forksand
/
forksand-it-manual
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '08e0b88bea'
${ noResults }
forksand-it-manual/source/resources/apps/gitea-ansible/README.md

218 lines
6.4 KiB
Raw Blame History

# Forksand Bootstrap Gitea
This Ansible playbook was written to set up a Gitea server on Debian systems.
## Table of contents
1. [Requirements](#requirements)
2. [Quick Start](#quick-start)
* [Project Configuration](#project-configuration)
* [Playbook Execution](#playbook-execution)
3. [Project Structure](#project-structure)
* [File and Directory Descriptions](#file-and-directory-descriptions)
* [Role Descriptions](#role-descriptions)
* [Role Parameters](#role-parameters)
4. [Ansible Logging](#ansible-logging)
5. [Troubleshooting](#troubleshooting)
## Requirements
The following applications are required to utilize this playbook. Ansible can be installed using Python PIP.
* Ansible 2.4.x+
* Python 2.7.9+
## Quick Start
The follow steps will help quickly set up and execute this playbook.
### Project Configuration
The following files need to be edited and configured before executing this playbook.
| File | Description |
| -- | -- |
| roles/gitea/default/main.yml | Variables for Gitea configuration - (default - standalone with sqlite) |
| roles/nginx/default/main.yml | Variables for Nginx and Letsencrypt configuration |
| inventory.yml | List of server IPs to connect to |
### Playbook Execution
After having configured the server credentials and added the server IP to the inventory, use the following command to execute the playbook.
`ansible-playbook -i inventory.yml site.yml`
## Project Structure
The following tree depicts the high level structure of this Ansible project.
```bash
├── inventory.yml
├── LICENSE.AGPLv3
├── LICENSE.GPLv3
├── README.md
├── roles
│   ├── gitea
│   ├── nginx
├── playbook_execution.log
└── site.yml
```
### File and Directory Descriptions
The following table consists of a description of what each file and directory stands for.
| Name | Description |
| -- | -- |
| site.yml | Master playbook. Executes all roles in sequential order |
| inventory.yml | Inventory file containing server IP addresses |
| ansible.cfg | Ansible configuration file for various Ansible options. |
| roles/ | Directory containing all roles needed by this project |
### Role descriptions
The following table consists of descriptions of each role and their purpose. The roles listed below are listed in the required order of execution to ensure successful completion of the playbook.
| Role Name | Role Description |
| -- | -- |
| gitea | This roles performs installation and configuration of Gitea server |
| nginx | This roles performs installation and configuration of Nginx server |
### Role parameters
Description of the role parameters for each role.
#### Gitea roles parameters
```
# Application name
gitea_app_name: "Gitea"
# Application gitea_user_repo_limit
gitea_user: "gitea"
# Application home
gitea_home: "/var/lib/gitea"
# Repo Limit
gitea_user_repo_limit: -1
# Domain Name (FOR REVER PROXY LEAVE AS DEFAULT)
gitea_http_domain: localhost
# Gitea url (FOR REVER PROXY LEAVE AS DEFAULT)
gitea_root_url: http://localhost:3000
# Protocol (FOR REVER PROXY LEAVE AS DEFAULT)
gitea_protocol: http
# listen IP (FOR REVER PROXY LEAVE AS DEFAULT)
gitea_http_listen: 127.0.0.1
# Listen port (FOR REVER PROXY LEAVE AS DEFAULT)
gitea_http_port: 3000
# HTTP git Options
gitea_disable_http_git: false
# Offline mode options
gitea_offline_mode: true
## DB details
# DB Type 'mysql', 'postgres' or 'sqlite3'
gitea_db_type: sqlite3
# DB host
gitea_db_host: 127.0.0.0:3306
# DB name
gitea_db_name: root
# DB username
gitea_db_user: gitea
# DB password
gitea_db_passord: lel
# DB ssl options
gitea_db_ssl: disable
# DB path (Not needed for postgres and mysql hash it in template file )
gitea_db_path: "{{ gitea_home }}/data/gitea.db"
## SSH Details
# SSH Listen IP
gitea_ssh_listen: 0.0.0.0
# SSH domain
gitea_ssh_domain: localhost
# SSH options
gitea_start_ssh: true
# SSH post
gitea_ssh_port: 2222
# gitea key (GENERATE A NEW KEY)
gitea_secret_key: T0pS3cr31
## General Settings
# User email settings
gitea_show_user_email: false
# User avatar settings
gitea_disable_gravatar: true
# User register options
gitea_disable_registration: false
# User signup options
gitea_require_signin: true
# User captcha options
gitea_enable_captcha: true
```
#### Nginx roles parameters
```
# Domain name for the server
nginx_domain_name: "test.hostnats.com"
# Gitea listening port
gitea_http_port: 3000
# letsencrypt email address
letsencrypt_email: "test@example.com"
```
## Ansible Logging
Ansible playbook executions are automatically logged to a file called `playbook-execution.log` in the root directory of the project. The path to this log file can be changed by editing `ansible.cfg` in the project root directory and specifying a different path.
## Troubleshooting
Ansible has a built in debug output. Simple run Ansible with a `-v`. There are 5 levels of debug output and they are denoted by the number of v's listed. Each level up provide more debug output than the level before it.
Level 1: `-v`
Level 2: `-vv`
Level 3: `-vvv`
Level 4: `-vvvv`
Level 5: `-vvvvv`
Example execution with level 3 debug output: `ansible-playbook -i inventory.yml site.yml -vvv`
# MySQL
To use MariaDB Galera cluster, run on one SQL cluster node:
```
CREATE DATABASE gitea CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE USER 'gitea'@'10.42.1.163' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON gitea.* TO 'gitea'@'10.42.1.163';
FLUSH PRIVILEGES;
```
# XXX FIX XXX
Disable IPv6 in nginx. Comment out this line in /etc/nginx/sites-enabled/default.conf :
listen [::]:80 default_server;
# XXX Letsencrypt kludge for SMTP SSL:
# Copy over Letencrypt keys for Gitea to use, chown to gitea
# XXX will not autorenew
cp -p /etc/letsencrypt/live/code.forksand.com/cert.pem /var/lib/gitea/custom/mailer/cert.pem
cp -p /etc/letsencrypt/live/code.forksand.com/privkey.pem /var/lib/gitea/custom/mailer/key.pem
chmod og-rwx /var/lib/gitea/custom/mailer/cert.pem /var/lib/gitea/custom/mailer/key.pem
chown gitea:root /var/lib/gitea/custom/mailer/cert.pem /var/lib/gitea/custom/mailer/key.pem
# Set up tmp dirs
mkdir -p /var/lib/gitea/data/tmp/uploads /var/lib/gitea/data/attachments
chown -R gitea:gitea /var/lib/gitea/data/tmp /var/lib/gitea/data/attachments
# Mirror Github / OCA repos:
sudo chown jebba /var/lib/gitea/oca
cd /var/lib/gitea/oca
git clone --mirror https://github.com/OCA/maintainer-tools.git
sudo chown -R gitea:gitea /var/lib/gitea/oca/
# Use latest git
apt install -t stretch-backports git
Reference in new issue View Git Blame Copy Permalink