Update to 1.21.7-0 (#43)

Reviewed-on: #43
Reviewed-by: muppeth <muppeth@no-reply@disroot.org>
Co-authored-by: meaz <meaz@disroot.org>
Co-committed-by: meaz <meaz@disroot.org>

Playbooks/forgejo.yml

@@ -0,0 +1,12 @@
+---
+
+- hosts: forgejo
+  roles:
+    - postgresql
+    - forgejo
+
+  vars_files:
+    - ../defaults/main.yml
+
+  vars:
+    - ansible_python_interpreter: "/usr/bin/python3"

Playbooks/gitea.yml

@@ -1,9 +0,0 @@
----
-
-- hosts: gitea
-  roles:
-    - postgresql
-    - gitea
-
-  vars_files:
-    - ../defaults/main.yml

README.md

@@ -1,14 +1,35 @@
-# Gitea - Ansible Role
+# Forgejo - Ansible Role
 
-This role covers deployment, configuration and software updates of Gitea. This role is released under MIT Licence and we give no warranty for this piece of software. Currently supported OS - Debian.
+This role covers deployment, configuration and software updates of Forgejo. This role is released under MIT Licence and we give no warranty for this piece of software. Currently supported OS - Debian.
 
 You can deploy test instance using `Vagrantfile` attached to the role.
 `vagrant up`
 
-`ansible-playbook -b Playbooks/gitea.yml`
+`ansible-playbook -b Playbooks/forgejo.yml`
 
-Then you can then access gitea from your computer on `http://192.168.33.14:3000`
+Then you can then access forgejo from your computer on `http://192.168.33.14:3000`
+
+The first user you create becomes the admin.
+
+# Gitea or Forgejo
+This role allows for deployment of gitea and forgejo. By default the role deploys forgejo and this is the flavor that is supported and maintained. Installing Gitea using the role is possible however starting from version 1.18.2 is no longer maintained by Disroot team.
+To switch to gitea, update following variables in your Playbook/host_vars:
+
+
+```
+forgejo_flavour: 'gitea'
+forgejo_version: '1.18.2'
+forgejo_arch: 'linux-amd64'
+forgejo_download_url: 'https://github.com/go-gitea/gitea/releases/download/v{{ forgejo_version }}/gitea-{{ forgejo_version }}-{{ forgejo_arch }}'
+```
 
 ## Playbook
-The playbook includes postgresql role and deploys entire stack needed to run Gitea. Additional roles are also available in the Ansible roles repos in git.
+The playbook includes postgresql role and deploys entire stack needed to run Forgejo. Additional roles are also available in the Ansible roles repos in git.
 
+## Customization
+You can deploy custom themes with this role. To do so, uncomment `forgejo_theme_dir` and `forgejo_custom_themes`  from `defaults/main.yml`. Add the theme repos' address and name there, enable them and then deploy with `ansible-playbook -b Playbooks/forgejo.yml --tags theme`.
+
+You can also add you own images like favicon, icons, etc. See https://forgejo.org/docs/v1.21/developer/customization/ to see how to prepare your images.
+Then, copy them in the `img` folder of this role and uncomment `forgejo_extra_files_path` and `forgejo_theme_dir` from `defaults/main.yml`. You can then deploy with `ansible-playbook -b Playbooks/forgejo.yml --tags config`.
+
+For more information about customizaton, check https://forgejo.org/docs/v1.21/developer/customization/

Vagrantfile

@@ -7,14 +7,14 @@
 # you're doing.
 Vagrant.configure("2") do |config|
   #config.ssh.insert_key = false
-  config.vm.define "gitea" do |gitea|
-    gitea.vm.box = "generic/debian11"
-    gitea.vm.provider :libvirt do |libvirt|
+  config.vm.define "forgejo" do |forgejo|
+    forgejo.vm.box = "generic/debian11"
+    forgejo.vm.provider :libvirt do |libvirt|
       libvirt.memory = 256
     end
-    gitea.vm.network "forwarded_port", guest: 80, host: 8888, host_ip: "192.168.33.14"
-    gitea.vm.network "forwarded_port", guest: 443, host: 4443, host_ip: "192.168.33.14"
-    gitea.vm.network "private_network", ip: "192.168.33.14"
-
+    forgejo.vm.network "forwarded_port", guest: 80, host: 8888, host_ip: "192.168.33.14"
+    forgejo.vm.network "forwarded_port", guest: 443, host: 4443, host_ip: "192.168.33.14"
+    forgejo.vm.network "private_network", ip: "192.168.33.14"
+    config.vm.provision "shell", inline: "apt install acl"
 end
 end

