self-hosting/roles/forgejo/tasks/main.yml

---
- name: Include vault variables
  ansible.builtin.include_vars: vault.yml

- name: Deploy letsencrypt certificate
  ansible.builtin.include_role:
    name: deploy_certificate
  vars:
    server_admin: "{{ forgejo_server_admin }}"
    domain: "{{ forgejo_domain }}"

- name: Include apache2 tasks
  ansible.builtin.include_tasks: apache2.yml

- name: Include mariadb tasks
  ansible.builtin.include_tasks: mariadb.yml

- name: Include unix tasks
  ansible.builtin.include_tasks: unix.yml

- name: Include binary tasks
  ansible.builtin.include_tasks: binary.yml

- name: Include backup tasks
  ansible.builtin.include_tasks: backup.yml

- name: Include start tasks
  ansible.builtin.include_tasks: start.yml

# fail2ban tasks need the forgejo log file, which should be created when forgejo runs
- name: Include fail2ban tasks
  ansible.builtin.include_tasks: fail2ban.yml

- name: Include logrotate tasks
  ansible.builtin.include_tasks: logrotate.yml

- name: Include repos tasks
  ansible.builtin.include_tasks: repos.yml

- name: Include ssh tasks
  ansible.builtin.include_tasks: ssh.yml

- name: "Make DNS resolution local for {{ forgejo_domain }}"
  become: true
  ansible.builtin.lineinfile:
    line: "127.0.0.1\t{{ forgejo_domain }}"
    path: /etc/hosts