paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

templated gitea state

Browse Source
This commit is contained in:
Paul 2021-12-29 16:56:39 +01:00
parent 8663641632
commit 93a00a2f73
9 changed files with 259 additions and 227 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
states/gitea/config.sls
View File

@ -1,10 +1,10 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
---
{% from "gitea/map.jinja" import gitea with context %}
/var/lib/gitea/custom/conf/app.ini:
gitea-config:
file.managed:
- name: {{ gitea.configfile }}
- source: salt://gitea/files/app.ini.j2
- template: jinja
- user: git

45
states/gitea/defaults.yaml
View File

@ -1,15 +1,23 @@
---
gitea:
config: /var/lib/gitea/custom/conf/app.ini
workingdir: /var/lib/gitea
configfile: /var/lib/gitea/custom/conf/app.ini
user: git
group: git
version: "1.0.2"
arch: "amd64"
config:
global:
app_name: Gitea - Git with a cup of tea
run_user: git
run_mode: prod
database:
type: postgres
db_type: postgres
host: 127.0.0.1:5432
name: gitea
user: gitea
password: databaseSecretPassword
ssl: false
passwd: databaseSecretPassword
ssl_mode: enable
path: data/gitea.db
repository:
root: /var/lib/gitea/gitea-repositories
@ -17,7 +25,7 @@ gitea:
domain: git.example.com
http_addr: 0.0.0.0
http_port: 3000
https: true
root_url: https://git.example.com/
disable_ssh: true
start_ssh_server: false
ssh_port: 2222
@ -41,8 +49,6 @@ gitea:
smtp_password: secretPassword1234
skip_verify: false
service:
name: gitea
app_name: Gitea - Git with a cup of tea
register_email_confirm: true
disable_registration: true
require_signin_view: true
@ -56,14 +62,31 @@ gitea:
allowed_types: image/jpeg|image/png
max_size: 8
max_files: 5
cron:
enabled: true
run_at_start: false
cron.update_mirrors:
schedule: "0 12 3 * * *"
cron.archive_cleanup:
enabled: false
cron.delete_repo_archives:
enabled: false
session:
provider: file
cookie_secure: true
cookie_name: i_like_gitea
log:
mode: file
level: Info
security:
install_lock: true
remember_password_days: 30
secret_key: myUniqueSecretKey
internal_token: myUniqueInternalToken
install_lock:
secret_key: twogirlsonecup
login_remember_days: 30
cookie_username: giteauser
cookie_remember_name: giteausersession
internal_token: motherfuckingtoken
other:
show_footer_branding: true
show_footer_version: true
oauth2:
jwt_secret: createYourOwnJWTSecret

