roles/gitea/tasks/install.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 182596a35..605d54156 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -58,7 +58,8 @@ url: "{{ gitea_integrity_url }}" dest: "{{ gitea_checksum_path }}" tags: - - install + - never + - verify when: internet_available - name: Verify Gitea binary with GPG signature @@ -66,7 +67,7 @@ gpg --keyserver pgp.mit.edu --recv {{ gitea_gpg_key }} gpg --verify {{ gitea_checksum_path }} {{ gitea_install_path }} tags: - - install + - never - verify ignore_errors: yes From d3d47fc3a5122bbd8f773cdf8e22cf330a32afba Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 21:19:46 -0500 Subject: [PATCH 35/76] Separate home directory with comment --- roles/gitea/defaults/main.yml | 2 +- roles/gitea/tasks/install.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 31249470e..7804c52b9 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -36,7 +36,7 @@ gitea_gpg_key: 7C9E68152594688862D62AF62D9AE806EC1592E2 # Information needed to run Gitea gitea_user: gitea -gitea_home: "{{ gitea_root_directory }}" +gitea_home: "/home/{{ gitea_user }}" # SSH credentials stored here gitea_run_directory: "{{ gitea_root_directory }}" gitea_db_directory: "/library/dbdata/gitea" diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 605d54156..e11c91784 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -12,7 +12,7 @@ name: gitea comment: Gitea daemon account groups: gitea - home: "{{ gitea_root_directory }}" + home: "{{ gitea_home }}" tags: - pre-install From 3bab4f22098ae71f970f3cf812e437338b64e73c Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 21:27:35 -0500 Subject: [PATCH 36/76] Use SQLite Since we are running it as a service, PATH needs to be an absolute path. Remove gitea_db_directory as unused --- roles/gitea/defaults/main.yml | 1 - roles/gitea/templates/app.ini.j2 | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 7804c52b9..deb1b7bca 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -38,7 +38,6 @@ gitea_gpg_key: 7C9E68152594688862D62AF62D9AE806EC1592E2 gitea_user: gitea gitea_home: "/home/{{ gitea_user }}" # SSH credentials stored here gitea_run_directory: "{{ gitea_root_directory }}" -gitea_db_directory: "/library/dbdata/gitea" gitea_url: /gitea gitea_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ gitea_url }}" diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 664162084..80e468883 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -217,7 +217,7 @@ DSA = 1024 [database] ; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice -DB_TYPE = mysql +DB_TYPE = sqlite3 HOST = 127.0.0.1:3306 NAME = gitea USER = root @@ -227,7 +227,7 @@ PASSWD = ; For MySQL, either "false" (default), "true", or "skip-verify" SSL_MODE = disable ; For "sqlite3" and "tidb", use an absolute path when you start gitea as service -PATH = data/gitea.db +PATH = {{ gitea_root_directory }}/data/gitea.db ; For "sqlite3" only. Query timeout SQLITE_TIMEOUT = 500 ; For iterate buffer, default is 50 From 195c7839bf0fe75e777bfa45785e6c0cf3b203d6 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 21:43:44 -0500 Subject: [PATCH 37/76] Set RUN_USER and APP_NAME --- roles/gitea/templates/app.ini.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 80e468883..6df505ecf 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -5,9 +5,9 @@ ; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation. ; App name that shows in every page title -APP_NAME = Gitea: Git with a cup of tea +APP_NAME = Internet-in-a-Box Gitea ; Change it if you run locally -RUN_USER = git +RUN_USER = {{ gitea_user }} ; Either "dev", "prod" or "test", default is "dev" RUN_MODE = dev From e25343833482166ab0778d6efac78b82a4fb6021 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 21:51:05 -0500 Subject: [PATCH 38/76] Shut down Gitea before reinstalling --- roles/gitea/tasks/install.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index e11c91784..d6d37b845 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -1,5 +1,12 @@ # Prepare to install Gitea: create user and directory structure +- name: Shut down existing Gitea instance (if we're reinstalling) + systemd: + name: gitea + state: stopped + tags: + - pre-install + - name: Ensure group gitea exists group: name: gitea From 5f6f2081e88aaaa3fa84b399c04d8ee78ea7bd9b Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 22:01:05 -0500 Subject: [PATCH 39/76] Set offline mode to true Obviously - we are using it offline --- roles/gitea/templates/app.ini.