|
|
|
|
@ -4,6 +4,17 @@
|
|
|
|
|
path: /var/local/gitea
|
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
|
|
- name: Ensure the user gitea exist
|
|
|
|
|
user:
|
|
|
|
|
name: gitea
|
|
|
|
|
create_home: no
|
|
|
|
|
password_lock: yes
|
|
|
|
|
register: gitea_user
|
|
|
|
|
|
|
|
|
|
- name: Retrieve info about users
|
|
|
|
|
getent:
|
|
|
|
|
database: passwd
|
|
|
|
|
|
|
|
|
|
- name: Warning
|
|
|
|
|
debug:
|
|
|
|
|
msg: This is a test server, do not use in production
|
|
|
|
|
@ -23,11 +34,42 @@
|
|
|
|
|
- name: Copy key
|
|
|
|
|
copy:
|
|
|
|
|
src: /var/certificates/{{ server_hostname }}_privkey.pem
|
|
|
|
|
dest: /var/local/keycloak/certificates/tls.key
|
|
|
|
|
dest: /var/local/gitea/gitea/key.pem
|
|
|
|
|
owner: gitea
|
|
|
|
|
group: gitea
|
|
|
|
|
mode: 0600
|
|
|
|
|
remote_src: yes
|
|
|
|
|
notify: restart gitea
|
|
|
|
|
|
|
|
|
|
- name: Copy certificate
|
|
|
|
|
copy:
|
|
|
|
|
src: /var/certificates/{{ server_hostname }}_cert.pem
|
|
|
|
|
dest: /var/local/keycloak/certificates/tls.crt
|
|
|
|
|
dest: /var/local/gitea/gitea/cert.pem
|
|
|
|
|
owner: gitea
|
|
|
|
|
group: gitea
|
|
|
|
|
remote_src: yes
|
|
|
|
|
notify: restart gitea
|
|
|
|
|
|
|
|
|
|
- name: Specify the link the private key
|
|
|
|
|
lineinfile:
|
|
|
|
|
path: /var/local/gitea/gitea/gitea/conf/app.ini
|
|
|
|
|
insertafter: '^\[server\]'
|
|
|
|
|
regexp: '^KEY_FILE'
|
|
|
|
|
line: KEY_FILE = /data/key.pem
|
|
|
|
|
notify: restart gitea
|
|
|
|
|
|
|
|
|
|
- name: Specify the link the private key
|
|
|
|
|
lineinfile:
|
|
|
|
|
path: /var/local/gitea/gitea/gitea/conf/app.ini
|
|
|
|
|
insertafter: '^\[server\]'
|
|
|
|
|
regexp: '^CERT_FILE'
|
|
|
|
|
line: CERT_FILE = /data/cert.pem
|
|
|
|
|
notify: restart gitea
|
|
|
|
|
|
|
|
|
|
- name: Use https
|
|
|
|
|
lineinfile:
|
|
|
|
|
path: /var/local/gitea/gitea/gitea/conf/app.ini
|
|
|
|
|
insertafter: '^\[server\]'
|
|
|
|
|
regexp: '^PROTOCOL'
|
|
|
|
|
line: PROTOCOL = https
|
|
|
|
|
notify: restart gitea
|
|
|
|
|
|
Jean-Marie Mineau
3 years ago