Add self-contained Gitea Git service with PostgreSQL integration

- Implements complete Gitea Git service following rick-infra self-contained architecture - Uses PostgreSQL infrastructure role as dependency and manages own database/user - Native Arch Linux installation via pacman packages - Automatic database setup (gitea database and user creation) - SystemD service with security hardening and proper dependency management - Caddy reverse proxy integration deployed to sites-enabled directory - SSH server on port 2222 with automatic host key generation - Production-ready with LFS support, security headers, and HTTPS via Caddy - Follows simplified configuration approach with essential variables only - Self-contained pattern: service manages complete setup independently
2025-11-18 22:32:31 +01:00
parent 762d00eebf
commit ddbdefd27f
9 changed files with 442 additions and 34 deletions
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -0,0 +1,114 @@
+---
+# Gitea Service Role - Self-Contained Implementation
+# Manages Gitea Git service with own database
+
+- name: Install Gitea from Arch repository
+  pacman:
+    name: gitea
+    state: present
+
+- name: Install Git (required for Gitea)
+  pacman:
+    name: git
+    state: present
+
+- name: Create Gitea user and group
+  user:
+    name: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    system: yes
+    shell: /bin/bash
+    home: "{{ gitea_home }}"
+    create_home: yes
+
+- name: Create Gitea directories
+  file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: '0755'
+  loop:
+    - "{{ gitea_home }}"
+    - "{{ gitea_home }}/data"
+    - "{{ gitea_home }}/repositories"
+    - "{{ gitea_home }}/log"
+    - /etc/gitea
+
+- name: Create Gitea SSH directory with proper permissions
+  file:
+    path: "{{ gitea_home }}/.ssh"
+    state: directory
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: '0700'
+
+# Self-contained database management
+- name: Create Gitea database user
+  postgresql_user:
+    name: "{{ gitea_db_user }}"
+    password: "{{ gitea_db_password }}"
+    encrypted: yes
+  become: yes
+  become_user: postgres
+
+- name: Create Gitea database
+  postgresql_db:
+    name: "{{ gitea_db_name }}"
+    owner: "{{ gitea_db_user }}"
+    encoding: UTF8
+    template: template0
+  become: yes
+  become_user: postgres
+
+- name: Deploy Gitea configuration
+  template:
+    src: app.ini.j2
+    dest: /etc/gitea/app.ini
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: '0600'
+  notify: restart gitea
+
+- name: Deploy Gitea systemd service file
+  template:
+    src: gitea.service.j2
+    dest: /etc/systemd/system/gitea.service
+    mode: '0644'
+  notify:
+    - reload systemd
+    - restart gitea
+
+- name: Deploy Caddy configuration for Gitea
+  template:
+    src: gitea.caddy.j2
+    dest: "{{ caddy_sites_enabled_dir }}/gitea.caddy"
+    mode: '0644'
+  notify: reload caddy
+  when: caddy_sites_enabled_dir is defined
+
+- name: Enable and start Gitea service
+  systemd:
+    name: gitea
+    enabled: "{{ gitea_service_enabled }}"
+    state: "{{ gitea_service_state }}"
+    daemon_reload: yes
+
+- name: Wait for Gitea to be ready
+  wait_for:
+    port: "{{ gitea_http_port }}"
+    host: "127.0.0.1"
+    timeout: 30
+  when: gitea_service_state == "started"
+
+- name: Display Gitea service status
+  debug:
+    msg: |
+      ✅ Gitea Git service deployed successfully!
+      
+      🌐 Web Interface: https://{{ gitea_full_domain }}
+      🔗 SSH Clone: ssh://git@{{ gitea_full_domain }}:{{ gitea_ssh_port }}
+      📦 Local HTTP: http://127.0.0.1:{{ gitea_http_port }}
+      🗄️  Database: {{ gitea_db_name }} (self-managed)
+      
+      🏗️ Self-contained service ready for Git repositories!