Add gitea role

roles/gitea/templates/app.ini.j2

@@ -0,0 +1,14 @@
+# {{ ansible_managed }}
+
+{% for section, body in gitea_config | dictsort %}
+[{{ section }}]
+{% for k, v in body | dictsort %}
+{% if v is sameas true %}
+{{ k | upper }} = true
+{% elif v is sameas false %}
+{{ k | upper }} = false
+{% else %}
+{{ k | upper }} = {{ v }}
+{% endif %}
+{% endfor %}
+{% endfor %}

roles/gitea/templates/gitea.service.j2

@@ -0,0 +1,70 @@
+# {{ ansible_managed }}
+
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=syslog.target
+After=network.target
+###
+# Don't forget to add the database service requirements
+###
+#
+#Requires=mysql.service
+#Requires=mariadb.service
+#Requires=postgresql.service
+#Requires=memcached.service
+#Requires=redis.service
+#
+###
+# If using socket activation for main http/s
+###
+#
+#After=gitea.main.socket
+#Requires=gitea.main.socket
+#
+###
+# (You can also provide gitea an http fallback and/or ssh socket too)
+#
+# An example of /etc/systemd/system/gitea.main.socket
+###
+##
+## [Unit]
+## Description=Gitea Web Socket
+## PartOf=gitea.service
+##
+## [Socket]
+## Service=gitea.service
+## ListenStream=<some_port>
+## NoDelay=true
+##
+## [Install]
+## WantedBy=sockets.target
+##
+###
+
+[Service]
+# Modify these two values and uncomment them if you have
+# repos with lots of files and get an HTTP error 500 because
+# of that
+###
+#LimitMEMLOCK=infinity
+#LimitNOFILE=65535
+RestartSec=2s
+Type=simple
+User={{ gitea_user }}
+Group={{ gitea_group }}
+WorkingDirectory={{ gitea_var_path }}
+# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
+# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
+#RuntimeDirectory=gitea
+ExecStart={{ gitea_path }} web --config {{ gitea_config_path }}
+Restart=always
+Environment=USER={{ gitea_user }} HOME={{ gitea_home_path }} GITEA_WORK_DIR={{ gitea_var_path }}
+# If you want to bind Gitea to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Gitea its ports as above
+###
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+###
+
+[Install]
+WantedBy=multi-user.target

roles/gitea/templates/nginx.conf.j2

@@ -0,0 +1,42 @@
+server {
+    listen 80;
+{% if ansible_all_ipv6_addresses | length %}
+    listen [::]:80;
+{% endif %}
+    server_name {{ gitea_domain }};
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/.acme-challenge;
+        try_files $uri =404;
+    }
+
+{% if gitea_ssl_enabled %}
+    location / {
+        return 301 https://$server_name$request_uri;
+    }
+{% endif %}
+}
+
+{% if gitea_ssl_enabled %}
+server {
+    listen 443 ssl;
+{% if ansible_all_ipv6_addresses | length %}
+    listen [::]:443 ssl;
+{% endif %}
+    server_name {{ gitea_domain }};
+
+{% if gitea_ssl_certificate is defined %}
+    ssl_certificate {{ gitea_ssl_certificate }};
+{% endif %}
+{% if gitea_ssl_certificate_key is defined %}
+    ssl_certificate_key {{ gitea_ssl_certificate_key }};
+{% endif %}
+{% if gitea_ssl_dhparam is defined %}
+    ssl_dhparam {{ gitea_ssl_dhparam }};
+{% endif %}
+
+    location / {
+        proxy_pass http://localhost:{{ gitea_port }};
+    }
+}
+{% endif %}