---
# VM Forgejo : forge logicielle legere
# Deploie Forgejo + PostgreSQL via Docker Compose

- name: Deploiement Forgejo
  hosts: forgejo
  become: true

  tasks:
    - name: Creation des repertoires Forgejo
      ansible.builtin.file:
        path: "{{ item }}"
        state: directory
        owner: "{{ admin_user }}"
        group: "{{ admin_user }}"
        mode: "0755"
      loop:
        - /opt/forgejo
        - /opt/forgejo/data
        - /opt/forgejo/postgres
      tags: [forgejo]

    - name: Deploiement docker-compose Forgejo
      ansible.builtin.copy:
        src: ../../docker/forgejo/docker-compose.yml
        dest: /opt/forgejo/docker-compose.yml
        owner: "{{ admin_user }}"
        group: "{{ admin_user }}"
        mode: "0644"
      notify: restart forgejo
      tags: [forgejo]

    - name: Deploiement .env Forgejo
      ansible.builtin.template:
        src: forgejo.env.j2
        dest: /opt/forgejo/.env
        owner: "{{ admin_user }}"
        group: "{{ admin_user }}"
        mode: "0600"
      notify: restart forgejo
      tags: [forgejo]

    - name: Demarrage Forgejo
      community.docker.docker_compose_v2:
        project_src: /opt/forgejo
        state: present
      tags: [forgejo]

    # Port 3000 (web) + 2222 (SSH Git)
    - name: Ouverture ports Forgejo
      ansible.posix.firewalld:
        port: "{{ item }}"
        permanent: true
        state: enabled
      loop:
        - 3000/tcp
        - 2222/tcp
      notify: reload firewalld
      tags: [forgejo, firewall]

  handlers:
    - name: restart forgejo
      community.docker.docker_compose_v2:
        project_src: /opt/forgejo
        state: restarted

    - name: reload firewalld
      ansible.builtin.systemd:
        name: firewalld
        state: reloaded