mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-07-22 08:11:09 +02:00
Implemented gitea database patch
This commit is contained in:
parent
2699edd197
commit
dcb57af6f7
30
roles/web-app-gitea/tasks/01_database.yml
Normal file
30
roles/web-app-gitea/tasks/01_database.yml
Normal file
@ -0,0 +1,30 @@
|
||||
---
|
||||
- name: Flush handlers to ensure Gitea is up before DB patch
|
||||
meta: flush_handlers
|
||||
|
||||
- name: Patch Gitea DB host in app.ini
|
||||
command: >
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
|
||||
sed -ri "s|^(HOST\s*=\s*).*$|\1{{ database_host }}:{{ database_port }}|" {{ gitea_config }}
|
||||
notify: docker compose up
|
||||
|
||||
- name: Patch Gitea DB name in app.ini
|
||||
command: >
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
|
||||
sed -ri "s|^(NAME\s*=\s*).*$|\1{{ database_name }}|" {{ gitea_config }}
|
||||
notify: docker compose up
|
||||
|
||||
- name: Patch Gitea DB user in app.ini
|
||||
command: >
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
|
||||
sed -ri "s|^(USER\s*=\s*).*$|\1{{ database_username }}|" {{ gitea_config }}
|
||||
notify: docker compose up
|
||||
|
||||
- name: Patch Gitea DB password in app.ini
|
||||
command: >
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
|
||||
sed -ri "s|^(PASSWD\s*=\s*).*$|\1{{ database_password }}|" {{ gitea_config }}
|
||||
notify: docker compose up
|
||||
|
||||
- name: "Flush database patches"
|
||||
meta: flush_handlers
|
||||
@ -1,7 +1,6 @@
|
||||
- name: "Lookup existing LDAP auth source ID"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth list \
|
||||
| awk -v name="LDAP ({{ primary_domain }})" '$0 ~ name {print $1; exit}'
|
||||
args:
|
||||
@ -12,8 +11,7 @@
|
||||
|
||||
- name: "Delete existing LDAP auth source if present"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth delete --id {{ ldap_source_id_raw.stdout }}
|
||||
args:
|
||||
chdir: "{{ docker_compose.directories.instance }}"
|
||||
|
||||
@ -1,8 +1,7 @@
|
||||
|
||||
- name: "Lookup existing OIDC auth source ID"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth list \
|
||||
| awk -v name="{{ oidc.button_text }}" '$0 ~ name {print $1; exit}'
|
||||
args:
|
||||
@ -13,8 +12,7 @@
|
||||
|
||||
- name: "Delete existing OIDC auth source if present"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth delete --id {{ oidc_source_id_raw.stdout }}
|
||||
args:
|
||||
chdir: "{{ docker_compose.directories.instance }}"
|
||||
|
||||
@ -10,10 +10,12 @@
|
||||
delay: 5
|
||||
timeout: 300
|
||||
|
||||
- name: Patch Gitea database settings in app.ini
|
||||
include_tasks: 01_database.yml
|
||||
|
||||
- name: "Run DB migrations inside Gitea container"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
/app/gitea/gitea migrate
|
||||
args:
|
||||
chdir: "{{ docker_compose.directories.instance }}"
|
||||
@ -22,14 +24,13 @@
|
||||
|
||||
- name: "Create initial admin user"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
/app/gitea/gitea admin user create \
|
||||
--admin \
|
||||
--username "{{ users.administrator.username }}" \
|
||||
--password "{{ users.administrator.password }}" \
|
||||
--email "{{ users.administrator.email }}" \
|
||||
-c /data/gitea/conf/app.ini
|
||||
-c {{ gitea_config }}
|
||||
args:
|
||||
chdir: "{{ docker_compose.directories.instance }}"
|
||||
register: create_admin
|
||||
@ -49,10 +50,10 @@
|
||||
when: applications | get_app_conf(application_id, 'features.oidc', False) or applications | get_app_conf(application_id, 'features.ldap', False)
|
||||
|
||||
- name: Execute Setup Routines
|
||||
include_tasks: setup.yml
|
||||
include_tasks: 02_setup.yml
|
||||
|
||||
- name: Execute Cleanup Routines
|
||||
include_tasks: cleanup.yml
|
||||
include_tasks: 03_cleanup.yml
|
||||
when: mode_cleanup
|
||||
|
||||
- name: Include DNS role to register Gitea domain(s)
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
- name: "Add LDAP Authentication Source"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth add-ldap \
|
||||
{{ gitea_ldap_auth_args | join(' ') }}
|
||||
args:
|
||||
@ -11,8 +10,7 @@
|
||||
|
||||
- name: "Lookup existing LDAP auth source ID"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth list \
|
||||
| tail -n +2 \
|
||||
| grep -F "LDAP ({{ primary_domain }})" \
|
||||
@ -31,8 +29,7 @@
|
||||
|
||||
- name: "Update LDAP Authentication Source"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth update-ldap \
|
||||
--id {{ ldap_source_id }} \
|
||||
{{ gitea_ldap_auth_args | join(' ') }}
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
- name: "Add Keycloak OIDC Provider"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth add-oauth \
|
||||
--provider openidConnect \
|
||||
--name "{{ oidc.button_text }}" \
|
||||
@ -16,8 +15,7 @@
|
||||
|
||||
- name: "Lookup existing Keycloak auth source ID"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
/app/gitea/gitea admin auth list \
|
||||
| tail -n +2 \
|
||||
| grep -F "{{ oidc.button_text }}" \
|
||||
@ -36,8 +34,7 @@
|
||||
|
||||
- name: "Update Keycloak OIDC Provider"
|
||||
shell: |
|
||||
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \
|
||||
exec -T --user git application \
|
||||
docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
|
||||
gitea admin auth update-oauth \
|
||||
--id {{ oidc_source_id }}\
|
||||
--provider openidConnect \
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
application:
|
||||
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
||||
image: "{{ gitea_image }}:{{ gitea_version }}"
|
||||
name: "{{ gitea_name }}"
|
||||
container_name: "{{ gitea_container }}"
|
||||
ports:
|
||||
- "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
|
||||
- "{{ports.public.ssh[application_id]}}:22"
|
||||
|
||||
@ -15,9 +15,13 @@ gitea_ldap_auth_args:
|
||||
- '--email-attribute "{{ ldap.user.attributes.mail }}"'
|
||||
- '--public-ssh-key-attribute "{{ ldap.user.attributes.ssh_public_key }}"'
|
||||
- '--synchronize-users'
|
||||
gitea_version: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.version', True) }}"
|
||||
gitea_image: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.image', True) }}"
|
||||
gitea_name: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.name', True) }}"
|
||||
gitea_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
|
||||
gitea_version: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.version', True) }}"
|
||||
gitea_image: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.image', True) }}"
|
||||
gitea_container: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.name', True) }}"
|
||||
gitea_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
|
||||
gitea_user: "git"
|
||||
gitea_config: "/data/gitea/conf/app.ini"
|
||||
|
||||
container_port: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.port', True) }}"
|
||||
container_port: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.port', True) }}"
|
||||
|
||||
docker_compose_flush_handlers: true
|
||||
Loading…
x
Reference in New Issue
Block a user