defaults/main.yml

@@ -1,67 +1,82 @@
 ---
 
-gitea_bindir: "/usr/local/bin/gitea"
-gitea_lib_dir: "/var/lib/gitea"
-gitea_user: 'git'
-gitea_group: 'git'
-gitea_confdir: '/etc/gitea/app.ini'
-gitea_version: '1.16.6'
+forgejo_bindir: "/usr/local/bin/forgejo"
+forgejo_lib_dir: "/var/lib/forgejo"
+forgejo_user: 'git'
+forgejo_group: 'git'
+forgejo_confdir: '/etc/forgejo/app.ini'
 
+forgejo_flavor: 'forgejo'
+forgejo_version: '1.21.7-0'
+forgejo_arch: 'linux-amd64'
+#forgejo_download_url: 'https://github.com/go-gitea/gitea/releases/download/v{{ forgejo_version }}/gitea-{{ forgejo_version }}-{{ forgejo_arch }}'
+
+# Uncomment below if you want to add custom themes or images
+#forgejo_extra_files_path: '../img' # the folder name where you have the images you want to deploy
+forgejo_theme_dir: '{{ forgejo_lib_dir }}/custom'
+#forgejo_custom_themes:
+#  - name: '' #add name of the theme
+#    repo: '' #add git repository of the theme
+#    enable: 'true' #set it to false to remove it
 
 #[CONFIG]
-
 # App.ini file variables
-gitea_base_config:
-  - 'APP_NAME = Gitea: Git with a cup of tea'
+forgejo_base_config:
+  - 'APP_NAME = Forgejo: Beyond coding. We forge.'
   - 'RUN_USER = git'
   - 'RUN_MODE = prod'
+  - 'WORK_PATH = {{ forgejo_lib_dir }}'
 
-gitea_oauth2_config:
+forgejo_oauth2_config:
   - 'JWT_SECRET = ' #41 random chars
 
-gitea_ui_config:
+forgejo_ui_config:
+  - 'THEMES = auto,arc-green,gitea,forgejo-auto,forgejo-light,forgejo-dark' # add only the default ones, not themes ones
   - 'DEFAULT_THEME = arc-green'
 
-gitea_security_config:
+forgejo_security_config:
   - 'INTERNAL_TOKEN = ' #106 random chars
   - 'INSTALL_LOCK   = true'
   - 'SECRET_KEY     = ' #64 random chars
 
-gitea_database_config:
+forgejo_database_config:
   - 'DB_TYPE  = postgres'
   - 'HOST     = localhost:5432'
-  - 'NAME     = gitea'
+  - 'NAME     = forgejo'
   - 'USER     = admin'
   - 'PASSWD   = changeme'
   - 'SSL_MODE = disable'
-  - 'PATH     = /home/git/data/gitea.db'
 
-gitea_repository_config:
-  - 'ROOT = /home/git/gitea-repositories'
+forgejo_repository_config:
+  - 'ROOT = /home/git/forgejo-repositories'
 
-gitea_server_config:
+forgejo_server_config:
   - 'SSH_DOMAIN       = git.example.org'
-  - 'DOMAIN           = git.example.org'
+  - 'DOMAIN           = 192.168.33.14'
   - 'HTTP_PORT        = 3000'
-  - 'ROOT_URL         = https://git.example.org'
+  - 'ROOT_URL         = http://192.168.33.14:3000'
   - 'DISABLE_SSH      = false'
   - 'SSH_PORT         = 22'
   - 'LFS_START_SERVER = true'
-  - 'LFS_CONTENT_PATH = /home/git/data/lfs'
   - 'LFS_JWT_SECRET   = ' #40 random chars
   - 'OFFLINE_MODE     = false'
+  - 'APP_DATA_PATH    = {{ forgejo_lib_dir }}/data/'
 
