feat: add Gitea service deployment and configuration

config/ansible/tasks/servers/server.yml

@@ -26,6 +26,7 @@
         hoarder_enabled: true
         golink_enabled: true
         immich_enabled: true
+        gitea_enabled: true
       when:
         - ansible_hostname == "mennos-server" or ansible_hostname == "dotfiles-test" or ansible_hostname == "mennos-cloud-server"
         - datapool_check is defined

config/ansible/tasks/servers/services/caddy/Caddyfile.j2

@@ -7,3 +7,8 @@ hoarder.mvl.sh {
     reverse_proxy hoarder:3000
     tls {{ caddy_email }}
 }
+
+git.vleeuwen.me git.mvl.sh {
+    reverse_proxy gitea:3030
+    tls {{ caddy_email }}
+}

config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2

@@ -0,0 +1,53 @@
+services:  
+  gitea:
+    image: gitea/gitea:latest
+    restart: always
+    environment:
+      - PUID=1000
+      - PGID=100
+    volumes:
+      - {{gitea_data_dir}}/gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3030:3000"
+      - "22:22"
+    networks:
+      - gitea
+      - caddy_network
+
+  postgres:
+    image: postgres:15-alpine
+    restart: always
+    environment:
+      - PUID=1000
+      - PGID=100
+      - POSTGRES_USER=gitea
+      - POSTGRES_PASSWORD={{ lookup('community.general.onepassword', '4gnclyzztfgqq7yxa3ctxs6tey', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='POSTGRES_PASSWORD') }}
+      - POSTGRES_DB=gitea
+    volumes:
+      - {{gitea_data_dir}}/postgres:/var/lib/postgresql/data
+    networks:
+      - gitea
+    
+  act_runner:
+    image: gitea/act_runner:latest
+    volumes:
+      - ./act-runner-config.yaml:/config.yaml
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - PUID=1000
+      - PGID=100
+      - GITEA_INSTANCE_URL=https://git.mvl.sh
+      - GITEA_RUNNER_REGISTRATION_TOKEN={{ lookup('community.general.onepassword', '4gnclyzztfgqq7yxa3ctxs6tey', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='GITEA_RUNNER_REGISTRATION_TOKEN') }}
+      - GITEA_RUNNER_NAME=act-worker
+      - CONFIG_FILE=/config.yaml
+    restart: always
+    networks:
+      - gitea
+
+networks:
+  gitea:
+  caddy_network:
+    external: true
+    name: caddy_default

config/ansible/tasks/servers/services/gitea/gitea.yml

@@ -0,0 +1,30 @@
+- name: Deploy Gitea service
+  block:
+    - name: Set Gitea directories
+      ansible.builtin.set_fact:
+        gitea_data_dir: "/mnt/services/gitea"
+        gitea_service_dir: "{{ ansible_env.HOME }}/services/gitea"
+
+    - name: Create Gitea directories
+      ansible.builtin.file:
+        path: "{{ item }}"
+        state: directory
+        mode: "0755"
+      loop:
+        - "{{ gitea_data_dir }}"
+        - "{{ gitea_service_dir }}"
+
+    - name: Deploy Gitea docker-compose.yml
+      ansible.builtin.template:
+        src: docker-compose.yml.j2
+        dest: "{{ gitea_service_dir }}/docker-compose.yml"
+        mode: "0644"
+      register: gitea_compose
+
+    - name: Stop Gitea service
+      ansible.builtin.command: docker compose -f "{{ gitea_service_dir }}/docker-compose.yml" down --remove-orphans
+      when: gitea_compose.changed
+
+    - name: Start Gitea service
+      ansible.builtin.command: docker compose -f "{{ gitea_service_dir }}/docker-compose.yml" up -d
+      when: gitea_compose.changed

config/ansible/tasks/servers/services/services.yml

@@ -10,3 +10,6 @@
 - name: Include immich tasks
   ansible.builtin.include_tasks: immich/immich.yml
   when: immich_enabled|bool
+- name: Include gitea tasks
+  ansible.builtin.include_tasks: gitea/gitea.yml
+  when: gitea_enabled|bool