From f26261fb997ac41224a1efb422cbbb4c272add9d Mon Sep 17 00:00:00 2001
From: tanshu <git@tanshu.com>
Date: Tue, 24 Aug 2021 09:14:15 +0530
Subject: [PATCH] Updated the gitea playbook for ssh passthrough. Still not
 fully there though.

---
 gitea/files/gitea  |  2 ++
 gitea/playbook.yml | 75 +++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 76 insertions(+), 1 deletion(-)
 create mode 100644 gitea/files/gitea

diff --git a/gitea/files/gitea b/gitea/files/gitea
new file mode 100644
index 0000000..862a073
--- /dev/null
+++ b/gitea/files/gitea
@@ -0,0 +1,2 @@
+#!/bin/sh
+ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
diff --git a/gitea/playbook.yml b/gitea/playbook.yml
index bfbb93c..38e09bc 100755
--- a/gitea/playbook.yml
+++ b/gitea/playbook.yml
@@ -8,12 +8,84 @@
     - vars/default.yml
 
   tasks:
-    - name: Add the user 'git' with a specific uid and a primary group of 'admin'
+    - name: Add the user 'git'
       user:
         name: "{{ user }}"
         comment: Git user
         create_home: yes
 
+    - name: Ensure SSH Passthrough file Directory exists
+      file:
+          path: /app/gitea
+          state: directory
+          group: git
+          owner: git
+          mode: 0755
+
+    - name: Check if ssh passthrough file exists
+      stat:
+        path: /app/gitea/gitea
+      register: pass_status
+
+    - name: No need to upload ssh passthrough file
+      when: pass_status.stat.exists == true
+      debug:
+        msg: No need to upload ssh passthrough file as it already exists.
+
+    - name: Upload ssh passthrough file
+      when: pass_status.stat.exists == false
+      template:
+        src: "files/gitea"
+        dest: "/app/gitea/gitea"
+        owner: "{{ user }}"
+        group: "{{ user }}"
+        mode: 0755
+
+    - name: Ensure SSH Directory exists
+      file:
+          path: /home/git/.ssh
+          state: directory
+          group: git
+          owner: git
+          mode: 0700
+
+    - name: Check if rsa key exists
+      stat:
+        path: /home/git/.ssh/id_rsa
+      register: key_status
+
+    - name: No need to generate new rsa key
+      when: key_status.stat.exists == true
+      debug:
+        msg: No need to generate new rsa key as it already exists.
+
+    - name: Generate new rsa key
+      when: key_status.stat.exists == false
+      shell: ssh-keygen -t rsa -b 4096 -q -f /home/git/.ssh/id_rsa -C "Gitea Host Key" -N ""
+
+    - name: Ensure rsa key permissions
+      file:
+          path: /home/git/.ssh/id_rsa
+          group: git
+          owner: git
+          mode: 0600
+
+    - name: Ensure rsa public key permissions
+      file:
+          path: /home/git/.ssh/id_rsa.pub
+          group: git
+          owner: git
+          mode: 0644
+
+    - name: Add key to authorized_files
+      when: key_status.stat.exists == false
+      copy:
+        src: /home/git/.ssh/id_rsa.pub
+        dest: /home/git/.ssh/authorized_keys
+        owner: git
+        group: git
+        mode: 0644
+
     - name: Pull Gitea image
       docker_image:
         name: "{{ container_image }}"
@@ -42,6 +114,7 @@
           - /var/lib/gitea:/data
           - /etc/timezone:/etc/timezone:ro
           - /etc/localtime:/etc/localtime:ro
+          - "/home/{{ user }}/.ssh/:/data/git/.ssh"
 
     - name: Check if Nginx conf file exists
       stat: path="/etc/nginx/sites-available/{{ http_conf }}"