Replace forgejo config with explicit ini
This commit is contained in:
parent
c7fc3f3ef7
commit
36a54fef3d
2 changed files with 80 additions and 55 deletions
|
@ -5,12 +5,18 @@
|
||||||
- name: Deploy {{ role_name }}
|
- name: Deploy {{ role_name }}
|
||||||
vars:
|
vars:
|
||||||
svc: "{{ forgejo_svc }}"
|
svc: "{{ forgejo_svc }}"
|
||||||
env: "{{ forgejo_env }}"
|
|
||||||
compose: "{{ forgejo_compose }}"
|
compose: "{{ forgejo_compose }}"
|
||||||
block:
|
block:
|
||||||
- name: Import prepare tasks for common service
|
- name: Import prepare tasks for common service
|
||||||
ansible.builtin.import_tasks: tasks/prepare-common-service.yml
|
ansible.builtin.import_tasks: tasks/prepare-common-service.yml
|
||||||
|
|
||||||
|
- name: Create the app.ini file
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: "{{ (service_path, 'app.ini') | path_join }}"
|
||||||
|
content: '{{ forgejo_ini | to_ini }}'
|
||||||
|
mode: "0644"
|
||||||
|
notify: Restart service {{ role_name }}
|
||||||
|
|
||||||
- name: Copy the template files
|
- name: Copy the template files
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: templates/
|
src: templates/
|
||||||
|
|
|
@ -10,77 +10,95 @@ forgejo_svc:
|
||||||
port: "{{ postgres.port }}"
|
port: "{{ postgres.port }}"
|
||||||
ssh_port: 22
|
ssh_port: 22
|
||||||
|
|
||||||
forgejo_env:
|
forgejo_ini:
|
||||||
FORGEJO__database__DB_TYPE: postgres
|
database:
|
||||||
FORGEJO__database__HOST: "{{ svc.db.host }}:{{ svc.db.port }}"
|
DB_TYPE: postgres
|
||||||
FORGEJO__database__NAME: "{{ opentofu.postgresql_data.forgejo.database }}"
|
HOST: "{{ svc.db.host }}:{{ svc.db.port }}"
|
||||||
FORGEJO__database__USER: "{{ opentofu.postgresql_data.forgejo.user }}"
|
NAME: "{{ opentofu.postgresql_data.forgejo.database }}"
|
||||||
FORGEJO__database__PASSWD: "{{ opentofu.postgresql_data.forgejo.pass }}"
|
USER: "{{ opentofu.postgresql_data.forgejo.user }}"
|
||||||
FORGEJO__database__SSL_MODE: verify-full
|
PASSWD: "{{ opentofu.postgresql_data.forgejo.pass }}"
|
||||||
|
SSL_MODE: verify-full
|
||||||
|
|
||||||
FORGEJO__repository__ENABLE_PUSH_CREATE_USER: true
|
repository:
|
||||||
FORGEJO__repository__ENABLE_PUSH_CREATE_ORG: true
|
ENABLE_PUSH_CREATE_USER: true
|
||||||
FORGEJO__repository__DEFAULT_BRANCH: main
|
ENABLE_PUSH_CREATE_ORG: true
|
||||||
|
DEFAULT_BRANCH: main
|
||||||
|
|
||||||
FORGEJO__cors__ENABLED: true
|
cors:
|
||||||
FORGEJO__cors__SCHEME: https
|
ENABLED: true
|
||||||
|
SCHEME: https
|
||||||
|
|
||||||
FORGEJO__ui__DEFAULT_THEME: forgejo-dark
|
ui:
|
||||||
|
DEFAULT_THEME: forgejo-dark
|
||||||
|
|
||||||
