mirror of
https://github.com/davestephens/ansible-nas
synced 2025-01-15 13:04:00 +00:00
84 lines
3.6 KiB
YAML
84 lines
3.6 KiB
YAML
---
|
|
- name: Start Woodpecker-CI
|
|
block:
|
|
- name: Check for Gitea installation
|
|
ansible.builtin.fail:
|
|
msg: "Woodpecker-CI requires Gitea enabled and running for authentication, please set that up first."
|
|
when: gitea_enabled is false
|
|
|
|
- name: Check for Gitea config
|
|
ansible.builtin.fail:
|
|
msg: "Missing Gitea Oauth2 config! Read https://woodpecker-ci.org/docs/administration/forges/gitea and set woodpecker_ci_gitea_client and woodpecker_ci_gitea_secret."
|
|
when: woodpecker_ci_gitea_client == "notset"
|
|
|
|
- name: Create Woodpecker-CI Directories
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
with_items:
|
|
- "{{ woodpecker_ci_data_directory }}"
|
|
|
|
- name: Create Woodpecker-CI container
|
|
community.docker.docker_container:
|
|
container_default_behavior: no_defaults
|
|
name: "{{ woodpecker_ci_container_name }}"
|
|
image: "{{ woodpecker_ci_image_name }}:{{ woodpecker_ci_image_version }}"
|
|
pull: true
|
|
volumes:
|
|
- "{{ woodpecker_ci_data_directory }}:/var/lib/woodpecker:rw"
|
|
ports:
|
|
- "{{ woodpecker_ci_port_ui }}:8000"
|
|
- "{{ woodpecker_ci_port_grpc }}:9000"
|
|
env:
|
|
WOODPECKER_ADMIN: "{{ woodpecker_ci_admin_user }}"
|
|
WOODPECKER_OPEN: "true"
|
|
WOODPECKER_HOST: "{{ woodpecker_ci_address }}"
|
|
WOODPECKER_AGENT_SECRET: "{{ woodpecker_ci_agent_secret }}"
|
|
WOODPECKER_GITEA: "true"
|
|
WOODPECKER_GITEA_URL: "{{ woodpecker_ci_gitea_url }}"
|
|
WOODPECKER_GITEA_CLIENT: "{{ woodpecker_ci_gitea_client }}"
|
|
WOODPECKER_GITEA_SECRET: "{{ woodpecker_ci_gitea_secret }}"
|
|
WOODPECKER_LOG_LEVEL: "{{ woodpecker_ci_log_level }}"
|
|
restart_policy: unless-stopped
|
|
memory: "{{ woodpecker_ci_memory }}"
|
|
labels:
|
|
traefik.enable: "{{ woodpecker_ci_available_externally | string }}"
|
|
traefik.http.routers.woodpecker_ci.rule: "Host(`{{ woodpecker_ci_hostname }}.{{ ansible_nas_domain }}`)"
|
|
traefik.http.routers.woodpecker_ci.tls.certresolver: "letsencrypt"
|
|
traefik.http.routers.woodpecker_ci.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
|
traefik.http.routers.woodpecker_ci.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
|
traefik.http.services.woodpecker_ci.loadbalancer.server.port: "8000"
|
|
|
|
- name: Create Woodpecker-CI agent container
|
|
community.docker.docker_container:
|
|
container_default_behavior: no_defaults
|
|
name: "{{ woodpecker_ci_agent_container_name }}"
|
|
image: "{{ woodpecker_ci_agent_image_name }}:{{ woodpecker_ci_agent_image_version }}"
|
|
pull: true
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock:rw"
|
|
env:
|
|
WOODPECKER_SERVER: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ woodpecker_ci_port_grpc }}"
|
|
WOODPECKER_AGENT_SECRET: "{{ woodpecker_ci_agent_secret }}"
|
|
WOODPECKER_LOG_LEVEL: "{{ woodpecker_ci_log_level }}"
|
|
restart_policy: unless-stopped
|
|
memory: "{{ woodpecker_ci_agent_memory }}"
|
|
|
|
- name: Add webhook allowed hosts to Gitea
|
|
ansible.builtin.blockinfile:
|
|
path: "{{ gitea_data_directory }}/gitea/gitea/conf/app.ini"
|
|
block: |
|
|
[webhook]
|
|
ALLOWED_HOST_LIST=private
|
|
SKIP_TLS_VERIFY=true
|
|
notify: restart
|
|
tags: molecule-notest
|
|
when: woodpecker_ci_enabled is true
|
|
|
|
- name: Stop Woodpecker-CI
|
|
block:
|
|
- name: Stop Woodpecker-CI
|
|
community.docker.docker_container:
|
|
name: "{{ woodpecker_ci_container_name }}"
|
|
state: absent
|
|
when: woodpecker_ci_enabled is false
|