semaphore-playbooks/debian12-forgejo/playbook.yml

---
- name: Update web servers
  hosts: all
  remote_user: root
  vars:
    forgejo: 1.20.2-0
  tasks:
  - name: Install a list of packages
    ansible.builtin.apt:
      pkg:
      - mariadb-server
      - python3-pymysql
      
  - name: Add the user 'git'
    ansible.builtin.user:
      name: git
      comment: Git Username
      home: /home/git
      shell: /bin/bash
  - name: Create /var/lib/forgejo
    ansible.builtin.file:
      path: /var/lib/forgejo
      state: directory
      owner: git
      group: git
      mode: '0750'
  - name: Create /etc/forgejo
    ansible.builtin.file:
      path: /etc/forgejo
      state: directory
      owner: git
      group: git
      mode: '0500'

  - name: Create /usr/local/bin/
    ansible.builtin.file:
      path: /usr/local/bin/
      state: directory
      owner: git
      group: git
      mode: '0500'
  
  - name: Download Gitea
    get_url: 
      url: "https://codeberg.org/forgejo/forgejo/releases/download/v{{ forgejo }}/forgejo-{{ forgejo }}-linux-amd64"
      dest: "/usr/local/bin/forgejo-{{forgejo}}-linux-amd64"
      mode: '0755'

  - name: Create a symbolic link
    ansible.builtin.file:
      src: "/usr/local/bin/forgejo-{{forgejo}}-linux-amd64"
      dest: "/usr/local/bin/forgejo "
      state: link
    notify:
      - Restart forgejo

  
  #Database
  - name: Create a new database with name 'forgejo'
    community.mysql.mysql_db:
      name: forgejo
      state: present
      login_unix_socket: /run/mysqld/mysqld.sock

  - name: Removes anonymous user account for localhost
    community.mysql.mysql_user:
      name: ''
      host: localhost
      state: absent
      login_unix_socket: /run/mysqld/mysqld.sock

  - name: Removes all anonymous user accounts
    community.mysql.mysql_user:
      name: ''
      host_all: true
      state: absent
      login_unix_socket: /run/mysqld/mysqld.sock


  - name: Create database user forgejo
    community.mysql.mysql_user:
      name: forgejo
      password: "FBnA!wiEJ!W&GTy@!Tf3$aV&WLvPD628GM%9&JUtssr3hr"
      priv: 'forgejo.*:ALL'
      state: present
      login_unix_socket: /run/mysqld/mysqld.sock

  - name: Template forgejo.service 
    ansible.builtin.template:
      src: forgejo.service
      dest: /etc/systemd/system/forgejo.service