tobiasd
609ca87f9d
continuous-integration/drone/push Build was killed
Details
|
||
---|---|---|
group_vars | ||
inventory@0793fc7957 | ||
roles | ||
.drone.yml | ||
.gitignore | ||
.gitmodules | ||
README.md | ||
ansible.cfg | ||
playbook.yml | ||
vaultpw.gpg | ||
vaultpw.sh |
README.md
FSFE Git Service
This Ansible playbook takes care of setting up the FSFE's Git Service, currently based on Gitea. Some sensible bits are encrypted.
- Base setup of host
- MySQL database for gitea
- Gitea configuration
- Webserver (nginx) including some rate limits
Prerequisites
The machine should be connected via innernet in order to authenticate users via LDAP. This is not part of this playbook.
Updates and configuration
Use this playbook to update the configuration of all elements described above. There is one exception though:
Upgrading Gitea
First, make a snapshot of davy
in Proxmox and schedule downtime in the
monitoring system. Before proceeding with the update, also announce the possible
downtime in the team chat.
To upgrade Gitea itself (in binary form), use /root/bin/gitea-upgrade.sh
while
providing the desired version. For example:
/root/bin/gitea-upgrade.sh 1.13.7
This takes care of downloading the binary, checking the hashsum, replacing the binary, and reminding you of restarting the service.
Afterwards - especially after major upgrades – compare the
upstream templates
for this release (choose the tag!) with the ones stored in
roles/gitea/files/custom/templates
. If substantial changes happened with this
release, take the new versions and migrate the custom changes to them. You have
to rerun the playbook (ansible-playbook playbook -t gitea
) and restart gitea
to put these into effect.