From ad30e792d5d3c8e48248bf8e72ba970f71e62fc6 Mon Sep 17 00:00:00 2001
From: Kacper Donat <kadet1090@gmail.com>
Date: Fri, 12 Mar 2021 22:33:50 +0100
Subject: [PATCH] Add gitea service config

---
 services/gitea/bin/gitea-ssh-forward |  2 ++
 services/gitea/stack.yml             | 44 ++++++++++++++++++++++++++++
 services/gitea/tasks/setup.yml       | 34 +++++++++++++++++++++
 services/gitea/vars/main.yml         |  2 ++
 services/helloworld/stack.yml        | 13 --------
 services/helloworld/vars/main.yml    |  2 --
 services/traefik/config/traefik.yaml | 15 +++++-----
 services/traefik/stack.yml           |  4 +--
 vars/services.yml                    |  2 ++
 9 files changed, 94 insertions(+), 24 deletions(-)
 create mode 100755 services/gitea/bin/gitea-ssh-forward
 create mode 100644 services/gitea/stack.yml
 create mode 100644 services/gitea/tasks/setup.yml
 create mode 100644 services/gitea/vars/main.yml
 delete mode 100644 services/helloworld/stack.yml
 delete mode 100644 services/helloworld/vars/main.yml

diff --git a/services/gitea/bin/gitea-ssh-forward b/services/gitea/bin/gitea-ssh-forward
new file mode 100755
index 0000000..862a073
--- /dev/null
+++ b/services/gitea/bin/gitea-ssh-forward
@@ -0,0 +1,2 @@
+#!/bin/sh
+ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
diff --git a/services/gitea/stack.yml b/services/gitea/stack.yml
new file mode 100644
index 0000000..af7ce41
--- /dev/null
+++ b/services/gitea/stack.yml
@@ -0,0 +1,44 @@
+version: "{{ compose_version }}"
+
+volumes:
+  db_data: ~
+
+services:
+  server:
+    image: gitea/gitea:1.13.4
+    environment:
+      - USER_UID={{ git_user.uid }}
+      - USER_GID={{ git_user.group }}
+      - ROOT_URL=http://git.kadet.local/
+      - DB_TYPE=mysql
+      - DB_HOST=db:3306
+      - DB_NAME=gitea
+      - DB_USER=gitea
+      - DB_PASSWD=gitea
+    ports:
+      - 127.0.0.1:2222:22
+    networks: 
+      - "{{ ingress_network }}"
+      - default
+    depends_on: ['db']
+    volumes:
+      - "{{ repositories_path }}:/data"
+      - "{{ git_user.home }}/.ssh:/data/git/.ssh"
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.{{ service }}.rule=Host(`git.kadet.local`)
+        - traefik.http.services.{{ service }}.loadbalancer.server.port=3000
+
+  db:
+     image: mysql:5.7
+     restart: always
+     environment:
+       - MYSQL_ROOT_PASSWORD=gitea
+       - MYSQL_USER=gitea
+       - MYSQL_PASSWORD=gitea
+       - MYSQL_DATABASE=gitea
+     volumes:
+       - db_data:/var/lib/mysql
diff --git a/services/gitea/tasks/setup.yml b/services/gitea/tasks/setup.yml
new file mode 100644
index 0000000..6202c85
--- /dev/null
+++ b/services/gitea/tasks/setup.yml
@@ -0,0 +1,34 @@
+---
+- name: 'Ensure repositories directory exists'
+  file:
+    path: "{{ repositories_path }}"
+    state: directory
+    owner: "{{ ansible_user }}"
+
+- name: 'Create git user for ssh access'
+  user:
+    name: git
+    shell: /bin/bash
+    system: yes
+    password: '!'
+    state: present
+    generate_ssh_key: yes
+  register: git_user
+
+- name: 'Add host key for gitea SSH passthrough'
+  ansible.posix.authorized_key:
+    user: "{{ git_user.name }}"
+    key: "{{ git_user.ssh_public_key }}"
+    state: present
+    manage_dir: False
+
+- name: 'Ensure /app/gitea exists'
+  file:
+    path: "/app/gitea"
+    state: directory
+
+- name: 'Copy gitea-ssh-forward script to remote'
+  copy:
+    src: "{{ service_path }}/bin/gitea-ssh-forward"
+    dest: "/app/gitea/gitea"
+
diff --git a/services/gitea/vars/main.yml b/services/gitea/vars/main.yml
new file mode 100644
index 0000000..a7b7ada
--- /dev/null
+++ b/services/gitea/vars/main.yml
@@ -0,0 +1,2 @@
+---
+repositories_path: /var/repositories
diff --git a/services/helloworld/stack.yml b/services/helloworld/stack.yml
deleted file mode 100644
index 6edbdde..0000000
--- a/services/helloworld/stack.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-version: "{{ compose_version }}"
-
-services:
-  rest:
-    image: thomaspoignant/hello-world-rest-json
-    deploy:
-      labels:
-        - traefik.enable=true
-        - traefik.http.routers.{{ service }}.rule=Host(`kadet.local`) && PathPrefix(`/hello/`)
-        - traefik.http.routers.{{ service }}.middlewares={{ service }}-strip
-        - traefik.http.services.{{ service }}.loadbalancer.server.port=8080
-        - traefik.http.middlewares.{{ service }}-strip.stripprefix.prefixes=/hello/
-    networks: ['traefik']
diff --git a/services/helloworld/vars/main.yml b/services/helloworld/vars/main.yml
deleted file mode 100644
index 2e00210..0000000
--- a/services/helloworld/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-service_port: 80
diff --git a/services/traefik/config/traefik.yaml b/services/traefik/config/traefik.yaml
index afd4031..e373123 100644
--- a/services/traefik/config/traefik.yaml
+++ b/services/traefik/config/traefik.yaml
@@ -37,13 +37,13 @@ entryPoints:
 #
 # Optional
 #
-#log:
+log:
   # Log level
   #
   # Optional
   # Default: "ERROR"
   #
-#  level: DEBUG
+ level: DEBUG
 
