diff --git a/Playbooks/forgejo.yml b/Playbooks/forgejo.yml index ebdf2f1..4dfdbde 100644 --- a/Playbooks/forgejo.yml +++ b/Playbooks/forgejo.yml @@ -1,6 +1,53 @@ --- +- name: 'Create backup directories' + hosts: forgejo + tasks: + - name: '[BACKUP] - Create backup dir' + file: + path: '{{ forgejo_dump_path }}' + state: directory + mode: '0775' + - name: '[BACKUP] - Create db backup dir' + file: + path: '{{ forgejo_dump_path }}/db' + state: directory + mode: '0755' + - name: '[BACKUP] - Create code backup dir' + file: + path: '{{ forgejo_dump_path }}/code' + state: directory + owner: '{{ forgejo_user }}' + mode: '0755' -- hosts: forgejo +- name: 'Create db backup for forgejo' + hosts: forgejo + tasks: + - name: '[BACKUP] - Run db backup for forgejo' + shell: + cmd: 'sudo -u postgres pg_dump {{ forgejo_db_name }} | gzip -c > {{ forgejo_dump_path }}/db/{{ forgejo_db_name }}-{{ ansible_date_time.iso8601_basic_short }}.sql.gz' + - name: '[BACKUP] - Remove all but two latest backup files' + shell: + cmd: 'ls -t |tail -n +3 | xargs --no-run-if-empty rm' + chdir: '{{ forgejo_dump_path }}/db' + vars_files: + - ../defaults/main.yml + +- name: 'Make backup of forgejo' + hosts: 'forgejo' + tasks: + - name: '[BACKUP] - Remove all but two latest backup files' + shell: + cmd: 'ls -t |tail -n +2 | xargs --no-run-if-empty rm' + chdir: '{{ forgejo_dump_path }}/code' + - name: '[BACKUP] - Make backup of forgejo' + shell: + cmd: 'sudo -u {{ forgejo_user }} {{ forgejo_bindir }}/forgejo dump -c {{ forgejo_confdir }}' + chdir: '{{ forgejo_dump_path}}/code' + vars_files: + - ../defaults/main.yml + +- name: 'Run Forgejo role' + hosts: forgejo roles: - postgresql - forgejo diff --git a/Vagrantfile b/Vagrantfile index 8013cbe..d2ee621 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -8,7 +8,7 @@ Vagrant.configure("2") do |config| #config.ssh.insert_key = false config.vm.define "forgejo" do |forgejo| - forgejo.vm.box = "generic/debian11" + forgejo.vm.box = "generic/debian12" forgejo.vm.provider :libvirt do |libvirt| libvirt.memory = 256 end diff --git a/defaults/main.yml b/defaults/main.yml index 6b3e909..e323753 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,9 +5,11 @@ forgejo_lib_dir: "/var/lib/forgejo" forgejo_user: 'git' forgejo_group: 'git' forgejo_confdir: '/etc/forgejo/app.ini' +forgejo_dump_path: '/srv/forgejo-dump' forgejo_flavor: 'forgejo' -forgejo_version: '1.21.7-0' +forgejo_version: '7.0.3' +#forgejo_version: '1.21.7-0' forgejo_arch: 'linux-amd64' #forgejo_download_url: 'https://github.com/go-gitea/gitea/releases/download/v{{ forgejo_version }}/gitea-{{ forgejo_version }}-{{ forgejo_arch }}' @@ -31,8 +33,8 @@ forgejo_oauth2_config: - 'JWT_SECRET = ' #41 random chars forgejo_ui_config: - - 'THEMES = auto,arc-green,gitea,forgejo-auto,forgejo-light,forgejo-dark' # add only the default ones, not themes ones - - 'DEFAULT_THEME = arc-green' + - 'THEMES = gitea-auto,gitea-light,gitea-dark,forgejo-auto,forgejo-light,forgejo-dark' # add only the default ones, not themes ones + - 'DEFAULT_THEME = gitea-dark' forgejo_security_config: - 'INTERNAL_TOKEN = ' #106 random chars diff --git a/tasks/install.yml b/tasks/install.yml deleted file mode 100644 index 9b6ee5d..0000000 --- a/tasks/install.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- - -- name: '[INSTALL] - Install dependencies' - apt: - name: "{{ forgejo_apt_list }}" - update_cache: yes - -- name: '[INSTALL] - Get forgejo download url' - shell: - cmd: wget -O - https://codeberg.org/forgejo/forgejo/releases | grep -B 1 forgejo-{{ forgejo_version }}-{{ forgejo_arch }}\< | sed -n 's/.*href="\(.*\)".