From 5dc1ce66424fff2ed853e6e0c8fa74f5365eafed Mon Sep 17 00:00:00 2001
From: Michael Grote <michael.grote@posteo.de>
Date: Mon, 13 May 2024 11:44:33 +0200
Subject: [PATCH] dd

---
 group_vars/blocky.yml                    |  3 +--
 roles/mgrote_gitea_setup/tasks/admin.yml | 22 +++++++++++++++++-----
 roles/mgrote_gitea_setup/tasks/ldap.yml  |  2 +-
 3 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/group_vars/blocky.yml b/group_vars/blocky.yml
index bf43ad80..52f1894a 100644
--- a/group_vars/blocky.yml
+++ b/group_vars/blocky.yml
@@ -80,7 +80,7 @@ blocky_custom_lookups: # optional
     ip: 192.168.3.239
   - name: pve5-test.mgrote.net
     ip: 192.168.2.17
-  - name: pve5.mgrote.net # bleibt im Router auch angelegt, weil wenn pve aus auch kein blocky ;-)
+  - name: pve5.mgrote.net # bleibt im Router auch angelegt, weil wenn pve aus auch kein blocky mehr ;-)
     ip: 192.168.2.16
   - name: rb5009.mgrote.net
     ip: 192.168.2.1
@@ -89,7 +89,6 @@ blocky_custom_lookups: # optional
   - name: ldap.mgrote.net
     ip: 192.168.2.47
 
-
 ### mgrote_munin_node
 # kann git.mgrote.net nicht auflösen, deshalb hiermit IP
 munin_node_plugins:
diff --git a/roles/mgrote_gitea_setup/tasks/admin.yml b/roles/mgrote_gitea_setup/tasks/admin.yml
index 64543baa..a9263cdf 100644
--- a/roles/mgrote_gitea_setup/tasks/admin.yml
+++ b/roles/mgrote_gitea_setup/tasks/admin.yml
@@ -4,19 +4,31 @@
 # - https://github.com/lldap/lldap/blob/main/example_configs/gitea.md
 # und
 # den jeweiligen group/host-Vars!
+
+- name: Check if Admin-User exists
+  no_log: true
+  become_user: gitea
+  become: true
+  ansible.builtin.command: |
+    forgejo admin user create \
+      --config "{{ gitea_configuration_path }}/gitea.ini"
+      --username "{{ gitea_admin_user }}" \
+      --password "{{ gitea_admin_user_pass }}" \
+      --email "{{ gitea_admin_user }}@mgrote.net" \
+      --admin
+  register: check
+  ignore_errors: true
+
 - name: Ensure Admin-User exists
   no_log: true
   become_user: gitea
   become: true
   ansible.builtin.command: |
     forgejo admin user create \
-      --config /etc/gitea/gitea.ini
+      --config "{{ gitea_configuration_path }}/gitea.ini"
       --username "{{ gitea_admin_user }}" \
       --password "{{ gitea_admin_user_pass }}" \
       --email "{{ gitea_admin_user }}@mgrote.net" \
       --admin
-  register: setup_admin
-  ignore_errors: true
-  failed_when: 'not "Command error: CreateUser: user already exists [name: mg]" in setup_admin.stderr' # fail Task wenn LDAP schon konfiguriert ist
-  changed_when: "setup_admin.rc == 0" # chnaged nur wenn Task rc 0 hat, sollte nur beim ersten lauf vorkommen; ungetestet
+  when: 'not "Command error: CreateUser: user already exists [name: fadmin]" in check'
 ...
diff --git a/roles/mgrote_gitea_setup/tasks/ldap.yml b/roles/mgrote_gitea_setup/tasks/ldap.yml
index 7fbb7436..c0a76473 100644
--- a/roles/mgrote_gitea_setup/tasks/ldap.yml
+++ b/roles/mgrote_gitea_setup/tasks/ldap.yml
@@ -10,7 +10,7 @@
   become: true
   ansible.builtin.command: |
     forgejo admin auth add-ldap \
-      --config "{{ gitea_configuration_path }}/gitea.ini" \
+      --config "{{ gitea_configuration_path }}/gitea.ini"
       --name "lldap" \
       --security-protocol "unencrypted" \
       --host "{{ gitea_ldap_host }}" \