Ansible Role: SCM

Software Code Management role. Currently installs and manages Gitea on Debian and Ubuntu systems. The role downloads a versioned upstream binary, keeps a previous version for quick rollback via a symlink, creates a dedicated system user, writes app.ini fully from variables, and manages the systemd unit.

Requirements

This role requires Ansible 2.12 or higher. The target system should be Debian or Ubuntu.

Role Variables

The following variables are defined in defaults/main.yml:

Variable	Description	Default Value
`gitea_name`	Service name (used for binary, unit, paths)	`gitea`
`gitea_version`	Gitea version to install (no leading `v`)	`1.25.5`
`gitea_arch`	Architecture suffix of the upstream release	`amd64`
`gitea_opt`	Install directory (holds versioned binaries + symlink)	`/opt/{{ gitea_name }}`
`gitea_etc`	Config directory (`app.ini` lives here)	`/etc/{{ gitea_name }}`
`gitea_home`	Data directory / `WorkingDirectory`	`/var/lib/{{ gitea_name }}`
`gitea_url`	Full download URL of the `linux-<arch>` binary	upstream GitHub release URL
`gitea_keep_versions`	Previous versioned binaries to keep for rollback	`1`
`gitea_user_create`	Whether this role should create the system user/group	`true`
`gitea_user` / `gitea_group`	Service user and group	`git` / `git`
`gitea_uid` / `gitea_gid`	Optional fixed uid/gid	unset (system-assigned)
`gitea_user_home`	Home directory for the service user	`/home/{{ gitea_user }}`
`gitea_user_shell`	Login shell for the service user	`/bin/bash`
`gitea_app_ini`	Dict rendered verbatim into `app.ini`	minimal sqlite3 defaults

About `gitea_app_ini`

app.ini is fully driven from this dictionary. Keys become INI sections; the reserved key DEFAULT is rendered at the top of the file without a section header (matching Gitea's convention). Section names with dots (e.g. cron.update_checker, repository.signing) are preserved verbatim. Override this dict in your playbook to inject any setting Gitea supports.

Dependencies

None.

Example Playbook

- hosts: gitea_servers
  roles:
    - role: ansible_role_scm
      vars:
        gitea_version: '1.25.5'
        gitea_user: 'git'
        gitea_app_ini:
          DEFAULT:
            APP_NAME: 'My Gitea'
            RUN_USER: 'git'
            WORK_PATH: '/var/lib/gitea'
            RUN_MODE: 'prod'
          server:
            DOMAIN: 'git.example.com'
            HTTP_PORT: 3000
            ROOT_URL: 'https://git.example.com/'
            DISABLE_SSH: true
          database:
            DB_TYPE: 'postgres'
            HOST: '127.0.0.1:5432'
            NAME: 'giteadb'
            USER: 'gitea'
            PASSWD: '{{ vault_gitea_db_password }}'
            SSL_MODE: 'disable'
          security:
            INSTALL_LOCK: true
            INTERNAL_TOKEN: '{{ vault_gitea_internal_token }}'

License

GPL-3.0-only

Author Information

Luciano Giacchetta
Giacchetta Networks LLC
https://gianet.us/engineering/ansible_role_scm

Requirements​

Role Variables​

About gitea_app_ini​

Dependencies​

Example Playbook​

License​

Author Information​