---
- name: Install and deploy syncthing
  hosts: ulna

  tasks:
  - name: Add PGP key
    ansible.builtin.get_url:
      url: https://syncthing.net/release-key.gpg
      dest: /usr/share/keyrings/syncthing-archive-keyring.gpg
    become: true

  - name: Add APT repository
    ansible.builtin.apt_repository:
      repo: deb [signed-by=/usr/share/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable
      state: present
    become: true

  - name: Install syncthing
    ansible.builtin.apt:
      name: syncthing
      state: present
      update_cache: true
    become: true

  - name: Create syncthing group
    ansible.builtin.group:
      name: syncthing
      state: present
    become: true

  - name: Create syncthing user
    ansible.builtin.user:
      name: syncthing
      group: syncthing
      comment: Syncthing user
      shell: /bin/bash
      password: '!'
      home: /home/syncthing
      create_home: true
    become: true

  - name: (Re)start the syncthing service
    ansible.builtin.systemd:
      state: restarted
      name: syncthing@syncthing
      enabled: true
    become: true