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 6df505ecf..39bda2087 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -173,7 +173,7 @@ SSH_EXPOSE_ANONYMOUS = false ; Indicate whether to check minimum key size with corresponding type MINIMUM_KEY_SIZE_CHECK = false ; Disable CDN even in "prod" mode -OFFLINE_MODE = false +OFFLINE_MODE = true DISABLE_ROUTER_LOG = false ; Generate steps: ; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com From d5af5e27e1d0f4e778f1df5f7c3b8de825121c0e Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 22:09:59 -0500 Subject: [PATCH 40/76] Use box as domain, put gitea_url (default: /gitea) in ROOT_URL --- roles/gitea/templates/app.ini.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 39bda2087..7b97a94a3 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -118,8 +118,8 @@ FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd [server] ; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'. PROTOCOL = http -DOMAIN = localhost -ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ +DOMAIN = box +ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s{{ gitea_url }}/ ; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket. HTTP_ADDR = 0.0.0.0 HTTP_PORT = {{ gitea_port }} From 1076827b437abe4822e4fea8e448d050d1822618 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 23:06:31 -0500 Subject: [PATCH 41/76] Revert "Use box as domain, put gitea_url (default: /gitea) in ROOT_URL" This reverts commit d5af5e27e1d0f4e778f1df5f7c3b8de825121c0e. --- roles/gitea/templates/app.ini.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 7b97a94a3..39bda2087 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -118,8 +118,8 @@ FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd [server] ; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'. PROTOCOL = http -DOMAIN = box -ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s{{ gitea_url }}/ +DOMAIN = localhost +ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ ; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket. HTTP_ADDR = 0.0.0.0 HTTP_PORT = {{ gitea_port }} From 69f8963b34d5652527b798cd41b3dc2c87620d20 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Wed, 6 Mar 2019 23:07:22 -0500 Subject: [PATCH 42/76] ignore errors on pre-install step --- roles/gitea/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index d6d37b845..c6bfefdaa 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -6,6 +6,7 @@ state: stopped tags: - pre-install + ignore_errors: yes - name: Ensure group gitea exists group: From 59c67ddf605e937160f925117bcccd8bfb41074b Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 12:48:45 -0500 Subject: [PATCH 43/76] Only rewrite URLs in Gitea (not HTTPD) Source: https://docs.gitea.io/en-us/reverse-proxies/ --- roles/gitea/templates/app.ini.j2 | 2 +- roles/gitea/templates/gitea.conf.j2 | 14 ++++++++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 39bda2087..cd2c79577 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -119,7 +119,7 @@ FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd ; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'. PROTOCOL = http DOMAIN = localhost -ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/ +ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s{{ gitea_url }}/ ; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket. HTTP_ADDR = 0.0.0.0 HTTP_PORT = {{ gitea_port }} diff --git a/roles/gitea/templates/gitea.conf.j2 b/roles/gitea/templates/gitea.conf.j2 index ac9d9753f..b16f7ab2b 100644 --- a/roles/gitea/templates/gitea.conf.j2 +++ b/roles/gitea/templates/gitea.conf.j2 @@ -1,11 +1,17 @@ # All URLs go to Gitea web server. Static content is bundled in the executable. +ProxyPreserveHost On ProxyRequests off -ProxyPass {{ gitea_url }}/ http://localhost:{{ gitea_port }}/ + + + Order allow,deny + Allow from all + + +# Note: no trailing slash after either {{ gitea_url }} or port +ProxyPass {{ gitea_url }} http://localhost:{{ gitea_port }} +ProxyPassReverse {{ gitea_url}} http://localhost:{{ gitea_port }} - ProxyPassReverse / - ProxyHTMLEnable