128
states/gitea/files/app.ini.j2
View File

@ -1,118 +1,14 @@
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
{% from "gitea/map.jinja" import gitea with context %}
APP_NAME = {{ gitea.service.app_name }}
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = {{ gitea.database.type }}
HOST = {{ gitea.database.host }}
NAME = {{ gitea.database.name }}
USER = {{ gitea.database.user }}
PASSWD = {{ gitea.database.password }}
{%- if gitea.database.ssl %}
SSL_MODE = enable
{%- else %}
SSL_MODE = disable
{%- endif %}
PATH = {{ gitea.database.path }}
[repository]
ROOT = {{ gitea.repository.root }}
[server]
DOMAIN = {{ gitea.server.domain }}
HTTP_ADDR = {{ gitea.server.http_addr }}
HTTP_PORT = {{ gitea.server.http_port }}
{%- if gitea.server.https %}
ROOT_URL = https://{{ gitea.server.domain }}/
{%- else %}
ROOT_URL = http://{{ gitea.server.domain }}/
{%- endif %}
DISABLE_SSH = {{ gitea.server.disable_ssh }}
START_SSH_SERVER = {{ gitea.server.start_ssh_server }}
SSH_DOMAIN = {{ gitea.server.domain }}
SSH_PORT = {{ gitea.server.ssh_port }}
SSH_LISTEN_PORT = {{ gitea.server.ssh_listen_port }}
OFFLINE_MODE = {{ gitea.server.offline_mode }}
LFS_START_SERVER = {{ gitea.server.lfs_start_server }}
LFS_CONTENT_PATH = {{ gitea.server.lfs_content_path }}
LFS_JWT_SECRET = {{ gitea.server.lfs_jwt_secret }}
ENABLE_GZIP = {{ gitea.server.enable_gzip }}
LANDING_PAGE = {{ gitea.server.landing_page }}
[cache]
ENABLED = {{ gitea.cache.enabled }}
ADAPTER = {{ gitea.cache.adapter }}
HOST = {{ gitea.cache.host }}
[mailer]
ENABLED = {{ gitea.mailer.enable }}
HELO_HOSTNAME = {{ gitea.mailer.hostname }}
HOST = {{ gitea.mailer.hostandport }}
IS_TLS_ENABLED = {{ gitea.mailer.is_tls_enabled }}
FROM = {{ gitea.mailer.from_address }}
USER = {{ gitea.mailer.smtp_user }}
PASSWD = {{ gitea.mailer.smtp_password }}
SKIP_VERIFY = {{ gitea.mailer.skip_verify }}
[service]
REGISTER_EMAIL_CONFIRM = {{ gitea.service.register_email_confirm }}
DISABLE_REGISTRATION = {{ gitea.service.disable_registration }}
ENABLE_CAPTCHA = {{ gitea.service.enable_captcha }}
REQUIRE_SIGNIN_VIEW = {{ gitea.service.require_signin_view }}
ENABLE_NOTIFY_MAIL = {{ gitea.service.enable_notify_mail }}
[picture]
DISABLE_GRAVATAR = {{ gitea.picture.disable_gravatar }}
[attachment]
ENABLED = {{ gitea.attachment.enabled }}
PATH = {{ gitea.attachment.path }}
ALLOWED_TYPES = {{ gitea.attachment.allowed_types }}
MAX_SIZE = {{ gitea.attachment.max_size }}
MAX_FILES = {{ gitea.attachment.max_files }}
[cron]
ENABLED = true
RUN_AT_START = false
[cron.update_mirrors]
SCHEDULE = "0 12 3 * * *"
[cron.archive_cleanup]
ENABLED = false
[cron.delete_repo_archives]
ENABLED = false
[session]
PROVIDER = file
COOKIE_SECURE = {{ gitea.server.https }}
COOKIE_NAME = i_like_gitea
[log]
MODE = {{ gitea.log.mode }}
LEVEL = {{ gitea.log.level }}
[security]
INSTALL_LOCK = {{ gitea.security.install_lock }}
SECRET_KEY = {{ gitea.get('security.secret_key', salt['grains.get_or_set_hash'](
'gitea:security_secret_key',
length=15,
chars=('abcdefghijklmnopqrstuvwxyz' +
'ABCDEFGHIJKLMNOPQRSTUVWXYZ' +
'12345678790')
)) }}
LOGIN_REMEMBER_DAYS = {{ gitea.security.remember_password_days }}
COOKIE_USERNAME = giteauser
COOKIE_REMEMBER_NAME = giteausersession
INTERNAL_TOKEN = {{ gitea.security.internal_token }}
[other]
SHOW_FOOTER_BRANDING = {{ gitea.other.show_footer_branding }}
SHOW_FOOTER_VERSION = {{ gitea.other.show_footer_version }}
[oauth2]
JWT_SECRET = {{ gitea.server.lfs_jwt_secret }}
{%- for k,v in gitea.config.items() -%}
{%- if k == "global" %}
{%- for subkey,subval in v.items() -%}
{{ subkey|upper() }} = {{ subval }}
{% endfor -%}
{% else -%}
[{{ k }}]
{% for subkey,subval in v.items() -%}
{{ subkey|upper() }} = {{ subval }}
{% endfor -%}
{% endif %}
{% endfor -%}

