diff --git a/files/gitea/data/custom/public/css/theme-github.css b/files/gitea/data/custom/public/assests/css/theme-github.css similarity index 100% rename from files/gitea/data/custom/public/css/theme-github.css rename to files/gitea/data/custom/public/assests/css/theme-github.css diff --git a/setups/setup-gitea-netrc.yml b/setups/setup-gitea-netrc.yml new file mode 100644 index 0000000..68add3e --- /dev/null +++ b/setups/setup-gitea-netrc.yml @@ -0,0 +1,73 @@ + - name: Remove existing .netrc + ansible.builtin.file: + path: "/home/{{ control_user }}/.netrc" + state: absent + delegate_to: "{{ control_host }}" + + - name: Remove existing .netrc.gpg + ansible.builtin.file: + path: "/home/{{ control_user }}/.netrc.gpg" + state: absent + delegate_to: "{{ control_host }}" + +# ---------------------------------------------------------------------------------------------------- + + + - name: Reminder to generate GPG key by hand + pause: + prompt: "Generate GPG key using gpg --gen-key" + delegate_to: "{{ control_host }}" + + - name: Set up .netrc + template: + src: "conf/.netrc.j2" + dest: "/home/{{ control_user }}/.netrc" + owner: 1000 + group: 1000 + mode: 0755 + delegate_to: "{{ control_host }}" + + - name: Encrypt .netrc + command: gpg -e -r opnxng@tuta.io /home/{{ control_user }}/.netrc + delegate_to: "{{ control_host }}" + + - name: Clear .netrc + copy: + content: '# Clear' + dest: "/home/{{ control_user }}/.netrc" + delegate_to: "{{ control_host }}" + + - name: Remove .netrc + ansible.builtin.file: + path: "/home/{{ control_user }}/.netrc" + state: absent + delegate_to: "{{ control_host }}" + + - name: Curl git-credential-netrc + shell: curl -s 'https://raw.githubusercontent.com/git/git/master/contrib/credential/netrc/git-credential-netrc.perl' > /usr/bin/git-credential-netrc + ignore_errors: true + delegate_to: "{{ control_host }}" + become: true + + - name: Set git-credential-netrc permissions + command: chmod 755 /usr/bin/git-credential-netrc + become: true + delegate_to: "{{ control_host }}" + + - name: Use git-credential-netrc + command: git config --global credential.helper "/usr/bin/git-credential-netrc -f ~/.netrc.gpg -v" + delegate_to: "{{ control_host }}" + + - name: Install gnupg-agent + apt: + name: + - gnupg-agent + state: latest + install_recommends: false + delegate_to: "{{ control_host }}" + become: true + + - name: Reminder to add to .profile or .bashrc + pause: + prompt: "export GPG_TTY=$(tty)" + delegate_to: "{{ control_host }}" \ No newline at end of file diff --git a/templates/compose/gitea.yaml.j2 b/templates/compose/gitea.yaml.j2 index 4d02d72..ac73913 100644 --- a/templates/compose/gitea.yaml.j2 +++ b/templates/compose/gitea.yaml.j2 @@ -2,7 +2,7 @@ version: "3" services: gitea: - image: gitea/gitea:latest-rootless + image: gitea/gitea:1.21-nightly-rootless container_name: gitea security_opt: - no-new-privileges @@ -32,7 +32,6 @@ services: networks: - IPv4 - gitea-db: image: postgres:14 container_name: gitea-db @@ -54,4 +53,7 @@ services: networks: IPv4: external: - name: IPv4 \ No newline at end of file + name: IPv4 + + +# Cron in Gitea Action only works in Nightly for now \ No newline at end of file diff --git a/templates/conf/.netrc.j2 b/templates/conf/.netrc.j2 new file mode 100644 index 0000000..3cc132e --- /dev/null +++ b/templates/conf/.netrc.j2 @@ -0,0 +1,4 @@ +machine git.opnxng.com +login opnxng +password {{ gitea_access_token }} +protocol https \ No newline at end of file diff --git a/vars/services.yml b/vars/services.yml index 12b1923..ae0809e 100644 --- a/vars/services.yml +++ b/vars/services.yml @@ -124,6 +124,7 @@ deployed-setup: oracle3: - ntfy - gitea + - gitea-netrc - runner oracle4: - authelia