---
- name: Setup git server
  hosts: raspberry
  gather_facts: false
  tasks:
     - name: Install packages
       become: true
       tags:
       - slow
       apt:
         pkg:
         - nginx
         - certbot
         - python3-certbot-nginx
         - cgit
         - libfcgi-dev
         - spawn-fcgi
         - fcgiwrap

    # user
     - name: Create git user
       become: true
       user:
         name: git

     - name: Add public key to authorized_keys
       become: true
       authorized_key:
         user: git
         state: present
         key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"


    # nginx
     - name: Copy nginx configuration
       become: true
       copy:
         src: ./files/nginx/cgit
         dest: /etc/nginx/sites-available

     - name: Enable website
       become: true
       command: "ln -sf /etc/nginx/sites-available/cgit /etc/nginx/sites-enabled"

     - name: Install SSL certificate
       become: true
       shell: "certbot --nginx --non-interactive --agree-tos -m eugene@eug-vs.xyz -d git.eug-vs.xyz"

     - name: Restart and enable nginx
       become: true
       systemd:
         name: nginx
         enabled: yes
         state: restarted

    # cgit
     - name: Copy cgit configuration
       become: true
       copy:
         src: ./files/cgit/cgitrc
         dest: /etc
    # TODO: move this to eug-vs-xyz
     - name: Copy cgit styles
       become: true
       copy:
         src: ./files/cgit/cgit
         dest: /usr/share