move from gitea to forgejo

Makefile

@@ -10,8 +10,8 @@ syncthing:
 nsd:
 	ansible-playbook playbooks/nsd.yml -i inventory/hosts.yml --ask-vault-pass
 
-gitea:
+forgejo:
-	ansible-playbook playbooks/gitea.yml -i inventory/hosts.yml --ask-vault-pass
+	ansible-playbook playbooks/forgejo.yml -i inventory/hosts.yml --ask-vault-pass
 
 radicale:
 	ansible-playbook playbooks/radicale.yml -i inventory/hosts.yml

README.md

@@ -1,7 +1,5 @@
 # Ansible scripts for our private Intel NUC servers
-
 ## TODO
-
 ### nsd
 
 - Change IPv6 addresses
@@ -19,7 +17,10 @@ Seems to be a little annoying with all the docker stuff
 
 ### Gitea
 
+- Move to forgejo
 - Fix SSH port
 - Move over some repos
 - Setup automatic syncing
 - Use own git servers
+
+### Jitsi

playbooks/all.yml

@@ -4,8 +4,8 @@
     - ssh
     - nsd
     - syncthing
+    - kms
     - pizzeria
-    - gitea
+    - forgejo
     - radicale
     - mastodon
-    - kms

playbooks/forgejo.yml

@@ -0,0 +1,4 @@
+- name: Install forgejo
+  hosts: nucs
+  roles:
+    - forgejo

playbooks/gitea.yml

@@ -1,4 +0,0 @@
-- name: Install gitea
-  hosts: nucs
-  roles:
-    - gitea

roles/forgejo/files/docker-compose.yml

@@ -0,0 +1,27 @@
+version: "3"
+
+networks:
+  traefik:
+    external: true
+
+services:
+  server:
+    image: codeberg.org/forgejo/forgejo:1.18
+    container_name: forgejo
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    restart: always
+    networks:
+      - traefik
+    volumes:
+      - /data/forgejo:/data
+      - /apps/forgejo/conf:/data/forgejo/conf
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    labels:
+      - traefik.http.routers.forgejo.entrypoints=websecure
+      - traefik.http.routers.forgejo.rule=Host(`git.pizzapim.nl`)
+      - traefik.http.routers.forgejo.tls=true
+      - traefik.http.routers.forgejo.tls.certresolver=pizzapim
+      - traefik.http.services.forgejo.loadbalancer.server.port=3000

roles/forgejo/tasks/main.yml

@@ -1,31 +1,31 @@
 - name: Create app directory
   file:
-    path: /apps/gitea
+    path: /apps/forgejo
     state: directory
 - name: Copy Docker Compose script
   copy:
     src: "{{ role_path }}/files/docker-compose.yml"
-    dest: /apps/gitea/docker-compose.yml
+    dest: /apps/forgejo/docker-compose.yml
 - name: Create data directory
   file:
-    path: /data/gitea
+    path: /data/forgejo
     state: directory
     owner: 1000
     group: 1000
 - name: Copy conf directory
   file:
-    path: /apps/gitea/conf
+    path: /apps/forgejo/conf
     state: directory
     owner: 1000
     group: 1000
 - name: Copy app.ini
   template:
     src: "{{ role_path }}/templates/app.ini"
-    dest: /apps/gitea/conf/app.ini
+    dest: /apps/forgejo/conf/app.ini
   register: config
 - name: Start the Docker Compose
   community.docker.docker_compose:
-    project_src: /apps/gitea
+    project_src: /apps/forgejo
     pull: true
     remove_orphans: true
     restarted: "{{ config.changed }}"

roles/forgejo/templates/app.ini

@@ -1,4 +1,4 @@
-APP_NAME = Gitea: Git with a cup of tea
+APP_NAME = Forgejo: Beyond coding. We forge.
 RUN_MODE = prod
 RUN_USER = git
 
@@ -13,15 +13,15 @@ TEMP_PATH = /data/gitea/uploads
 
 [server]
 APP_DATA_PATH    = /data/gitea
-DOMAIN           = localhost
+DOMAIN           = git.pizzapim.nl
-SSH_DOMAIN       = localhost
+SSH_DOMAIN       = git.pizzapim.nl
 HTTP_PORT        = 3000
-ROOT_URL         = {{ gitea.root_url }}
+ROOT_URL         = {{ forgejo.root_url }}
 DISABLE_SSH      = false
-SSH_PORT         = 22
+SSH_PORT         = 2222
 SSH_LISTEN_PORT  = 22
 LFS_START_SERVER = true
-LFS_JWT_SECRET   = {{ gitea.lfs_jwt_secret }}
+LFS_JWT_SECRET   = {{ forgejo.lfs_jwt_secret }}
 OFFLINE_MODE     = false
 
