forgejo/tasks/main.yml

---
- name: Set OS dependent variables
  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
  vars:
    params:
      files:
        - "{{ ansible_distribution | lower }}_{{ ansible_distribution_version | lower }}.yml"
        - "{{ ansible_distribution | lower }}_{{ ansible_distribution_major_version | lower }}.yml"
        - "{{ ansible_distribution | lower }}.yml"
        - "{{ ansible_os_family | lower }}.yml"
        - "{{ ansible_system | lower }}.yml"
      paths:
        - '{{ role_path }}/vars'
  ignore_errors: True

- name: OS is supported
  ansible.builtin.assert:
    that: __os_supported
    quiet: True
  vars:
    __os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) | bool }}"


- name: Install required packages
  apt:
    pkg: 
      - git
      - sudo
    state: latest

- name: Create git group
  group:
    name: git
    state: present

- name: Create git user
  user:
    name: git
    group: git
    system: yes
    comment: "Git Version Control"
    shell: "/bin/bash"
    home: /home/git
    password_lock: yes

- name: Check whether desired forgejo version has already been downloaded
  stat:
    path: "/tmp/forgejo-{{ forgejo_version }}"
  register: forgejo_binary_dl

# - name: Download desired forgejo version to temporary directory
#   get_url:
#      url: "TODO"
#      dest: "/tmp/forgejo-{{ forgejo_version }}"
#   when: forgejo_version is defined and not forgejo_binary_dl.stat.exists

- name: Copy forgejo binary to /usr/local/bin after successful download
  copy:
    remote_src: yes
    src: "/tmp/forgejo-{{ forgejo_version }}"
    dest: "/usr/local/bin/forgejo"
    mode: 0755
    owner: git
    group: git

- name: Create config directory
  file:
    path: "/etc/forgejo"
    owner: root
    group: git
    state: directory
    mode: 0770

- name: Create /var/lib directories
  file:
    path: "{{ item }}"
    owner: git
    group: git
    state: directory
    mode: 0750
  loop:
    - /var/lib/forgejo
    - /var/lib/forgejo/custom
    - /var/lib/forgejo/data
    - /var/lib/forgejo/indexers
    - /var/lib/forgejo/public
    - /var/lib/forgejo/log

- name: Check whether forgejo has previously been installed
  stat:
    path: "/etc/forgejo/app.ini"
  register: forgejo_config_file

- name: If app.ini exists, update it using the template
  template:
    src: app.ini.j2
    dest: /etc/forgejo/app.ini
  when: forgejo_config_file.stat.exists

- name: Explicitly enable port 22 for sshd
  copy:
    dest: /etc/ssh/sshd_config.d/default.conf
    content: "Port 22"

- name: Set forgejo's sshd config
  template:
    src: forgejo_sshd.conf.j2
    dest: /etc/ssh/sshd_config.d/forgejo.conf

- name: Restart sshd
  service:
    name: sshd
    state: restarted
    daemon_reload: yes

- name: Set systemd service file
  template:
    src: forgejo.service.j2
    dest: /etc/systemd/system/forgejo.service

- name: Enable and start forgejo service
  service:
    name: forgejo
    state: restarted
    enabled: yes
    daemon_reload: yes
Migration from gitea role 2023-01-09 12:24:57 +01:00			`---`
			`- name: Set OS dependent variables`
			`ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"`
			`vars:`
			`params:`
			`files:`
			`- "{{ ansible_distribution \| lower }}_{{ ansible_distribution_version \| lower }}.yml"`
			`- "{{ ansible_distribution \| lower }}_{{ ansible_distribution_major_version \| lower }}.yml"`
			`- "{{ ansible_distribution \| lower }}.yml"`
			`- "{{ ansible_os_family \| lower }}.yml"`
			`- "{{ ansible_system \| lower }}.yml"`
			`paths:`
			`- '{{ role_path }}/vars'`
			`ignore_errors: True`

			`- name: OS is supported`
			`ansible.builtin.assert:`
			`that: __os_supported`
			`quiet: True`
			`vars:`
			`__os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) \| bool }}"`


			`- name: Install required packages`
			`apt:`
			`pkg:`
			`- git`
			`- sudo`
			`state: latest`

			`- name: Create git group`
			`group:`
			`name: git`
			`state: present`

			`- name: Create git user`
			`user:`
			`name: git`
			`group: git`
			`system: yes`
			`comment: "Git Version Control"`
			`shell: "/bin/bash"`
			`home: /home/git`
			`password_lock: yes`

			`- name: Check whether desired forgejo version has already been downloaded`
			`stat:`
			`path: "/tmp/forgejo-{{ forgejo_version }}"`
			`register: forgejo_binary_dl`

			`# - name: Download desired forgejo version to temporary directory`
			`# get_url:`
			`# url: "TODO"`
			`# dest: "/tmp/forgejo-{{ forgejo_version }}"`
			`# when: forgejo_version is defined and not forgejo_binary_dl.stat.exists`

			`- name: Copy forgejo binary to /usr/local/bin after successful download`
			`copy:`
			`remote_src: yes`
			`src: "/tmp/forgejo-{{ forgejo_version }}"`
			`dest: "/usr/local/bin/forgejo"`
			`mode: 0755`
			`owner: git`
			`group: git`

			`- name: Create config directory`
			`file:`
			`path: "/etc/forgejo"`
			`owner: root`
			`group: git`
			`state: directory`
			`mode: 0770`

			`- name: Create /var/lib directories`
			`file:`
			`path: "{{ item }}"`
			`owner: git`
			`group: git`
			`state: directory`
			`mode: 0750`
			`loop:`
			`- /var/lib/forgejo`
			`- /var/lib/forgejo/custom`
			`- /var/lib/forgejo/data`
			`- /var/lib/forgejo/indexers`
			`- /var/lib/forgejo/public`
			`- /var/lib/forgejo/log`

			`- name: Check whether forgejo has previously been installed`
			`stat:`
			`path: "/etc/forgejo/app.ini"`
			`register: forgejo_config_file`

			`- name: If app.ini exists, update it using the template`
			`template:`
			`src: app.ini.j2`
			`dest: /etc/forgejo/app.ini`
			`when: forgejo_config_file.stat.exists`

			`- name: Explicitly enable port 22 for sshd`
			`copy:`
			`dest: /etc/ssh/sshd_config.d/default.conf`
			`content: "Port 22"`

			`- name: Set forgejo's sshd config`
			`template:`
			`src: forgejo_sshd.conf.j2`
			`dest: /etc/ssh/sshd_config.d/forgejo.conf`

			`- name: Restart sshd`
			`service:`
			`name: sshd`
			`state: restarted`
			`daemon_reload: yes`

			`- name: Set systemd service file`
			`template:`
			`src: forgejo.service.j2`
			`dest: /etc/systemd/system/forgejo.service`

			`- name: Enable and start forgejo service`
			`service:`
			`name: forgejo`
			`state: restarted`
			`enabled: yes`
			`daemon_reload: yes`