Assorted changesHEADmaster

- add hooks between webserver and gitserver:
    git->website and wiki->git work now,
    git->wiki is still missing,
      https://ikiwiki.info/tips/Hosting_Ikiwiki_and_master_git_repository_on_different_machines/
    should contain the right info for that
- actually configure repo_service
- replace LDAP auth with dummy password auth for now

1 files changed, 40 insertions, 0 deletions

diff --git a/roles/repo_service/tasks/as_repo_service.yaml b/roles/repo_service/tasks/as_repo_service.yaml
index 6b364d8..b9a99ab 100644
--- a/roles/repo_service/tasks/as_repo_service.yaml
+++ b/roles/repo_service/tasks/as_repo_service.yaml
@@ -3,3 +3,43 @@
   git:
     repo=https://github.com/cfra/repo_service.git
     dest=/var/lib/repo_service/src
+  notify:
+  - Restart repo_service
+
+- name: Create .ssh dir
+  file:
+    path="/var/lib/repo_service/.ssh"
+    state=directory
+    mode=0700
+
+- name: Add repo_service ssh privkey
+  copy:
+    dest="/var/lib/repo_service/.ssh/id_rsa"
+    content="{{repo_service_privkey}}"
+    mode=0600
+
+- name: Add repo_service ssh pubkey
+  copy:
+    dest="/var/lib/repo_service/.ssh/id_rsa.pub"
+    content="{{repo_service_pubkey}}"
+    mode=0644
+
+- name: Read Gitserver Hostkey
+  slurp: src=/etc/ssh/ssh_host_ecdsa_key.pub
+  register: gitserver_host_key
+
+- name: Put Gitserver Hostkey into knownhosts
+  lineinfile: dest=/var/lib/repo_service/.ssh/known_hosts
+              create=yes
+              owner=repo_service
+              group=repo_service
+              mode=0644
+              line="127.0.0.1 {{gitserver_host_key.content|b64decode}}"
+
+# Configure git
+- name: Configure git push for repo service
+  command: git config --global push.default simple
+- name: Configure git name
+  command: git config --global user.name "Repo Service {{ansible_hostname}}"
+- name:
+  command: git config --global user.email "nobody@nowhere.ws"