ghost-automation/ds_gitea
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity
7 Commits 2 Branches 10 Tags
fe98b961ab49ff2126274c28222cfb048aaa1920
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
DeadSwitch fe98b961ab Clarifications.
2026-02-09 14:59:38 +01:00
defaults
Writing the Gitea role.
2026-02-09 13:04:40 +01:00
handlers
Writing the Gitea role.
2026-02-09 13:04:40 +01:00
tasks
Clarifications.
2026-02-09 14:59:38 +01:00
templates
Writing the Gitea role.
2026-02-09 13:04:40 +01:00
README.org
Clarifications.
2026-02-09 14:59:38 +01:00

README.org

Gitea Server Installer Role

ds-gitea

This role installs and configures a basic Gitea server.

Currently it uses SQLite as its database service.

Use the ds-ufw role to set up the firewall.

Features

  • Download and install the Gitea binary
  • Set up the user and group for the service
  • Create the required directory structure
  • Deploy the Gitea configuration
  • Deploy the Gitea service file
  • Enable and start the service

Defaults 

gitea_user: git
gitea_group: git

The remaining variables must be declared in the inventory.

Requirements

  • Ansible >= 2.12
  • Debian-based OS (Bookworm, Trixie)
  • git
  • sudo
  • ca-certificates

Variables

Variable Type Comment
gitea_user string Gitea user
gitea_group string Gitea group
gitea_binary_url string Download URL of Gitea
gitea_checksum_url string Checksum URL of the binary
gitea_app_name string Gitea application title
gitea_ssh_domain string SSH domain
gitea_domain string Domain to reach Gitea
gitea_http_port int Gitea HTTP port
gitea_root_url string Protocoll + FQDN
gitea_lfs_jwt_secret string LFS storage secret
gitea_internal_token string Internal token
gitea_jwt_secret string JWT secret

Handlers

  • Reload_systemd: It runs a daemon-reload
  • Restart_gitea: It restarts the Gitea service

Secrets

Always store the production secrets in SOPS, or in Ansible Vault.

Generate the secrets manually when the playbook stops:

gitea generate secret INTERNAL_TOKEN
gitea generate secret JWT_SECRET

Use the JWT_SECRET command to generate the gitea_lfs_jwt_secret as well. It's an alias.

Then re-run the playbook to finish the installation.

Example Playbook 

- name: Deploy a Gitea server
  hosts: gitea
  become: true

  vars:
    gitea_user: git
    gitea_group: git
    gitea_binary_url: https://dl.gitea.com/gitea/1.25.4/gitea-1.25.4-linux-amd64
    gitea_checksum_url: https://dl.gitea.com/gitea/1.25.4/gitea-1.25.4-linux-amd64.sha256
    gitea_app_name: Tom's IT Cafe Gitea Server
    gitea_ssh_domain: gitea.tomsitcafe.com
    gitea_domain: gitea.tomsitcafe.com
    gitea_http_port: 3000
    gitea_root_url: http://gitea.tomsitcafe.com:3000
    # In prod put these secrets in SOPS:
    gitea_lfs_jwt_secret: G9bZrRHMhRQ8w4R0KkH2VLnx2rzq81ROQ951IQjlMs4 
    gitea_internal_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3NzA2Mzk1Njh9.ybbaeNLFiLbyvxfj4vkqhXSAXKRGpwvP8jIm9YLPgXw
    gitea_jwt_secret: uJni4x4e0AzpkLYc-t4keRJKOB6EaLzwVsdLeamkFyU

  roles:
    - role: ds-gitea

License

MIT

[ Fear the Silence. Fear the Switch. ]

Reference in New Issue View Git Blame Copy Permalink
Description
This role can install and configures a Gitea server.
ansibleautomationdevopsgitearole
Readme 120 KiB
Releases 3
v3.1.0 Latest
2026-02-25 10:25:57 +01:00
Languages
Jinja 100%