deploy_home/ansible/roles/gitea-actions/tasks/user.yml

---
- name: create gitea-runner user
  become: true
  ansible.builtin.user:
    name: "{{ gitea_runner_user }}"
    comment: Gitea Actions runner
    shell: /bin/bash
    createhome: true
    home: "{{ gitea_runner_home }}"
  tags: gitea-actions

- name: check if gitea-runner lingering enabled
  become: true
  ansible.builtin.stat:
    path: "/var/lib/systemd/linger/{{ gitea_runner_user }}"
  register: gitea_runner_lingering
  tags: gitea-actions

- name: enable gitea-runner lingering
  become: true
  ansible.builtin.command: loginctl enable-linger {{ gitea_runner_user }}
  when: not gitea_runner_lingering.stat.exists
  tags: gitea-actions

- name: create .config/systemd/user directory
  become: true
  become_user: "{{ gitea_runner_user }}"
  ansible.builtin.file:
    path: "{{ gitea_runner_home }}/.config/systemd/user"
    state: directory
    mode: "0755"
  tags: gitea-actions

- name: create .ssh directory
  become: true
  ansible.builtin.file:
    path: "{{ gitea_runner_home }}/.ssh"
    state: directory
    owner: "{{ gitea_runner_user }}"
    group: "{{ gitea_runner_user }}"
    mode: "0700"
  tags: gitea-actions

- name: generate SSH key for gitea-runner
  become: true
  become_user: "{{ gitea_runner_user }}"
  ansible.builtin.command:
    cmd: ssh-keygen -t ed25519 -f {{ gitea_runner_home }}/.ssh/id_ed25519 -N "" -C "gitea-runner@galactica"
    creates: "{{ gitea_runner_home }}/.ssh/id_ed25519"
  tags: gitea-actions

- name: add Gitea SSH host keys to known_hosts
  become: true
  become_user: "{{ gitea_runner_user }}"
  ansible.builtin.shell:
    cmd: ssh-keyscan -p 2222 {{ item }} >> {{ gitea_runner_home }}/.ssh/known_hosts 2>/dev/null
  args:
    creates: "{{ gitea_runner_home }}/.ssh/known_hosts"
  loop:
    - git.skudak.com
    - git.debyl.io
  tags: gitea-actions

- name: set known_hosts permissions
  become: true
  ansible.builtin.file:
    path: "{{ gitea_runner_home }}/.ssh/known_hosts"
    owner: "{{ gitea_runner_user }}"
    group: "{{ gitea_runner_user }}"
    mode: "0644"
  tags: gitea-actions