111 lines
3.4 KiB
YAML
111 lines
3.4 KiB
YAML
- name: Gitea
|
|
hosts: beepi
|
|
become: true
|
|
vars:
|
|
user: gitea
|
|
user_home: /home/gitea
|
|
gitea_db_password: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
63336533393735346165633965383866393736336365646330346236356239363737353234383637
|
|
6261383166323062663033346136633066303462343263320a333932646162336232373530373834
|
|
65386637336562646135613563356137313239336365653161386434313835633437613233343332
|
|
3736353865313938300a383266353538666135353866653263663133663232646430323966353134
|
|
3939
|
|
tasks:
|
|
- name: Install dependencies
|
|
ansible.builtin.apt:
|
|
name: "{{ item }}"
|
|
state: present
|
|
loop:
|
|
- podman
|
|
- systemd-container
|
|
- passt
|
|
|
|
- name: Create user
|
|
ansible.builtin.user:
|
|
name: "{{ user }}"
|
|
home: "{{ user_home }}"
|
|
shell: /usr/sbin/nologin
|
|
create_home: true
|
|
register: user_info
|
|
|
|
- name: Enable linger
|
|
ansible.builtin.command:
|
|
cmd: "loginctl enable-linger {{ user }}"
|
|
creates: "/var/lib/systemd/linger/{{ user }}"
|
|
|
|
- name: Create quadlet directory
|
|
ansible.builtin.file:
|
|
path: "{{ user_home }}/.config/containers/systemd"
|
|
state: directory
|
|
owner: "{{ user }}"
|
|
group: "{{ user }}"
|
|
mode: '0755'
|
|
|
|
- name: Create data directory
|
|
ansible.builtin.file:
|
|
path: "{{ user_home }}/data"
|
|
state: directory
|
|
owner: "{{ user }}"
|
|
group: "{{ user }}"
|
|
mode: '0755'
|
|
|
|
- name: Copy network
|
|
ansible.builtin.copy:
|
|
dest: "{{ user_home }}/.config/containers/systemd/gitea.network"
|
|
content: "[Network]\n"
|
|
owner: "{{ user }}"
|
|
group: "{{ user }}"
|
|
mode: '0644'
|
|
|
|
- name: Deploy db quadlet
|
|
ansible.builtin.template:
|
|
src: gitea-db.container.j2
|
|
dest: "{{ user_home }}/.config/containers/systemd/gitea-db.container"
|
|
owner: "{{ user }}"
|
|
group: "{{ user }}"
|
|
mode: '0600'
|
|
|
|
- name: Deploy server quadlet
|
|
ansible.builtin.template:
|
|
src: gitea-server.container.j2
|
|
dest: "{{ user_home }}/.config/containers/systemd/gitea-server.container"
|
|
owner: "{{ user }}"
|
|
group: "{{ user }}"
|
|
mode: '0600'
|
|
|
|
- name: Reload user systemd
|
|
become: true
|
|
become_user: "{{ user }}"
|
|
environment:
|
|
XDG_RUNTIME_DIR: "/run/user/{{ user_info.uid }}"
|
|
DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ user_info.uid }}/bus"
|
|
ansible.builtin.systemd:
|
|
daemon_reload: true
|
|
scope: user
|
|
|
|
- name: Start user manager
|
|
ansible.builtin.systemd:
|
|
name: "user@{{ user_info.uid }}.service"
|
|
state: started
|
|
|
|
- name: Start gitea-server
|
|
become: true
|
|
become_user: "{{ user }}"
|
|
environment:
|
|
XDG_RUNTIME_DIR: "/run/user/{{ user_info.uid }}"
|
|
DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ user_info.uid }}/bus"
|
|
ansible.builtin.systemd:
|
|
name: gitea-server.service
|
|
state: started
|
|
scope: user
|
|
|
|
- name: Debug
|
|
ansible.builtin.debug:
|
|
msg:
|
|
- "Service status: systemctl --user --machine {{ user_info.name }}@.host status gitea-server"
|
|
- "Read logs: sudo journalctl _UID={{ user_info.uid }} -n 200 --no-pager"
|
|
- "Shell: machinectl shell {{ user_info.name }}@.host /bin/bash"
|
|
tags:
|
|
- always
|