-gitea_mailer_config:
+forgejo_lfs_config: 
+  - 'PATH = /home/git/data/lfs' 
+
+forgejo_mailer_config:
   - 'ENABLED        = true'
-  - 'HOST           = mail.example.org:587'
+  - 'SMTP_ADDR      = mail.example.org'
+  - 'SMTP_PORT      = 587'
   - 'FROM           = noreply@example.org'
   - 'USER           = noreply@example.org'
   - 'PASSWD         = CHANGEME' #PASSWD
-  - 'IS_TLS_ENABLED = true'
+  - 'PROTOCOL       = smtp+starttls'
 
-gitea_service_config:
-  - 'REGISTER_EMAIL_CONFIRM            = true'
-  - 'ENABLE_NOTIFY_MAIL                = true'
+forgejo_service_config:
+  - 'REGISTER_EMAIL_CONFIRM            = false'
+  - 'ENABLE_NOTIFY_MAIL                = false'
   - 'DISABLE_REGISTRATION              = false'
   - 'ALLOW_ONLY_EXTERNAL_REGISTRATION  = false'
   - 'ENABLE_CAPTCHA                    = false'
@@ -71,34 +86,67 @@ gitea_service_config:
   - 'DEFAULT_ENABLE_TIMETRACKING       = true'
   - 'NO_REPLY_ADDRESS                  = noreply@example.org'
 
-gitea_mirror_config:
+forgejo_mirror_config:
   - 'ENABLED         = true'
 
-gitea_picture_config:
+forgejo_picture_config:
   - 'DISABLE_GRAVATAR        = true'
   - 'ENABLE_FEDERATED_AVATAR = true'
 
-gitea_openid_config:
+forgejo_openid_config:
   - 'ENABLE_OPENID_SIGNIN = false'
   - 'ENABLE_OPENID_SIGNUP = false'
 
-gitea_session_config:
+forgejo_session_config:
   - 'PROVIDER = file'
 
-gitea_log_config:
+forgejo_log_config:
   - 'MODE      = file'
   - 'LEVEL     = Info'
   - 'ROOT_PATH = /home/git/log'
 
+# External renderers
+# See https://docs.gitea.io/en-us/external-renderers/
+forgejo_markup_config:
+  - name: 'asciidoc'
+    apt: 'asciidoc'
+    enable: 'false'
+  - name: 'jupyter'
+    apt: 'jupyter'
+    enable: 'false'
+  - name: 'html'
+    apt: ''
+    enable: 'false'
+
+# Incoming emails
+# See https://forgejo.org/docs/latest/admin/incoming-email/
+forgejo_email_incoming:
+  - 'ENABLED = true'
+  - 'REPLY_TO_ADDRESS = incoming+%{token}@example.org'
+  - 'HOST = example.org'
+  - 'PORT = 993'
+  - 'USERNAME = incoming'
+  - 'PASSWORD = changeme'
+  - 'USE_TLS = true'
+  - 'MAILBOX = INBOX'
+  - 'DELETE_HANDLED_MESSAGE = true'
+  - 'MAXIMUM_MESSAGE_SIZE = 0'
+
+
+# Systemd
+# forgejo_dbservice: 'postgresql.service' # uncomment to enable this. You can cnange to mysql, mariadb, redis, memcached
+# forgejo_websocket: 'true' # uncomment to enable this
+# forgejo_limitnofile: '524288:524288' # Uncomment if you have repos with lots of files and get a HTTP 500 error because of that
+# forgejo_custom_path: 'Environment=PATH={{ forgejo_custom_path }}:/bin:/sbin:/usr/bin:/usr/sbin' # Uncomment if you install Git to directory prefix other than default PATH and add that prefix to PATH
+# forgejo_cap_net_bind_service: 'CAP_NET_BIND_SERVICE' # Uncomment if you want to bind Forgejo to a port below 1024, or use socket activation to pass Forgejo its ports as above
+# forgejo_privateusers: 'false' #  Uncomment, when using forgejo_cap_net_bind_service option, to allow capabilities to be applied on Forgejo process. If set to true sandboxes Forgejo service and prevent any processes from running with privileges in the host user namespace
 