FORGEJO__server__DOMAIN: "{{ svc.domain }}"
|
server:
|
||||||
FORGEJO__server__SSH_DOMAIN: "{{ svc.domain }}"
|
DOMAIN: "{{ svc.domain }}"
|
||||||
FORGEJO__server__SSH_PORT: "{{ svc.ssh_port }}"
|
SSH_DOMAIN: "{{ svc.domain }}"
|
||||||
FORGEJO__server__ROOT_URL: https://{{ svc.domain }}
|
SSH_PORT: "{{ svc.ssh_port }}"
|
||||||
FORGEJO__server__OFFLINE_MODE: true
|
ROOT_URL: https://{{ svc.domain }}
|
||||||
FORGEJO__server__LFS_JWT_SECRET: "{{ vault_forgejo.server_lfs_jwt_secret }}"
|
OFFLINE_MODE: true
|
||||||
FORGEJO__server__LFS_START_SERVER: true
|
LFS_JWT_SECRET: "{{ vault_forgejo.server_lfs_jwt_secret }}"
|
||||||
|
LFS_START_SERVER: true
|
||||||
|
|
||||||
FORGEJO__security__INSTALL_LOCK: true
|
security:
|
||||||
FORGEJO__security__INTERNAL_TOKEN: "{{ vault_forgejo.security_internal_token }}"
|
INSTALL_LOCK: true
|
||||||
FORGEJO__security__SECRET_KEY: "{{ vault_forgejo.security_secret_key }}"
|
INTERNAL_TOKEN: "{{ vault_forgejo.security_internal_token }}"
|
||||||
|
SECRET_KEY: "{{ vault_forgejo.security_secret_key }}"
|
||||||
|
|
||||||
FORGEJO__openid__ENABLE_OPENID_SIGNUP: true
|
openid:
|
||||||
FORGEJO__openid__ENABLE_OPENID_SIGNIN: false
|
ENABLE_OPENID_SIGNUP: true
|
||||||
|
ENABLE_OPENID_SIGNIN: false
|
||||||
|
|
||||||
FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: true
|
service:
|
||||||
FORGEJO__service__ENABLE_BASIC_AUTHENTICATION: false
|
ALLOW_ONLY_EXTERNAL_REGISTRATION: true
|
||||||
FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE: true
|
ENABLE_BASIC_AUTHENTICATION: false
|
||||||
FORGEJO__service__NO_REPLY_ADDRESS: discard.msrg.cc
|
DEFAULT_KEEP_EMAIL_PRIVATE: true
|
||||||
|
NO_REPLY_ADDRESS: discard.msrg.cc
|
||||||
|
|
||||||
FORGEJO__webhook__DELIVER_TIMEOUT: 60
|
webhook:
|
||||||
|
DELIVER_TIMEOUT: 60
|
||||||
|
|
||||||
FORGEJO__mailer__ENABLED: true
|
mailer:
|
||||||
FORGEJO__mailer__PROTOCOL: smtp+starttls
|
ENABLED: true
|
||||||
FORGEJO__mailer__SMTP_ADDR: "{{ mailer.host }}"
|
PROTOCOL: smtp+starttls
|
||||||
FORGEJO__mailer__SMTP_PORT: "{{ mailer.port }}"
|
SMTP_ADDR: "{{ mailer.host }}"
|
||||||
FORGEJO__mailer__FROM: "git <{{ opentofu.mailcow_data.forgejo.address }}>"
|
SMTP_PORT: "{{ mailer.port }}"
|
||||||
FORGEJO__mailer__USER: "{{ opentofu.mailcow_data.forgejo.address }}"
|
FROM: "git <{{ opentofu.mailcow_data.forgejo.address }}>"
|
||||||
FORGEJO__mailer__PASSWD: "{{ opentofu.mailcow_data.forgejo.password }}"
|
USER: "{{ opentofu.mailcow_data.forgejo.address }}"
|
||||||
FORGEJO__mailer__SEND_AS_PLAIN_TEXT: true
|
PASSWD: "{{ opentofu.mailcow_data.forgejo.password }}"
|
||||||
|
SEND_AS_PLAIN_TEXT: true
