migrate forgejo

2025-05-05 02:13:27 +02:00 · 2025-05-05 02:13:27 +02:00 · 589f45b786
commit 589f45b786
parent 9eb399876e
7 changed files with 73 additions and 35 deletions
--- a/playbooks/home-services.yml
+++ b/playbooks/home-services.yml
@ -14,3 +14,4 @@
    - caddy
    - vaultwarden
    - redbot
+    - forgejo
--- a/roles/common/tasks/create_caddyfile_for_compose-service.yml
+++ b/roles/common/tasks/create_caddyfile_for_compose-service.yml
@ -0,0 +1,6 @@
+- name: Deploy Caddyfile for {{ service_name }}
+  ansible.builtin.template:
+    src: compose-service.caddy.j2
+    dest: '{{ caddyfiles_directory }}/{{ service_name }}'
+    mode: '644'
+  when: "'caddy' in group_names"
--- a/roles/common/tasks/templates/compose-service.caddy.j2
+++ b/roles/common/tasks/templates/compose-service.caddy.j2
@ -1,5 +1,4 @@
 http://{{ service_name }}.{{ ansible_hostname }} {
-  reverse_proxy {{ service_name }}:80
+  reverse_proxy {{ service_name }}:{{ docker_http_port }}
  encode zstd gzip
 }
-
--- a/roles/compose-service/tasks/main.yml
+++ b/roles/compose-service/tasks/main.yml
@ -1,5 +1,3 @@
- name: Deploy service
-  block:
 - name: Assert mandatory variables are defines
  ansible.builtin.assert:
    that:
@ -15,7 +13,7 @@
    dest: '{{ service_root }}/docker-compose.yml'
    owner: '{{ service_user }}'
    group: '{{ service_user }}'
-        mode: '0644'
+    mode: '644'

 - name: Start {{ service_name }} container
  community.docker.docker_compose_v2:
--- a/roles/forgejo/defaults/main.yml
+++ b/roles/forgejo/defaults/main.yml
@ -0,0 +1,5 @@
+service_name: forgejo
+docker_image: codeberg.org/forgejo/forgejo
+docker_image_version: 11
+data_directory: "{{ service_root }}/data"
+public_ssh_port: 222
--- a/roles/forgejo/tasks/main.yml
+++ b/roles/forgejo/tasks/main.yml
@ -0,0 +1,31 @@
+- name: Deploy Forgejo
+  ansible.builtin.import_role:
+    name: compose-service
+  vars:
+    docker_volumes:
+      - '{{ data_directory }}:/data'
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    docker_env:
+      USER_UID: '{{ getent_passwd[service_user].1 }}'
+      USER_GID: '{{ getent_passwd[service_user].2 }}'
+      FORGEJO__server__SSH_PORT: '{{ public_ssh_port }}'
+      FORGEJO__openid__ENABLE_OPENID_SIGNIN: false
+      FORGEJO__openid__ENABLE_OPENID_SIGNUP: false
+    docker_ports:
+      - "{{ public_ssh_port }}:22"
+    use_docker_user: false
+
+- name: Ensure data directory exists
+  ansible.builtin.file:
+    path: '{{ data_directory }}'
+    state: directory
+    owner: '{{ service_user }}'
+    group: '{{ service_user }}'
+    mode: '700'
+
+
+- name: Deploy Caddyfile for Forgejo
+  vars:
+    docker_http_port: 3000
+  ansible.builtin.import_tasks: ../../common/tasks/create_caddyfile_for_compose-service.yml
--- a/roles/vaultwarden/tasks/main.yml
+++ b/roles/vaultwarden/tasks/main.yml
@ -14,8 +14,6 @@
      - '{{ data_directory }}:/data'

 - name: Deploy Caddyfile for vaultwarden
-  ansible.builtin.template:
-    src: vaultwarden.caddy.j2
-    dest: '{{ caddyfiles_directory }}/vaultwarden'
-    mode: '644'
-  when: "'caddy' in group_names"
+  vars:
+    docker_http_port: 80
+  ansible.builtin.import_tasks: ../../common/tasks/create_caddyfile_for_compose-service.yml