---
- name: Allow Forgejo SSH traffic
  ufw:
    rule: allow
    port: "{{ forgejo_ssh_port }}"
    proto: tcp

- name: Create Forgejo directories
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: '0755'
  loop:
    - /srv/forgejo

- name: Create Forgejo data directories
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: '0755'
  loop:
    - /srv/forgejo/data
    - /srv/forgejo/data/gitea/conf

# stat+chown: avoids UID/GID lookup warnings for container-internal UIDs not present on host
- name: Stat Forgejo data directory
  ansible.builtin.stat:
    path: /srv/forgejo/data
  register: forgejo_data_stat

- name: Set Forgejo data directory ownership
  ansible.builtin.command: chown 1000:1000 /srv/forgejo/data
  when: forgejo_data_stat.stat.uid != 1000 or forgejo_data_stat.stat.gid != 1000

- name: Create runner data directory
  ansible.builtin.file:
    path: /srv/forgejo/runner
    state: directory
    mode: '0755'
  when: enable_forgejo_runner | default(true)

# stat+chown: avoids UID/GID lookup warnings for container-internal UIDs not present on host
- name: Stat runner data directory
  ansible.builtin.stat:
    path: /srv/forgejo/runner
  register: forgejo_runner_stat
  when: enable_forgejo_runner | default(true)

- name: Set runner data directory ownership
  ansible.builtin.command: chown 1000:1000 /srv/forgejo/runner
  when: (enable_forgejo_runner | default(true)) and (forgejo_runner_stat.stat.uid != 1000 or forgejo_runner_stat.stat.gid != 1000)

- name: Deploy Forgejo docker-compose file
  ansible.builtin.template:
    src: compose.yml.j2
    dest: /srv/forgejo/compose.yml
    mode: '0644'
  notify: Restart forgejo

- name: Deploy Forgejo app.ini configuration
  ansible.builtin.template:
    src: app.ini.j2
    dest: /srv/forgejo/data/gitea/conf/app.ini
    mode: '0644'
  notify: Restart forgejo

- name: Start Forgejo server
  community.docker.docker_compose_v2:
    project_src: /srv/forgejo
    services:
      - forgejo
    state: present
    build: never
  register: forgejo_output

- name: Wait for Forgejo to be ready
  ansible.builtin.uri:
    url: "http://localhost:{{ forgejo_port }}"
    status_code: 200
  retries: 30
  delay: 2
  when: forgejo_output.changed

# Runner registration (one-time)
- name: Check if runner is already registered
  ansible.builtin.stat:
    path: /srv/forgejo/runner/.runner
  register: runner_file
  when: enable_forgejo_runner | default(true)

- name: Generate runner registration token
  community.docker.docker_container_exec:
    container: forgejo
    command: forgejo forgejo-cli actions generate-runner-token
    user: git
  register: runner_token
  when:
    - enable_forgejo_runner | default(true)
    - not runner_file.stat.exists

- name: Deploy runner config
  ansible.builtin.template:
    src: runner-config.yml.j2
    dest: /srv/forgejo/runner/config.yml
    mode: '0644'
  when: enable_forgejo_runner | default(true)
  notify: Restart forgejo

- name: Register Forgejo runner
  ansible.builtin.command:
    cmd: >-
      docker run --rm
      --network git
      -v /srv/forgejo/runner:/data
      code.forgejo.org/forgejo/runner:{{ forgejo_runner_version }}
      forgejo-runner register --no-interactive
      --instance http://forgejo:3000
      --token {{ runner_token.stdout | trim }}
      --name {{ forgejo_runner_name }}
      --labels {{ forgejo_runner_labels }}
  when:
    - enable_forgejo_runner | default(true)
    - not runner_file.stat.exists
  notify: Restart forgejo

- name: Start all Forgejo services
  community.docker.docker_compose_v2:
    project_src: /srv/forgejo
    state: present
    build: never
  when: enable_forgejo_runner | default(true)