ansible/roles/install_gitea/tasks/main.yml

---
- name: Ensure the directory exist
  file:
     path: /var/local/gitea
     state: directory

- name: Ensure the user gitea exists
  user:
    name: gitea
    create_home: no
    password_lock: yes

- name: Retrieve info about users
  getent:
    database: passwd

- name: Warning
  debug:
    msg: This is a test server, do not use in production

- name: Copy docker-compose.yml
  template:
    src: docker-compose.yml.j2
    dest: /var/local/gitea/docker-compose.yml
    mode: 0644
    owner: root
    group: staff

- name: Start the container
  docker_compose:
    project_src: /var/local/gitea

- name: Copy key
  copy:
    src: /var/certificates/{{ server_hostname }}_privkey.pem
    dest: /var/local/gitea/gitea/key.pem
    owner: gitea
    group: gitea
    mode: 0600
    remote_src: yes
  notify: restart gitea

- name: Copy certificate
  copy:
    src: /var/certificates/{{ server_hostname }}_cert.pem
    dest: /var/local/gitea/gitea/cert.pem
    owner: gitea
    group: gitea
    remote_src: yes
  notify: restart gitea

- name: Specify the link the private key
  lineinfile:
    path: /var/local/gitea/gitea/gitea/conf/app.ini
    insertafter: '^\[server\]'
    regexp: '^KEY_FILE'
    line: KEY_FILE         = /data/key.pem
  notify: restart gitea

- name: Specify the link the private key
  lineinfile:
    path: /var/local/gitea/gitea/gitea/conf/app.ini
    insertafter: '^\[server\]'
    regexp: '^CERT_FILE'
    line: CERT_FILE        = /data/cert.pem
  notify: restart gitea

- name: Use https
  lineinfile:
    path: /var/local/gitea/gitea/gitea/conf/app.ini
    insertafter: '^\[server\]'
    regexp: '^PROTOCOL'
    line: PROTOCOL         = https
  notify: restart gitea