From f38450f9f2037244300082f3e4211b790ac87058 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Mon, 26 Oct 2015 20:38:25 +0100 Subject: Assorted changes - add hooks between webserver and gitserver: git->website and wiki->git work now, git->wiki is still missing, https://ikiwiki.info/tips/Hosting_Ikiwiki_and_master_git_repository_on_different_machines/ should contain the right info for that - actually configure repo_service - replace LDAP auth with dummy password auth for now --- roles/cgit/files/htpasswd | 1 + roles/cgit/tasks/main.yaml | 4 ++++ roles/cgit/templates/repocreate-ssl.conf.j2 | 21 +++++++++++++++------ 3 files changed, 20 insertions(+), 6 deletions(-) create mode 100644 roles/cgit/files/htpasswd (limited to 'roles/cgit') diff --git a/roles/cgit/files/htpasswd b/roles/cgit/files/htpasswd new file mode 100644 index 0000000..4ba5edb --- /dev/null +++ b/roles/cgit/files/htpasswd @@ -0,0 +1 @@ +webuser:$apr1$CTQ3rSnN$MTEV4h/Y.9HBT1Apjey1t0 diff --git a/roles/cgit/tasks/main.yaml b/roles/cgit/tasks/main.yaml index 8c7f92b..595e738 100644 --- a/roles/cgit/tasks/main.yaml +++ b/roles/cgit/tasks/main.yaml @@ -72,6 +72,10 @@ - ssl.conf notify: Reload apache +- name: Place reposervice htpasswd + copy: dest=/etc/apache2/sites/{{ git_server_name }}/htpasswd + src=htpasswd + - include: ../../apache/tasks/ssl.yaml vars: ssl_server_name: "{{git_server_name}}" diff --git a/roles/cgit/templates/repocreate-ssl.conf.j2 b/roles/cgit/templates/repocreate-ssl.conf.j2 index c9014be..b1dd553 100644 --- a/roles/cgit/templates/repocreate-ssl.conf.j2 +++ b/roles/cgit/templates/repocreate-ssl.conf.j2 @@ -1,9 +1,12 @@ -#Alias /create /var/www/git.sublab.org/htdocs/create -#ProxyPass /create/api http://127.0.0.1:8023/ +Alias /create /var/lib/repo_service/src/frontend +ProxyPass /create/api http://127.0.0.1:8023/ + + + Options -Indexes -ExecCGI + Allow from * + # -# -# Options -Indexes -ExecCGI -# Allow from * +# Disable LDAP auth for now :/ # # AuthType basic # AuthBasicProvider ldap @@ -14,5 +17,11 @@ # # AuthzLDAPAuthoritative on # # Require ldap-group cn=members,ou=groups,dc=sublab,dc=org # Require valid-user -# + +# And use basic auth instead + AuthType basic + AuthName "Wiki Login" + AuthUserFile "/etc/apache2/sites/{{ git_server_name }}/htpasswd" + Require valid-user + #LDAPTrustedMode TLS -- cgit v1.2.1