Config gitea

roles/gitea/tasks/gitea.yml

@@ -8,3 +8,6 @@
 - name: gitea - /etc/gitea.conf
   template: dest=/etc/gitea.conf src=gitea.conf.j2 owner=root group=root mode=0644
   notify: restart gitea
+
+- name: gitea - git user
+  user: name=_gitea shell=/bin/bash

roles/gitea/templates/gitea.conf.j2

@@ -11,7 +11,7 @@ SCRIPT_TYPE               = bash
 ; Default ANSI charset
 ANSI_CHARSET              = 
 ; Force every new repository to be private
-FORCE_PRIVATE             = true
+FORCE_PRIVATE             = false
 ; Global maximum creation limit of repository per user, -1 means no limit
 MAX_CREATION_LIMIT        = -1
 ; Mirror sync queue length, increase if mirror syncing starts hanging
@@ -42,7 +42,7 @@ LOCAL_COPY_PATH = /var/lib/gitea/tmp/local-repo
 ; Whether repository file uploads are enabled. Defaults to `true`
 ENABLED       = true
 ; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
-TEMP_PATH     = /var/lib/gitea/tmp/uploads
+TEMP_PATH     = /var/lib/gitea/data/tmp/uploads
 ; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
 ALLOWED_TYPES = 
 ; Max size of each file in MB. Defaults to 3MB
@@ -64,7 +64,7 @@ THEME_COLOR_META_TAG  = `#6cc644`
 ; Max size of files to be displayed (defaults is 8MiB)
 MAX_DISPLAY_FILE_SIZE = 8388608
 ; Whether show the user email in the Explore Users page
-SHOW_USER_EMAIL       = false
+SHOW_USER_EMAIL       = true
 
 [ui.admin]
 ; Number of users that are showed in one page
@@ -98,8 +98,8 @@ FILE_EXTENSIONS        = .md,.markdown,.mdown,.mkd
 [server]
 ; Listen protocol. One of 'http', 'https', 'unix' or 'fcgi'.
 PROTOCOL                   = http
-DOMAIN                     = localhost
+DOMAIN                     = fet.at
-ROOT_URL                   = http://localhost:3000/
+ROOT_URL                   = https://git.fet.at/
 ; Listen address. Either a IPv4/IPv6 address or the path to a unix socket.
 HTTP_ADDR                  = 0.0.0.0
 HTTP_PORT                  = 3000
@@ -116,15 +116,15 @@ START_SSH_SERVER           = false
 ; Username to use for builtin SSH server. If blank, then it is the value of RUN_USER.
 BUILTIN_SSH_SERVER_USER    = 
 ; Domain name to be exposed in clone URL
-SSH_DOMAIN                 = localhost
+SSH_DOMAIN                 = zyklon
 ; Network interface builtin SSH server listens on
 SSH_LISTEN_HOST            = 
 ; Port number to be exposed in clone URL
-SSH_PORT                   = 2222
+SSH_PORT                   = 22
 ; Port number builtin SSH server listens on
 SSH_LISTEN_PORT            = %(SSH_PORT)s
 ; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
-SSH_ROOT_PATH              = /var/lib/gitea/ssh
+SSH_ROOT_PATH              = 
 ; For built-in SSH server only, choose the ciphers to support for SSH connections,
 ; for system SSH this setting has no effect
 SSH_SERVER_CIPHERS         = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
@@ -155,8 +155,8 @@ DISABLE_ROUTER_LOG         = false
 ; not forget to export the private key):
 ; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
 ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
-CERT_FILE                  = custom/https/cert.pem
+CERT_FILE                  = /var/lib/gitea/custom/https/cert.pem
-KEY_FILE                   = custom/https/key.pem
+KEY_FILE                   = /var/lib/gitea/custom/https/key.pem
 ; Upper level of template and static file path
 ; default is the path where Gitea is executed
 STATIC_ROOT_PATH           = 
@@ -171,7 +171,7 @@ LFS_START_SERVER           = true
 ; Where your lfs files put on, default is data/lfs.
 LFS_CONTENT_PATH           = /var/lib/gitea/data/lfs
 ; LFS authentication secret, changed this to yourself.
-LFS_JWT_SECRET             = w8m-ISKhpr3M0of3kvFy0UYoL1jEXNtYenTWjgAwdWE
+LFS_JWT_SECRET             = fmdsyalJh8IKUpu5ZtUjLTfRiIhHYkRvWLVvT19CPiI
 