118
states/gitea/files/app.ini.old.j2 Normal file
View File

@ -0,0 +1,118 @@
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
{% from "gitea/map.jinja" import gitea with context %}
APP_NAME = {{ gitea.service.app_name }}
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = {{ gitea.database.type }}
HOST = {{ gitea.database.host }}
NAME = {{ gitea.database.name }}
USER = {{ gitea.database.user }}
PASSWD = {{ gitea.database.password }}
{%- if gitea.database.ssl %}
SSL_MODE = enable
{%- else %}
SSL_MODE = disable
{%- endif %}
PATH = {{ gitea.database.path }}
[repository]
ROOT = {{ gitea.repository.root }}
[server]
DOMAIN = {{ gitea.server.domain }}
HTTP_ADDR = {{ gitea.server.http_addr }}
HTTP_PORT = {{ gitea.server.http_port }}
{%- if gitea.server.https %}
ROOT_URL = https://{{ gitea.server.domain }}/
{%- else %}
ROOT_URL = http://{{ gitea.server.domain }}/
{%- endif %}
DISABLE_SSH = {{ gitea.server.disable_ssh }}
START_SSH_SERVER = {{ gitea.server.start_ssh_server }}
SSH_DOMAIN = {{ gitea.server.domain }}
SSH_PORT = {{ gitea.server.ssh_port }}
SSH_LISTEN_PORT = {{ gitea.server.ssh_listen_port }}
OFFLINE_MODE = {{ gitea.server.offline_mode }}
LFS_START_SERVER = {{ gitea.server.lfs_start_server }}
LFS_CONTENT_PATH = {{ gitea.server.lfs_content_path }}
LFS_JWT_SECRET = {{ gitea.server.lfs_jwt_secret }}
ENABLE_GZIP = {{ gitea.server.enable_gzip }}
LANDING_PAGE = {{ gitea.server.landing_page }}
[cache]
ENABLED = {{ gitea.cache.enabled }}
ADAPTER = {{ gitea.cache.adapter }}
HOST = {{ gitea.cache.host }}
[mailer]
ENABLED = {{ gitea.mailer.enable }}
HELO_HOSTNAME = {{ gitea.mailer.hostname }}
HOST = {{ gitea.mailer.hostandport }}
IS_TLS_ENABLED = {{ gitea.mailer.is_tls_enabled }}
FROM = {{ gitea.mailer.from_address }}
USER = {{ gitea.mailer.smtp_user }}
PASSWD = {{ gitea.mailer.smtp_password }}
SKIP_VERIFY = {{ gitea.mailer.skip_verify }}
[service]
REGISTER_EMAIL_CONFIRM = {{ gitea.service.register_email_confirm }}
DISABLE_REGISTRATION = {{ gitea.service.disable_registration }}
ENABLE_CAPTCHA = {{ gitea.service.enable_captcha }}
REQUIRE_SIGNIN_VIEW = {{ gitea.service.require_signin_view }}
ENABLE_NOTIFY_MAIL = {{ gitea.service.enable_notify_mail }}
[picture]
DISABLE_GRAVATAR = {{ gitea.picture.disable_gravatar }}
[attachment]
ENABLED = {{ gitea.attachment.enabled }}
PATH = {{ gitea.attachment.path }}
ALLOWED_TYPES = {{ gitea.attachment.allowed_types }}
MAX_SIZE = {{ gitea.attachment.max_size }}
MAX_FILES = {{ gitea.attachment.max_files }}
[cron]
ENABLED = true
RUN_AT_START = false
[cron.update_mirrors]
SCHEDULE = "0 12 3 * * *"
[cron.archive_cleanup]
ENABLED = false
[cron.delete_repo_archives]
ENABLED = false
[session]
PROVIDER = file
COOKIE_SECURE = {{ gitea.server.https }}
COOKIE_NAME = i_like_gitea
[log]
MODE = {{ gitea.log.mode }}
LEVEL = {{ gitea.log.level }}
[security]
INSTALL_LOCK = {{ gitea.security.install_lock }}
SECRET_KEY = {{ gitea.get('security.secret_key', salt['grains.get_or_set_hash'](
'gitea:security_secret_key',
length=15,
chars=('abcdefghijklmnopqrstuvwxyz' +
'ABCDEFGHIJKLMNOPQRSTUVWXYZ' +
'12345678790')
)) }}
LOGIN_REMEMBER_DAYS = {{ gitea.security.remember_password_days }}
COOKIE_USERNAME = giteauser
COOKIE_REMEMBER_NAME = giteausersession
INTERNAL_TOKEN = {{ gitea.security.internal_token }}
[other]
SHOW_FOOTER_BRANDING = {{ gitea.other.show_footer_branding }}
SHOW_FOOTER_VERSION = {{ gitea.other.show_footer_version }}
[oauth2]
JWT_SECRET = {{ gitea.server.lfs_jwt_secret }}

