forked from uumas/ansible-docker
Implement ssh config of gitea role
This commit is contained in:
uumas
@@ -5,6 +5,7 @@ These variables are required. Example values included. Some general variables mi
|
|||||||
ports:
|
ports:
|
||||||
gitea:
|
gitea:
|
||||||
http: 8080
|
http: 8080
|
||||||
|
ssh: 2222
|
||||||
|
|
||||||
docker_vhost_domains:
|
docker_vhost_domains:
|
||||||
gitea:
|
gitea:
|
||||||
|
|||||||
@@ -2,3 +2,5 @@
|
|||||||
|
|
||||||
reverse_proxy_type: caddy
|
reverse_proxy_type: caddy
|
||||||
docker_database: none
|
docker_database: none
|
||||||
|
docker_additional_env: {}
|
||||||
|
docker_published_ports: []
|
||||||
|
|||||||
@@ -36,9 +36,9 @@
|
|||||||
pull: true
|
pull: true
|
||||||
container_default_behavior: no_defaults
|
container_default_behavior: no_defaults
|
||||||
volumes: "{{ docker_volumes | default(omit) }}"
|
volumes: "{{ docker_volumes | default(omit) }}"
|
||||||
published_ports: "{{ container_published_ports | default(omit) }}"
|
published_ports: "{{ container_published_ports + docker_published_ports | default(omit) }}"
|
||||||
labels: "{{ traefik_labels | default(omit) }}"
|
labels: "{{ traefik_labels | default(omit) }}"
|
||||||
env: "{{ docker_env }}"
|
env: "{{ docker_env | combine(docker_additional_env) }}"
|
||||||
entrypoint: "{{ docker_entrypoint | default(omit) }}"
|
entrypoint: "{{ docker_entrypoint | default(omit) }}"
|
||||||
restart_policy: always
|
restart_policy: always
|
||||||
networks:
|
networks:
|
||||||
|
|||||||
@@ -8,7 +8,12 @@ dependencies:
|
|||||||
docker_database: postgres
|
docker_database: postgres
|
||||||
docker_volumes:
|
docker_volumes:
|
||||||
- gitea_data:/data
|
- gitea_data:/data
|
||||||
|
- /var/lib/gitea/.ssh/:/data/git/.ssh
|
||||||
|
docker_published_ports:
|
||||||
|
- "127.0.0.1:{{ ports.gitea.ssh }}:22"
|
||||||
docker_env:
|
docker_env:
|
||||||
|
USER_UID: '2132'
|
||||||
|
USER_GID: '2132'
|
||||||
GITEA__database__DB_TYPE: postgres
|
GITEA__database__DB_TYPE: postgres
|
||||||
GITEA__database__USER: gitea
|
GITEA__database__USER: gitea
|
||||||
GITEA__database__HOST: gitea_db:5432
|
GITEA__database__HOST: gitea_db:5432
|
||||||
|
|||||||
28
roles/gitea/tasks/main.yml
Normal file
28
roles/gitea/tasks/main.yml
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Create git group on host for gitea ssh
|
||||||
|
group:
|
||||||
|
name: git
|
||||||
|
gid: 2132
|
||||||
|
system: yes
|
||||||
|
|
||||||
|
- name: Create git user on host for gitea ssh
|
||||||
|
user:
|
||||||
|
name: git
|
||||||
|
uid: 2132
|
||||||
|
group: git
|
||||||
|
system: yes
|
||||||
|
home: /var/lib/gitea
|
||||||
|
generate_ssh_key: yes
|
||||||
|
register: git_user
|
||||||
|
|
||||||
|
- name: Add git user's own ssh key to its authorized keys
|
||||||
|
authorized_key:
|
||||||
|
user: git
|
||||||
|
key: "{{ git_user.ssh_public_key }}"
|
||||||
|
|
||||||
|
- name: Put gitea ssh forwarder in place
|
||||||
|
template:
|
||||||
|
src: gitea_ssh_forward.j2
|
||||||
|
dest: /usr/local/bin/gitea
|
||||||
|
mode: '755'
|
||||||
2
roles/gitea/templates/gitea_ssh_forward.j2
Normal file
2
roles/gitea/templates/gitea_ssh_forward.j2
Normal file
@@ -0,0 +1,2 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
ssh -p {{ ports.gitea.ssh }} -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
|
||||||
Reference in New Issue
Block a user