ghost-automation/ds_gitea
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity
12 Commits 2 Branches 10 Tags
18e2fe12048946e93f5647434062a0365d24989f
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
DeadSwitch 18e2fe1204 Postgresql support added.
2026-02-09 20:16:17 +01:00
defaults
Writing the Gitea role.
2026-02-09 13:04:40 +01:00
handlers
Writing the Gitea role.
2026-02-09 13:04:40 +01:00
tasks
Postgresql support added.
2026-02-09 20:16:17 +01:00
templates
Postgresql support added.
2026-02-09 20:16:17 +01:00
README.org
Postgresql support added.
2026-02-09 20:16:17 +01:00

README.org

Gitea Server Installer Role

ds-gitea

This role installs and configures a Gitea server.

It uses SQLite as its default database service - with optional PostgreSQL support.

Use the ds-ufw role to configure the firewall.

Use the ds-posgresql to configure the database.

Role Workflow

  1. Download and install the Gitea binary
  2. (Optionally) Set up the PostgreSQL user and database
  3. Set up the user and group for the service
  4. Create the required directory structure
  5. Wait for the secret creation and storage in SOPS - if secrets are not present
  6. Deploy the Gitea configuration
  7. Deploy the Gitea service file
  8. Enable and start the service

Defaults 

gitea_user: git
gitea_group: git

Requirements

  • Ansible >= 2.12
  • Debian-based OS (Bookworm, Trixie)
  • git
  • sudo
  • ca-certificates
  • (optional) PosgreSQL database

Variables

Variable Type Comment
gitea_user string Gitea user
gitea_group string Gitea group
gitea_binary_url string Download URL of Gitea
gitea_checksum_url string Checksum URL of the binary
gitea_app_name string Gitea server title
gitea_ssh_domain string SSH domain
gitea_domain string Domain to reach Gitea
gitea_http_port int HTTP port
gitea_ssh_port int SSH port
gitea_root_url string Protocol + FQDN + port
gitea_lfs_jwt_secret string LFS storage secret
gitea_internal_token string Internal token
gitea_jwt_secret string JWT secret
gitea_database_server string DB server - 'postgresql' or empty for sqlite
gitea_db_password string PosgreSQL db password (if pgsql is used)

Handlers

  • Reload_systemd: It runs a daemon-reload
  • Restart_gitea: It restarts the Gitea service

Secrets

Always store the production secrets in SOPS, or in Ansible Vault.

Generate the secrets manually when the playbook stops:

gitea generate secret INTERNAL_TOKEN
gitea generate secret JWT_SECRET

Use the JWT_SECRET command to generate the gitea_lfs_jwt_secret as well. It's an alias.

Then re-run the playbook to finish the installation.

Example Playbook 

- name: Deploy a Gitea server
  hosts: gitea
  become: true

  vars:
    gitea_user: git
    gitea_group: git
    gitea_binary_url: https://dl.gitea.com/gitea/1.25.4/gitea-1.25.4-linux-amd64
    gitea_checksum_url: https://dl.gitea.com/gitea/1.25.4/gitea-1.25.4-linux-amd64.sha256
    gitea_app_name: Tom's IT Cafe Gitea Server
    gitea_ssh_domain: gitea.tomsitcafe.com
    gitea_domain: gitea.tomsitcafe.com
    gitea_http_port: 3000
    gitea_root_url: http://gitea.tomsitcafe.com:3000

    # In prod put these secrets in SOPS:
    gitea_lfs_jwt_secret: G9bZrRHMhRQ8w4R0KkH2VLnx2rzq81ROQ951IQjlMs4 
    gitea_internal_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3NzA2Mzk1Njh9.ybbaeNLFiLbyvxfj4vkqhXSAXKRGpwvP8jIm9YLPgXw
    gitea_jwt_secret: uJni4x4e0AzpkLYc-t4keRJKOB6EaLzwVsdLeamkFyU

  roles:
    - role: ds-gitea

License

MIT

[ Fear the Silence. Fear the Switch. ]

Reference in New Issue View Git Blame Copy Permalink
Description
This role can install and configures a Gitea server.
ansibleautomationdevopsgitearole
Readme 120 KiB
Releases 3
v3.1.0 Latest
2026-02-25 10:25:57 +01:00
Languages
Jinja 100%