---
- name: install software
  package:
    name:
    # Gitea operation
    - git
    # PostgreSQL
    - postgresql
    - python3-psycopg2

- name: ensure ru_RU.UTF-8 locale
  locale_gen:
    name: 'ru_RU.UTF-8'

- name: ensure Postgres user exists
  become: true
  become_user: 'postgres'
  postgresql_user:
    name: 'gitea'
    password: '{{ gitea_db_password }}'
    login_password: '{{ gitea_dba_password }}'

- name: ensure Postgres database exists
  become: true
  become_user: 'postgres'
  postgresql_db:
    name: 'gitea'
    owner: 'gitea'
    encoding: 'UTF-8'
    lc_collate: 'ru_RU.UTF-8'
    lc_ctype: 'ru_RU.UTF-8'
    template: 'template0'
    login_password: '{{ gitea_dba_password }}'

- name: setup git user
  user:
    name: 'git'
    comment: 'Git Version Control'
    home: '/var/lib/git'
    shell: '/bin/bash'
    password: '*'  # disabled
    system: true

- name: ensure git user home permissions
  file:
    path: '/var/lib/git'
    owner: 'git'
    group: 'git'

- name: install binary
  copy:
    src: 'gitea'
    dest: '/usr/local/bin/gitea'
    mode: 0755
  when: gitea_install_binary == 'y'
  notify: 'restart Gitea'

- name: ensure state directory structure
  file:
    path: '/var/lib/gitea/{{ item }}'
    state: directory
    mode: 0750
    owner: 'git'
    group: 'git'
  with_items:
    - ''
    - 'custom'
    - 'data'
    - 'log'

- name: ensure configuration directory structure
  file:
    path: '/etc/gitea'
    state: directory
    owner: 'root'
    group: 'git'
    mode: 0750

- name: configure
  template:
    src: 'gitea.ini'
    dest: '/etc/gitea/app.ini'
    owner: 'root'
    group: 'git'
    mode: 0640
  notify: 'restart Gitea'

- name: deploy custom files
  become: true
  become_user: 'git'
  copy:
    src: 'custom/'
    dest: '/var/lib/gitea/custom/'
  notify: 'restart Gitea'

- name: configure service
  copy:
    src: 'gitea.service'
    dest: '/etc/systemd/system/gitea.service'
  register: service_conf
  notify: 'restart Gitea'

- name: load service configuration
  systemd:
    daemon_reload: true
  when: service_conf.changed

- name: ensure the service is started
  service:
    name: 'gitea'
    state: started

- name: configure Nginx
  blockinfile:
    path: '{{ gitea_nginx_conf_path }}'
    block: |
      location /git/ {
          proxy_pass http://localhost:{{ gitea_conf__server__http_port }}/;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          client_max_body_size 32M;
      }
    insertbefore: 'location'
    marker: '# {mark} ANSIBLE MANAGED BLOCK: Gitea'
  notify: 'reload Nginx'

- become: true
  become_user: git
  block:

  - name: 'list Gitea admin users'
    command: 'gitea --config /etc/gitea/app.ini admin user list'
    register: gitea_user

  - name: 'configure Gitea {{ gitea_user_username }} user'
    when: gitea_user_username not in gitea_user.stdout
    command: >-
      gitea --config /etc/gitea/app.ini admin user create
        --username '{{ gitea_user_username }}'
        --password '{{ gitea_user_password }}'
        --email '{{ gitea_user_email }}'
        --must-change-password
        --admin