2024-09-07 14:34:44 +00:00
|
|
|
---
|
|
|
|
- name: This playbook installs and setups postgresql
|
|
|
|
hosts: aws
|
|
|
|
become: true
|
2024-09-07 21:10:38 +00:00
|
|
|
vars_files:
|
|
|
|
- ../vars/secrets.yml
|
|
|
|
vars:
|
|
|
|
postgresql_user: gitea
|
|
|
|
postgresql_db: giteadb
|
2024-09-07 23:31:04 +00:00
|
|
|
container_network: host
|
2024-09-07 23:03:57 +00:00
|
|
|
gitea_directory: /home/ubuntu/hifadhi_kuu/gitea
|
2024-09-07 14:34:44 +00:00
|
|
|
tasks:
|
|
|
|
- name: install postgresql
|
|
|
|
apt:
|
2024-09-07 21:10:38 +00:00
|
|
|
name: "{{item}}"
|
|
|
|
loop:
|
|
|
|
- postgresql
|
|
|
|
- postgresql-contrib
|
|
|
|
- libpq-dev
|
|
|
|
- python3-dev
|
|
|
|
- python3-pip
|
|
|
|
- acl
|
|
|
|
|
|
|
|
- name: install pyscopg python module
|
|
|
|
ansible.builtin.pip:
|
|
|
|
name: psycopg2
|
2024-09-07 14:34:44 +00:00
|
|
|
|
|
|
|
- name: enable the postgresql service
|
|
|
|
service:
|
|
|
|
name: postgresql
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
- name: start the postgresql service
|
|
|
|
service:
|
|
|
|
name: postgresql
|
|
|
|
state: started
|
2024-09-07 21:10:38 +00:00
|
|
|
|
|
|
|
- name: create giteadb database
|
|
|
|
become_user: postgres
|
|
|
|
community.postgresql.postgresql_db:
|
|
|
|
name: "{{postgresql_db}}"
|
|
|
|
encoding: UTF-8
|
|
|
|
lc_collate: en_US.UTF-8
|
|
|
|
lc_ctype: en_US.UTF-8
|
|
|
|
template: template0
|
|
|
|
|
|
|
|
- name: create user gitea
|
|
|
|
become_user: postgres
|
|
|
|
community.postgresql.postgresql_user:
|
|
|
|
name: "{{postgresql_user}}"
|
|
|
|
password: "{{postgresql_password}}"
|
|
|
|
environment:
|
|
|
|
PGOPTIONS: "-c password_encryption=scram-sha-256"
|
|
|
|
|
|
|
|
- name: grant priviledges to giteadb to user gitea
|
|
|
|
become_user: postgres
|
|
|
|
community.postgresql.postgresql_privs:
|
|
|
|
db: giteadb
|
|
|
|
privs: ALL
|
|
|
|
type: database
|
|
|
|
role: gitea
|
|
|
|
|
|
|
|
- name: let gitea authenticate as a peer
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
path: /etc/postgresql/14/main/pg_hba.conf
|
|
|
|
regexp: "^local.*all.*all.*peer"
|
|
|
|
line: "local all all scram-sha-256"
|
2024-09-07 23:03:57 +00:00
|
|
|
|
|
|
|
- name: create the gitea directory for the service
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: "{{gitea_directory}}"
|
|
|
|
state: directory
|
|
|
|
mode: '0755'
|
|
|
|
|
|
|
|
- name: install gitea container
|
|
|
|
community.docker.docker_image:
|
|
|
|
name: gitea/gitea
|
|
|
|
source: pull
|
|
|
|
pull:
|
|
|
|
platform: amd64
|
|
|
|
|
2024-09-07 23:31:04 +00:00
|
|
|
# - name: create network the docker container will run in
|
|
|
|
# community.docker.docker_network:
|
|
|
|
# name: "{{container_network}}"
|
2024-09-07 23:03:57 +00:00
|
|
|
|
|
|
|
- name: run and make persistant gitea container
|
|
|
|
community.docker.docker_container:
|
|
|
|
name: gitea
|
|
|
|
image: gitea/gitea
|
|
|
|
state: started
|
|
|
|
restart_policy: always
|
|
|
|
ports:
|
|
|
|
- "3000:3000"
|
|
|
|
- "2222:2222"
|
|
|
|
env:
|
|
|
|
GITEA__database__DB_TYPE=postgres
|
|
|
|
GITEA__database__HOST=localhost:5432
|
|
|
|
GITEA__database__NAME=giteadb
|
|
|
|
GITEA__database__USER=gitea
|
|
|
|
GITEA__database__PASSWD="{{postgresql_password}}"
|
|
|
|
networks:
|
|
|
|
- name: "{{container_network}}"
|
|
|
|
volumes:
|
|
|
|
- ./data:/var/lib/gitea
|
|
|
|
- ./config:/etc/gitea
|
|
|
|
- /etc/timezone:/etc/timezone:ro
|
|
|
|
- /etc/localtime:/etc/localtime:ro
|
2024-09-07 23:31:04 +00:00
|
|
|
recreate: true
|
2024-09-07 23:03:57 +00:00
|
|
|
working_dir: "{{gitea_directory}}"
|