|
||||||
|
|
||||||
FORGEJO__picture__DISABLE_GRAVATAR: true
|
picture:
|
||||||
|
DISABLE_GRAVATAR: true
|
||||||
|
|
||||||
FORGEJO__attachment__MAX_FILES: 10
|
attachment:
|
||||||
|
MAX_FILES: 10
|
||||||
|
|
||||||
FORGEJO__oauth2__JWT_SECRET: "{{ vault_forgejo.oauth2_jwt_secret }}"
|
oauth2:
|
||||||
|
JWT_SECRET: "{{ vault_forgejo.oauth2_jwt_secret }}"
|
||||||
|
|
||||||
FORGEJO__log.console__FLAGS: "level,medfile,shortfuncname"
|
log.console:
|
||||||
|
FLAGS: "level,medfile,shortfuncname"
|
||||||
|
|
||||||
FORGEJO__metrics__ENABLED: true
|
metrics:
|
||||||
FORGEJO__metrics__TOKEN: "{{ vault_metrics_token }}"
|
ENABLED: true
|
||||||
|
TOKEN: "{{ vault_metrics_token }}"
|
||||||
|
|
||||||
FORGEJO__actions__ENABLED: true
|
actions:
|
||||||
|
ENABLED: true
|
||||||
|
|
||||||
FORGEJO__storage__STORAGE_TYPE: minio
|
storage:
|
||||||
FORGEJO__storage__MINIO_ENDPOINT: "{{ opentofu.scaleway_data.forgejo.api_endpoint | urlsplit('hostname') }}"
|
STORAGE_TYPE: minio
|
||||||
FORGEJO__storage__MINIO_ACCESS_KEY_ID: "{{ opentofu.scaleway_data.forgejo.access_key }}"
|
MINIO_ENDPOINT: "{{ opentofu.scaleway_data.forgejo.api_endpoint | urlsplit('hostname') }}"
|
||||||
FORGEJO__storage__MINIO_SECRET_ACCESS_KEY: "{{ opentofu.scaleway_data.forgejo.secret_key }}"
|
MINIO_ACCESS_KEY_ID: "{{ opentofu.scaleway_data.forgejo.access_key }}"
|
||||||
FORGEJO__storage__MINIO_BUCKET: "{{ opentofu.scaleway_data.forgejo.name }}"
|
MINIO_SECRET_ACCESS_KEY: "{{ opentofu.scaleway_data.forgejo.secret_key }}"
|
||||||
FORGEJO__storage__MINIO_LOCATION: "{{ opentofu.scaleway_data.forgejo.region }}"
|
MINIO_BUCKET: "{{ opentofu.scaleway_data.forgejo.name }}"
|
||||||
FORGEJO__storage__MINIO_USE_SSL: true
|
MINIO_LOCATION: "{{ opentofu.scaleway_data.forgejo.region }}"
|
||||||
|
MINIO_USE_SSL: true
|
||||||
|
|
||||||
FORGEJO__other__SHOW_FOOTER_VERSION: true
|
other:
|
||||||
FORGEJO__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME: false
|
SHOW_FOOTER_VERSION: true
|
||||||
|
SHOW_FOOTER_TEMPLATE_LOAD_TIME: false
|
||||||
|
|
||||||
forgejo_compose:
|
forgejo_compose:
|
||||||
watchtower: update
|
watchtower: update
|
||||||
|
@ -88,6 +106,7 @@ forgejo_compose:
|
||||||
image: codeberg.org/forgejo/forgejo:11
|
image: codeberg.org/forgejo/forgejo:11
|
||||||
volumes:
|
volumes:
|
||||||
- data:/data
|
- data:/data
|
||||||
|
- ./app.ini:/data/gitea/conf/app.ini
|
||||||
- ./templates:/data/gitea/templates
|
- ./templates:/data/gitea/templates
|
||||||
- ./public:/data/gitea/public
|
- ./public:/data/gitea/public
|
||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue