0
0

Gitea: theming and added .netrc

This commit is contained in:
Opnxng 2023-11-10 01:58:47 +08:00
parent 1beb83af5a
commit 43dcfa1887
5 changed files with 83 additions and 3 deletions

View File

@ -0,0 +1,73 @@
- name: Remove existing .netrc
ansible.builtin.file:
path: "/home/{{ control_user }}/.netrc"
state: absent
delegate_to: "{{ control_host }}"
- name: Remove existing .netrc.gpg
ansible.builtin.file:
path: "/home/{{ control_user }}/.netrc.gpg"
state: absent
delegate_to: "{{ control_host }}"
# ----------------------------------------------------------------------------------------------------
- name: Reminder to generate GPG key by hand
pause:
prompt: "Generate GPG key using gpg --gen-key"
delegate_to: "{{ control_host }}"
- name: Set up .netrc
template:
src: "conf/.netrc.j2"
dest: "/home/{{ control_user }}/.netrc"
owner: 1000
group: 1000
mode: 0755
delegate_to: "{{ control_host }}"
- name: Encrypt .netrc
command: gpg -e -r opnxng@tuta.io /home/{{ control_user }}/.netrc
delegate_to: "{{ control_host }}"
- name: Clear .netrc
copy:
content: '# Clear'
dest: "/home/{{ control_user }}/.netrc"
delegate_to: "{{ control_host }}"
- name: Remove .netrc
ansible.builtin.file:
path: "/home/{{ control_user }}/.netrc"
state: absent
delegate_to: "{{ control_host }}"
- name: Curl git-credential-netrc
shell: curl -s 'https://raw.githubusercontent.com/git/git/master/contrib/credential/netrc/git-credential-netrc.perl' > /usr/bin/git-credential-netrc
ignore_errors: true
delegate_to: "{{ control_host }}"
become: true
- name: Set git-credential-netrc permissions
command: chmod 755 /usr/bin/git-credential-netrc
become: true
delegate_to: "{{ control_host }}"
- name: Use git-credential-netrc
command: git config --global credential.helper "/usr/bin/git-credential-netrc -f ~/.netrc.gpg -v"
delegate_to: "{{ control_host }}"
- name: Install gnupg-agent
apt:
name:
- gnupg-agent
state: latest
install_recommends: false
delegate_to: "{{ control_host }}"
become: true
- name: Reminder to add to .profile or .bashrc
pause:
prompt: "export GPG_TTY=$(tty)"
delegate_to: "{{ control_host }}"

View File

@ -2,7 +2,7 @@
version: "3" version: "3"
services: services:
gitea: gitea:
image: gitea/gitea:latest-rootless image: gitea/gitea:1.21-nightly-rootless
container_name: gitea container_name: gitea
security_opt: security_opt:
- no-new-privileges - no-new-privileges
@ -32,7 +32,6 @@ services:
networks: networks:
- IPv4 - IPv4
gitea-db: gitea-db:
image: postgres:14 image: postgres:14
container_name: gitea-db container_name: gitea-db
@ -55,3 +54,6 @@ networks:
IPv4: IPv4:
external: external:
name: IPv4 name: IPv4
# Cron in Gitea Action only works in Nightly for now

4
templates/conf/.netrc.j2 Normal file
View File

@ -0,0 +1,4 @@
machine git.opnxng.com
login opnxng
password {{ gitea_access_token }}
protocol https

View File

@ -124,6 +124,7 @@ deployed-setup:
oracle3: oracle3:
- ntfy - ntfy
- gitea - gitea
- gitea-netrc
- runner - runner
oracle4: oracle4:
- authelia - authelia