summaryrefslogtreecommitdiff
path: root/roles/git_server_rpc
diff options
context:
space:
mode:
Diffstat (limited to 'roles/git_server_rpc')
-rw-r--r--roles/git_server_rpc/tasks/main.yaml31
-rw-r--r--roles/git_server_rpc/templates/git_server_rpc.sudoers1
2 files changed, 32 insertions, 0 deletions
diff --git a/roles/git_server_rpc/tasks/main.yaml b/roles/git_server_rpc/tasks/main.yaml
new file mode 100644
index 0000000..a69e9e3
--- /dev/null
+++ b/roles/git_server_rpc/tasks/main.yaml
@@ -0,0 +1,31 @@
+---
+- name: Create git_server_rpc user
+ user: name=git_server_rpc
+ home=/home/git_server_rpc
+
+- name: Create git_server_rpc ssh dir
+ file: path=/home/git_server_rpc/.ssh
+ owner=git_server_rpc
+ group=git_server_rpc
+ mode=0700
+ state=directory
+
+- name: Make sure sudo is installed
+ apt: name=sudo state=present update_cache=yes
+
+- name: Configure git_server_rpc sudo rights
+ template: dest=/etc/sudoers.d/git_server_rpc
+ mode=0440
+ src=git_server_rpc.sudoers
+
+- name: Read git user ssh-key
+ slurp: src=/var/lib/gitolite/.ssh/id_rsa.pub
+ register: git_server_key
+ delegate_to: "{{groups['gitservers'][0]}}"
+
+- name: Put pubkey from gitserver to authorized_keys
+ copy: dest=/home/git_server_rpc/.ssh/authorized_keys
+ content="{{git_server_key.content|b64decode}}"
+ owner=git_server_rpc
+ group=git_server_rpc
+ mode=0644
diff --git a/roles/git_server_rpc/templates/git_server_rpc.sudoers b/roles/git_server_rpc/templates/git_server_rpc.sudoers
new file mode 100644
index 0000000..bd84908
--- /dev/null
+++ b/roles/git_server_rpc/templates/git_server_rpc.sudoers
@@ -0,0 +1 @@
+git_server_rpc ALL=(ALL) NOPASSWD: /var/www/{{sublab_web_server_name}}/website-rebuild.sh