--- - name: This playbook installs and setups gitea along with postgresql hosts: aws become: true vars_files: - ../vars/secrets.yml vars: postgresql_user: gitea postgresql_db: giteadb container_network: host gitea_directory: /home/ubuntu/hifadhi_kuu/gitea tasks: - name: install postgresql apt: name: "{{item}}" loop: - postgresql - postgresql-contrib - libpq-dev - python3-dev - python3-pip - acl - name: install pyscopg python module ansible.builtin.pip: name: psycopg2 - name: enable the postgresql service service: name: postgresql enabled: true - name: start the postgresql service service: name: postgresql state: started - name: create giteadb database become_user: postgres community.postgresql.postgresql_db: name: "{{postgresql_db}}" encoding: UTF-8 lc_collate: en_US.UTF-8 lc_ctype: en_US.UTF-8 template: template0 - name: create user gitea become_user: postgres community.postgresql.postgresql_user: name: "{{postgresql_user}}" password: "{{postgresql_password}}" environment: PGOPTIONS: "-c password_encryption=scram-sha-256" - name: grant priviledges to giteadb to user gitea become_user: postgres community.postgresql.postgresql_privs: db: giteadb privs: ALL type: database role: gitea - name: let gitea authenticate as a peer ansible.builtin.lineinfile: path: /etc/postgresql/14/main/pg_hba.conf regexp: "^local.*all.*all.*peer" line: "local all all scram-sha-256" - name: create the gitea directory for the service ansible.builtin.file: path: "{{gitea_directory}}" state: directory mode: '0755' - name: download the gitea binary if it doesn't exist ansible.builtin.get_url: url: https://dl.gitea.com/gitea/1.22.2/gitea-1.22.2-linux-amd64.asc dest: /home/ubuntu/hifadhi_kuu/gitea - name: download the gitea binary if it doesn't exist ansible.builtin.get_url: url: https://dl.gitea.com/gitea/1.22.2/gitea-1.22.2-linux-amd64 dest: /home/ubuntu/hifadhi_kuu/gitea checksum: sha256:https://dl.gitea.com/gitea/1.22.2/gitea-1.22.2-linux-amd64.sha256 - name: use shell command to execute a bunch of gpg commands to verify binary ansible.builtin.shell: | gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify gitea-1.22.2-linux-amd64.asc gitea-1.22.2-linux-amd64 args: chdir: /home/ubuntu/hifadhi_kuu/gitea ignore_errors: true register: gpg_result - name: display results of gpg verification for go binary ansible.builtin.debug: var: gpg_result ignore_errors: true - name: creates user to run gitea ansible.builtin.user: name: git shell: /bin/bash system: true comment: "Gitea repo manager" state: present - name: create gitea core directories ansible.builtin.file: path: /var/lib/gitea/{{item}} state: directory recurse: yes owner: git group: git mode: '0750' loop: - "" - custom - data - log - name: create gitea config directory ansible.builtin.file: path: /etc/gitea state: directory owner: root group: git mode: '770' ### BELOW will be deleted # - name: install gitea container #community.docker.docker_image: #name: gitea/gitea #source: pull #pull: #platform: amd64 ## - name: create network the docker container will run in ## community.docker.docker_network: ## name: "{{container_network}}" #- name: run and make persistant gitea container #community.docker.docker_container: #name: gitea #image: gitea/gitea #state: started #restart_policy: always #ports: #- "3000:3000" #- "2222:2222" #env: #GITEA__database__DB_TYPE=postgres #GITEA__database__HOST=localhost:5432 #GITEA__database__NAME=giteadb #GITEA__database__USER=gitea #GITEA__database__PASSWD="{{postgresql_password}}" #networks: #- name: "{{container_network}}" #volumes: #- ./data:/var/lib/gitea #- ./config:/etc/gitea #- /etc/timezone:/etc/timezone:ro #- /etc/localtime:/etc/localtime:ro #recreate: false #working_dir: "{{gitea_directory}}"