--- - name: create gitea-runner user become: true ansible.builtin.user: name: "{{ gitea_runner_user }}" comment: Gitea Actions runner shell: /bin/bash createhome: true home: "{{ gitea_runner_home }}" groups: docker append: true tags: gitea-actions - name: check if gitea-runner lingering enabled become: true ansible.builtin.stat: path: "/var/lib/systemd/linger/{{ gitea_runner_user }}" register: gitea_runner_lingering tags: gitea-actions - name: enable gitea-runner lingering become: true ansible.builtin.command: loginctl enable-linger {{ gitea_runner_user }} when: not gitea_runner_lingering.stat.exists tags: gitea-actions - name: create .config/systemd/user directory become: true become_user: "{{ gitea_runner_user }}" ansible.builtin.file: path: "{{ gitea_runner_home }}/.config/systemd/user" state: directory mode: "0755" tags: gitea-actions - name: create .ssh directory become: true ansible.builtin.file: path: "{{ gitea_runner_home }}/.ssh" state: directory owner: "{{ gitea_runner_user }}" group: "{{ gitea_runner_user }}" mode: "0700" tags: gitea-actions - name: generate SSH key for gitea-runner become: true become_user: "{{ gitea_runner_user }}" ansible.builtin.command: cmd: ssh-keygen -t ed25519 -f {{ gitea_runner_home }}/.ssh/id_ed25519 -N "" -C "gitea-runner@galactica" creates: "{{ gitea_runner_home }}/.ssh/id_ed25519" tags: gitea-actions - name: add Gitea SSH host keys to known_hosts become: true become_user: "{{ gitea_runner_user }}" ansible.builtin.shell: cmd: ssh-keyscan -p 2222 {{ item }} >> {{ gitea_runner_home }}/.ssh/known_hosts 2>/dev/null args: creates: "{{ gitea_runner_home }}/.ssh/known_hosts" loop: - git.skudak.com - git.debyl.io tags: gitea-actions - name: set known_hosts permissions become: true ansible.builtin.file: path: "{{ gitea_runner_home }}/.ssh/known_hosts" owner: "{{ gitea_runner_user }}" group: "{{ gitea_runner_user }}" mode: "0644" tags: gitea-actions