---
# tasks file for gitolite
- name: Assertions
  assert:
    that:
        - ansible_os_family in ['Debian']
        - ansible_distribution_release in ['xenial', 'trusty', 'jessie']
        - gitolite_public_key is defined

- name: APT install
  with_items:
  - gitolite3
  - curl
  apt:
    name: ['curl', 'gitolite3']
    state: present
    update_cache: yes
    cache_valid_time: 3600

- name: Create gitolite user
  user:
    name: git
    system: yes
    createhome: yes
    home: /srv/git
    shell: /bin/sh
    state: present

- name: Copy SSH public key
  template:
   src: gitolite.pub.j2
   dest: /srv/git/gitolite.pub
   owner: git
   group: git
   mode: 0o0644

- name: Setup gitolite
  become: yes
  become_user: git
  command: '/usr/bin/gitolite setup -pk /srv/git/gitolite.pub'
  register: gitolite_setup
  changed_when: "'Initialized empty Git repository' in gitolite_setup.stderr"

- name: Relax permission for cgit integration
  with_items:
  - path: /srv/git/repositories
    mode: 0o0750
  - path: /srv/git/projects.list
    mode: 0o0640
  file:
    path: '{{ item.path }}'
    mode: '{{ item.mode }}'
    owner: git
    group: git

- name: Configure
  with_items:
  - line: 'UMASK => 0027,'
    regexp: '^[ ]*UMASK '
  - line: "GIT_CONFIG_KEYS => '.*',"
    regexp: '^[ ]*GIT_CONFIG_KEYS '
  - line: 'LOG_DEST => syslog,'
    regexp: '[ ]*LOG_DEST '
    insertafter: '%RC = \('
  - line: "'cgit',"
    regexp: "^[ ]*'cgit',"
    insertafter: 'ENABLE => \['
  lineinfile:
    dest: /srv/git/.gitolite.rc
    line: '{{ item.line }}'
    regexp: '{{ item.regexp }}'
    insertafter: '{{ item.insertafter|default(omit) }}'

- name: Add daily backup job
  copy:
    src: backup.sh
    dest: /etc/cron.daily/git
    owner: root
    group: root
    mode: 0o0755

- include: cgit.yml