kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-07-22 16:21:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implemented gitea database patch

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-07-20 18:14:20 +02:00
parent 2699edd197
commit dcb57af6f7
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
10 changed files with 58 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
roles/web-app-gitea/tasks/01_database.yml Normal file
View File

@ -0,0 +1,30 @@
---
- name: Flush handlers to ensure Gitea is up before DB patch
meta: flush_handlers
- name: Patch Gitea DB host in app.ini
command: >
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
sed -ri "s|^(HOST\s*=\s*).*$|\1{{ database_host }}:{{ database_port }}|" {{ gitea_config }}
notify: docker compose up
- name: Patch Gitea DB name in app.ini
command: >
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
sed -ri "s|^(NAME\s*=\s*).*$|\1{{ database_name }}|" {{ gitea_config }}
notify: docker compose up
- name: Patch Gitea DB user in app.ini
command: >
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
sed -ri "s|^(USER\s*=\s*).*$|\1{{ database_username }}|" {{ gitea_config }}
notify: docker compose up
- name: Patch Gitea DB password in app.ini
command: >
docker exec -i --user {{ gitea_user }} {{ gitea_container }}
sed -ri "s|^(PASSWD\s*=\s*).*$|\1{{ database_password }}|" {{ gitea_config }}
notify: docker compose up
- name: "Flush database patches"
meta: flush_handlers

0
roles/web-app-gitea/tasks/setup.yml → roles/web-app-gitea/tasks/02_setup.yml
View File

0
roles/web-app-gitea/tasks/cleanup.yml → roles/web-app-gitea/tasks/03_cleanup.yml
View File

6
roles/web-app-gitea/tasks/cleanup/ldap.yml
View File

@ -1,7 +1,6 @@
- name: "Lookup existing LDAP auth source ID" - name: "Lookup existing LDAP auth source ID"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth list \ gitea admin auth list \
| awk -v name="LDAP ({{ primary_domain }})" '$0 ~ name {print $1; exit}' | awk -v name="LDAP ({{ primary_domain }})" '$0 ~ name {print $1; exit}'
args: args:
@ -12,8 +11,7 @@
- name: "Delete existing LDAP auth source if present" - name: "Delete existing LDAP auth source if present"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth delete --id {{ ldap_source_id_raw.stdout }} gitea admin auth delete --id {{ ldap_source_id_raw.stdout }}
args: args:
chdir: "{{ docker_compose.directories.instance }}" chdir: "{{ docker_compose.directories.instance }}"

6
roles/web-app-gitea/tasks/cleanup/oidc.yml
View File

@ -1,8 +1,7 @@
- name: "Lookup existing OIDC auth source ID" - name: "Lookup existing OIDC auth source ID"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth list \ gitea admin auth list \
| awk -v name="{{ oidc.button_text }}" '$0 ~ name {print $1; exit}' | awk -v name="{{ oidc.button_text }}" '$0 ~ name {print $1; exit}'
args: args:
@ -13,8 +12,7 @@
- name: "Delete existing OIDC auth source if present" - name: "Delete existing OIDC auth source if present"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth delete --id {{ oidc_source_id_raw.stdout }} gitea admin auth delete --id {{ oidc_source_id_raw.stdout }}
args: args:
chdir: "{{ docker_compose.directories.instance }}" chdir: "{{ docker_compose.directories.instance }}"

15
roles/web-app-gitea/tasks/main.yml
View File

@ -10,10 +10,12 @@
delay: 5 delay: 5
timeout: 300 timeout: 300
- name: Patch Gitea database settings in app.ini
include_tasks: 01_database.yml
- name: "Run DB migrations inside Gitea container" - name: "Run DB migrations inside Gitea container"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
/app/gitea/gitea migrate /app/gitea/gitea migrate
args: args:
chdir: "{{ docker_compose.directories.instance }}" chdir: "{{ docker_compose.directories.instance }}"
@ -22,14 +24,13 @@
- name: "Create initial admin user" - name: "Create initial admin user"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
/app/gitea/gitea admin user create \ /app/gitea/gitea admin user create \
--admin \ --admin \
--username "{{ users.administrator.username }}" \ --username "{{ users.administrator.username }}" \
--password "{{ users.administrator.password }}" \ --password "{{ users.administrator.password }}" \
--email "{{ users.administrator.email }}" \ --email "{{ users.administrator.email }}" \
-c /data/gitea/conf/app.ini -c {{ gitea_config }}
args: args:
chdir: "{{ docker_compose.directories.instance }}" chdir: "{{ docker_compose.directories.instance }}"
register: create_admin register: create_admin
@ -49,10 +50,10 @@
when: applications | get_app_conf(application_id, 'features.oidc', False) or applications | get_app_conf(application_id, 'features.ldap', False) when: applications | get_app_conf(application_id, 'features.oidc', False) or applications | get_app_conf(application_id, 'features.ldap', False)
- name: Execute Setup Routines - name: Execute Setup Routines
include_tasks: setup.yml include_tasks: 02_setup.yml
- name: Execute Cleanup Routines - name: Execute Cleanup Routines
include_tasks: cleanup.yml include_tasks: 03_cleanup.yml
when: mode_cleanup when: mode_cleanup
- name: Include DNS role to register Gitea domain(s) - name: Include DNS role to register Gitea domain(s)

