Horacio Duran
822e42dbb8
This template allows deploying a forgejo en either Scaleway or Hetzner (untested) without much knowledge about them. It DOES require knowledge about Terragrunt and ansible. A wizard of sorts is provided but it will not guarantee success without some knowledge about the underlying technology.
94 lines
2.1 KiB
YAML
94 lines
2.1 KiB
YAML
---
|
|
# Main tasks for Forgejo deployment
|
|
|
|
- name: Include system preparation tasks
|
|
ansible.builtin.include_tasks: prepare.yml
|
|
tags:
|
|
- prepare
|
|
- system
|
|
|
|
- name: Include Tailscale VPN setup tasks
|
|
ansible.builtin.include_tasks: tailscale.yml
|
|
when: forgejo_enable_tailscale | bool
|
|
tags:
|
|
- tailscale
|
|
- security
|
|
- vpn
|
|
|
|
- name: Include volume setup tasks
|
|
ansible.builtin.include_tasks: volume.yml
|
|
when: forgejo_use_external_volume | bool
|
|
tags:
|
|
- volume
|
|
- storage
|
|
|
|
- name: Include Docker installation tasks
|
|
ansible.builtin.include_tasks: docker.yml
|
|
tags:
|
|
- docker
|
|
- install
|
|
|
|
- name: Include PostgreSQL setup tasks
|
|
ansible.builtin.include_tasks: postgres.yml
|
|
when: forgejo_db_type == 'postgres'
|
|
tags:
|
|
- postgres
|
|
- database
|
|
|
|
- name: Include Redis setup tasks
|
|
ansible.builtin.include_tasks: redis.yml
|
|
when: forgejo_use_redis | bool
|
|
tags:
|
|
- redis
|
|
- cache
|
|
|
|
# Ensure PostgreSQL is restarted with new config before Forgejo connects
|
|
- name: Flush handlers before starting Forgejo
|
|
ansible.builtin.meta: flush_handlers
|
|
|
|
- name: Include Forgejo configuration tasks
|
|
ansible.builtin.include_tasks: forgejo.yml
|
|
tags:
|
|
- forgejo
|
|
- config
|
|
|
|
- name: Include Caddy setup tasks
|
|
ansible.builtin.include_tasks: caddy.yml
|
|
tags:
|
|
- caddy
|
|
- webserver
|
|
|
|
- name: Include SSL certificate tasks
|
|
ansible.builtin.include_tasks: ssl.yml
|
|
when: forgejo_enable_letsencrypt | bool
|
|
tags:
|
|
- ssl
|
|
- certificates
|
|
|
|
- name: Include backup configuration tasks
|
|
ansible.builtin.include_tasks: backup.yml
|
|
when: forgejo_enable_backups | bool
|
|
tags:
|
|
- backup
|
|
|
|
- name: Include restore tasks
|
|
ansible.builtin.include_tasks: restore.yml
|
|
when: forgejo_restore_from_backup | bool
|
|
tags:
|
|
- restore
|
|
- never # Only run when explicitly requested
|
|
|
|
- name: Include monitoring setup tasks
|
|
ansible.builtin.include_tasks: monitoring.yml
|
|
when: forgejo_enable_prometheus | bool
|
|
tags:
|
|
- monitoring
|
|
- prometheus
|
|
|
|
- name: Include UFW firewall configuration tasks
|
|
ansible.builtin.include_tasks: ufw.yml
|
|
when: forgejo_enable_ufw | bool
|
|
tags:
|
|
- ufw
|
|
- firewall
|
|
- security
|