ansible/roles/install_gitea/tasks/main.yml
Jean-Marie Mineau 05ad85b946 use https
2021-01-27 00:26:09 +01:00

75 lines
1.7 KiB
YAML

---
- name: Ensure the directory exist
file:
path: /var/local/gitea
state: directory
- name: Ensure the user gitea exist
user:
name: gitea
create_home: no
password_lock: yes
register: gitea_user
- name: Retrieve info about users
getent:
database: passwd
- name: Warning
debug:
msg: This is a test server, do not use in production
- name: Copy docker-compose.yml
template:
src: docker-compose.yml.j2
dest: /var/local/gitea/docker-compose.yml
mode: 0644
owner: root
group: staff
- name: Start the container
docker_compose:
project_src: /var/local/gitea
- name: Copy key
copy:
src: /var/certificates/{{ server_hostname }}_privkey.pem
dest: /var/local/gitea/gitea/key.pem
owner: gitea
group: gitea
mode: 0600
remote_src: yes
notify: restart gitea
- name: Copy certificate
copy:
src: /var/certificates/{{ server_hostname }}_cert.pem
dest: /var/local/gitea/gitea/cert.pem
owner: gitea
group: gitea
remote_src: yes
notify: restart gitea
- name: Specify the link the private key
lineinfile:
path: /var/local/gitea/gitea/gitea/conf/app.ini
insertafter: '^\[server\]'
regexp: '^KEY_FILE'
line: KEY_FILE = /data/key.pem
notify: restart gitea
- name: Specify the link the private key
lineinfile:
path: /var/local/gitea/gitea/gitea/conf/app.ini
insertafter: '^\[server\]'
regexp: '^CERT_FILE'
line: CERT_FILE = /data/cert.pem
notify: restart gitea
- name: Use https
lineinfile:
path: /var/local/gitea/gitea/gitea/conf/app.ini
insertafter: '^\[server\]'
regexp: '^PROTOCOL'
line: PROTOCOL = https
notify: restart gitea