From dd37acbfbd5a0c8db622a9ffae7c81e96b6b036a Mon Sep 17 00:00:00 2001
From: Christian Franke <nobody@nowhere.ws>
Date: Sat, 29 Aug 2015 19:30:38 +0200
Subject: Add role to setup gitolite

---
 roles/cgit/templates/cgitrc.j2              |  2 ++
 roles/gitserver/defaults/main.yaml          |  8 ++++++
 roles/gitserver/files/gitolite.rc           | 21 ++++++++++++++
 roles/gitserver/files/restore-backup.sh     | 14 +++++++++
 roles/gitserver/handlers/main.yaml          |  3 ++
 roles/gitserver/tasks/as_gituser.yaml       | 13 +++++++++
 roles/gitserver/tasks/main.yaml             | 42 +++++++++++++++++++++++++++
 roles/gitserver/tasks/restore_gitolite.yaml | 44 +++++++++++++++++++++++++++++
 8 files changed, 147 insertions(+)
 create mode 100644 roles/gitserver/defaults/main.yaml
 create mode 100644 roles/gitserver/files/gitolite.rc
 create mode 100644 roles/gitserver/files/restore-backup.sh
 create mode 100644 roles/gitserver/handlers/main.yaml
 create mode 100644 roles/gitserver/tasks/as_gituser.yaml
 create mode 100644 roles/gitserver/tasks/main.yaml
 create mode 100644 roles/gitserver/tasks/restore_gitolite.yaml

(limited to 'roles')

