forgejo work in progress

ansible/services/forgejo/deploy_forgejo_playbook.yml

@@ -0,0 +1,94 @@
+- name: Install Forgejo on Debian 12 with Caddy reverse proxy
+  hosts: vipy
+  become: yes
+  vars:
+    forgejo_domain: "{{ forgejo_subdomain }}.{{ root_domain }}"
+
+  tasks:
+    - name: Ensure required packages are installed
+      apt:
+        name:
+          - git
+          - git-lfs
+          - wget
+        state: present
+        update_cache: true
+
+    - name: Download Forgejo binary
+      get_url:
+        url: "{{ forgejo_url }}"
+        dest: "/tmp/forgejo"
+        mode: '0755'
+
+    - name: Move Forgejo binary to /usr/local/bin
+      copy:
+        src: "/tmp/forgejo"
+        dest: "{{ forgejo_bin_path }}"
+        remote_src: yes
+        mode: '0755'
+
+    - name: Create git system user
+      user:
+        name: "{{ forgejo_user }}"
+        system: yes
+        shell: /bin/bash
+        home: "/home/{{ forgejo_user }}"
+        create_home: yes
+        comment: 'Git Version Control'
+
+    - name: Create Forgejo data directory
+      file:
+        path: "{{ forgejo_data_dir }}"
+        state: directory
+        owner: "{{ forgejo_user }}"
+        group: "{{ forgejo_user }}"
+        mode: '0750'
+
+    - name: Create Forgejo config directory
+      file:
+        path: "{{ forgejo_config_dir }}"
+        state: directory
+        owner: "root"
+        group: "{{ forgejo_user }}"
+        mode: '0770'
+
+    - name: Download Forgejo systemd service file
+      get_url:
+        url: "{{ forgejo_service_url }}"
+        dest: "/etc/systemd/system/forgejo.service"
+        mode: '0644'
+
+    - name: Reload systemd
+      systemd:
+        daemon_reload: yes
+
+    - name: Enable and start Forgejo service
+      systemd:
+        name: forgejo
+        enabled: yes
+        state: started
+
+    - name: Add Caddy reverse proxy config for Forgejo
+      copy:
+        dest: "{{ caddy_config_path }}"
+        mode: '0644'
+        content: |
+          {{ caddy_site_domain }} {
+              reverse_proxy localhost:3000
+          }
+
+    - name: Create Caddy reverse proxy configuration for uptime kuma
+      copy:
+        dest: "{{ caddy_sites_dir }}/forgejo.conf"
+        content: |
+          {{ uptime_kuma_domain }} {
+              reverse_proxy localhost:{{ uptime_kuma_port }}
+          }
+        owner: root
+        group: root
+        mode: '0644'
+
+    - name: Reload Caddy to apply new config
+      service:
+        name: caddy
+        state: reloaded

ansible/services/forgejo/forgejo_vars.yml

@@ -0,0 +1,23 @@
+# General
+forgejo_data_dir: "/var/lib/forgejo"
+forgejo_config_dir: "/etc/forgejo"
+forgejo_port: 7657
+forgejo_service_url: "https://codeberg.org/forgejo/forgejo/raw/branch/forgejo/contrib/systemd/forgejo.service"
+forgejo_version: "11.0.2"
+forgejo_arch: "linux-amd64"
+forgejo_url: "https://codeberg.org/forgejo/forgejo/releases/download/v{{ forgejo_version }}/forgejo-{{ forgejo_version }}-{{ forgejo_arch }}"
+forgejo_bin_path: "/usr/local/bin/forgejo"
+forgejo_user: "git"
+
+# Caddy
+caddy_sites_dir: /etc/caddy/sites-enabled
+forgejo_subdomain: forgejo
+
+# Remote access
+remote_host: "{{ groups['vipy'][0] }}"
+remote_user: "{{ hostvars[remote_host]['ansible_user'] }}"
+remote_key_file: "{{ hostvars[remote_host]['ansible_ssh_private_key_file'] | default('') }}"
+
+# Local backup
+local_backup_dir: "{{ lookup('env', 'HOME') }}/forgejo-backups"
+backup_script_path: "{{ lookup('env', 'HOME') }}/.local/bin/forgejo_backup.sh"