22504b886b
- Deployed PostgreSQL 18.4 + Gitea 1.22.6 via Docker Compose - Configured Nginx reverse proxy with Let's Encrypt SSL - Created Ansible playbooks for full automation (site.yml) - Database credentials in AWS Secrets Manager - Production deployment at https://gitea.poll-streams.com
65 lines
1.7 KiB
YAML
65 lines
1.7 KiB
YAML
---
|
|
- name: Deploy Gitea application
|
|
hosts: gitea
|
|
become: true
|
|
vars:
|
|
secret_name: "qvest-task-db-credentials"
|
|
aws_region: "eu-central-1"
|
|
|
|
tasks:
|
|
- name: Create application directory
|
|
ansible.builtin.file:
|
|
path: /opt/gitea
|
|
state: directory
|
|
owner: ubuntu
|
|
group: ubuntu
|
|
mode: "0755"
|
|
|
|
- name: Copy docker-compose.yml
|
|
ansible.builtin.copy:
|
|
src: ../docker/docker-compose.yml
|
|
dest: /opt/gitea/docker-compose.yml
|
|
owner: ubuntu
|
|
group: ubuntu
|
|
mode: "0644"
|
|
|
|
- name: Fetch database credentials from Secrets Manager
|
|
ansible.builtin.shell: |
|
|
aws secretsmanager get-secret-value \
|
|
--secret-id "{{ secret_name }}" \
|
|
--region "{{ aws_region }}" \
|
|
--query SecretString \
|
|
--output text
|
|
register: db_secret
|
|
changed_when: false
|
|
|
|
- name: Parse database credentials
|
|
ansible.builtin.set_fact:
|
|
db_creds: "{{ db_secret.stdout | from_json }}"
|
|
|
|
- name: Create .env file
|
|
ansible.builtin.copy:
|
|
content: |
|
|
DB_USER={{ db_creds.username }}
|
|
DB_PASSWORD={{ db_creds.password }}
|
|
DB_NAME={{ db_creds.database }}
|
|
dest: /opt/gitea/.env
|
|
owner: ubuntu
|
|
group: ubuntu
|
|
mode: "0600"
|
|
|
|
- name: Start Docker Compose services
|
|
community.docker.docker_compose_v2:
|
|
project_src: /opt/gitea
|
|
state: present
|
|
become_user: ubuntu
|
|
|
|
- name: Wait for Gitea to be ready
|
|
ansible.builtin.uri:
|
|
url: http://localhost:3000
|
|
status_code: 200
|
|
register: result
|
|
until: result.status == 200
|
|
retries: 30
|
|
delay: 10
|