9
roles/web-app-gitea/tasks/setup/ldap.yml
View File

@ -1,7 +1,6 @@
- name: "Add LDAP Authentication Source" - name: "Add LDAP Authentication Source"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth add-ldap \ gitea admin auth add-ldap \
{{ gitea_ldap_auth_args | join(' ') }} {{ gitea_ldap_auth_args | join(' ') }}
args: args:
@ -11,8 +10,7 @@
- name: "Lookup existing LDAP auth source ID" - name: "Lookup existing LDAP auth source ID"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth list \ gitea admin auth list \
| tail -n +2 \ | tail -n +2 \
| grep -F "LDAP ({{ primary_domain }})" \ | grep -F "LDAP ({{ primary_domain }})" \
@ -31,8 +29,7 @@
- name: "Update LDAP Authentication Source" - name: "Update LDAP Authentication Source"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth update-ldap \ gitea admin auth update-ldap \
--id {{ ldap_source_id }} \ --id {{ ldap_source_id }} \
{{ gitea_ldap_auth_args | join(' ') }} {{ gitea_ldap_auth_args | join(' ') }}

9
roles/web-app-gitea/tasks/setup/oidc.yml
View File

@ -1,7 +1,6 @@
- name: "Add Keycloak OIDC Provider" - name: "Add Keycloak OIDC Provider"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth add-oauth \ gitea admin auth add-oauth \
--provider openidConnect \ --provider openidConnect \
--name "{{ oidc.button_text }}" \ --name "{{ oidc.button_text }}" \
@ -16,8 +15,7 @@
- name: "Lookup existing Keycloak auth source ID" - name: "Lookup existing Keycloak auth source ID"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
/app/gitea/gitea admin auth list \ /app/gitea/gitea admin auth list \
| tail -n +2 \ | tail -n +2 \
| grep -F "{{ oidc.button_text }}" \ | grep -F "{{ oidc.button_text }}" \
@ -36,8 +34,7 @@
- name: "Update Keycloak OIDC Provider" - name: "Update Keycloak OIDC Provider"
shell: | shell: |
docker-compose -f "{{ docker_compose.directories.instance }}/docker-compose.yml" \ docker exec -i --user {{ gitea_user }} {{ gitea_container }} \
exec -T --user git application \
gitea admin auth update-oauth \ gitea admin auth update-oauth \
--id {{ oidc_source_id }}\ --id {{ oidc_source_id }}\
--provider openidConnect \ --provider openidConnect \

2
roles/web-app-gitea/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@
application: application:
{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'roles/docker-container/templates/base.yml.j2' %}
image: "{{ gitea_image }}:{{ gitea_version }}" image: "{{ gitea_image }}:{{ gitea_version }}"
name: "{{ gitea_name }}" container_name: "{{ gitea_container }}"
ports: ports:
- "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
- "{{ports.public.ssh[application_id]}}:22" - "{{ports.public.ssh[application_id]}}:22"

14
roles/web-app-gitea/vars/main.yml
View File

@ -15,9 +15,13 @@ gitea_ldap_auth_args:
- '--email-attribute "{{ ldap.user.attributes.mail }}"' - '--email-attribute "{{ ldap.user.attributes.mail }}"'
- '--public-ssh-key-attribute "{{ ldap.user.attributes.ssh_public_key }}"' - '--public-ssh-key-attribute "{{ ldap.user.attributes.ssh_public_key }}"'
- '--synchronize-users' - '--synchronize-users'
gitea_version: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.version', True) }}" gitea_version: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.version', True) }}"
gitea_image: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.image', True) }}" gitea_image: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.image', True) }}"
gitea_name: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.name', True) }}" gitea_container: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.name', True) }}"
gitea_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}" gitea_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
gitea_user: "git"
gitea_config: "/data/gitea/conf/app.ini"
container_port: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.port', True) }}" container_port: "{{ applications | get_app_conf(application_id, 'docker.services.gitea.port', True) }}"
docker_compose_flush_handlers: true