57 lines
1.4 KiB
YAML
57 lines
1.4 KiB
YAML
---
|
|
- name: create directories
|
|
ansible.builtin.file:
|
|
state: directory
|
|
path: "{{ item }}"
|
|
owner: forgejo
|
|
group: forgejo
|
|
mode: "0755"
|
|
loop: &forgejo_directories
|
|
- "{{ forgejo_config_dir }}"
|
|
- "{{ forgejo_home_dir }}"
|
|
- "{{ forgejo_home_dir }}/server"
|
|
- "{{ forgejo_home_dir }}/db"
|
|
|
|
- name: ensure permissions on those directories
|
|
ansible.builtin.command:
|
|
cmd: "chown -R forgejo:forgejo {{ item }}"
|
|
loop: *forgejo_directories
|
|
|
|
- name: create docker-compose configuration
|
|
ansible.builtin.template:
|
|
src: "{{ item.name }}.j2"
|
|
dest: "{{ forgejo_config_dir }}/{{ item.name }}"
|
|
owner: root
|
|
group: root
|
|
mode: "{{ item.mode }}"
|
|
loop:
|
|
- name: docker-compose.yml
|
|
mode: "0644"
|
|
- name: server.env
|
|
mode: "0600"
|
|
- name: db.env
|
|
mode: "0600"
|
|
|
|
- name: start service
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ forgejo_config_dir }}"
|
|
files:
|
|
- docker-compose.yml
|
|
|
|
- name: allow with iptables
|
|
ansible.builtin.iptables:
|
|
chain: INPUT
|
|
protocol: tcp
|
|
source: "{{ item }}"
|
|
destination_ports:
|
|
- "{{ forgejo_web_port }}"
|
|
- "{{ forgejo_ssh_port }}"
|
|
jump: ACCEPT
|
|
comment: forgejo
|
|
loop: "{{ forgejo_allowed_sources }}"
|
|
notify: save iptables
|
|
when: forgejo_manage_iptables
|
|
|
|
- name: deploy runners
|
|
ansible.builtin.include_tasks: deploy-runners.yml
|
|
when: forgejo_runners
|