On - ProxyHTMLURLMap / {{ gitea_url }}/ RequestHeader unset Accept-Encoding From dec10f2ea17aaaa43f76f4deef3f97fb21b68e0a Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 13:28:06 -0500 Subject: [PATCH 44/76] Move display name to Ansible config --- roles/gitea/defaults/main.yml | 3 +++ roles/gitea/templates/app.ini.j2 | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index deb1b7bca..83ec64070 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -43,3 +43,6 @@ gitea_url: /gitea gitea_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ gitea_url }}" gitea_port: 61734 # leet for GITEA + +# Extra configuration +gitea_display_name: Internet-in-a-Box Gitea diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index cd2c79577..823ebea07 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -5,7 +5,7 @@ ; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation. ; App name that shows in every page title -APP_NAME = Internet-in-a-Box Gitea +APP_NAME = {{ gitea_display_name }} ; Change it if you run locally RUN_USER = {{ gitea_user }} ; Either "dev", "prod" or "test", default is "dev" From e45d73cacf7de8d071b42e73cde68b80df62612b Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 18:14:40 -0500 Subject: [PATCH 45/76] Parameterize database, repositories, LFS, and log locations --- roles/gitea/defaults/main.yml | 8 ++++++++ roles/gitea/templates/app.ini.j2 | 8 ++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 83ec64070..224a8daba 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -44,5 +44,13 @@ gitea_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ gitea_url }}" gitea_port: 61734 # leet for GITEA +# Data locations +gitea_db_path: "{{ gitea_root_directory }}/data/gitea.db" +gitea_repo_root: "{{ gitea_root_directory }}/data/repositories" +gitea_lfs_root: "{{ gitea_root_directory }}/data/lfs" + +# Log file location +gitea_log_root: "{{ gitea_root_directory }}/log" + # Extra configuration gitea_display_name: Internet-in-a-Box Gitea diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 823ebea07..ecee0a21d 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -12,7 +12,7 @@ RUN_USER = {{ gitea_user }} RUN_MODE = dev [repository] -ROOT = +ROOT = {{ gitea_repo_root }} SCRIPT_TYPE = bash ; Default ANSI charset ANSI_CHARSET = @@ -202,7 +202,7 @@ LANDING_PAGE = home ; Enables git-lfs support. true or false, default is false. LFS_START_SERVER = false ; Where your lfs files reside, default is data/lfs. -LFS_CONTENT_PATH = data/lfs +LFS_CONTENT_PATH = {{ gitea_lfs_root }} ; LFS authentication secret, change this yourself LFS_JWT_SECRET = ; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail. @@ -227,7 +227,7 @@ PASSWD = ; For MySQL, either "false" (default), "true", or "skip-verify" SSL_MODE = disable ; For "sqlite3" and "tidb", use an absolute path when you start gitea as service -PATH = {{ gitea_root_directory }}/data/gitea.db +PATH = {{ gitea_db_path }} ; For "sqlite3" only. Query timeout SQLITE_TIMEOUT = 500 ; For iterate buffer, default is 50 @@ -461,7 +461,7 @@ MAX_FILES = 5 FORMAT = [log] -ROOT_PATH = +ROOT_PATH = {{ gitea_log_root }} ; Either "console", "file", "conn", "smtp" or "database", default is "console" ; Use comma to separate multiple modes, e.g. "console, file" MODE = console From 30381872df2495967f7647eec5adceda30d90b6c Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 18:16:30 -0500 Subject: [PATCH 46/76] Redirect /gitea -> /gitea/ --- roles/gitea/templates/gitea.conf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/gitea/templates/gitea.conf.j2 b/roles/gitea/templates/gitea.conf.j2 index b16f7ab2b..3dc0e68e7 100644 --- a/roles/gitea/templates/gitea.conf.j2 +++ b/roles/gitea/templates/gitea.conf.j2 @@ -15,5 +15,7 @@ ProxyPassReverse {{ gitea_url}} http://localhost:{{ gitea_port }} RequestHeader unset Accept-Encoding +Redirect {{ gitea_url }} {{ gitea_url }}/ + # Disable TRACE to prevent cross-site tracing TraceEnable off From c4aa784b8ce3ba810b5f5312c48f76381ca96bd0 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 18:41:10 -0500 Subject: [PATCH 47/76] Skip install screen on first run; configure this in Ansible --- roles/gitea/defaults/main.yml | 1 + roles/gitea/templates/app.ini.