 #apt
-gitea_apt_list:
+forgejo_apt_list:
   - git
 
-
-
 # POSTGRES
-postgresql_version: 12
+postgresql_version: 13
 postgresql_listen_addresses:
     - "127.0.0.1"
 
@@ -108,7 +156,7 @@ postgresql_pg_hba_default:
     - { type: host,  database: all, user: all, address: '127.0.0.1/32', method: '{{ postgresql_default_auth_method_hosts }}', comment: 'IPv4 local connections:' }
 
 postgresql_databases:
-    - name: gitea
+    - name: forgejo
       owner: admin          # optional; specify the owner of the database
       hstore: no         # flag to install the hstore extension on this database (yes/no)
       uuid_ossp: no      # flag to install the uuid-ossp extension on this database (yes/no)
@@ -121,6 +169,6 @@ postgresql_users:
 
 postgresql_user_privileges:
     - name: admin                   # user name
-      db: gitea              # database
+      db: forgejo              # database
       priv: "ALL"                 # privilege string format: example: INSERT,UPDATE/table:SELECT/anothertable:ALL
       role_attr_flags: "" # role attribute flags

handlers/main.yml

@@ -1,6 +1,6 @@
 ---
 
-- name: 'Restart gitea'
+- name: 'Restart forgejo'
   systemd:
-    name: gitea
+    name: forgejo
     state: restarted

tasks/configure.yml

@@ -2,27 +2,27 @@
 
 - name: '[DIR] - Create bin dir'
   file:
-    path: '{{ gitea_bindir }}'
+    path: '{{ forgejo_bindir }}'
     state: directory
-    owner: "{{ gitea_user }}"
-    group: "{{ gitea_group }}"
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
     mode: '0750'
 
 - name: '[DIR] - Create lib dir'
   file:
-    path: '{{ gitea_lib_dir }}'
+    path: '{{ forgejo_lib_dir }}'
     state: directory
     mode: '0750'
-    owner: "{{ gitea_user }}"
-    group: "{{ gitea_group }}"
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
 
 - name: '[DIR] - Create lib dirs'
   file:
-    path: "{{ gitea_lib_dir }}/{{ item }}"
+    path: "{{ forgejo_lib_dir }}/{{ item }}"
     state: directory
     mode: '0750'
-    owner: "{{ gitea_user }}"
-    group: "{{ gitea_group }}"
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
   with_items:
     - 'custom'
     - 'data'
@@ -30,15 +30,53 @@
 
 - name: '[DIR] - Create etc dir'
   file:
-    path: /etc/gitea
+    path: /etc/forgejo
     state: directory
     mode: '0770'
-    owner: "{{ gitea_user }}" 
-    group: "{{ gitea_group }}"
+    owner: "{{ forgejo_user }}" 
+    group: "{{ forgejo_group }}"
 
-- name: '[CONF] - Deploy gitea config'
+- name: '[CONF] - Deploy forgejo config'
   template:
-    src: etc/gitea/app.ini.j2
-    dest: "{{ gitea_confdir }}"
-    owner: "{{ gitea_user }}"
-    group: "{{ gitea_group }}"
+    src: etc/forgejo/app.ini.j2
+    dest: "{{ forgejo_confdir }}"
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
+  notify: Restart forgejo
+  tags: config
+
+- name: "[CONF] - Create assets dir"
+  file:
+    path: "{{ forgejo_theme_dir }}/public/assets/"
+    state: 'directory'
+    owner: '{{ forgejo_user }}'
+    group: '{{ forgejo_group }}'
+  when: forgejo_extra_files_path is defined
+  tags: config
+
+- name: "[CONF] - Create img folder"
+  file:
+    path: "{{ forgejo_theme_dir }}/public/assets/img/"
+    state: 'directory'
+    owner: '{{ forgejo_user }}'
+    group: '{{ forgejo_group }}'
+  when: forgejo_extra_files_path is defined
+  tags: config
+
+- name: "[CONF] - Deploy img folder"
+  copy:
+    src: '{{ forgejo_extra_files_path }}/'
+    dest: "{{ forgejo_theme_dir }}/public/assets/img/"
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
+    mode: 0755
+  when: forgejo_extra_files_path is defined
+  tags: config
+
+- name: '[CONF] - Install dependencies for renderers'
+  apt:
+    name: "{{ item.apt }}"
+    update_cache: yes
+  loop: "{{ forgejo_markup_config }}"
+  when: item.enable == 'true' and item.apt != ""
+  tags: config

