---




# - name: allow gitea executable to bind on privileged port
#   capabilities:
#     path: /usr/local/bin/gitea
#     capability: cap_sys_chroot+eip
#     state: present

- name: git user
  user:
    name: git
    system: yes
    home: /srv/git

- name: gitea home directory
  file:
    path: /srv/git
    mode: u=rwx,g=rx,o=rx
    owner: git
    group: git
    state: directory

- name: gitea repos directory
  file:
    path: /srv/git/repos
    mode: u=rwx,g=rx,o=rx
    owner: git
    group: git
    state: directory

- name: gitea work directory
  file:
    path: /var/lib/gitea
    mode: u=rwx,g=rx,o=rx
    owner: git
    group: git
    state: directory

- name: gitea config directory
  file:
    path: /etc/gitea
    mode: u=rwx,g=rx,o=rx
    owner: git
    group: git
    state: directory

- name: gitea log directory
  file:
    path: /var/log/gitea
    mode: u=rwx,g=rx,o=rx
    owner: git
    group: git
    state: directory

- import_tasks: config.yml

- name: systemd service unit
  template:
    src: systemd.service.j2
    dest: /etc/systemd/system/gitea.service
  notify:
    - systemd daemon-reload
    - restart gitea

- name: gitea started
  systemd:
    name: gitea.service
    state: started