 [database]
@@ -46,8 +46,7 @@ PROVIDER        = file
 [picture]
 AVATAR_UPLOAD_PATH            = /data/gitea/avatars
 REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
-DISABLE_GRAVATAR              = false
+ENABLE_FEDERATED_AVATAR       = false
-ENABLE_FEDERATED_AVATAR       = true
 
 [attachment]
 PATH = /data/gitea/attachments
@@ -63,17 +62,17 @@ INSTALL_LOCK                  = true
 SECRET_KEY                    = 
 REVERSE_PROXY_LIMIT           = 1
 REVERSE_PROXY_TRUSTED_PROXIES = *
-INTERNAL_TOKEN                = {{ gitea.internal_token }}
+INTERNAL_TOKEN                = {{ forgejo.internal_token }}
 PASSWORD_HASH_ALGO            = pbkdf2
 
 [service]
 DISABLE_REGISTRATION              = true
 REQUIRE_SIGNIN_VIEW               = false
 REGISTER_EMAIL_CONFIRM            = false
-ENABLE_NOTIFY_MAIL                = true
+ENABLE_NOTIFY_MAIL                = false
 ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
 ENABLE_CAPTCHA                    = false
-DEFAULT_KEEP_EMAIL_PRIVATE        = false
+DEFAULT_KEEP_EMAIL_PRIVATE        = true
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
 DEFAULT_ENABLE_TIMETRACKING       = true
 NO_REPLY_ADDRESS                  = noreply.localhost
@@ -82,19 +81,19 @@ NO_REPLY_ADDRESS                  = noreply.localhost
 PATH = /data/git/lfs
 
 [mailer]
-ENABLED = true
+ENABLED   = true
-HOST    = {{ gitea.mailer_host }}
+SMTP_ADDR = {{ forgejo.mailer_host }}
-FROM    = {{ gitea.mailer_from }}
+SMTP_PORT = 587
-USER    = 
+FROM      = {{ forgejo.mailer_from }}
-PASSWD  = 
+USER      = 
+PASSWD    = 
 
 [openid]
 ENABLE_OPENID_SIGNIN = true
-ENABLE_OPENID_SIGNUP = true
+ENABLE_OPENID_SIGNUP = false
 
 [repository.pull-request]
 DEFAULT_MERGE_STYLE = merge
 
 [repository.signing]
 DEFAULT_TRUST_MODEL = committer
-

roles/forgejo/vars/main.yml

@@ -1,7 +1,7 @@
-gitea:
+forgejo:
   root_url: "https://git.pizzapim.nl"
-  mailer_host: "smtp.tweak.nl:587"
+  mailer_host: "smtp.tweak.nl"
-  mailer_from: "gitea@kunis.nl"
+  mailer_from: "git@kunis.nl"
   lfs_jwt_secret: !vault |
           $ANSIBLE_VAULT;1.1;AES256
           66613032363837346461326131303839646332646233633736623865346135623739343233396165

roles/gitea/files/docker-compose.yml

@@ -1,27 +0,0 @@
-version: "3"
-
-networks:
-  traefik:
-    external: true
-
-services:
-  server:
-    image: gitea/gitea:1.17.4
-    container_name: gitea
-    environment:
-      - USER_UID=1000
-      - USER_GID=1000
-    restart: always
-    networks:
-      - traefik
-    volumes:
-      - /data/gitea:/data
-      - /apps/gitea/conf:/data/gitea/conf
-      - /etc/timezone:/etc/timezone:ro
-      - /etc/localtime:/etc/localtime:ro
-    labels:
-      - traefik.http.routers.gitea.entrypoints=websecure
-      - traefik.http.routers.gitea.rule=Host(`git.pizzapim.nl`)
-      - traefik.http.routers.gitea.tls=true
-      - traefik.http.routers.gitea.tls.certresolver=pizzapim
-      - traefik.http.services.gitea.loadbalancer.server.port=3000