tasks/custom_themes.yml

@@ -0,0 +1,64 @@
+---
+
+- name: '[THEME] - Create css dir'
+  file:
+    path: '{{ forgejo_theme_dir }}/public/assets/css'
+    state: directory
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
+  tags: theme
+
+# First, remove the css files from public folder, then theme repos
+- name: "[THEME] - Remove css files from the css folder"
+  shell:
+    cmd: find "{{ forgejo_theme_dir }}/{{ item.name }}" -type f -name "*.css" -printf "%f\n" | xargs -I{} rm public/assets/css/{}
+    chdir: "{{ forgejo_theme_dir }}"
+  loop: "{{ forgejo_custom_themes }}"
+  when: item.enable == 'false' 
+  tags: theme
+
+- name: "[THEME] - Remove theme repo"
+  file:
+    path:  "{{ forgejo_theme_dir }}/{{ item.name }}"
+    state: absent
+    owner: "{{ forgejo_user }}"
+    group: "{{ forgejo_group }}"
+  loop: "{{ forgejo_custom_themes }}"
+  when: item.enable == 'false' 
+  tags: theme
+
+# Second, get theme repos and deploy css files in public folder
+- name: "[THEME] - Get repo"
+  git:
+    repo: "{{ item.repo }}"
+    dest: "{{ forgejo_theme_dir }}/{{ item.name }}"
+    force: yes
+  loop: "{{ forgejo_custom_themes }}"
+  when: item.enable == 'true'
+  become: true
+  become_user: "{{ forgejo_user }}"
+  tags: theme
+
+- name: "[THEME] - Find css files from different repos and copy them in the public folder"
+  shell:
+    cmd: find "{{ forgejo_theme_dir }}" -type f -name "*.css" -not -path "{{ forgejo_theme_dir }}/public/*" | xargs cp -t "{{ forgejo_theme_dir }}/public/assets/css"
+    chdir: "{{ forgejo_theme_dir }}"
+  become: true
+  become_user: "{{ forgejo_user }}"
+  tags: theme
+
+# Lastly, update app.ini by adding the theme's name list.
+- name: "[THEME] - Get and prepare a list for app.ini of css files in public folder, register it"
+  shell:
+    cmd: ls "{{ forgejo_theme_dir }}/public/assets/css" | sed -e 's/theme-//g' | sed -e 's/.css//g' | paste -s -d,
+    chdir: "{{ forgejo_theme_dir }}"
+  register: theme_name
+  tags: theme
+
+- name: "[THEME] - Add list of themes in app.ini"
+  lineinfile:
+    path: "{{ forgejo_confdir }}"
+    regexp: '^THEMES'
+    line: "{{ forgejo_ui_config[0] }},{{ theme_name.stdout }}"
+  notify: Restart forgejo
+  tags: theme

tasks/install.yml

@@ -2,27 +2,36 @@
 
 - name: '[INSTALL] - Install dependencies'
   apt:
-    name: "{{ gitea_apt_list }}"
+    name: "{{ forgejo_apt_list }}"
     update_cache: yes
 
+- name: '[INSTALL] - Get forgejo download url'
+  shell:
+    cmd: wget -O - https://codeberg.org/forgejo/forgejo/releases | grep -B 1 forgejo-{{ forgejo_version }}-{{ forgejo_arch }}\< | sed -n 's/.*href="\(.*\)".*/\1/p'
+  register: forgejo_url
+  when: forgejo_flavor == 'forgejo'
 
