--- - name: Install packages apt: name: - git become: yes - name: Create User user: name: git home: /home/git shell: /bin/bash system: yes state: present become: yes - name: Folder structure file: path: '{{ item }}' owner: git group: git mode: '750' state: directory become: yes loop: - /var/lib/gitea/ - /var/lib/gitea/custom - /var/lib/gitea/data - /var/lib/gitea/log - name: Config folder file: path: /etc/gitea owner: root group: git mode: '750' state: directory become: yes - name: Create secrets if needed include_tasks: secrets.yml - name: Read secret Key slurp: src: /etc/gitea/secret_key become: yes register: sec_key - name: Read internal token slurp: src: /etc/gitea/internal_token become: yes register: int_tok - name: Read JWT Secret slurp: src: /etc/gitea/jwt_secret become: yes register: jwt_sec - name: pull sha256sum uri: url: 'https://dl.gitea.com/gitea/{{ gitea.version.ver }}/gitea-{{ gitea.version.ver }}-linux-amd64.sha256' method: GET return_content: yes register: gitea_sha256_raw - name: set sha256sum set_fact: gitea_sha256: '{{ (gitea_sha256_raw.content | split(" "))[0] }}' cacheable: false - name: Check for update stat: path: /usr/local/bin/gitea checksum_algorithm: sha256 register: gitea_bin_stat ignore_errors: yes - name: perform update include_tasks: update.yml when: - (not gitea_bin_stat.stat.exists) or (gitea_bin_stat.stat.checksum != gitea_sha256) - name: Install gitea config file template: src: app.ini.j2 dest: /etc/gitea/app.ini owner: root group: git mode: '640' become: yes notify: - Handle systemd - name: Check for changed cert command: /bin/true when: - cert_changed notify: - Handle systemd - name: Install gitea unit file copy: src: gitea.service dest: /etc/systemd/system/gitea.service become: yes notify: - Handle systemd - name: Flush handlers meta: flush_handlers - name: Wait 10s for gitea to start wait_for: timeout: 10 delegate_to: localhost # This only install base configuration. Group settings have to be set manually in gitea... - name: Install LDAP include_tasks: ldap.yml when: gitea.ldap.enable