---

- become: yes
  block:

    - name: "Install gitolite"
      apt:
        name: 'gitolite3'
        state: 'present'

      # https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user
    - name: "Install acl"
      apt:
        name: 'acl'
        state: 'present'

    - name: "Create gitolite user '{{ gitolite_user_name }}'"
      user:
        name: "{{ gitolite_user_name }}"
        group: "{{ gitolite_user_group }}"
        home: "{{ gitolite_user_home }}"
        shell: "/bin/bash"

    - name: "Add '{{ gitolite_webserver_user_name }}' to the '{{ gitolite_user_group }}' group"
      user:
        name: "{{ gitolite_webserver_user_name }}"
        groups: "{{ gitolite_user_group }}"
        append: yes

- become: yes
  become_user: "{{ gitolite_user_name }}"
  vars:
    default_repos:
      - "gitolite-admin"
      - "testing"
  block:

    - name: "Run dummy setup"
      command:
        cmd: "gitolite setup -a dummy"
        creates: "{{ gitolite_user_home }}/.gitolite"

    - name: "Remove directories of default repos"
      file:
        path: "{{ gitolite_user_home }}/repositories/{{ item }}.git"
        state: 'absent'
      notify: 'gitolite compile'
      loop: "{{ default_repos }}"

    - name: "Remove config of default repos"
      replace:
        path: "{{ gitolite_user_home }}/.gitolite/conf/gitolite.conf"
        regexp: '^[ \t\n]*repo[ \t]+{{ item }}((?!^repo)(.|\n))*'
      notify: 'gitolite compile'
      loop: "{{ default_repos }}"

    - name: "Create keydir"
      file:
        path: "{{ gitolite_user_home }}/.gitolite/keydir"
        state: 'directory'
      notify: 'gitolite compile'

    - name: "Write gitolite.rc"
      copy:
        src: "gitolite.rc"
        dest: "{{ gitolite_user_home }}/.gitolite.rc"
      notify: 'gitolite compile'

    - name: "Allow user created repos"
      blockinfile:
        path: "{{ gitolite_user_home }}/.gitolite/conf/gitolite.conf"
        marker: "# {mark} User created repos"
        block: |
          repo CREATOR/[^/]+
              C = @all
              RW+ = CREATOR
              RW+ = OWNERS
              RW+ user/USER/ = USERS
              RW = WRITERS
              R = READERS

    - name: "Allow group read access to gitolite files"
      file:
        path: "{{ item }}"
        mode: 'g+rX'
        recurse: yes
        state: 'directory'
      loop:
        - "{{ gitolite_user_home }}/repositories"
        - "{{ gitolite_user_home }}/.gitolite"

    - name: "Set SETGID on gitolite logs directory"
      file:
        path: "{{ gitolite_user_home }}/.gitolite/logs"
        mode: 'g+s'
        state: 'directory'

    - name: "Allow group write access to existing gitolite logs"
      file:
        path: "{{ gitolite_user_home }}/.gitolite/logs"
        mode: 'g+rwX'
        recurse: yes
        state: 'directory'

    - name: "Allow group write access to future gitolite logs"
      acl:
        path: "{{ gitolite_user_home }}/.gitolite/logs"
        etype: 'group'
        permissions: 'rwX'
        default: yes
        state: 'present'

    - name: "Get local custom code directory"
      command: "gitolite query-rc LOCAL_CODE"
      register: gitolite_query_local_code
      changed_when: False

    - name: "Set local code direcory facts"
      set_fact:
        gitolite_post_compile_dir: "{{ gitolite_query_local_code.stdout }}/triggers/post-compile"
        gitolite_hooks_dir: "{{ gitolite_query_local_code.stdout }}/hooks/common"

    - name: "Create local code directories"
      file:
        path: "{{ item }}"
        state: 'directory'
      loop:
        - "{{ gitolite_post_compile_dir }}"
        - "{{ gitolite_hooks_dir }}"

    - name: "Override 'update-gitweb-access-list' post-compile trigger"
      copy:
        src: "update-gitweb-access-list"
        dest: "{{ gitolite_post_compile_dir }}/update-gitweb-access-list"
      notify: 'gitolite compile'