From 38d25b2dda10f1c6d1c827e1688941ee37cde10e Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 13 Nov 2022 21:21:56 +0100 Subject: add gitolite/base role --- roles/gitolite/base/tasks/main.yml | 100 +++++++++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 roles/gitolite/base/tasks/main.yml (limited to 'roles/gitolite/base/tasks') diff --git a/roles/gitolite/base/tasks/main.yml b/roles/gitolite/base/tasks/main.yml new file mode 100644 index 00000000..440d9f52 --- /dev/null +++ b/roles/gitolite/base/tasks/main.yml @@ -0,0 +1,100 @@ +--- +- name: install gitolite + apt: + name: + - git + - gitolite3 + +- name: prepare storage volume for /srv/git + when: gitolite_storage is defined + vars: + storage_volume: "{{ gitolite_storage | combine({'dest': gitolite_base_path}) }}" + include_role: + name: "storage/{{ gitolite_storage.type }}/volume" + +- name: create gitolite instance user + loop: "{{ gitolite_instances | list }}" + user: + name: "git-{{ item }}" + home: "{{ gitolite_base_path }}/{{ item }}" + shell: /bin/sh + system: yes + state: present + +- name: make sure base dir is owned by gitolite user + loop: "{{ gitolite_instances | list }}" + file: + path: "{{ gitolite_base_path }}/{{ item }}" + mode: 0750 + owner: "git-{{ item }}" + group: "git-{{ item }}" + +- name: deploy primary admin key + loop: "{{ gitolite_instances | dict2items }}" + loop_control: + label: "{{ item.key }}" + copy: + content: "{{ item.value.primary_admin_key }}" + dest: "{{ gitolite_base_path }}/{{ item.key }}/primary-admin.pub" + +- name: run initial gitolite setup + loop: "{{ gitolite_instances | list }}" + become: yes + become_method: su + become_user: "git-{{ item }}" + args: + creates: "{{ gitolite_base_path }}/{{ item }}/.gitolite.rc" + chdir: "{{ gitolite_base_path }}/{{ item }}" + command: gitolite setup -pk "{{ gitolite_base_path }}/{{ item }}/primary-admin.pub" + register: gitolite_instance_initial_setup + +- name: remove testing repository + loop: "{{ gitolite_instance_initial_setup.results }}" + loop_control: + label: "{{ item.item }}" + when: item is changed + file: + path: "{{ gitolite_base_path }}/{{ item.item }}/repositories/testing.git" + state: absent + +- name: configure umask + loop: "{{ gitolite_instances | dict2items }}" + loop_control: + label: "{{ item.key }}" + lineinfile: + path: "{{ gitolite_base_path }}/{{ item.key }}/.gitolite.rc" + backrefs: yes + regexp: "^(\\s*UMASK\\s*=>\\s*).*(,.*)$" + line: '\g<1>{{ item.value.umask | default("0077") }}\2' + +- name: configure GIT_CONFIG_KEYS to allow gitweb settings + loop: "{{ gitolite_instances | list }}" + lineinfile: + path: "{{ gitolite_base_path }}/{{ item }}/.gitolite.rc" + backrefs: yes + regexp: "^(\\s*GIT_CONFIG_KEYS\\s*=>\\s*').*('.*)$" + line: '\1cgit.*\2' + +- name: disable gitweb gitolite command + loop: "{{ gitolite_instances | list }}" + lineinfile: + path: "{{ gitolite_base_path }}/{{ item }}/.gitolite.rc" + backrefs: yes + regexp: "^(\\s*)('gitweb'.*)$" + line: '\1# \2' + +- name: enable daemon gitolite command + loop: "{{ gitolite_instances | list }}" + lineinfile: + path: "{{ gitolite_base_path }}/{{ item }}/.gitolite.rc" + backrefs: yes + regexp: "^(\\s*)#?\\s*('daemon'.*)$" + line: '\1\2' + +## TODO: +# - name: enable http +# when: "'http' in gitolite_instance" +# include_role: +# name: gitolite/http + +## TODO: add systemd-timer for `git fsck` -- cgit v1.2.3