dumontix/forgejo-autohebergement
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
forgejo-autohebergement/ansible/roles/forgejo/tasks/forgejo.yml
Horacio Duran 822e42dbb8 Add Template to deploy forgejo. 
This template allows deploying a forgejo en either Scaleway or Hetzner
(untested) without much knowledge about them.
It DOES require knowledge about Terragrunt and ansible. A wizard of
sorts is provided but it will not guarantee success without some
knowledge about the underlying technology.
2026-01-09 16:07:44 +01:00

138 lines
3.8 KiB
YAML
Raw Blame History

---
# Forgejo deployment tasks
- name: Ensure Forgejo data directories have correct ownership
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ forgejo_uid }}"
group: "{{ forgejo_gid }}"
mode: '0755'
recurse: yes
become: yes
loop:
- "{{ forgejo_data_path }}"
- "{{ forgejo_config_path }}"
- "{{ forgejo_custom_path }}"
- name: Create .ssh directory for Forgejo
ansible.builtin.file:
path: "{{ forgejo_data_path }}/git/.ssh"
state: directory
owner: "{{ forgejo_uid }}"
group: "{{ forgejo_gid }}"
mode: '0700'
become: yes
- name: Create Forgejo configuration from template
ansible.builtin.template:
src: app.ini.j2
dest: "{{ forgejo_config_path }}/app.ini"
owner: "{{ forgejo_user }}"
group: "{{ forgejo_group }}"
mode: '0640'
become: yes
notify: Restart Forgejo
- name: Create Docker Compose file
ansible.builtin.template:
src: docker-compose.yml.j2
dest: "{{ forgejo_base_path }}/docker-compose.yml"
owner: "{{ forgejo_user }}"
group: "{{ forgejo_group }}"
mode: '0640'
become: yes
notify: Restart Forgejo
- name: Pull Forgejo Docker image
community.docker.docker_image:
name: "{{ forgejo_docker_image }}:{{ forgejo_version }}"
source: pull
become: yes
- name: Start Forgejo with Docker Compose
community.docker.docker_compose_v2:
project_src: "{{ forgejo_base_path }}"
state: present
become: yes
register: forgejo_started
- name: Wait for Forgejo to be ready
ansible.builtin.uri:
url: "http://localhost:{{ forgejo_http_port }}"
status_code: 200
register: forgejo_health
until: forgejo_health.status == 200
retries: 30
delay: 5
ignore_errors: yes
- name: Get Forgejo container logs if startup failed
ansible.builtin.command:
cmd: docker logs forgejo --tail 50
register: forgejo_logs
become: yes
when: forgejo_health.status is not defined or forgejo_health.status != 200
- name: Show Forgejo container logs
ansible.builtin.debug:
var: forgejo_logs.stdout_lines
when: forgejo_logs is defined and forgejo_logs.stdout_lines is defined
- name: Fail if Forgejo is not ready
ansible.builtin.fail:
msg: "Forgejo failed to start. Check logs above."
when: forgejo_health.status is not defined or forgejo_health.status != 200
- name: Check if admin user exists
ansible.builtin.command:
cmd: docker exec --user git forgejo forgejo admin user list --admin
register: admin_user_check
become: yes
changed_when: false
failed_when: false
- name: Create admin user
ansible.builtin.command:
cmd: >
docker exec --user git forgejo forgejo admin user create
--admin
--username "{{ forgejo_admin_username }}"
--password "{{ forgejo_admin_password }}"
--email "{{ forgejo_admin_email }}"
--must-change-password=false
become: yes
when: forgejo_admin_username not in admin_user_check.stdout
register: admin_created
no_log: yes
- name: Display admin credentials
ansible.builtin.debug:
msg: |
=====================================================
ADMIN USER CREATED
=====================================================
Username: {{ forgejo_admin_username }}
Email: {{ forgejo_admin_email }}
Password: (from your secrets.yml vault)
IMPORTANT: Change this password after first login!
=====================================================
when: admin_created is defined and admin_created.changed
- name: Create Forgejo systemd service
ansible.builtin.template:
src: forgejo.service.j2
dest: /etc/systemd/system/forgejo.service
mode: '0644'
become: yes
notify:
- Reload Systemd
- Restart Forgejo
- name: Enable Forgejo service
ansible.builtin.systemd:
name: forgejo
enabled: yes
daemon_reload: yes
become: yes
View git blame Copy permalink