From 59ad23a45d7ec29dafbcfb2b56e1f5ca03914fa9 Mon Sep 17 00:00:00 2001
From: "Philip (a-0)" <@ph:a-0.me>
Date: Mon, 9 Jan 2023 12:24:57 +0100
Subject: [PATCH] Migration from gitea role

---
 defaults/main.yml              |   6 ++
 handlers/main.yml              |   1 +
 meta/main.yml                  |   2 +
 tasks/main.yml                 | 126 +++++++++++++++++++++++++++++++++
 templates/app.ini.j2           |  67 ++++++++++++++++++
 templates/forgejo.service.j2   |  17 +++++
 templates/forgejo_sshd.conf.j2 |   2 +
 vars/debian.yml                |   2 +
 8 files changed, 223 insertions(+)
 create mode 100644 defaults/main.yml
 create mode 100644 handlers/main.yml
 create mode 100644 meta/main.yml
 create mode 100644 tasks/main.yml
 create mode 100644 templates/app.ini.j2
 create mode 100644 templates/forgejo.service.j2
 create mode 100644 templates/forgejo_sshd.conf.j2
 create mode 100644 vars/debian.yml

diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..f47a962
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+forgejo_os_supported: False
+
+forgejo_ssh_port: 2222
+forgejo_repositories_path: /home/git/repos
+forgejo_lfs_path: /home/git/lfs
\ No newline at end of file
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..ed97d53
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1 @@
+---
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..2002130
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,2 @@
+---
+galaxy_info:
\ No newline at end of file
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..46bb43e
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,126 @@
+---
+- name: Set OS dependent variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution | lower }}_{{ ansible_distribution_version | lower }}.yml"
+        - "{{ ansible_distribution | lower }}_{{ ansible_distribution_major_version | lower }}.yml"
+        - "{{ ansible_distribution | lower }}.yml"
+        - "{{ ansible_os_family | lower }}.yml"
+        - "{{ ansible_system | lower }}.yml"
+      paths:
+        - '{{ role_path }}/vars'
+  ignore_errors: True
+
+- name: OS is supported
+  ansible.builtin.assert:
+    that: __os_supported
+    quiet: True
+  vars:
+    __os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) | bool }}"
+
+
+- name: Install required packages
+  apt:
+    pkg: 
+      - git
+      - sudo
+    state: latest
+
+- name: Create git group
+  group:
+    name: git
+    state: present
+
+- name: Create git user
+  user:
+    name: git
+    group: git
+    system: yes
+    comment: "Git Version Control"
+    shell: "/bin/bash"
+    home: /home/git
+    password_lock: yes
+
+- name: Check whether desired forgejo version has already been downloaded
+  stat:
+    path: "/tmp/forgejo-{{ forgejo_version }}"
+  register: forgejo_binary_dl
+
+# - name: Download desired forgejo version to temporary directory
+#   get_url:
+#      url: "TODO"
+#      dest: "/tmp/forgejo-{{ forgejo_version }}"
+#   when: forgejo_version is defined and not forgejo_binary_dl.stat.exists
+
+- name: Copy forgejo binary to /usr/local/bin after successful download
+  copy:
+    remote_src: yes
+    src: "/tmp/forgejo-{{ forgejo_version }}"
+    dest: "/usr/local/bin/forgejo"
+    mode: 0755
+    owner: git
+    group: git
+
+- name: Create config directory
+  file:
+    path: "/etc/forgejo"
+    owner: root
+    group: git
+    state: directory
+    mode: 0770
+
+- name: Create /var/lib directories
+  file:
+    path: "{{ item }}"
+    owner: git
+    group: git
+    state: directory
+    mode: 0750
+  loop:
+    - /var/lib/forgejo
+    - /var/lib/forgejo/custom
+    - /var/lib/forgejo/data
+    - /var/lib/forgejo/indexers
+    - /var/lib/forgejo/public
+    - /var/lib/forgejo/log
+