*/\1/p' - register: forgejo_url - when: forgejo_flavor == 'forgejo' - -- name: "[INSTALL] - Set forgejo download url" - set_fact: - forgejo_download_url: '{{ forgejo_url.stdout }}' - when: forgejo_flavor == 'forgejo' - -- name: '[INSTALL] - Download forgejo binary' - get_url: - url: '{{ forgejo_download_url }}' - dest: '{{ forgejo_bindir }}/forgejo' - mode: '0750' - owner: '{{ forgejo_user }}' - group: '{{ forgejo_group }}' - force: 'yes' - notify: 'Restart forgejo' - -- name: '[INSTALL] - Set /etc/forgejo rights to read-only' - file: - path: '/etc/forgejo' - mode: '0750' - -- name: '[INSTALL] - Set app.ini rights to read-only' - file: - path: '/etc/forgejo/app.ini' - mode: '0640' diff --git a/tasks/install_upgrade.yml b/tasks/install_upgrade.yml new file mode 100644 index 0000000..b329e3d --- /dev/null +++ b/tasks/install_upgrade.yml @@ -0,0 +1,109 @@ +--- + +- name: '[INSTALL] - Install dependencies' + apt: + name: "{{ forgejo_apt_list }}" + update_cache: yes + +- name: '[INSTALL] - Get forgejo download url' + shell: + cmd: wget -O - https://codeberg.org/forgejo/forgejo/releases | grep -B 1 forgejo-{{ forgejo_version }}-{{ forgejo_arch }}\< | sed -n 's/.*href="\(.*\)".*/\1/p' + register: forgejo_url + when: forgejo_flavor == 'forgejo' + +- name: "[INSTALL] - Set forgejo download url" + set_fact: + forgejo_download_url: '{{ forgejo_url.stdout }}' + when: forgejo_flavor == 'forgejo' + +- name: '[INSTALL] - Check if forgejo is installed' + shell: + cmd: '{{ forgejo_bindir }}/forgejo --version -c {{ forgejo_confdir }}' + register: forgejo_is_installed + +- name: '[UPGRADE] - Check forgejo health' + shell: + cmd: '{{ forgejo_bindir }}/forgejo doctor check --all -c {{ forgejo_confdir }}' + become: 'yes' + become_user: '{{ forgejo_user }}' + register: forgejo_health + +- name: '[UPGRADE] - Restart forgejo' + systemd: + name: forgejo + state: restarted + when: + - forgejo_is_installed.rc == 0 + - forgejo_health.rc == 0 + +- name: '[UPGRADE] - Wait for forgejo to be back online' + pause: + seconds: 10 + +- name: '[UPGRADE] - Flush all queues' + shell: + cmd: '{{ forgejo_bindir }}/forgejo manager flush-queues -c {{ forgejo_confdir }}' + become: 'yes' + become_user: '{{ forgejo_user }}' + when: + - forgejo_is_installed.rc == 0 + - forgejo_health.rc == 0 + +- name: '[UPGRADE] - Stop forgejo' + systemd: + name: forgejo + state: stopped + when: + - forgejo_is_installed.rc == 0 + - forgejo_health.rc == 0 + + +- name: '[INSTALL] - Download forgejo binary' + get_url: + url: '{{ forgejo_download_url }}' + dest: '{{ forgejo_bindir }}/forgejo' + mode: '0750' + owner: '{{ forgejo_user }}' + group: '{{ forgejo_group }}' + force: 'yes' + notify: 'Restart forgejo' + + +- name: '[INSTALL] - Set /etc/forgejo rights to read-only' + file: + path: '/etc/forgejo' + mode: '0750' + +- name: '[INSTALL] - Set app.ini rights to read-only' + file: + path: '/etc/forgejo/app.ini' + mode: '0640' + +- name: '[UPGRADE] - Start forgejo' + systemd: + name: forgejo + state: started + when: + - forgejo_is_installed.rc == 0 + - forgejo_health.rc == 0 + +- name: '[UPGRADE] - Check forgejo health' + shell: + cmd: '{{ forgejo_bindir }}/forgejo doctor check --all -c {{ forgejo_confdir }}' + become: 'yes' + become_user: '{{ forgejo_user }}' + register: forgejo_health + +- name: '[UPGRADE] - Stop forgejo. Something is wrong' + systemd: + name: forgejo + state: started + when: + - forgejo_health.rc != 0 + +- name: '[UPGRADE] - Display problem message' + fail: + msg: 'Forgejo doctor detected issues after upgrade task. Please check the instance manually and fix issues before continuing' + when: + - forgejo_health.rc != 0 + diff --git a/tasks/main.yml b/tasks/main.yml index 175f820..630a664 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -7,8 +7,8 @@ include_tasks: configure.yml tags: config -- name: "[FORGEJO] - install" - include_tasks: install.yml +- name: "[FORGEJO] - install or upgrade" + include_tasks: install_upgrade.yml - name: "[FORGEJO] - theme" include_tasks: custom_themes.yml