---
- include_vars: vault.yml

- name: Install git and gpg
  become: true
  apt:
    name:
      - git
      - gpg
    state: present

- name: Create git group
  become: true
  group:
    name: git
    system: true

- name: Create git user
  become: true
  user:
    name: git
    group: git
    append: true
    groups:
      - sudo
      - mail
    create_home: true
    home: /home/git
    shell: /bin/bash
    system: true

- name: Create /var/lib/gitea directory
  become: true
  file:
    path: /var/lib/gitea
    state: directory
    owner: git
    group: git
    mode: 0750
    recurse: true

- name: Create /var/lib/gitea subdirectories
  become: true
  file:
    path: "/var/lib/gitea/{{ item }}"
    state: directory
    owner: git
    group: git
    mode: 0750
    recurse: true
  with_items:
    - custom
    - data
    - log

- name: Create /etc/gitea directory
  become: true
  file:
    path: /etc/gitea
    state: directory
    owner: root
    group: git
    mode: 0750
    recurse: false

- name: Copy /etc/gitea/app.ini
  become: true
  template:
    src: app.ini.j2
    dest: /etc/gitea/app.ini
    owner: root
    group: git
    mode: 0640

- name: Find latest gitea version
  uri:
    url: https://dl.gitea.io/gitea/version.json
  register: gitea_binary

- name: Find if latest gitea version is installed
  stat:
    path: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"
  register: latest_gitea_binary

- name: Set gitea binary architecture to amd64
  set_fact:
    gitea_binary_arch: amd64
  when: ansible_facts['architecture'] == 'x86_64'

- name: Set gitea binary architecture to arm-6
  set_fact:
    gitea_binary_arch: arm-6
  when: ansible_facts['architecture'] != 'x86_64'

- name: Get latest gitea binary
  become: true
  get_url:
    url: "https://dl.gitea.io/gitea/{{ gitea_binary.json.latest.version }}/gitea-{{ gitea_binary.json.latest.version }}-linux-{{ gitea_binary_arch }}"
    dest: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"
    owner: git
    group: git
    mode: 0664
  when: not latest_gitea_binary.stat.exists
  notify:
    - Receive gitea pgp key
    - Download gitea asc file
    - Verify gitea binary with gpg

- name: Verify downloaded binary
  meta: flush_handlers

- name: Copy gitea binary to global location
  become: true
  copy:
    src: "/home/git/gitea-{{ gitea_binary.json.latest.version }}"
    dest: /usr/local/bin/gitea
    remote_src: true
    owner: root
    group: root
    mode: 0755

- name: Copy /etc/gitea/app.ini
  become: true
  copy:
    src: gitea.service
    dest: /etc/systemd/system/gitea.service
    owner: root
    group: root
    mode: 0644
  notify:
    - Reload systemd daemon
    - Start gitea service

- name: Make sure gitea is running
  meta: flush_handlers

- name: Copy gitea_backup.sh script
  become: true
  template:
    src: gitea_backup.sh.j2
    dest: /home/git/gitea_backup.sh
    owner: git
    group: git
    mode: 0775