Fix Gitea PostgreSQL socket permission issue
- Add git user to postgres group for Unix socket access - Ensure PostgreSQL socket directory has proper permissions - Add socket connectivity test before database operations - Update database tasks to use explicit socket parameters - Add missing database privileges grant task Resolves timeout issue in 'waiting for gitea to be ready' task caused by permission denied errors when accessing PostgreSQL Unix socket. Follows same pattern as working Authentik role.
This commit is contained in:
@@ -43,22 +43,58 @@
|
|||||||
group: "{{ gitea_group }}"
|
group: "{{ gitea_group }}"
|
||||||
mode: '0700'
|
mode: '0700'
|
||||||
|
|
||||||
|
# Socket access setup (following Authentik pattern)
|
||||||
|
- name: Add git user to postgres group for socket access
|
||||||
|
user:
|
||||||
|
name: "{{ gitea_user }}"
|
||||||
|
groups: postgres
|
||||||
|
append: true
|
||||||
|
|
||||||
|
- name: Ensure git can access PostgreSQL socket directory
|
||||||
|
file:
|
||||||
|
path: "/var/run/postgresql"
|
||||||
|
mode: '0770'
|
||||||
|
group: postgres
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Test PostgreSQL socket connectivity
|
||||||
|
postgresql_ping:
|
||||||
|
login_unix_socket: "/var/run/postgresql"
|
||||||
|
login_user: "{{ gitea_user }}"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ gitea_user }}"
|
||||||
|
|
||||||
# Self-contained database management
|
# Self-contained database management
|
||||||
- name: Create Gitea database user
|
- name: Create Gitea database user via socket
|
||||||
postgresql_user:
|
postgresql_user:
|
||||||
name: "{{ gitea_db_user }}"
|
name: "{{ gitea_db_user }}"
|
||||||
password: "{{ gitea_db_password }}"
|
password: "{{ gitea_db_password }}"
|
||||||
encrypted: yes
|
encrypted: yes
|
||||||
become: yes
|
login_unix_socket: "/var/run/postgresql"
|
||||||
|
login_user: postgres
|
||||||
|
become: true
|
||||||
become_user: postgres
|
become_user: postgres
|
||||||
|
|
||||||
- name: Create Gitea database
|
- name: Create Gitea database via socket
|
||||||
postgresql_db:
|
postgresql_db:
|
||||||
name: "{{ gitea_db_name }}"
|
name: "{{ gitea_db_name }}"
|
||||||
owner: "{{ gitea_db_user }}"
|
owner: "{{ gitea_db_user }}"
|
||||||
encoding: UTF8
|
encoding: UTF8
|
||||||
template: template0
|
template: template0
|
||||||
become: yes
|
login_unix_socket: "/var/run/postgresql"
|
||||||
|
login_user: postgres
|
||||||
|
become: true
|
||||||
|
become_user: postgres
|
||||||
|
|
||||||
|
- name: Grant Gitea database privileges
|
||||||
|
postgresql_privs:
|
||||||
|
db: "{{ gitea_db_name }}"
|
||||||
|
privs: ALL
|
||||||
|
type: database
|
||||||
|
role: "{{ gitea_db_user }}"
|
||||||
|
login_unix_socket: "/var/run/postgresql"
|
||||||
|
login_user: postgres
|
||||||
|
become: true
|
||||||
become_user: postgres
|
become_user: postgres
|
||||||
|
|
||||||
- name: Deploy Gitea configuration
|
- name: Deploy Gitea configuration
|
||||||
|
|||||||
Reference in New Issue
Block a user