   # Sets the filepath for the traefik log. If not specified, stdout will be used.
   # Intermediate directories are created if necessary.
@@ -51,14 +51,14 @@ entryPoints:
   # Optional
   # Default: os.Stdout
   #
-#  filePath: log/traefik.log
+ filePath: os.Stdout
 
   # Format is either "json" or "common".
   #
   # Optional
   # Default: "common"
   #
-#  format: json
+ format: common
 
 ################################################################
 # Access logs configuration
@@ -70,21 +70,21 @@ entryPoints:
 #
 # Optional
 #
-#accessLog:
+accessLog:
   # Sets the file path for the access log. If not specified, stdout will be used.
   # Intermediate directories are created if necessary.
   #
   # Optional
   # Default: os.Stdout
   #
-#  filePath: /path/to/log/log.txt
+ filePath: os.Stdout
 
   # Format is either "json" or "common".
   #
   # Optional
   # Default: "common"
   #
-#  format: json
+ format: common
 
 ################################################################
 # API and dashboard configuration
@@ -134,3 +134,4 @@ providers:
     endpoint: "unix:///var/run/docker.sock"
     swarmMode: true
     exposedByDefault: false
+    network: "traefik"
diff --git a/services/traefik/stack.yml b/services/traefik/stack.yml
index bbfcaf7..6305b71 100644
--- a/services/traefik/stack.yml
+++ b/services/traefik/stack.yml
@@ -1,7 +1,7 @@
 version: "{{ compose_version }}"
 
 services:
-  traefik:
+  ingress:
     image: traefik:v2.4
     ports:
       - 80:80
@@ -14,4 +14,4 @@ services:
       placement:
         constraints:
           - node.role == manager
-    networks: ['traefik']
+    networks: ['{{ ingress_network }}']
diff --git a/vars/services.yml b/vars/services.yml
index 0b663d0..f646c0b 100644
--- a/vars/services.yml
+++ b/vars/services.yml
@@ -8,3 +8,5 @@ remote_services_root: /var/services
 remote_service_path: "{{ remote_services_root }}/{{ service }}"
 
 compose_version: "3.7"
+
+ingress_network: traefik