-- name: '[INSTALL] - Download gitea binary'
+- name: "[INSTALL] - Set forgejo download url"
+  set_fact:
+    forgejo_download_url: '{{ forgejo_url.stdout }}'
+  when: forgejo_flavor == 'forgejo'
+
+- name: '[INSTALL] - Download forgejo binary'
   get_url:
-    url: 'https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64'
-    dest: '{{ gitea_bindir }}/gitea'
+    url: '{{ forgejo_download_url }}'
+    dest: '{{ forgejo_bindir }}/forgejo'
     mode: '0750'
-    owner: '{{ gitea_user }}'
-    group: '{{ gitea_group }}'
+    owner: '{{ forgejo_user }}'
+    group: '{{ forgejo_group }}'
     force: 'yes'
-  notify: 'Restart gitea'
+  notify: 'Restart forgejo'
 
-
-- name: '[INSTALL] - Set rights to read-only'
+- name: '[INSTALL] - Set /etc/forgejo rights to read-only'
   file:
-    path: '/etc/gitea'
+    path: '/etc/forgejo'
     mode: '0750'
 
-- name: '[INSTALL] - Set rights to read-only'
+- name: '[INSTALL] - Set app.ini rights to read-only'
   file:
-    path: '/etc/gitea/app.ini'
+    path: '/etc/forgejo/app.ini'
     mode: '0640'

tasks/main.yml

@@ -1,13 +1,19 @@
 ---
 
-- name: "[GITEA]- Create user"
-  include: user.yml
+- name: "[FORGEJO]- Create user"
+  include_tasks: user.yml
 
-- name: "[GITEA] - configure"
-  include: configure.yml
+- name: "[FORGEJO] - configure"
+  include_tasks: configure.yml
+  tags: config
 
-- name: "[GITEA] - systemd"
-  include: systemd.yml
+- name: "[FORGEJO] - install"
+  include_tasks: install.yml
 
-- name: "[GITEA] - install"
-  include: install.yml
+- name: "[FORGEJO] - theme"
+  include_tasks: custom_themes.yml
+  when: forgejo_custom_themes is defined 
+  tags: theme
+
+- name: "[FORGEJO] - systemd"
+  include_tasks: systemd.yml

tasks/systemd.yml

@@ -2,23 +2,23 @@
 
 - name: '[SYSTEMD] - Deploy Systemd config'
   template:
-    src: etc/systemd/system/gitea.service.j2
-    dest: /etc/systemd/system/gitea.service
+    src: etc/systemd/system/forgejo.service.j2
+    dest: /etc/systemd/system/forgejo.service
     owner: root
     group: root
     mode: 0644
-  register: gitea_systemd
+  register: forgejo_systemd
 
 - name: '[SYSTEMD] - Enable systemd'
   systemd:
-    name: gitea
+    name: forgejo
     enabled: yes
     state: started
     daemon_reload: yes
-  notify: Restart gitea
+  notify: Restart forgejo
 
 - name: "[SYSTEMD] - Daemon-reload"
   systemd:
     daemon_reload: yes
-    name: gitea
-  when: gitea_systemd.changed
+    name: forgejo
+  when: forgejo_systemd.changed

tasks/user.yml

@@ -2,11 +2,11 @@
 
 - name: Add group
   group:
-    name: '{{ gitea_group }}'
+    name: '{{ forgejo_group }}'
     state: present
 
 - name: Add user
   user:
-    name: '{{ gitea_user }}'
+    name: '{{ forgejo_user }}'
     shell: /bin/bash
-    group: '{{ gitea_group }}'
+    group: '{{ forgejo_group }}'

