--- - name: This playbook installs and setups gitea along with postgresql hosts: aws become: true vars_files: - ../../vars/secrets.yml - ../../vars/vars.yml vars: postgresql_user: gitea postgresql_db: giteadb container_network: host gitea_directory: /home/ubuntu/hifadhi_kuu/gitea tasks: - name: install postgresql apt: name: "{{item}}" state: present loop: - postgresql - postgresql-contrib - libpq-dev - python3-dev - python3-pip - acl - name: install pyscopg python module ansible.builtin.pip: name: psycopg2 - name: enable the postgresql service service: name: postgresql enabled: true - name: start the postgresql service service: name: postgresql state: started - name: create giteadb database become_user: postgres community.postgresql.postgresql_db: name: "{{postgresql_db}}" encoding: UTF-8 lc_collate: en_US.UTF-8 lc_ctype: en_US.UTF-8 template: template0 - name: create user gitea become_user: postgres community.postgresql.postgresql_user: name: "{{postgresql_user}}" password: "{{postgresql_password}}" environment: PGOPTIONS: "-c password_encryption=scram-sha-256" - name: grant priviledges to giteadb to user gitea become_user: postgres community.postgresql.postgresql_privs: db: giteadb privs: ALL type: database role: gitea - name: let gitea authenticate as a peer ansible.builtin.lineinfile: path: /etc/postgresql/14/main/pg_hba.conf regexp: "^local.*all.*all.*peer" line: "local all all scram-sha-256" - name: create the gitea directory for the service ansible.builtin.file: path: "{{gitea_directory}}" state: directory mode: '0755' - name: download the gitea binary if it doesn't exist ansible.builtin.get_url: url: https://dl.gitea.com/gitea/1.22.2/gitea-1.22.2-linux-amd64.asc dest: /home/ubuntu/hifadhi_kuu/gitea - name: download the gitea binary if it doesn't exist ansible.builtin.get_url: url: https://dl.gitea.com/gitea/1.22.2/gitea-1.22.2-linux-amd64 dest: /home/ubuntu/hifadhi_kuu/gitea checksum: sha256:https://dl.gitea.com/gitea/1.22.2/gitea-1.22.2-linux-amd64.sha256 - name: use shell command to execute a bunch of gpg commands to verify binary ansible.builtin.shell: | gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify gitea-1.22.2-linux-amd64.asc gitea-1.22.2-linux-amd64 args: chdir: /home/ubuntu/hifadhi_kuu/gitea ignore_errors: true register: gpg_result - name: display results of gpg verification for go binary ansible.builtin.debug: var: gpg_result ignore_errors: true - name: creates user to run gitea ansible.builtin.user: name: git shell: /bin/bash system: true comment: "Gitea repo manager" state: present - name: create gitea core directories ansible.builtin.file: path: /var/lib/gitea/{{item}} state: directory recurse: yes owner: git group: git mode: '0750' loop: - "" - custom - data - log - name: create gitea config directory ansible.builtin.file: path: /etc/gitea state: directory owner: root group: git mode: '770' - name: download gitea systemd service ansible.builtin.get_url: url: https://raw.githubusercontent.com/go-gitea/gitea/refs/heads/release/v1.22/contrib/systemd/gitea.service dest: /etc/systemd/system/gitea.service - name: copy the gitea binary to /usr/local/bin directory copy: src: /home/ubuntu/hifadhi_kuu/gitea/gitea-1.22.2-linux-amd64 remote_src: yes dest: /usr/local/bin/gitea owner: git mode: '0744' - name: start the gitea service service: name: gitea state: started enabled: yes - name: download the gitea action binary if it doesn't exist ansible.builtin.get_url: url: https://gitea.com/gitea/act_runner/releases/download/v0.2.11/act_runner-0.2.11-linux-amd64 dest: /home/ubuntu/hifadhi_kuu/gitea - name: copy the gitea runner binary to /usr/local/bin directory copy: src: /home/ubuntu/hifadhi_kuu/gitea/act_runner-0.2.11-linux-amd64 remote_src: true dest: /usr/local/bin/act_runner owner: git mode: '0755' - name: configure the gitea action runner non-interactively ansible.builtin.shell: cmd: | chmod +x /usr/local/bin/act_runner act_runner --version act_runner register --no-interactive --instance \ https://gitea.kwerezigua.org --token "{{gitea_action_token}}" \ --name mfanyakazi args: chdir: /home/ubuntu/hifadhi_kuu/gitea - name: install the act_runner systemd service ansible.builtin.template: src: ../../templates/act_runner.service.j2 dest: /etc/systemd/system/act_runner.service - name: start the gitea action service service: name: act_runner state: restarted enabled: true