---
- hosts: all
  gather_facts: false
  tasks:
    - name: Load variables
      include_vars:
        dir: "{{ dokku_lib_root }}/data/ansible/gitea/vars/"
        extensions:
          - yml

    - name: Set HTTP 80 port proxy
      dokku_ports:
        app: gitea
        mappings:
          - "http:80:3000"
          - "http:222:2222"
        state: present

    - name: Setup LE certificates
      shell: dokku letsencrypt gitea
      args:
        creates: /home/dokku/gitea/letsencrypt/certs

    - name: Setup LE certificates renew cron job
      shell: dokku letsencrypt:cron-job --add
      args:
        creates: /home/dokku/gitea/letsencrypt/cron-job

    - name: Remove automatically configured ports
      dokku_ports:
        app: gitea
        mappings:
          - "http:3000:3000"
          - "http:2222:2222"
        state: absent

    - name: Set HTTP 443 port
      dokku_ports:
        app: gitea
        mappings:
          - "https:443:3000"
        state: present

    - name: Ensure jq package is installed
      apt:
        name: jq
        state: present

    - name: Retrieve application container IP address
      shell: "dokku ps:inspect gitea | jq  .[0].NetworkSettings.IPAddress"
      register: dokku_container_ip

    - name: Setup the SSH passthrough script
      vars:
        ssh_listen_port: "{{ ssh_listen_port }}"
        dokku_container_ip: "{{ dokku_container_ip.stdout }}"
      template:
        src: gitea.j2
        dest: /app/gitea/gitea
        owner: git
        group: git
        mode: "+x"
      become: true

    - name: Symlink the authorized keys configuration
      file:
        src: /var/lib/gitea/git/.ssh/authorized_keys
        dest: /home/git/.ssh/authorized_keys
        state: link
        force: true
        owner: git
      become: true