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 224a8daba..cffc63f89 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -54,3 +54,4 @@ gitea_log_root: "{{ gitea_root_directory }}/log" # Extra configuration gitea_display_name: Internet-in-a-Box Gitea +skip_install_screen: true diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index ecee0a21d..7959d3b62 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -249,7 +249,7 @@ DISABLE_REGULAR_ORG_CREATION = false [security] ; Whether the installer is disabled -INSTALL_LOCK = false +INSTALL_LOCK = {{ skip_install_screen }} ; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! SECRET_KEY = !#@FDEWREWR&*( ; How long to remember that an user is logged in before requiring relogin (in days) From a8c24dde1f5777cedb3debd161ba848a22a5477c Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 18:44:47 -0500 Subject: [PATCH 48/76] use regex to redirect --- roles/gitea/templates/gitea.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/templates/gitea.conf.j2 b/roles/gitea/templates/gitea.conf.j2 index 3dc0e68e7..96c810147 100644 --- a/roles/gitea/templates/gitea.conf.j2 +++ b/roles/gitea/templates/gitea.conf.j2 @@ -15,7 +15,7 @@ ProxyPassReverse {{ gitea_url}} http://localhost:{{ gitea_port }} RequestHeader unset Accept-Encoding -Redirect {{ gitea_url }} {{ gitea_url }}/ +RedirectMatch ^{{ gitea_url }}$ {{ gitea_url }}/ # Disable TRACE to prevent cross-site tracing TraceEnable off From b8963413db629fd580c2b9bb35e713cd42802b59 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 20:10:35 -0500 Subject: [PATCH 49/76] TOML requires Boolean values to be lowercase https://github.com/toml-lang/toml/issues/390 --- roles/gitea/templates/app.ini.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/templates/app.ini.j2 b/roles/gitea/templates/app.ini.j2 index 7959d3b62..ddae9b7e1 100644 --- a/roles/gitea/templates/app.ini.j2 +++ b/roles/gitea/templates/app.ini.j2 @@ -249,7 +249,7 @@ DISABLE_REGULAR_ORG_CREATION = false [security] ; Whether the installer is disabled -INSTALL_LOCK = {{ skip_install_screen }} +INSTALL_LOCK = {{ skip_install_screen | lower }} ; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! SECRET_KEY = !#@FDEWREWR&*( ; How long to remember that an user is logged in before requiring relogin (in days) From 28248516b0c0fa7c2bfa45381755664408cb2b36 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 7 Mar 2019 23:51:19 -0500 Subject: [PATCH 50/76] Update roles/gitea/README.rst Co-Authored-By: aidan-fitz --- roles/gitea/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index c9b664d5f..be243e787 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -7,7 +7,7 @@ This Ansible role installs Gitea - a self-hosted Git service written in Go. Using It -------- -Gitea should be accessible at http://box/gitea/. +Gitea should be accessible at http://box/gitea Configuration ------------- From d86c985f7c077f32ee76d186d2827864423d1c63 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 7 Mar 2019 23:52:07 -0500 Subject: [PATCH 51/76] Update roles/gitea/tasks/install.yml Co-Authored-By: aidan-fitz --- roles/gitea/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index c6bfefdaa..4f4a3c1ad 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -160,7 +160,7 @@ state: absent when: not gitea_enabled and is_debuntu -- name: Restart Apache, so it picks up the new aliases +- name: Restart Apache ({{ apache_service }}) to enable/disable http://box/gitea service: name: "{{ apache_service }}" state: restarted From eea7bea300d02d7712b39cb2b015872ce4fd38d8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 7 Mar 2019 23:52:19 -0500 Subject: [PATCH 52/76] Update vars/local_vars_medium.yml Co-Authored-By: aidan-fitz --- vars/local_vars_medium.