templates/etc/forgejo/app.ini.j2

@@ -0,0 +1,111 @@
+# {{ ansible_managed }}
+{% for item in forgejo_base_config %}
+{{ item }}
+{% endfor %}
+
+[oauth2]
+{% for item in forgejo_oauth2_config %}
+{{ item }}
+{% endfor %}
+
+[ui]
+{% for item in forgejo_ui_config %}
+{{ item }}
+{% endfor %}
+
+[security]
+{% for item in forgejo_security_config %}
+{{ item }}
+{% endfor %}
+
+[database]
+{% for item in forgejo_database_config %}
+{{ item }}
+{% endfor %}
+
+[repository]
+{% for item in forgejo_repository_config %}
+{{ item }}
+{% endfor %}
+
+[server]
+{% for item in forgejo_server_config %}
+{{ item }}
+{% endfor %}
+
+[lfs]
+{% for item in forgejo_lfs_config %}
+{{ item }}
+{% endfor %}
+
+[mailer]
+{% for item in forgejo_mailer_config %}
+{{ item }}
+{% endfor %}
+
+[service]
+{% for item in forgejo_service_config %}
+{{ item }}
+{% endfor %}
+
+
+[mirror]
+{% for item in forgejo_mirror_config %}
+{{ item }}
+{% endfor %}
+
+[picture]
+{% for item in forgejo_picture_config %}
+{{ item }}
+{% endfor %}
+
+
+[openid]
+{% for item in forgejo_openid_config %}
+{{ item }}
+{% endfor %}
+
+
+[session]
+{% for item in forgejo_session_config %}
+{{ item }}
+{% endfor %}
+
+[log]
+{% for item in forgejo_log_config %}
+{{ item }}
+{% endfor %}
+
+[markup]
+{% for item in forgejo_markup_config %}
+{% if item.name == 'asciidoc' and item.enable == 'true' %}
+[markup.asciidoc]
+ENABLED = true
+NEED_POSTPROCESS = true
+FILE_EXTENSIONS = .adoc,.asciidoc
+RENDER_COMMAND = "asciidoctor -s -a showtitle --out-file=- -"
+IS_INPUT_FILE = false
+RENDER_CONTENT_MODE = sanitized
+{% endif %}
+{% if item.name == 'jupyter' and item.enable == 'true' %}
+[markup.jupyter]
+ENABLED = true
+FILE_EXTENSIONS = .ipynb
+RENDER_COMMAND = "jupyter nbconvert --stdin --stdout --to html --template basic"
+IS_INPUT_FILE = false
+RENDER_CONTENT_MODE = sanitized
+{% endif %}
+{% if item.name == 'html' and item.enable == 'true' %}
+[markup.html]
+ENABLED         = true
+FILE_EXTENSIONS = .html,.htm
+RENDER_COMMAND  = cat
+IS_INPUT_FILE   = true
+RENDER_CONTENT_MODE = sanitized
+{% endif %}
+{% endfor %}
+
+[email.incoming]
+{% for item in forgejo_email_incoming %}
+{{ item }}
+{% endfor %}

templates/etc/gitea/app.ini.j2

@@ -1,75 +0,0 @@
-# {{ ansible_managed }}
-{% for item in gitea_base_config %}
-{{ item }}
-{% endfor %}
-
-
-[oauth2]
-{% for item in gitea_oauth2_config %}
-{{ item }}
-{% endfor %}
-
-[ui]
-{% for item in gitea_ui_config %}
-{{ item }}
-{% endfor %}
-
-[security]
-{% for item in gitea_security_config %}
-{{ item }}
-{% endfor %}
-
-
-[database]
-{% for item in gitea_database_config %}
-{{ item }}
-{% endfor %}
-
-[repository]
-{% for item in gitea_repository_config %}
-{{ item }}
-{% endfor %}
-
-[server]
-{% for item in gitea_server_config %}
-{{ item }}
-{% endfor %}
-
-
-[mailer]
-{% for item in gitea_mailer_config %}
-{{ item }}
-{% endfor %}
-
-[service]
-{% for item in gitea_service_config %}
-{{ item }}
-{% endfor %}
-
-
-[mirror]
-{% for item in gitea_mirror_config %}
-{{ item }}
-{% endfor %}
-
-[picture]
-{% for item in gitea_picture_config %}
-{{ item }}
-{% endfor %}
-
-
-[openid]
-{% for item in gitea_openid_config %}
-{{ item }}
-{% endfor %}
-
-
-[session]
-{% for item in gitea_session_config %}
-{{ item }}
-{% endfor %}
-
-[log]
-{% for item in gitea_log_config %}
-{{ item }}
-{% endfor %}

