--- - name: Start Woodpecker-CI block: - name: Check for Gitea installation ansible.builtin.fail: msg: "Woodpecker-CI requires Gitea enabled and running for authentication, please set that up first." when: gitea_enabled is false - name: Check for Gitea config ansible.builtin.fail: msg: "Missing Gitea Oauth2 config! Read https://woodpecker-ci.org/docs/administration/forges/gitea and set woodpecker_ci_gitea_client and woodpecker_ci_gitea_secret." when: woodpecker_ci_gitea_client == "notset" - name: Create Woodpecker-CI Directories ansible.builtin.file: path: "{{ item }}" state: directory with_items: - "{{ woodpecker_ci_data_directory }}" - name: Create Woodpecker-CI container community.docker.docker_container: container_default_behavior: no_defaults name: "{{ woodpecker_ci_container_name }}" image: "{{ woodpecker_ci_image_name }}:{{ woodpecker_ci_image_version }}" pull: true volumes: - "{{ woodpecker_ci_data_directory }}:/var/lib/woodpecker:rw" ports: - "{{ woodpecker_ci_port_ui }}:8000" - "{{ woodpecker_ci_port_grpc }}:9000" env: WOODPECKER_ADMIN: "{{ woodpecker_ci_admin_user }}" WOODPECKER_OPEN: "true" WOODPECKER_HOST: "{{ woodpecker_ci_address }}" WOODPECKER_AGENT_SECRET: "{{ woodpecker_ci_agent_secret }}" WOODPECKER_GITEA: "true" WOODPECKER_GITEA_URL: "{{ woodpecker_ci_gitea_url }}" WOODPECKER_GITEA_CLIENT: "{{ woodpecker_ci_gitea_client }}" WOODPECKER_GITEA_SECRET: "{{ woodpecker_ci_gitea_secret }}" WOODPECKER_LOG_LEVEL: "{{ woodpecker_ci_log_level }}" restart_policy: unless-stopped memory: "{{ woodpecker_ci_memory }}" labels: traefik.enable: "{{ woodpecker_ci_available_externally | string }}" traefik.http.routers.woodpecker_ci.rule: "Host(`{{ woodpecker_ci_hostname }}.{{ ansible_nas_domain }}`)" traefik.http.routers.woodpecker_ci.tls.certresolver: "letsencrypt" traefik.http.routers.woodpecker_ci.tls.domains[0].main: "{{ ansible_nas_domain }}" traefik.http.routers.woodpecker_ci.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" traefik.http.services.woodpecker_ci.loadbalancer.server.port: "8000" - name: Create Woodpecker-CI agent container community.docker.docker_container: container_default_behavior: no_defaults name: "{{ woodpecker_ci_agent_container_name }}" image: "{{ woodpecker_ci_agent_image_name }}:{{ woodpecker_ci_agent_image_version }}" pull: true volumes: - "/var/run/docker.sock:/var/run/docker.sock:rw" env: WOODPECKER_SERVER: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ woodpecker_ci_port_grpc }}" WOODPECKER_AGENT_SECRET: "{{ woodpecker_ci_agent_secret }}" WOODPECKER_LOG_LEVEL: "{{ woodpecker_ci_log_level }}" restart_policy: unless-stopped memory: "{{ woodpecker_ci_agent_memory }}" - name: Add webhook allowed hosts to Gitea ansible.builtin.blockinfile: path: "{{ gitea_data_directory }}/gitea/gitea/conf/app.ini" block: | [webhook] ALLOWED_HOST_LIST=private SKIP_TLS_VERIFY=true notify: restart tags: molecule-notest when: woodpecker_ci_enabled is true - name: Stop Woodpecker-CI block: - name: Stop Woodpecker-CI community.docker.docker_container: name: "{{ woodpecker_ci_container_name }}" state: absent when: woodpecker_ci_enabled is false