23
states/gitea/files/gitea.service
View File

@ -1,23 +0,0 @@
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
#After=postgresql.service
[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea
ExecStart=/var/lib/gitea/gitea web
Restart=always
Environment=USER=git HOME=/var/lib/gitea
[Install]
WantedBy=multi-user.target

18
states/gitea/files/gitea.service.j2 Normal file
View File

@ -0,0 +1,18 @@
{%- from "gitea/map.jinja" import gitea with context %}
[Unit]
Description=Gitea ({{ gitea.config.global.app_name }})
After=syslog.target
After=network.target
After=postgresql.service
[Service]
Type=simple
User={{ gitea.user }}
Group={{ gitea.user }}
WorkingDirectory={{ gitea.workingdir }}
ExecStart={{ gitea.workingdir }}/gitea web
Restart=always
Environment=USER={{ gitea.user }} HOME={{ gitea.workingdir }}
[Install]
WantedBy=multi-user.target

3
states/gitea/init.sls
View File

@ -1,6 +1,5 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
---
include:
- .install
- .config

12
states/gitea/install.sls
View File

@ -1,6 +1,5 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
---
{% from "gitea/map.jinja" import gitea with context %}
git:
@ -8,16 +7,17 @@ git:
- system: true
user.present:
- system: true
- home: /var/lib/gitea
- home: {{ gitea.workingdir }}
- shell: /usr/sbin/nologin
- groups:
- git
- {{ gitea.group }}
- require:
- group: git
- group: {{ gitea.group }}
pkg.installed: []
/var/lib/gitea/gitea:
gitea-bin:
file.managed:
- name: {{ gitea.workingdir }}/gitea
- source: "https://dl.gitea.io/gitea/{{ gitea.version }}/gitea-{{ gitea.version }}-linux-{{ gitea.arch }}"
- source_hash: "https://dl.gitea.io/gitea/{{ gitea.version }}/gitea-{{ gitea.version }}-linux-{{ gitea.arch }}.sha256"
- user: git

25
states/gitea/service.sls
View File

@ -1,20 +1,21 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
---
{%- from "gitea/map.jinja" import gitea with context %}
gitea-service:
file.managed:
- name: /etc/systemd/system/gitea.service
- source: salt://gitea/files/gitea.service.j2
- user: root
- group: root
- mode: 644
- template: jinja
- makedirs: true
gitea:
service.running:
- enable: true
- full_restart: true
- watch:
- file: /var/lib/gitea/gitea
- file: /var/lib/gitea/custom/conf/app.ini
/etc/systemd/system/gitea.service:
file.managed:
- source: salt://gitea/files/gitea.service
- user: root
- group: root
- mode: 644
- makedirs: true
- file: gitea-bin
- file: gitea-config