Add Gitea Actions runner, ansible-lint CI, vault setup, and fix group_vars layout
- Move group_vars into inventory/ so playbooks can find them (was only visible to ad-hoc commands via CWD) - Add Ansible Vault for sensitive variables (gitea/grafana passwords, tokens, db credentials) with vault_password_file outside the repo - Enable Gitea Actions and deploy act_runner with Docker backend on the gitea VM - Add .gitea/workflows/lint.yml to run ansible-lint on every push - Set up Gitea → GitHub push mirror (sync_on_commit) - Fix ansible.cfg stdout_callback for ansible-core 2.20 compatibility - Add python-psycopg2 to gitea role (required for postgresql modules) - Add docker to gitea_runner role (required by act_runner at startup) - Exclude password hashes and VM images from git Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -3,10 +3,10 @@ gitea_http_port: 3000
|
||||
gitea_domain: "{{ ansible_host }}"
|
||||
gitea_db_name: gitea
|
||||
gitea_db_user: gitea
|
||||
gitea_db_password: gitea
|
||||
gitea_secret_key: "REDACTED_SECRET_KEY"
|
||||
gitea_internal_token: "REDACTED_INTERNAL_TOKEN"
|
||||
gitea_db_password: "{{ vault_gitea_db_password }}"
|
||||
gitea_secret_key: "{{ vault_gitea_secret_key }}"
|
||||
gitea_internal_token: "{{ vault_gitea_internal_token }}"
|
||||
|
||||
gitea_admin_user: adyrem
|
||||
gitea_admin_password: "" # set in vault or at runtime
|
||||
gitea_admin_email: "" # set in group_vars or vault
|
||||
gitea_admin_password: "{{ vault_gitea_admin_password }}"
|
||||
gitea_admin_email: "{{ vault_gitea_admin_email }}"
|
||||
|
||||
Reference in New Issue
Block a user