wetgit/meta
1
0
Fork 0
Code Issues 20 Pull requests Projects Releases Packages Wiki Activity Actions
meta/ansible/roles/wetgit-forgejo/tasks/main.yml
Coornhert 03402cdfa0 feat: dagelijkse sync pipeline + cron job 
- sync.py: vergelijkt SRU catalogus met lokale staat, verwerkt delta's
- daily-sync.sh: wrapper script voor cron (lock, clone, pull, sync, push)
- Cron job: dagelijks om 03:00 op dt-prod-01
- Forgejo API token in group_vars voor git push authenticatie

Refs #9
2026-03-30 06:42:04 +02:00

166 lines
4.5 KiB
YAML
Raw Blame History

---
# WetGIT Forgejo (self-hosted Git) + Redis
#
# Deploys Forgejo and Redis as Docker containers.
# Forgejo serves git.wetgit.nl (HTTPS-only, no SSH — blocked by firewall).
# Redis provides Celery broker for the WetGIT pipeline.
#
# IMPORTANT: Does NOT touch dt-platform's Docker services (grimoire).
# All containers use the 'wetgit-network' Docker network.
# --- System user ---
- name: Create wetgit system user
user:
name: wetgit
system: yes
home: /opt/wetgit
shell: /bin/bash
create_home: no
- name: Get wetgit user UID
command: id -u wetgit
register: wetgit_uid_result
changed_when: false
check_mode: false
- name: Get wetgit user GID
command: id -g wetgit
register: wetgit_gid_result
changed_when: false
check_mode: false
- name: Store wetgit UID/GID as facts
set_fact:
wetgit_uid: "{{ wetgit_uid_result.stdout }}"
wetgit_gid: "{{ wetgit_gid_result.stdout }}"
# --- Directories ---
- name: Create WetGIT directories
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner }}"
group: "{{ item.group }}"
mode: "0755"
loop:
# Forgejo directories (owned by wetgit user)
- { path: "{{ app_dir }}/docker", owner: wetgit, group: wetgit }
- { path: "{{ forgejo_data_dir }}", owner: wetgit, group: wetgit }
- { path: "{{ forgejo_data_dir }}/gitea/conf", owner: wetgit, group: wetgit }
- { path: "{{ data_dir }}/redis", owner: wetgit, group: wetgit }
- { path: "{{ app_dir }}/scripts", owner: wetgit, group: wetgit }
- { path: "{{ app_dir }}/backups", owner: wetgit, group: wetgit }
- { path: "{{ app_dir }}/logs", owner: wetgit, group: wetgit }
- { path: "{{ app_dir }}/mirrors", owner: wetgit, group: wetgit }
# Application directories (owned by www-data for FastAPI/Celery)
- { path: "{{ app_dir }}", owner: root, group: root }
- { path: "{{ app_dir }}/backend", owner: www-data, group: www-data }
- { path: "{{ data_dir }}", owner: root, group: root }
- { path: "{{ data_dir }}/git-repos", owner: www-data, group: www-data }
# --- Forgejo config ---
- name: Deploy Forgejo app.ini (initial seed)
template:
src: app.ini.j2
dest: "{{ forgejo_data_dir }}/gitea/conf/app.ini"
owner: wetgit
group: wetgit
mode: "0644"
# Don't overwrite if Forgejo has already modified it
force: no
notify: restart forgejo
# --- Docker Compose ---
- name: Deploy Docker Compose stack
template:
src: docker-compose.yml.j2
dest: "{{ app_dir }}/docker/docker-compose.yml"
owner: wetgit
group: wetgit
mode: "0644"
notify: restart forgejo
- name: Start WetGIT Docker stack
community.docker.docker_compose_v2:
project_src: "{{ app_dir }}/docker"
state: present
# --- Backup script ---
- name: Deploy backup script
template:
src: backup.sh.j2
dest: "{{ app_dir }}/scripts/backup.sh"
owner: wetgit
group: wetgit
mode: "0755"
# --- Daily sync script ---
- name: Deploy daily sync script
template:
src: daily-sync.sh.j2
dest: "{{ app_dir }}/scripts/daily-sync.sh"
owner: wetgit
group: wetgit
mode: "0755"
# --- Mirror script ---
- name: Deploy Codeberg mirror script
template:
src: mirror-to-codeberg.sh.j2
dest: "{{ app_dir }}/scripts/mirror-to-codeberg.sh"
owner: wetgit
group: wetgit
mode: "0755"
- name: Deploy Codeberg token
copy:
content: "{{ codeberg_api_token }}"
dest: "{{ app_dir }}/.codeberg-token"
owner: wetgit
group: wetgit
mode: "0600"
when: codeberg_api_token is defined and codeberg_api_token | length > 0
# --- Cron jobs ---
- name: Configure daily sync cron (03:00)
cron:
name: "wetgit-daily-sync"
user: wetgit
hour: "3"
minute: "0"
job: "{{ app_dir }}/scripts/daily-sync.sh >> {{ app_dir }}/logs/sync.log 2>&1"
- name: Configure backup cron (weekly Sunday 02:00)
cron:
name: "wetgit-backup"
user: root
weekday: "0"
hour: "2"
minute: "0"
job: "{{ app_dir }}/scripts/backup.sh >> {{ app_dir }}/logs/backup.log 2>&1"
- name: Configure Codeberg mirror cron (daily 04:00)
cron:
name: "wetgit-codeberg-mirror"
user: wetgit
hour: "4"
minute: "0"
job: "{{ app_dir }}/scripts/mirror-to-codeberg.sh >> {{ app_dir }}/logs/mirror.log 2>&1"
when: codeberg_api_token is defined and codeberg_api_token | length > 0
- name: Configure log cleanup cron (monthly)
cron:
name: "wetgit-log-cleanup"
user: wetgit
day: "1"
hour: "5"
minute: "0"
job: "find {{ app_dir }}/logs -name '*.log' -mtime +30 -delete"
Reference in a new issue View git blame Copy permalink