diff --git a/roles/cgit/templates/cgitrc.j2 b/roles/cgit/templates/cgitrc.j2
index bfca774..5d716a1 100644
--- a/roles/cgit/templates/cgitrc.j2
+++ b/roles/cgit/templates/cgitrc.j2
@@ -6,3 +6,5 @@ root-desc=harbouring chaos
 enable-index-owner=0
 clone-prefix=git://{{ git_server_name }} git+ssh://git@{{ git_server_name }}
 source-filter=/etc/cgit.source.filter
+
+include=/etc/cgitrc.repo_service
diff --git a/roles/gitserver/defaults/main.yaml b/roles/gitserver/defaults/main.yaml
new file mode 100644
index 0000000..29483b1
--- /dev/null
+++ b/roles/gitserver/defaults/main.yaml
@@ -0,0 +1,8 @@
+$ANSIBLE_VAULT;1.1;AES256
+32323939303732313433656230323362643534623138656135353066623438656233323463303838
+3632373934343262323863363332386636383062343761300a663031356564343837343066653932
+62373033633332616363366332333131346431363936316531326633636266373034383463376631
+3065643166356433610a383966336236633231316630306436346230343136653631636339323732
+36396436663165383230363562613734306434663830616632306232323862366637643265613464
+30363330666466303763353462313837623633616264613235643733303164396466306239303030
+396138333833336463356165656564663230
diff --git a/roles/gitserver/files/gitolite.rc b/roles/gitserver/files/gitolite.rc
new file mode 100644
index 0000000..6b65a8b
--- /dev/null
+++ b/roles/gitserver/files/gitolite.rc
@@ -0,0 +1,21 @@
+%RC = (
+    UMASK                           =>  0022,
+    GIT_CONFIG_KEYS                 =>  '',
+    LOG_EXTRA                       =>  1,
+    ROLES => {
+        READERS                     =>  1,
+        WRITERS                     =>  1,
+    },
+    ENABLE => [
+            'help',
+            'desc',
+            'info',
+            'perms',
+            'writable',
+            'ssh-authkeys',
+            'git-config',
+            'daemon',
+            'cgit',
+    ],
+);
+1;
diff --git a/roles/gitserver/files/restore-backup.sh b/roles/gitserver/files/restore-backup.sh
new file mode 100644
index 0000000..8fc0de5
--- /dev/null
+++ b/roles/gitserver/files/restore-backup.sh
@@ -0,0 +1,14 @@
+#!/bin/sh -e
+
+cd old-repositories
+for repo in *.git; do
+	if [ x"$repo" = x"gitolite-admin.git" ]; then
+		continue;
+	fi
+
+	cd $repo
+	if [ $(git branch | wc -l) -ne 0 ]; then
+		gitolite push --mirror "../../repositories/$repo"
+	fi
+	cd ..
+done
diff --git a/roles/gitserver/handlers/main.yaml b/roles/gitserver/handlers/main.yaml
new file mode 100644
index 0000000..4b059fa
--- /dev/null
+++ b/roles/gitserver/handlers/main.yaml
@@ -0,0 +1,3 @@
+---
+- name: Restart git-daemon
+  shell: sv restart /etc/service/git-daemon
diff --git a/roles/gitserver/tasks/as_gituser.yaml b/roles/gitserver/tasks/as_gituser.yaml
new file mode 100644
index 0000000..69157fd
--- /dev/null
+++ b/roles/gitserver/tasks/as_gituser.yaml
@@ -0,0 +1,13 @@
+---
+- name: Put gitolite.rc
+  copy:
+    src=gitolite.rc
+    dest=/var/lib/gitolite/.gitolite.rc
+
+- name: Stat gitolite dir
+  stat: path=/var/lib/gitolite/.gitolite/conf
+  register: gitolite_dir
+
+- name: Initialize gitolite and restore backup
+  include: restore_gitolite.yaml
+  when: not gitolite_dir.stat.exists
diff --git a/roles/gitserver/tasks/main.yaml b/roles/gitserver/tasks/main.yaml
new file mode 100644
index 0000000..7d1e3d7
--- /dev/null
+++ b/roles/gitserver/tasks/main.yaml
@@ -0,0 +1,42 @@
+---
+- name: Install gitolite
+  apt: name={{ item }}
+  with_items:
+  - gitolite3
+  - git-daemon-run
+
+- name: Create git group
+  group: name=git
+
+- name: Create git user
+  user:
+    name=git
+    group=git
+    home="/var/lib/gitolite"
+
+- name: Make git dir world readable
+  file:
+    name=/var/lib/gitolite
+    mode=0755
+
+- include: as_gituser.yaml
+  become: yes
+  become_method: su
+  become_user: git
+
+- name: Copy cgitrc.repo_service
+  shell: sed -e 's_/var/lib/git_/var/lib/gitolite_g' /var/lib/gitolite/.gitolite/conf/cgitrc.repo_service > /etc/cgitrc.repo_service
+  args:
+    creates: /etc/cgitrc.repo_service
+
+- name: Ensure correct permissions on cgitrc.repo_service
+  file:
+    name=/etc/cgitrc.repo_service
+    mode=0644
+
+- name: Configure git-daemon
+  lineinfile:
+    dest=/etc/service/git-daemon/run
+    regexp="--base-path=/var/lib /var/lib/git"
+    line="--base-path=/var/lib/gitolite/repositories /var/lib/gitolite/repositories"
+  notify: Restart git-daemon
diff --git a/roles/gitserver/tasks/restore_gitolite.yaml b/roles/gitserver/tasks/restore_gitolite.yaml
new file mode 100644
index 0000000..c937ad1
--- /dev/null
+++ b/roles/gitserver/tasks/restore_gitolite.yaml
@@ -0,0 +1,44 @@
+- name: Create dummy key
+  shell: ssh-keygen -t rsa -b 2048 -N '' -f dummy_key
+  args:
+    chdir: /var/lib/gitolite
+    creates: /var/lib/gitolite/dummy_key
+
+- name: Initialize gitolite
+  shell: gitolite setup -pk dummy_key.pub
+  args:
+    chdir: /var/lib/gitolite
+    creates: /var/lib/gitolite/.gitolite/conf
+
+- name: Get repository backup
+  get_url:
+    url=https://oberon.sublab.org/protected/repositories.tar.gz
+    url_username="{{download_user}}"
+    url_password="{{download_pass}}"
+    validate_certs=no
+    dest=/var/lib/gitolite/repositories.tar.gz
+
+- name: Create directory for backup unpack
+  file: name=/var/lib/gitolite/old-repositories state=directory
+
+- name: Unpack repository backup
+  shell: tar -x --strip-components=1 -f ../repositories.tar.gz
+  args:
+    chdir: /var/lib/gitolite/old-repositories
+    creates: /var/lib/gitolite/old-repositories/gitolite-admin.git
+
+- name: Push gitolite backup
+  shell: gitolite push -f /var/lib/gitolite/repositories/gitolite-admin.git master:master
+  args:
+    chdir: /var/lib/gitolite/old-repositories/gitolite-admin.git
+
+- name: Put restore script
+  copy:
+    dest=/var/lib/gitolite/restore-backup.sh
+    src=restore-backup.sh
+    mode=0755
+
+- name: Run restore
+  shell: ./restore-backup.sh
+  args:
+    chdir: /var/lib/gitolite
-- 
cgit v1.2.1