ansible/role-gitea
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9fa0b742cb
role-gitea/README.md

5.8 KiB
Raw Blame History

Gitea Role

A role to install gitea. Strongly orientated from https://github.com/thomas-maurice/ansible-role-gitea

Config

General

  • gitea_version_check: Check if installed version != gitea_version before initiating binary download
  • gitea_version: The Gitea-Version you want to install
  • gitea_user: UNIX user used by Gitea
  • gitea_group: UNIX group used by Gitea
  • gitea_home: Base directory to work
  • gitea_dl_url: The URL, the compiled gitea-binary will be downloaded from
  • gitea_systemd_cap_net_bind_service: Adds AmbientCapabilities=CAP_NET_BIND_SERVICE and AmbientCapabilities=CAP_NET_BIND_SERVICE to systemd service file
  • gitea_extra_config: Additional configuration

Look and feel

  • gitea_app_name: Displayed application name
  • gitea_show_user_email: Do you want to display email addresses ? (true/false)
  • gitea_disable_gravatar: Do you want to disable Gravatar ? (privacy and so on) (true/false)
  • gitea_offline_mode: Do you want to disabling CDNs for frontend assets (true/false)
  • gitea_disable_registration: Do you want to disable user registration ? (true/false)
  • gitea_only_allow_external_registration: Do you want to force registration only using third-party services ? (true/false)
  • gitea_show_registration_button: Do you want to show the registration button? (true/false)
  • gitea_require_signin: Do you require a signin to see repo's (even public ones) ? (true/false)
  • gitea_enable_captcha: Do you want to enable captcha's ? (true/false)
  • gitea_themes: List of enabled themes
  • gitea_theme_default: Default theme

Security

  • gitea_secret_key: Cookie secret key
  • gitea_internal_token: Internal API token
  • gitea_disable_git_hooks: Do you want to disable the interface to add git hooks? If enabled it could be a security bug as it can be used for RCE. Defaults to true (true/false)

Limits

  • gitea_user_repo_limit: Limit how many repos a user can have (-1 for unlimited)
  • gitea_force_private: Force every new repository to be private (true/false)

HTTP configuration

  • gitea_http_domain: HTTP domain (displayed in your clone URLs, just the domain like git.foo.fr)
  • gitea_root_url: Root URL used to access your web app (full URL)
  • gitea_protocol: Listening protocol (http/https)
  • gitea_http_listen: Bind address
  • gitea_http_port: Bind port
  • gitea_disable_http_git: Disable the use of Git over HTTP ? (true/false)

SSH configuration

  • gitea_ssh_listen: Bind address for the SSH server
  • gitea_ssh_domain: SSH domain (displayed in your clone URLs)
  • gitea_start_ssh: Do you want to start a built-in SSH server ? (true/false)
  • gitea_ssh_port: SSH bind port

Database configuration

  • gitea_db_type: Database type, can be mysql, postgres or sqlite3
  • gitea_db_host: Database host string host:port or /run/postgresql/ when connectiong to postgres via local unix socket (peer authentication)
  • gitea_db_name: Database name
  • gitea_db_user: Database username
  • gitea_db_password: Database password
  • gitea_db_ssl: Use SSL ? (postgres only!). Can be require, disable, verify-ca or verify-full
  • gitea_db_path: DB path, if you use sqlite3. The default is good enough to work though.

Mailer configuration

  • gitea_mailer_enabled: Whether to enable the mailer. Default: false
  • gitea_mailer_type: Type of Mailer (smtp)
  • gitea_mailer_skip_verify: Skip SMTP TLS certificate verification (true/false)
  • gitea_mailer_tls_enabled: Enable TLS for SMTP connections (true/false)
  • gitea_mailer_host: SMTP server hostname and port
  • gitea_mailer_user: SMTP server username
  • gitea_mailer_password: SMTP server password
  • gitea_mailer_from: Sender mail address
  • gitea_enable_notify_mail: Whether e-mail should be send to watchers of a repository when something happens. Default: false
  • gitea_mail_default: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disable (Default: onmention )
  • gitea_autowatch_new_repo: Enable this to let all organisation users watch new repos when they are created (Default: false)
  • gitea_autowatch_on_change: Enable this to make users watch a repository after their first commit to it (Default: true)
  • gitea_show_mailstones_dashboard: Enable this to show the milestones dashboard page - a view of all the users milestones (Default: true)

Oauth2 provider configuration

  • gitea_oauth2_enabled: Enable the Oauth2 provider (true/false)
  • gitea_oauth2_jwt_secret: Oauth2 JWT secret. Can be generated with gitea generate secret JWT_SECRET

GIT LFS configuration

  • gitea_lfs_server_enabled: Enable GIT LFS (large filesystem)
  • gitea_lfs_secret: JWT secret for remote LFS usage

Metrics endpoint configuration

  • gitea_metrics_enabled: Enable the metrics endpoint
  • gitea_metrics_token: Bearer token for the Prometheus scrape job

Log configuration

  • gitea_log_level; Log Level. Can be Trace, Debug, Info, Warn, Èrror, Critical (Default: Info)

Repository Indexer configuration

  • gitea_repo_indexer_enabled: Whether to enable the repository indexer (code search). Default: false
  • gitea_repo_indexer_include: Glob patterns to include in the index (comma-separated list). Default: "" (all files)
  • gitea_repo_indexer_exclude: Glob patterns to exclude from the index (comma-separated list). Default: "" (no files)
  • gitea_repo_exclude_vendored: Exclude vendored files from the index. Default: true
  • gitea_repo_indexer_max_file_size: Maximum size of files to be indexed (in bytes). Default: 1048576 (1 MB)

backup on upgrade

  • gitea_backup_on_upgrade: Optionally a backup can be created with every update of gitea. Default: false
  • gitea_backup_location: Where to store the gitea backup if one is created with this role. Default: {{ gitea_home }}/backups/