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 25a9f879b..2908b81f4 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -180,7 +180,7 @@ elgg_enabled: True ejabberd_install: False ejabberd_enabled: False -gitea_install: True +gitea_install: False gitea_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca From 73d945e278f0648adaabf476d01a0ed2927d148d Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 7 Mar 2019 23:54:11 -0500 Subject: [PATCH 53/76] Apply suggestions from code review Co-Authored-By: aidan-fitz --- roles/gitea/tasks/main.yml | 2 +- vars/default_vars.yml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml index 211db861b..e75a9f12a 100644 --- a/roles/gitea/tasks/main.yml +++ b/roles/gitea/tasks/main.yml @@ -1,3 +1,3 @@ -- name: Include the install playbook +- name: Install Gitea {{ gitea_version }} if gitea_install include_tasks: install.yml when: gitea_install diff --git a/vars/default_vars.yml b/vars/default_vars.yml index b4f3a6d43..6d3c48598 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -298,7 +298,6 @@ nodered_enabled: False nodered_port: 1880 nodered_web_path: nodered -# Nextcloud nextcloud_install: False nextcloud_enabled: False From 8b447b809af733c89ba8569ffa19f22bb1cc7c19 Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Thu, 7 Mar 2019 23:55:12 -0500 Subject: [PATCH 54/76] Apply more suggestions from code review --- roles/6-generic-apps/tasks/main.yml | 12 ++++++------ roles/gitea/defaults/main.yml | 3 +++ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 4fcd4d494..8823f02ef 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -27,6 +27,12 @@ when: ejabberd_install tags: ejabberd +- name: GITEA + include_role: + name: gitea + when: gitea_install + tags: gitea + - name: LOKOLE include_role: name: lokole @@ -69,12 +75,6 @@ when: wordpress_install tags: wordpress -- name: GITEA - include_role: - name: gitea - when: gitea_install - tags: gitea - - name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: dest: "{{ iiab_env_file }}" diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index cffc63f89..f391cbd44 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -2,6 +2,9 @@ #gitea_install: True #gitea_enabled: True +# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml +# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! + # Using @coolaj86's script as a template # https://git.coolaj86.com/coolaj86/gitea-installer.sh From ffa2ecbd80a6003958541777d9f84ef14e068bdd Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 8 Mar 2019 00:04:53 -0500 Subject: [PATCH 55/76] Don't care about previous state per Ansible convention --- roles/gitea/tasks/install.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 4f4a3c1ad..71514da6c 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -147,20 +147,22 @@ src: gitea.conf.j2 dest: "/etc/{{ apache_config_dir }}/gitea.conf" -- name: Enable httpd conf file if we are disabled (debuntu) +- name: Enable httpd conf file (debuntu) file: src: /etc/{{ apache_config_dir }}/gitea.conf dest: /etc/apache2/sites-enabled/gitea.conf state: link when: gitea_enabled and is_debuntu -- name: Remove httpd conf file if we are disabled (OS's other than debuntu) +- name: Remove httpd conf file (OS's other than debuntu) file: path: /etc/apache2/sites-enabled/gitea.conf state: absent when: not gitea_enabled and is_debuntu -- name: Restart Apache ({{ apache_service }}) to enable/disable http://box/gitea +- name: >- + Restart Apache ({{ apache_service }}) to {% if gitea_enabled %}enable{% + else %}disable{% endif %} http://box/gitea service: name: "{{ apache_service }}" state: restarted From 31dea06da20128c255412b80887a80d8d5762dcf Mon Sep 17 00:00:00 2001 From: Aidan Fitzgerald Date: Fri, 8 Mar 2019 00:08:56 -0500 Subject: [PATCH 56/76] Add description --- vars/default_vars.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 6d3c48598..8ef7c4210 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -275,7 +275,8 @@ elgg_mysql_password: elgg4kids ejabberd_install: False ejabberd_enabled: False -# Gitea +# Gitea - a lightweight web app for software hosting and collaboration. +# Git with a cup of tea. https://gitea.io/ gitea_install: False gitea_enabled: False From 4fabb8bff317f498596c5b6e084cc272ef074e7a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:41:09 -0500 Subject: [PATCH 57/76] Update README.rst --- roles/gitea/README.rst | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index be243e787..9b35e1756 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -14,11 +14,17 @@ Configuration Gitea has been configured to work with MySQL; it can also be used with SQLite or Postgres. If you want to use it with a different database, change the -``DB_TYPE`` property in ``app.ini`` and change the line ``After=mysqld.service`` -in ``gitea.service`` to one of the following: +``DB_TYPE`` property in ``/etc/gitea/app.ini`` [1] and change the