sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Include forgejo provisioning

Browse source
This commit is contained in:
Sonny Bakker 2025-04-27 09:02:17 +02:00
parent 3d89ca8b9f
commit 1ec828763e
4 changed files with 129 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

19
host_vars/fudiggity/forgejo.yml Normal file
View file

@ -0,0 +1,19 @@
forgejo_app_dir: '/srv/docker/forgejo'
forgejo_data_dir: '/var/lib/vm/forgejo/data'
forgejo_postgres_dir: '/var/lib/vm/forgejo/postgres'
forgejo_image_tag: 'codeberg.org/forgejo/forgejo:11'
forgejo_postgres_user: forgejo
forgejo_postgres_name: forgejo
# TODO: write to docker secret
forgejo_postgres_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
30303039313766373966373364346539306661376564613530656565313131623635666435333564
6463316365373564383964316635366337376237386134340a353839313761633865646638356165
31306666616235336132363232303639303065343436656233366264333236323435393963373062
3165326331633438620a323064663435396666316266396135633463653335323534616264383965
33383262373831656335363434333938363230373133646436653261346364353463333065303534
66383533646636313662376236373931383065386330663438623363336664353832343263323336
366531643930326636343466343732373036

3
playbook.yml
View file

@ -50,6 +50,9 @@
ansible.builtin.import_tasks: 'tasks/jellyfin.yml'
tags: jellyfin
- name: Forgejo provisioning
ansible.builtin.import_tasks: tasks/forgejo.yml
tags: forgejo
handlers:
- name: Import handlers
ansible.builtin.import_tasks: 'handlers.yml'

62
tasks/forgejo.yml Normal file
View file

@ -0,0 +1,62 @@
- name: Create git user
become: true
ansible.builtin.user:
name: git
uid: 1001
group: git
create_home: false
- name: Create required directories
become: true
ansible.builtin.file:
path: '{{ item.path }}'
state: '{{ item.state }}'
mode: '{{ item.mode }}'
owner: '{{ item.owner }}'
group: '{{ item.group }}'
loop:
- path: '{{ forgejo_app_dir }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- path: '{{ forgejo_data_dir }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- path: '{{ forgejo_postgres_password }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- name: Copy docker-compose file
ansible.builtin.template:
src: templates/forgejo/docker-compose.j2
dest: '{{ forgejo_app_dir }}/docker-compose.yml'
mode: '0755'
- name: Stop current containers
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
state: stopped
- name: Pull missing image
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
pull: missing
state: stopped
- name: Remove dangling containers
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
remove_orphans: true
state: stopped
- name: Start container
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
state: present

45
templates/forgejo/docker-compose.j2 Normal file
View file

@ -0,0 +1,45 @@
# {{ ansible_managed }}
networks:
forgejo:
external: false
services:
server:
image: '{{ forgejo_image_tag }}'
container_name: forgejo
environment:
- USER_UID=1000
- USER_GID=1000
- FORGEJO__server__DOMAIN={{ forgejo_domain }}
- FORGEJO__server__ROOT_URL=https://{{ forgejo_domain }}/
- FORGEJO__server__SSH_DOMAIN={{ forgejo_domain }}
- FORGEJO__database__DB_TYPE=postgres
- FORGEJO__database__HOST=db:5432
- FORGEJO__database__NAME={{ forgejo_postgres_name }}
- FORGEJO__database__USER={{ forgejo_postgres_user }}
- FORGEJO__database__PASSWD={{ forgejo_postgres_password }}
restart: always
networks:
- forgejo
volumes:
- {{ forgejo_data_dir }}:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- '{{ forgejo_port }}:3000'
- '{{ forgejo_ssh_port }}:22'
depends_on:
- db
db:
image: postgres:14
restart: always
environment:
- POSTGRES_USER={{ forgejo_postgres_user }}
- POSTGRES_PASSWORD={{ forgejo_postgres_password }}
- POSTGRES_DB={{ forgejo_postgres_name }}
networks:
- forgejo
volumes:
- {{ forgejo_postgres_dir }}:/var/lib/postgresql/data