michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9289344379b43c04bd4248fb6ae16f3ca91bc54a
michaelschiemer/deployment/ansible/roles/gitea/tasks/config.yml
Michael Schiemer 9289344379
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Failing after 1m12s
Details
🚀 Build & Deploy Image / Build Runtime Base Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Build Docker Image (push) Has been skipped
Details
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Details
🧊 Warm Docker Build Cache / Refresh Buildx Caches (push) Has been cancelled
Details
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 25s
Details
System Maintenance / Run Ansible System Maintenance (push) Successful in 1m8s
Details
📊 Monitor Workflow Performance / Monitor Workflow Performance (push) Failing after 35s
Details
Security Vulnerability Scan / Composer Security Audit (push) Failing after 27s
Details
feat(gitea): Migrate configuration from environment variables to app.ini 
- Move all Gitea configuration from docker-compose.yml environment variables to app.ini
- Enable Redis cache with proper connection string format (redis://)
- Fix Redis password to use Gitea Redis instance password (gitea_redis_password) instead of application Redis stack password
- Add database connection pool settings to prevent timeout errors
- Configure Redis for cache, session, and queue using app.ini
- Update Ansible task to use correct Redis password for Gitea Redis instance

Benefits:
- Cache now works correctly (environment variables had a bug in Gitea 1.25)
- All settings are versioned in Git
- Better maintainability and reliability
- Configuration follows Gitea documentation recommendations
2025-11-09 16:33:35 +01:00

120 lines
4.9 KiB
YAML
Raw Blame History

---
# Update Gitea Configuration (app.ini)
- name: Verify Gitea container exists
ansible.builtin.shell: |
docker compose -f {{ gitea_stack_path }}/docker-compose.yml ps {{ gitea_container_name }} | grep -q "{{ gitea_container_name }}"
register: gitea_exists
changed_when: false
failed_when: false
- name: Fail if Gitea container does not exist
ansible.builtin.fail:
msg: "Gitea container does not exist. Please deploy Gitea stack first."
when: gitea_exists.rc != 0
# Configuration is now read from Ansible variables or defaults
# Since environment variables are removed, we use defaults from docker-compose.yml
# (which are hardcoded: POSTGRES_DB=gitea, POSTGRES_USER=gitea, POSTGRES_PASSWORD=gitea_password)
- name: Set database configuration (from docker-compose.yml defaults)
ansible.builtin.set_fact:
gitea_db_type: "postgres"
gitea_db_host: "postgres:5432"
gitea_db_name: "gitea"
gitea_db_user: "gitea"
gitea_db_passwd: "gitea_password"
- name: Set server configuration from Ansible variables or defaults
ansible.builtin.set_fact:
gitea_domain: "{{ gitea_domain | default('git.michaelschiemer.de') }}"
ssh_port: "{{ ssh_port | default('2222') }}"
ssh_listen_port: "{{ ssh_listen_port | default('2222') }}"
- name: Set Redis password for Gitea Redis instance
ansible.builtin.set_fact:
# Gitea uses its own Redis instance (gitea-redis) with default password 'gitea_redis_password'
# unless vault_gitea_redis_password is explicitly set
# Note: vault_redis_password is for the application Redis stack, not Gitea Redis
redis_password: "{{ vault_gitea_redis_password | default('gitea_redis_password') }}"
- name: Generate app.ini from template
ansible.builtin.template:
src: "{{ gitea_app_ini_template | default('../../templates/gitea-app.ini.j2') }}"
dest: "{{ gitea_app_ini_path }}"
mode: '0644'
vars:
postgres_db: "{{ gitea_db_name }}"
postgres_user: "{{ gitea_db_user }}"
postgres_password: "{{ gitea_db_passwd }}"
gitea_domain: "{{ gitea_domain }}"
ssh_port: "{{ ssh_port }}"
ssh_listen_port: "{{ ssh_listen_port }}"
disable_registration: true
redis_password: "{{ redis_password }}"
- name: Copy app.ini to Gitea container
ansible.builtin.shell: |
docker compose -f {{ gitea_stack_path }}/docker-compose.yml cp {{ gitea_app_ini_path }} {{ gitea_container_name }}:{{ gitea_app_ini_container_path }}
ignore_errors: yes
- name: Wait for container to be ready for exec
ansible.builtin.shell: |
docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T {{ gitea_container_name }} true
register: container_ready
until: container_ready.rc == 0
retries: "{{ gitea_config_retries | default(30) }}"
delay: "{{ gitea_config_delay | default(2) }}"
changed_when: false
- name: Set correct permissions on app.ini in container
ansible.builtin.shell: |
docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T --user git {{ gitea_container_name }} chown 1000:1000 {{ gitea_app_ini_container_path }} && \
docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T --user git {{ gitea_container_name }} chmod 644 {{ gitea_app_ini_container_path }}
- name: Restart Gitea container
ansible.builtin.shell: |
docker compose -f {{ gitea_stack_path }}/docker-compose.yml restart {{ gitea_container_name }}
register: gitea_restart
changed_when: gitea_restart.rc == 0
notify: wait for gitea
- name: Wait for Gitea to be ready after restart
ansible.builtin.uri:
url: "{{ gitea_url }}/api/healthz"
method: GET
status_code: [200]
validate_certs: false
timeout: "{{ gitea_health_check_timeout | default(10) }}"
register: gitea_health_after_restart
until: gitea_health_after_restart.status == 200
retries: "{{ gitea_restart_retries | default(30) }}"
delay: "{{ gitea_restart_delay | default(5) }}"
when: gitea_restart.changed | default(false)
changed_when: false
- name: Display success message
ansible.builtin.debug:
msg: |
========================================
Gitea Configuration Update Complete
========================================
Gitea configuration has been updated successfully!
Configuration migrated to app.ini:
- All settings now in app.ini (versioned in Git)
- Redis cache enabled (now works correctly in app.ini)
- Redis sessions enabled (better performance and scalability)
- Redis queue enabled (persistent job processing)
- Database connection pooling configured
- Connection limits set to prevent "Timeout before authentication" errors
Benefits:
- Cache now works correctly (environment variables had a bug in Gitea 1.25)
- All settings are versioned and documented
- Better maintainability and reliability
Gitea should now be more stable and perform better with Redis cache enabled.
========================================
when: gitea_show_status | default(true) | bool
Reference in New Issue View Git Blame Copy Permalink