--- - name: Download binary ansible.builtin.get_url: url: "{{ gitea_url }}" checksum: "sha256:{{ gitea_url }}.sha256" dest: /usr/local/bin/gitea mode: "0755" owner: root group: "{{ ansible_wheel }}" notify: Restart gitea - name: Create group ansible.builtin.group: name: gitea gid: 303 - name: Create user ansible.builtin.user: name: gitea comment: Service Gitea createhome: false group: gitea home: /var/empty shell: /sbin/nologin uid: 303 - name: Create config directory ansible.builtin.file: path: /etc/gitea state: directory mode: "0750" owner: root group: gitea - name: Create config ansible.builtin.template: dest: /etc/gitea/app.ini src: app.ini.j2 mode: "0640" owner: root group: gitea notify: Restart gitea - name: Create data directory ansible.builtin.file: path: /export/gitea state: directory mode: "0750" owner: gitea group: gitea - name: Link data directory ansible.builtin.file: path: /srv/gitea state: link src: /export/gitea owner: root group: "{{ ansible_wheel }}" follow: false - name: Create service file ansible.builtin.copy: dest: /etc/systemd/system/gitea.service src: gitea.service mode: "0644" owner: root group: "{{ ansible_wheel }}" notify: Restart gitea - name: Enable service ansible.builtin.service: name: gitea state: started enabled: true - name: Allow nginx to connect gitea ansible.posix.seboolean: name: httpd_can_network_connect state: true persistent: true - name: Copy nginx config ansible.builtin.copy: dest: "/etc/nginx/conf.d/{{ inventory_hostname }}/gitea.conf" content: | client_max_body_size 100m; location / { proxy_pass http://127.0.0.1:3000; } mode: "0644" owner: root group: "{{ ansible_wheel }}" notify: Restart nginx - name: Add gitea alias for root ansible.builtin.blockinfile: path: /root/.bashrc block: | # run gitea as gitea user alias gitea='sudo -u gitea HOME=/srv/gitea GITEA_WORK_DIR=/srv/gitea \ /usr/local/bin/gitea -c /etc/gitea/app.ini'