gitea add ssh key in setup

ansible/arcodange/factory/inventory/group_vars/all/common.yml

@@ -0,0 +1 @@
+user_home: "{{ lookup('ansible.builtin.env','HOME') }}"

ansible/arcodange/factory/inventory/group_vars/all/ssh.yml

@@ -0,0 +1,19 @@
+ssh_public_key_paths:
+  - /Users/gabrielradureau/.ssh/id_ed25519_arcodange.pub
+  - "{{ user_home }}/.ssh/id_ed25519.pub"
+  - "{{ user_home }}/.ssh/id_rsa.pub"
+ssh_public_key_path: >-
+  {{ ( 
+        lookup('ansible.builtin.first_found', files=ssh_public_key_paths, errors='ignore')
+      )
+  }}
+ssh_public_key_found: "{{ ssh_public_key_path > '' }}"
+ssh_public_key_full_content: >-
+  {{
+    'key_type b64key key_name' if not ssh_public_key_found
+    else
+    lookup('ansible.builtin.file', ssh_public_key_path)
+  }}
+ssh_public_key: "{{ ssh_public_key_full_content.split()[1] }}"
+ssh_key_title: "{{ ssh_public_key_full_content.split()[-1] }}"
+ssh_key_algorithm: "{{ ssh_public_key_full_content.split()[0] }}"

ansible/arcodange/factory/inventory/group_vars/hard_disk/gitea.yml

@@ -40,6 +40,8 @@ gitea:
           GITEA__mailer__SMTP_ADDR: smtp.orange.fr
           GITEA__mailer__SMTP_PORT: 465
           GITEA__mailer__PASSWD: '{{ gitea_vault.GITEA__mailer__PASSWD }}'
+          GITEA__server__SSH_PORT: 2222
+          GITEA__server__SSH_LISTEN_PORT: 22
         networks:
           - gitea
         ports:

ansible/arcodange/factory/playbooks/setup/gitea.yml

@@ -81,6 +81,7 @@
             path: '{{ gitea_user.avatar_img_path | realpath }}'
           register:
             gitea_user_avatar_img
+          no_log: True
 
         - name: Upload l'avatar de l'admin
           uri:
@@ -95,6 +96,46 @@
               image: "{{ gitea_user_avatar_img['content'] }}"
             status_code: 204
         
+        - name: Enregistrer sa clée publique SSH
+          when: ssh_public_key_found
+          block:
+            - name: Récupérer les clés SSH existantes pour l'utilisateur
+              uri:
+                url: "{{ gitea_base_url }}/api/v1/user/keys"
+                method: GET
+                headers:
+                  Authorization: "token {{ gitea_api_token }}"
+                return_content: yes
+              register: existing_ssh_keys
+
+            - name: Vérifier si la clé SSH existe déjà
+              set_fact:
+                ssh_key_exists: "{{ ' '.join([ssh_key_algorithm, ssh_public_key]) in existing_ssh_keys.json | map(attribute='key') | list }}"
+
+            - name: Ajouter une clé SSH publique à l'utilisateur dans Gitea si elle n'existe pas
+              uri:
+                url: "{{ gitea_base_url }}/api/v1/user/keys"
+                method: POST
+                headers:
+                  Content-Type: application/json
+                  Accept: application/json
+                  Authorization: "token {{ gitea_api_token }}"
+                body_format: json
+                body:
+                  title: "{{ ssh_key_title }}"  # Un nom descriptif pour la clé SSH
+                  key: "{{ ssh_public_key }}"    # Le contenu de la clé publique SSH
+                status_code: 201
+              when: not ssh_key_exists
+              register: add_ssh_key_result
+
+            - name: Vérifier la nouvelle clé SSH ajoutée avec succès
+              when: not ssh_key_exists and add_ssh_key_result.status == 201
+              debug:
+                msg: >-
+                  Clé SSH ajoutée avec succès.
+                  Visitez https://gitea.arcodange.duckdns.org/user/settings/keys?verify_ssh={{ add_ssh_key_result.json.fingerprint }}
+                  pour vérifier la signature de vos commits avec cette clé.
+
         - set_fact:
             gitea_org_name: arcodange-org
             gitea_org_full_name: Arcodange