From ca1d66c8cbe39a6e724f4a1d989991dead59bc3d Mon Sep 17 00:00:00 2001
From: kekskurse <git@kekskurse.de>
Date: Sat, 5 Aug 2023 20:06:35 +0200
Subject: [PATCH] stuff

---
 debian12-forgejo/playbook.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/debian12-forgejo/playbook.yml b/debian12-forgejo/playbook.yml
index 7375e32..aaf50e7 100644
--- a/debian12-forgejo/playbook.yml
+++ b/debian12-forgejo/playbook.yml
@@ -4,6 +4,8 @@
   remote_user: root
   vars:
     forgejo: 1.20.2-0
+    domain: git.keks.cloud
+    sslmail: admin@keks.cloud
   handlers:
   - name: Restart forgejo
     ansible.builtin.service:
@@ -16,6 +18,9 @@
       pkg:
       - mariadb-server
       - python3-pymysql
+      - nginx
+      - certbot
+      - python3-certbot-nginx
       
   - name: Add the user 'git'
     ansible.builtin.user:
@@ -60,6 +65,28 @@
     notify:
       - Restart forgejo
 
+  #NGINX + Certbot
+  - name: NGINX Check that the forgejo.conf exists
+    stat:
+      path: /etc/nginx/sites-enabled/forgejo.conf
+    register: stat_result
+
+  - name: NGINX Template forgejo.service 
+    ansible.builtin.template:
+      src: forgejo.conf
+      dest: /etc/nginx/sites-enabled/forgejo.conf
+    when: not stat_result.stat.exists
+
+  - name: NGINX Check that the forgejo.conf exists
+    stat:
+      path: "/etc/letsencrypt/live/{{ domain }}/fullchain.pem"
+    register: ssl_file_result
+  
+  - name: Return motd to registered var
+    ansible.builtin.command: certbot -n --nginx --agree-tos -m {{ sslmail }} -d {{ domain }} 
+    when: not ssl_file_result.stat.exists
+
+
   
   #Database
   - name: Create a new database with name 'forgejo'