templates/etc/systemd/system/forgejo.service.j2

@@ -0,0 +1,97 @@
+[Unit]
+Description=Forgejo (Beyond coding. We forge.)
+After=syslog.target
+After=network.target
+###
+# Don't forget to add the database service dependencies
+###
+{% if forgejo_dbservice is defined %}
+Wants={{ forgejo_dbservice }}
+After={{ forgejo_dbservice }}
+{% endif %}
+
+###
+# If using socket activation for main http/s
+###
+{% if forgejo_websocket is defined %}
+After=forgejo.main.socket
+Requires=forgejo.main.socket
+
+###
+# (You can also provide forgejo an http fallback and/or ssh socket too)
+#
+# An example of /etc/systemd/system/forgejo.main.socket
+###
+
+[Unit]
+Description=Forgejo Web Socket
+PartOf=forgejo.service
+
+[Socket]
+Service=forgejo.service
+ListenStream=<some_port>
+NoDelay=true
+
+[Install]
+WantedBy=sockets.target
+{% endif %}
+
+
+[Service]
+# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
+{% if forgejo_limitnofile is defined %}
+LimitNOFILE={{ forgejo_limitnofile }}
+{% else %}
+# LimitNOFILE=524288:524288
+{% endif %}
+RestartSec=2s
+Type=simple
+User={{ forgejo_user }}
+Group={{ forgejo_group }}
+WorkingDirectory={{ forgejo_lib_dir }}
+# If using Unix socket: tells systemd to create the /run/forgejo folder, which will contain the forgejo.sock file
+# (manually creating /run/forgejo doesn't work, because it would not persist across reboots)
+{% if forgejo_websocket is defined %}
+RuntimeDirectory=forgejo
+{% else %}
+#RuntimeDirectory=forgejo
+{% endif %}
+ExecStart={{ forgejo_bindir }}/forgejo web -c {{ forgejo_confdir }}
+Restart=always
+RestartSec=3
+Environment=USER={{ forgejo_user }} HOME=/home/{{ forgejo_user }} FORGEJO_WORK_DIR={{ forgejo_lib_dir }} FORGEJO_CUSTOM={{ forgejo_theme_dir }}
+# If you install Git to directory prefix other than default PATH (which happens
+# for example if you install other versions of Git side-to-side with
+# distribution version), uncomment below line and add that prefix to PATH
+# Don't forget to place git-lfs binary on the PATH below if you want to enable
+# Git LFS support
+{% if forgejo_custom_path is defined %}
+Environment=PATH={{ forgejo_custom_path }}:/bin:/sbin:/usr/bin:/usr/sbin
+{% else %}
+#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
+{% endif %}
+# If you want to bind Forgejo to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Forgejo its ports as above
+###
+{% if forgejo_cap_net_bind_service is defined %}
+CapabilityBoundingSet={{ forgejo_cap_net_bind_service }} 
+AmbientCapabilities={{ forgejo_cap_net_bind_service }} 
+{% else %}
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+{% endif %}
+###
+# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
+# set the following value to false to allow capabilities to be applied on Forgejo process. The following
+# value if set to true sandboxes Forgejo service and prevent any processes from running with privileges
+# in the host user namespace.
+###
+{% if forgejo_privateusers is defined %}
+PrivateUsers={{ forgejo_privateusers }}
+{% else %}
+#PrivateUsers=false
+{% endif %}
+###
+
+[Install]
+WantedBy=multi-user.target

templates/etc/systemd/system/gitea.service.j2

@@ -1,34 +0,0 @@
-[Unit]
-Description=Gitea (Git with a cup of tea)
-After=syslog.target
-After=network.target
-#Requires=mysql.service
-#Requires=mariadb.service
-#Requires=postgresql.service
-#Requires=memcached.service
-#Requires=redis.service
-
-[Service]
-# Modify these two values and uncomment them if you have
-# repos with lots of files and get an HTTP error 500 because
-# of that
-###
-#LimitMEMLOCK=infinity
-#LimitNOFILE=65535
-RestartSec=2s
-Type=simple
-User={{ gitea_user }}
-Group={{ gitea_group }}
-WorkingDirectory=/var/lib/gitea/
-ExecStart={{ gitea_bindir }}/gitea web -c {{ gitea_confdir }}
-Restart=always
-RestartSec=3
-Environment=USER={{ gitea_user }} HOME=/home/{{ gitea_user }} GITEA_WORK_DIR=/var/lib/gitea
-# If you want to bind Gitea to a port below 1024 uncomment
-# the two values below
-###
-#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-#AmbientCapabilities=CAP_NET_BIND_SERVICE
-
-[Install]
-WantedBy=multi-user.target