opennomad/linderhof
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linderhof/roles/forgejo/tasks/main.yml
Matthias Johnson b38cd94fc8 Fix fresh-deploy blockers and clean up architecture 
- Seed postfix-accounts.cf before mailserver start to satisfy Dovecot's
  requirement for at least one account on first boot
- Add failed_when: false to mail user/alias list tasks (files don't exist
  on first run)
- Add forgejo_runner_version (was undefined); default to 12
- Create /srv/forgejo/data/gitea/conf before deploying app.ini
- Decouple goaccess sync from restic: new enable_goaccess_sync flag with
  its own goaccess_sync_* variables
- Move Docker installation to bootstrap exclusively; rename docker.yml to
  networks.yml (runs docker_network role only)
- Add radicale_password to vault template and setup.sh
- Fix goaccess sync tasks gated on enable_goaccess_sync
- Add upstream bug comment to authorized_key deprecation warning
- Update CLAUDE.md and README.md throughout

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-28 00:51:16 -07:00

131 lines
3.6 KiB
YAML
Raw Blame History

---
- name: Allow Forgejo SSH traffic
ufw:
rule: allow
port: "{{ forgejo_ssh_port }}"
proto: tcp
- name: Create Forgejo directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- /srv/forgejo
- name: Create Forgejo data directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- /srv/forgejo/data
- /srv/forgejo/data/gitea/conf
# stat+chown: avoids UID/GID lookup warnings for container-internal UIDs not present on host
- name: Stat Forgejo data directory
ansible.builtin.stat:
path: /srv/forgejo/data
register: forgejo_data_stat
- name: Set Forgejo data directory ownership
ansible.builtin.command: chown 1000:1000 /srv/forgejo/data
when: forgejo_data_stat.stat.uid != 1000 or forgejo_data_stat.stat.gid != 1000
- name: Create runner data directory
ansible.builtin.file:
path: /srv/forgejo/runner
state: directory
mode: '0755'
when: enable_forgejo_runner | default(true)
# stat+chown: avoids UID/GID lookup warnings for container-internal UIDs not present on host
- name: Stat runner data directory
ansible.builtin.stat:
path: /srv/forgejo/runner
register: forgejo_runner_stat
when: enable_forgejo_runner | default(true)
- name: Set runner data directory ownership
ansible.builtin.command: chown 1000:1000 /srv/forgejo/runner
when: (enable_forgejo_runner | default(true)) and (forgejo_runner_stat.stat.uid != 1000 or forgejo_runner_stat.stat.gid != 1000)
- name: Deploy Forgejo docker-compose file
ansible.builtin.template:
src: compose.yml.j2
dest: /srv/forgejo/compose.yml
mode: '0644'
notify: Restart forgejo
- name: Deploy Forgejo app.ini configuration
ansible.builtin.template:
src: app.ini.j2
dest: /srv/forgejo/data/gitea/conf/app.ini
mode: '0644'
notify: Restart forgejo
- name: Start Forgejo server
community.docker.docker_compose_v2:
project_src: /srv/forgejo
services:
- forgejo
state: present
build: never
register: forgejo_output
- name: Wait for Forgejo to be ready
ansible.builtin.uri:
url: "http://localhost:{{ forgejo_port }}"
status_code: 200
retries: 30
delay: 2
when: forgejo_output.changed
# Runner registration (one-time)
- name: Check if runner is already registered
ansible.builtin.stat:
path: /srv/forgejo/runner/.runner
register: runner_file
when: enable_forgejo_runner | default(true)
- name: Generate runner registration token
community.docker.docker_container_exec:
container: forgejo
command: forgejo forgejo-cli actions generate-runner-token
user: git
register: runner_token
when:
- enable_forgejo_runner | default(true)
- not runner_file.stat.exists
- name: Deploy runner config
ansible.builtin.template:
src: runner-config.yml.j2
dest: /srv/forgejo/runner/config.yml
mode: '0644'
when: enable_forgejo_runner | default(true)
notify: Restart forgejo
- name: Register Forgejo runner
ansible.builtin.command:
cmd: >-
docker run --rm
--network git
-v /srv/forgejo/runner:/data
code.forgejo.org/forgejo/runner:{{ forgejo_runner_version }}
forgejo-runner register --no-interactive
--instance http://forgejo:3000
--token {{ runner_token.stdout | trim }}
--name {{ forgejo_runner_name }}
--labels {{ forgejo_runner_labels }}
when:
- enable_forgejo_runner | default(true)
- not runner_file.stat.exists
notify: Restart forgejo
- name: Start all Forgejo services
community.docker.docker_compose_v2:
project_src: /srv/forgejo
state: present
build: never
when: enable_forgejo_runner | default(true)
Reference in a new issue View git blame Copy permalink