ihmgit_back: user “gitea” instead of “git”
parent
066781ed17
commit
096a32a7ad
|
@ -106,6 +106,9 @@ gitea_mime_attach: 'image/jpeg image/png application/zip application/gzip'
|
||||||
# A random salt-string for internal encryption (change it!).
|
# A random salt-string for internal encryption (change it!).
|
||||||
gitea_security_secret: '!#@FDEWREWR&*('
|
gitea_security_secret: '!#@FDEWREWR&*('
|
||||||
|
|
||||||
|
# System user running Gitea
|
||||||
|
gitea_user: gitea
|
||||||
|
|
||||||
# Maximum size of HTTP and PHP uploads.
|
# Maximum size of HTTP and PHP uploads.
|
||||||
http_max_upload: 10000M
|
http_max_upload: 10000M
|
||||||
|
|
||||||
|
|
|
@ -17,13 +17,6 @@
|
||||||
- gitea
|
- gitea
|
||||||
- asciidoctor
|
- asciidoctor
|
||||||
|
|
||||||
- name: set git home to Gitea repos
|
|
||||||
user:
|
|
||||||
name: git
|
|
||||||
home: /var/lib/gitea/repos
|
|
||||||
create_home: true
|
|
||||||
shell: /bin/sh
|
|
||||||
|
|
||||||
### UPSTREAM END ⇒ ###
|
### UPSTREAM END ⇒ ###
|
||||||
- name: merge upstream
|
- name: merge upstream
|
||||||
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml
|
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml
|
||||||
|
@ -52,7 +45,7 @@
|
||||||
file:
|
file:
|
||||||
path: '{{item}}'
|
path: '{{item}}'
|
||||||
state: directory
|
state: directory
|
||||||
owner: git
|
owner: '{{gitea_user}}'
|
||||||
recurse: true
|
recurse: true
|
||||||
with_items:
|
with_items:
|
||||||
- /var/lib/gitea
|
- /var/lib/gitea
|
||||||
|
@ -65,7 +58,7 @@
|
||||||
option: '{{item.o}}'
|
option: '{{item.o}}'
|
||||||
value: '{{item.v}}'
|
value: '{{item.v}}'
|
||||||
with_items:
|
with_items:
|
||||||
- {s: null, o: RUN_USER, v: git}
|
- {s: null, o: RUN_USER, v: '{{gitea_user}}'}
|
||||||
- {s: null, o: RUN_MODE, v: prod}
|
- {s: null, o: RUN_MODE, v: prod}
|
||||||
- {s: repository, o: ROOT, v: /var/lib/gitea/repos}
|
- {s: repository, o: ROOT, v: /var/lib/gitea/repos}
|
||||||
- {s: repository.editor, o: LINE_WRAP_EXTENSIONS, v: '.txt,.md,.markdown,.mdown,.mkd,.adoc,.asciidoc,'}
|
- {s: repository.editor, o: LINE_WRAP_EXTENSIONS, v: '.txt,.md,.markdown,.mdown,.mkd,.adoc,.asciidoc,'}
|
||||||
|
@ -77,7 +70,7 @@
|
||||||
- {s: server, o: LOCAL_ROOT_URL, v: ''}
|
- {s: server, o: LOCAL_ROOT_URL, v: ''}
|
||||||
- {s: server, o: SSH_DOMAIN, v: '{{net_soa}}'}
|
- {s: server, o: SSH_DOMAIN, v: '{{net_soa}}'}
|
||||||
- {s: server, o: SSH_PORT, v: 2222}
|
- {s: server, o: SSH_PORT, v: 2222}
|
||||||
- {s: server, o: SSH_ROOT_PATH, v: /var/lib/gitea/repos/.ssh}
|
- {s: server, o: SSH_ROOT_PATH, v: /var/lib/gitea/.ssh}
|
||||||
- {s: server, o: MINIMUM_KEY_SIZE_CHECK, v: 'true'}
|
- {s: server, o: MINIMUM_KEY_SIZE_CHECK, v: 'true'}
|
||||||
- {s: server, o: LFS_START_SERVER, v: 'false'}
|
- {s: server, o: LFS_START_SERVER, v: 'false'}
|
||||||
- {s: ssh.minimum_key_sizes, o: ECDSA, v: '-1'}
|
- {s: ssh.minimum_key_sizes, o: ECDSA, v: '-1'}
|
||||||
|
@ -138,8 +131,6 @@
|
||||||
copy:
|
copy:
|
||||||
content: |
|
content: |
|
||||||
[Service]
|
[Service]
|
||||||
User=git
|
|
||||||
Environment=USER=git
|
|
||||||
CapabilityBoundingSet=CAP_AUDIT_WRITE CAP_LEASE CAP_SYS_CHROOT
|
CapabilityBoundingSet=CAP_AUDIT_WRITE CAP_LEASE CAP_SYS_CHROOT
|
||||||
PrivateDevices=true
|
PrivateDevices=true
|
||||||
PrivateTmp=true
|
PrivateTmp=true
|
||||||
|
|
|
@ -225,7 +225,7 @@
|
||||||
Match Address {{(net_trusted_ranges + ' ' + (iodine_net | ipaddr('0'))) | replace(' ', ',')}}
|
Match Address {{(net_trusted_ranges + ' ' + (iodine_net | ipaddr('0'))) | replace(' ', ',')}}
|
||||||
ForceCommand none
|
ForceCommand none
|
||||||
Match LocalPort 2222
|
Match LocalPort 2222
|
||||||
AllowUsers git
|
AllowUsers {{gitea_user}}
|
||||||
PermitRootLogin no
|
PermitRootLogin no
|
||||||
PasswordAuthentication no
|
PasswordAuthentication no
|
||||||
PermitEmptyPasswords no
|
PermitEmptyPasswords no
|
||||||
|
|
Loading…
Reference in New Issue