line ``After=mysqld.service`` +in ``/etc/systemd/system/gitea.service`` [2] to one of the following: * SQLite: comment it out. * Postgres: ``After=postgresql.service`` -Further information about configuring Gitea can be found at the -`documentation `. +[1] Prior to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/app.ini.j2`` + +[2] Priot to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/gitea.service.j2`` + +Documentation +------------- + +Further info on configuring: `https://docs.gitea.io `_ From b2ec813be0a23fa1250f04458584beb45856b3b1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:41:47 -0500 Subject: [PATCH 58/76] Update README.rst --- roles/gitea/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index 9b35e1756..d1ca14dc3 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -22,7 +22,7 @@ in ``/etc/systemd/system/gitea.service`` [2] to one of the following: [1] Prior to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/app.ini.j2`` -[2] Priot to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/gitea.service.j2`` +[2] Prior to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/gitea.service.j2`` Documentation ------------- From d091b6bb9d09c38bc6ab47d5e658a9415bddc6e1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:42:24 -0500 Subject: [PATCH 59/76] Update main.yml --- roles/gitea/defaults/main.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index f391cbd44..b48f3c631 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -1,6 +1,5 @@ ---- -#gitea_install: True -#gitea_enabled: True +# gitea_install: True +# gitea_enabled: True # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! From 3bfba8dfeefd15022c400b943fe9186491d74c53 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:44:07 -0500 Subject: [PATCH 60/76] Update default_vars.yml --- vars/default_vars.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 841493385..f7d03e9fe 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -277,8 +277,7 @@ elgg_mysql_password: elgg4kids ejabberd_install: False ejabberd_enabled: False -# Gitea - a lightweight web app for software hosting and collaboration. -# Git with a cup of tea. https://gitea.io/ +# Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: False gitea_enabled: False From 5562500e41f920ada926c57f93acf8ee6e736c34 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:44:28 -0500 Subject: [PATCH 61/76] Update local_vars_min.yml --- vars/local_vars_min.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index c57487e98..cf089cb34 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -180,6 +180,7 @@ elgg_enabled: False ejabberd_install: False ejabberd_enabled: False +# Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: False gitea_enabled: False From 2c4dfff3d13be1d98816370749f5876eeb2907e2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:44:48 -0500 Subject: [PATCH 62/76] Update local_vars_medium.yml --- vars/local_vars_medium.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index cdb80b004..c75b9b704 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -180,6 +180,7 @@ elgg_enabled: True ejabberd_install: False ejabberd_enabled: False +# Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: False gitea_enabled: False From 8fbe13099e7dfb9e715c7263c49b7aec9a2abd01 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:47:29 -0500 Subject: [PATCH 63/76] better alphabetical order --- roles/6-generic-apps/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 8823f02ef..a0eff2ca3 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -15,18 +15,18 @@ when: mediawiki_install tags: mediawiki -- name: ELGG - include_role: - name: elgg - when: elgg_install - tags: elgg - - name: EJABBERD include_role: name: ejabberd when: ejabberd_install tags: ejabberd +- name: ELGG + include_role: + name: elgg + when: elgg_install + tags: elgg + - name: GITEA include_role: name: gitea From 5c563e320879e73a66b8c9670e58d4fb39163546 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:47:53 -0500 Subject: [PATCH 64/76] tighter description; better alphabetical order --- vars/local_vars_big.