+- name: Check whether forgejo has previously been installed
+  stat:
+    path: "/etc/forgejo/app.ini"
+  register: forgejo_config_file
+
+- name: If app.ini exists, update it using the template
+  template:
+    src: app.ini.j2
+    dest: /etc/forgejo/app.ini
+  when: forgejo_config_file.stat.exists
+
+- name: Explicitly enable port 22 for sshd
+  copy:
+    dest: /etc/ssh/sshd_config.d/default.conf
+    content: "Port 22"
+
+- name: Set forgejo's sshd config
+  template:
+    src: forgejo_sshd.conf.j2
+    dest: /etc/ssh/sshd_config.d/forgejo.conf
+
+- name: Restart sshd
+  service:
+    name: sshd
+    state: restarted
+    daemon_reload: yes
+
+- name: Set systemd service file
+  template:
+    src: forgejo.service.j2
+    dest: /etc/systemd/system/forgejo.service
+
+- name: Enable and start forgejo service
+  service:
+    name: forgejo
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
\ No newline at end of file
diff --git a/templates/app.ini.j2 b/templates/app.ini.j2
new file mode 100644
index 0000000..abd8f9b
--- /dev/null
+++ b/templates/app.ini.j2
@@ -0,0 +1,67 @@
+APP_NAME = Forgejo
+RUN_USER = git
+RUN_MODE = prod
+
+[security]
+INTERNAL_TOKEN     = {{ forgejo_internal_token }}
+INSTALL_LOCK       = true
+SECRET_KEY         = {{ forgejo_secret_key }}
+PASSWORD_HASH_ALGO = pbkdf2
+
+[database]
+DB_TYPE  = postgres
+HOST     = {{ forgejo_db_host }}
+NAME     = gitea
+USER     = gitea
+PASSWD   = {{ forgejo_db_password }}
+SCHEMA   =
+SSL_MODE = disable
+CHARSET  = utf8
+LOG_SQL  = false
+
+[repository]
+ROOT = {{ forgejo_repositories_path }}
+
+[server]
+SSH_DOMAIN       = {{ forgejo_ssh_domain }}
+DOMAIN           = {{ forgejo_domain }}
+HTTP_PORT        = 3000
+ROOT_URL         = https://{{ forgejo_domain }}/
+DISABLE_SSH      = false
+SSH_PORT         = {{ forgejo_ssh_port }}
+LFS_START_SERVER = true
+LFS_CONTENT_PATH = {{ forgejo_lfs_path }}
+LFS_JWT_SECRET   = {{ forgejo_lfs_jwt_secret }}
+OFFLINE_MODE     = false
+
+[mailer]
+ENABLED = false
+
+[service]
+REGISTER_EMAIL_CONFIRM            = false
+ENABLE_NOTIFY_MAIL                = false
+DISABLE_REGISTRATION              = true
+ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
+ENABLE_CAPTCHA                    = false
+REQUIRE_SIGNIN_VIEW               = false
+DEFAULT_KEEP_EMAIL_PRIVATE        = false
+DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+DEFAULT_ENABLE_TIMETRACKING       = true
+NO_REPLY_ADDRESS                  = noreply.localhost
+
+[picture]
+DISABLE_GRAVATAR        = true
+ENABLE_FEDERATED_AVATAR = true
+
+[openid]
+ENABLE_OPENID_SIGNIN = false
+ENABLE_OPENID_SIGNUP = false
+
+[session]
+PROVIDER = file
+
+[log]
+MODE      = console
+LEVEL     = info
+ROOT_PATH = /var/lib/forgejo/log
+ROUTER    = console
\ No newline at end of file
diff --git a/templates/forgejo.service.j2 b/templates/forgejo.service.j2
new file mode 100644
index 0000000..b6fce40
--- /dev/null
+++ b/templates/forgejo.service.j2
@@ -0,0 +1,17 @@
+[Unit]
+Description=Forgejo
+After=syslog.target
+After=network.target
+
+[Service]
+RestartSec=2s
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/forgejo/
+ExecStart=/usr/local/bin/forgejo web -c /etc/forgejo/app.ini
+Restart=always
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/forgejo
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/templates/forgejo_sshd.conf.j2 b/templates/forgejo_sshd.conf.j2
new file mode 100644
index 0000000..7cbdbf7
--- /dev/null
+++ b/templates/forgejo_sshd.conf.j2
@@ -0,0 +1,2 @@
+Port {{ forgejo_ssh_port }}
+AcceptEnv GIT_PROTOCOL
\ No newline at end of file
diff --git a/vars/debian.yml b/vars/debian.yml
new file mode 100644
index 0000000..cdceda6
--- /dev/null
+++ b/vars/debian.yml
@@ -0,0 +1,2 @@
+---
+forgejo_os_supported: True