servers/roles/forgejo-runner/tasks/main.yml

- name: Install forgejo-runner
  package:
    name:
      - forgejo-runner
      - podman

- name: Get forgejo-runner user
  user:
    name: forgejo-runner
  register: user_info

- name: Secure forgejo-runner homedir
  file:
    path: '{{ user_info.home }}'
    mode: '0700'

- name: Configure subuid
  lineinfile:
    path: /etc/subuid
    line: '{{ user_info.name }}:{{ user_info.uid }}00000:65536'
    regexp: '^{{ user_info.name }}:'

- name: Configure subgid
  lineinfile:
    path: /etc/subgid
    line: '{{ user_info.name }}:{{ user_info.group }}00000:65536'
    regexp: '^{{ user_info.name }}:'

- name: Create podman service for forgejo-runner
  file:
    path: /etc/init.d/podman.forgejo-runner
    src: podman
    state: link

- name: Configure podman service for forgejo-runner
  template:
    dest: "/etc/conf.d/podman.{{ user_info.name }}"
    src: podman.j2

- name: Configure forgejo-runner
  template:
    dest: /etc/forgejo-runner/config.yaml
    src: config.yaml.j2
    owner: forgejo-runner
    group: forgejo-runner
    mode: 0600
  notify: restart forgejo-runner

- name: Check runner registration
  stat:
    path: /var/lib/forgejo-runner/.runner
  register: runner_config

- name: Register runner
  when: not runner_config.stat.exists
  notify: restart forgejo-runner
  block:
    - name: Get runner token
      delegate_to: "{{ git_host }}"
      become: yes
      become_user: forgejo
      command: forgejo actions generate-runner-token
      register: token

    - name: Register runner
      become: yes
      become_user: forgejo-runner
      command: |
        forgejo-runner register --no-interactive --name runner
            --instance 'https://{{ hostvars[git_host].dns_name }}'
            --token '{{ token.stdout }}'
      notify: restart forgejo-runner

- name: Enable forgejo-runner services
  service:
    name: '{{ item }}'
    state: started
    enabled: yes
  loop:
    - podman.forgejo-runner
    - forgejo-runner