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 4299d96d9..932462912 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -174,12 +174,13 @@ dokuwiki_enabled: True mediawiki_install: True mediawiki_enabled: True -elgg_install: True -elgg_enabled: True - ejabberd_install: False ejabberd_enabled: False +elgg_install: True +elgg_enabled: True + +# Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: True gitea_enabled: True From dcb3fcf8d693dde90a0c2d0049251c2aa459f1d6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:48:01 -0500 Subject: [PATCH 65/76] tighter description; better alphabetical order --- vars/local_vars_medium.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index c75b9b704..8d30982f4 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -174,12 +174,12 @@ dokuwiki_enabled: False mediawiki_install: False mediawiki_enabled: False -elgg_install: True -elgg_enabled: True - ejabberd_install: False ejabberd_enabled: False +elgg_install: True +elgg_enabled: True + # Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: False gitea_enabled: False From f2551c7cbc8174dcbfd60b5cb694c3a5901b6364 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:48:11 -0500 Subject: [PATCH 66/76] tighter description; better alphabetical order --- vars/local_vars_min.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index cf089cb34..83691f262 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -174,12 +174,12 @@ dokuwiki_enabled: False mediawiki_install: False mediawiki_enabled: False -elgg_install: False -elgg_enabled: False - ejabberd_install: False ejabberd_enabled: False +elgg_install: False +elgg_enabled: False + # Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: False gitea_enabled: False From 8116847b96e3e1772ecd9f7e7c93758a89a145fb Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 01:48:18 -0500 Subject: [PATCH 67/76] tighter description; better alphabetical order --- vars/default_vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index f7d03e9fe..b223ed73e 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -269,14 +269,14 @@ dokuwiki_enabled: False mediawiki_install: False mediawiki_enabled: False +ejabberd_install: False +ejabberd_enabled: False + elgg_install: False elgg_enabled: False # elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 elgg_mysql_password: elgg4kids -ejabberd_install: False -ejabberd_enabled: False - # Gitea (lightweight self-hosted "GitHub") from https://gitea.io gitea_install: False gitea_enabled: False From 3111eb3c2ec4843909b0829e42171e8c6f3373e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Mar 2019 02:04:29 -0500 Subject: [PATCH 68/76] Update README.rst --- roles/gitea/README.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst index d1ca14dc3..ce13194f9 100644 --- a/roles/gitea/README.rst +++ b/roles/gitea/README.rst @@ -7,22 +7,22 @@ This Ansible role installs Gitea - a self-hosted Git service written in Go. Using It -------- -Gitea should be accessible at http://box/gitea +Gitea should be accessible at: http://box/gitea Configuration ------------- Gitea has been configured to work with MySQL; it can also be used with SQLite or -Postgres. If you want to use it with a different database, change the +PostgreSQL. If you want to use it with a different database, change the ``DB_TYPE`` property in ``/etc/gitea/app.ini`` [1] and change the line ``After=mysqld.service`` in ``/etc/systemd/system/gitea.service`` [2] to one of the following: * SQLite: comment it out. * Postgres: ``After=postgresql.service`` -[1] Prior to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/app.ini.j2`` +[1] Prior to installing Gitea, instead edit: ``/opt/iiab/iiab/roles/gitea/templates/app.ini.j2`` -[2] Prior to installing Gitea, instead edit ``/opt/iiab/iiab/roles/gitea/templates/gitea.service.j2`` +[2] Prior to installing Gitea, instead edit: ``/opt/iiab/iiab/roles/gitea/templates/gitea.service.j2`` Documentation ------------- From fe917215b41fbe3baa01431b19d5b8c1351568a8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 13 Mar 2019 01:56:01 -0400 Subject: [PATCH 69/76] Update main.yml --- roles/calibre-web/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index 8af95c611..3ff49e0f1 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -93,6 +93,7 @@ when: calibreweb_enabled # Default: http://box/books +# SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy - name: Enable http://box{{ calibreweb_url }} with Apache command: a2ensite