 ; Define allowed algorithms and their minimum key length (use -1 to disable a type)
 [ssh.minimum_key_sizes]
@@ -200,7 +200,7 @@ ITERATE_BUFFER_SIZE = 50
 ISSUE_INDEXER_PATH   = /var/lib/gitea/indexers/issues.bleve
 ; repo indexer by default disabled, since it uses a lot of disk space
 REPO_INDEXER_ENABLED = false
-REPO_INDEXER_PATH    = indexers/repos.bleve
+REPO_INDEXER_PATH    = /var/lib/gitea/indexers/repos.bleve
 UPDATE_BUFFER_LEN    = 20
 MAX_FILE_SIZE        = 1048576
 
@@ -212,7 +212,7 @@ DISABLE_REGULAR_ORG_CREATION = false
 ; Whether the installer is disabled
 INSTALL_LOCK                      = true
 ; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
-SECRET_KEY                        = 6i46vXZHHD
+SECRET_KEY                        = HqlMtuPUZY
 ; Auto-login remember days
 LOGIN_REMEMBER_DAYS               = 7
 COOKIE_USERNAME                   = gitea_awesome
@@ -225,7 +225,7 @@ MIN_PASSWORD_LENGTH               = 8
 IMPORT_LOCAL_PATHS                = false
 ; Prevent all users (including admin) from creating custom git hooks
 DISABLE_GIT_HOOKS                 = false
-INTERNAL_TOKEN                    = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1MTgwMDgwMzZ9.QnIEGL0w5G91_3DxBPG3pgcBkHVY2JDkBYUgEgbLopY
+INTERNAL_TOKEN                    = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1MjE0MTcyOTF9.47KQWaBIolVnGJNpSmCNH8_Ter_vlR8i0Cu2mLKpP8g
 
 [openid]
 ;
@@ -246,7 +246,7 @@ INTERNAL_TOKEN                    = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmY
 ;  - <username>.livejournal.com
 ;
 ; Whether to allow signin in via OpenID
-ENABLE_OPENID_SIGNIN = false
+ENABLE_OPENID_SIGNIN = true
 ; Whether to allow registering via OpenID
 ; Do not include to rely on DISABLE_REGISTRATION setting
 ;ENABLE_OPENID_SIGNUP = true
@@ -270,11 +270,11 @@ RESET_PASSWD_CODE_LIVE_MINUTES                = 180
 ; User need to confirm e-mail for registration
 REGISTER_EMAIL_CONFIRM                        = false
 ; Does not allow register and admin create account only
-DISABLE_REGISTRATION                          = false
+DISABLE_REGISTRATION                          = true
 ; User must sign in to view anything.
-REQUIRE_SIGNIN_VIEW                           = false
+REQUIRE_SIGNIN_VIEW                           = true
 ; Mail notification
-ENABLE_NOTIFY_MAIL                            = false
+ENABLE_NOTIFY_MAIL                            = true
 ; More detail: https://github.com/go-gitea/gitea/issues/165
 ENABLE_REVERSE_PROXY_AUTHENTICATION           = false
 ENABLE_REVERSE_PROXY_AUTO_REGISTRATION        = false
@@ -308,7 +308,7 @@ SKIP_TLS_VERIFY = false
 PAGING_NUM      = 10
 
 [mailer]
-ENABLED            = false
+ENABLED            = true
 ; Buffer length of channel, keep it as it is if you don't know what it is.
 SEND_BUFFER_LEN    = 100
 ; Name displayed in mail title
@@ -317,7 +317,7 @@ SUBJECT            = %(APP_NAME)s
 ; Gmail: smtp.gmail.com:587
 ; QQ: smtp.qq.com:465
 ; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
-HOST               = 
+HOST               = buran.htu.tuwien.ac.at:25
 ; Disable HELO operation when hostname are different.
 DISABLE_HELO       = 
 ; Custom hostname for HELO operation, default is from system.
@@ -326,10 +326,10 @@ HELO_HOSTNAME      =
 SKIP_VERIFY        = 
 ; Use client certificate
 USE_CERTIFICATE    = false
-CERT_FILE          = custom/mailer/cert.pem
+CERT_FILE          = /var/lib/gitea/custom/mailer/cert.pem
-KEY_FILE           = custom/mailer/key.pem
+KEY_FILE           = /var/lib/gitea/custom/mailer/key.pem
 ; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
-FROM               = 
+FROM               = noreply@fet.at
 ; Mailer user name and password
 USER               = 
 PASSWD             =