diff --git a/ansible/main.yml b/ansible/main.yml index fa7b8b3..fbb05c6 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -17,8 +17,8 @@ - ntfy - nextcloud - tautulli - - gitea + - name: gitea + tags: test - unifi-controller - beets - - name: navidrome - tags: test + - navidrome diff --git a/ansible/roles/gitea/tasks/main.yml b/ansible/roles/gitea/tasks/main.yml index 191068f..79d9a66 100644 --- a/ansible/roles/gitea/tasks/main.yml +++ b/ansible/roles/gitea/tasks/main.yml @@ -3,7 +3,7 @@ name: git password_lock: yes generate_ssh_key: yes - ssh_key_type: ed25519 + ssh_key_type: rsa ssh_key_comment: Gitea Host Key register: service_user become: true @@ -14,13 +14,19 @@ key: "{{ service_user.ssh_public_key }}" become: true +- name: Set authorized_key file permissions + file: + path: "/home/{{ service_user.name }}/.ssh/authorized_keys" + mode: 0600 + become: true + - name: Install SSH shim script copy: src: ssh_shim.sh dest: /usr/local/bin/gitea owner: "{{ service_user.uid }}" group: "{{ service_user.group }}" - mode: 711 + mode: 0711 become: true - name: Create install directory diff --git a/ansible/roles/gitea/templates/docker-compose.yml b/ansible/roles/gitea/templates/docker-compose.yml index 2287d1c..47f3dd9 100644 --- a/ansible/roles/gitea/templates/docker-compose.yml +++ b/ansible/roles/gitea/templates/docker-compose.yml @@ -17,7 +17,7 @@ services: - traefik - default ports: - - "127.0.0.1:2222:2222" + - "127.0.0.1:2222:22" environment: - "USER_UID={{ service_user.uid }}" - "USER_GID={{ service_user.group }}" @@ -31,6 +31,7 @@ services: - GITEA__server__SSH_LISTEN_PORT=2222 - "GITEA__server__DOMAIN=git.{{ personal_domain }}" - "GITEA__server__ROOT_URL=https://git.{{ personal_domain }}" + - GITEA__server__LANDING_PAGE=explore volumes: - "{{ data_dir }}/gitea:/data" - /etc/localtime:/etc/localtime:ro