calibre-web.conf when: calibreweb_enabled From 8a00a88f024f52a09823ef816674987310d7b727 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 13 Mar 2019 01:56:30 -0400 Subject: [PATCH 70/76] Update calibre-web.conf.j2 --- roles/calibre-web/templates/calibre-web.conf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/calibre-web/templates/calibre-web.conf.j2 b/roles/calibre-web/templates/calibre-web.conf.j2 index 85db95f10..cb81c9ad6 100644 --- a/roles/calibre-web/templates/calibre-web.conf.j2 +++ b/roles/calibre-web/templates/calibre-web.conf.j2 @@ -1,3 +1,5 @@ +# SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy + # Line used to work (in August 2018) but prevented http://box/books from working in October 2018: https://github.com/iiab/iiab/issues/1196 # From fb9091281334cca7130a83e891e338a0ff549f60 Mon Sep 17 00:00:00 2001 From: Tim Moody Date: Wed, 13 Mar 2019 13:30:44 -0400 Subject: [PATCH 71/76] make sure ImageMagick is installed and configured for PDFs --- roles/calibre-web/tasks/main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index 3ff49e0f1..7d33126bf 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -1,3 +1,18 @@ +- name: Install ImageMagick (debuntu) + package: + name: + - imagemagick + state: present + when: is_debuntu + +- name: Allow ImageMagick to read PDFs + lineinfile: + path: /etc/ImageMagick-6/policy.xml + regexp: '^' + line: '' + state: present + when: is_debuntu + - name: Create 3 Calibre-Web folders to store data and configuration files file: path: "{{ item }}" From f5ffe32a7854a53e6776df9a2b1097c9af38dfda Mon Sep 17 00:00:00 2001 From: Tim Moody Date: Wed, 13 Mar 2019 13:57:29 -0400 Subject: [PATCH 72/76] get match right --- roles/calibre-web/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index 7d33126bf..c266001b2 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -8,8 +8,8 @@ - name: Allow ImageMagick to read PDFs lineinfile: path: /etc/ImageMagick-6/policy.xml - regexp: '^' - line: '' + regexp: '' + line: ' ' state: present when: is_debuntu From 92c8d834ac83c611e30f6ed2476cf4498cc0a12b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 13 Mar 2019 15:35:06 -0400 Subject: [PATCH 73/76] Revert "make sure ImageMagick is installed and configured for PDFs" --- roles/calibre-web/tasks/main.yml | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index c266001b2..3ff49e0f1 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -1,18 +1,3 @@ -- name: Install ImageMagick (debuntu) - package: - name: - - imagemagick - state: present - when: is_debuntu - -- name: Allow ImageMagick to read PDFs - lineinfile: - path: /etc/ImageMagick-6/policy.xml - regexp: '' - line: ' ' - state: present - when: is_debuntu - - name: Create 3 Calibre-Web folders to store data and configuration files file: path: "{{ item }}" From b0346421ae74e9c3ab41c7615a7631d8a22f4739 Mon Sep 17 00:00:00 2001 From: Tim Moody Date: Wed, 13 Mar 2019 15:44:03 -0400 Subject: [PATCH 74/76] make idempotent --- roles/calibre-web/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index c266001b2..bc222e24c 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -9,6 +9,7 @@ lineinfile: path: /etc/ImageMagick-6/policy.xml regexp: '' + backrefs: yes line: ' ' state: present when: is_debuntu From bd6fe4ab11f1b03ad71a8a5cecb8e44fd375f1bd Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 13 Mar 2019 16:07:18 -0400 Subject: [PATCH 75/76] Update main.yml --- roles/calibre-web/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index bc222e24c..0e56a70ca 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -5,12 +5,12 @@ state: present when: is_debuntu -- name: Allow ImageMagick to read PDFs +- name: Allow ImageMagick to read PDFs (debuntu) lineinfile: path: /etc/ImageMagick-6/policy.xml regexp: '' backrefs: yes - line: ' ' + line: '' state: present when: is_debuntu From b9bd234a611e0bf96aabf13c4b7e07e977771ef8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 13 Mar 2019 16:18:30 -0400 Subject: [PATCH 76/76] Update main.yml --- roles/calibre-web/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index 0e56a70ca..fb2657188 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -10,7 +10,7 @@ path: /etc/ImageMagick-6/policy.xml regexp: '' backrefs: yes - line: '' + line: ' ' state: present when: is_debuntu