From dd37acbfbd5a0c8db622a9ffae7c81e96b6b036a Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Sat, 29 Aug 2015 19:30:38 +0200 Subject: Add role to setup gitolite --- roles/cgit/templates/cgitrc.j2 | 2 ++ roles/gitserver/defaults/main.yaml | 8 ++++++ roles/gitserver/files/gitolite.rc | 21 ++++++++++++++ roles/gitserver/files/restore-backup.sh | 14 +++++++++ roles/gitserver/handlers/main.yaml | 3 ++ roles/gitserver/tasks/as_gituser.yaml | 13 +++++++++ roles/gitserver/tasks/main.yaml | 42 +++++++++++++++++++++++++++ roles/gitserver/tasks/restore_gitolite.yaml | 44 +++++++++++++++++++++++++++++ 8 files changed, 147 insertions(+) create mode 100644 roles/gitserver/defaults/main.yaml create mode 100644 roles/gitserver/files/gitolite.rc create mode 100644 roles/gitserver/files/restore-backup.sh create mode 100644 roles/gitserver/handlers/main.yaml create mode 100644 roles/gitserver/tasks/as_gituser.yaml create mode 100644 roles/gitserver/tasks/main.yaml create mode 100644 roles/gitserver/tasks/restore_gitolite.yaml (limited to 'roles') diff --git a/roles/cgit/templates/cgitrc.j2 b/roles/cgit/templates/cgitrc.j2 index bfca774..5d716a1 100644 --- a/roles/cgit/templates/cgitrc.j2 +++ b/roles/cgit/templates/cgitrc.j2 @@ -6,3 +6,5 @@ root-desc=harbouring chaos enable-index-owner=0 clone-prefix=git://{{ git_server_name }} git+ssh://git@{{ git_server_name }} source-filter=/etc/cgit.source.filter + +include=/etc/cgitrc.repo_service diff --git a/roles/gitserver/defaults/main.yaml b/roles/gitserver/defaults/main.yaml new file mode 100644 index 0000000..29483b1 --- /dev/null +++ b/roles/gitserver/defaults/main.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +32323939303732313433656230323362643534623138656135353066623438656233323463303838 +3632373934343262323863363332386636383062343761300a663031356564343837343066653932 +62373033633332616363366332333131346431363936316531326633636266373034383463376631 +3065643166356433610a383966336236633231316630306436346230343136653631636339323732 +36396436663165383230363562613734306434663830616632306232323862366637643265613464 +30363330666466303763353462313837623633616264613235643733303164396466306239303030 +396138333833336463356165656564663230 diff --git a/roles/gitserver/files/gitolite.rc b/roles/gitserver/files/gitolite.rc new file mode 100644 index 0000000..6b65a8b --- /dev/null +++ b/roles/gitserver/files/gitolite.rc @@ -0,0 +1,21 @@ +%RC = ( + UMASK => 0022, + GIT_CONFIG_KEYS => '', + LOG_EXTRA => 1, + ROLES => { + READERS => 1, + WRITERS => 1, + }, + ENABLE => [ + 'help', + 'desc', + 'info', + 'perms', + 'writable', + 'ssh-authkeys', + 'git-config', + 'daemon', + 'cgit', + ], +); +1; diff --git a/roles/gitserver/files/restore-backup.sh b/roles/gitserver/files/restore-backup.sh new file mode 100644 index 0000000..8fc0de5 --- /dev/null +++ b/roles/gitserver/files/restore-backup.sh @@ -0,0 +1,14 @@ +#!/bin/sh -e + +cd old-repositories +for repo in *.git; do + if [ x"$repo" = x"gitolite-admin.git" ]; then + continue; + fi + + cd $repo + if [ $(git branch | wc -l) -ne 0 ]; then + gitolite push --mirror "../../repositories/$repo" + fi + cd .. +done diff --git a/roles/gitserver/handlers/main.yaml b/roles/gitserver/handlers/main.yaml new file mode 100644 index 0000000..4b059fa --- /dev/null +++ b/roles/gitserver/handlers/main.yaml @@ -0,0 +1,3 @@ +--- +- name: Restart git-daemon + shell: sv restart /etc/service/git-daemon diff --git a/roles/gitserver/tasks/as_gituser.yaml b/roles/gitserver/tasks/as_gituser.yaml new file mode 100644 index 0000000..69157fd --- /dev/null +++ b/roles/gitserver/tasks/as_gituser.yaml @@ -0,0 +1,13 @@ +--- +- name: Put gitolite.rc + copy: + src=gitolite.rc + dest=/var/lib/gitolite/.gitolite.rc + +- name: Stat gitolite dir + stat: path=/var/lib/gitolite/.gitolite/conf + register: gitolite_dir + +- name: Initialize gitolite and restore backup + include: restore_gitolite.yaml + when: not gitolite_dir.stat.exists diff --git a/roles/gitserver/tasks/main.yaml b/roles/gitserver/tasks/main.yaml new file mode 100644 index 0000000..7d1e3d7 --- /dev/null +++ b/roles/gitserver/tasks/main.yaml @@ -0,0 +1,42 @@ +--- +- name: Install gitolite + apt: name={{ item }} + with_items: + - gitolite3 + - git-daemon-run + +- name: Create git group + group: name=git + +- name: Create git user + user: + name=git + group=git + home="/var/lib/gitolite" + +- name: Make git dir world readable + file: + name=/var/lib/gitolite + mode=0755 + +- include: as_gituser.yaml + become: yes + become_method: su + become_user: git + +- name: Copy cgitrc.repo_service + shell: sed -e 's_/var/lib/git_/var/lib/gitolite_g' /var/lib/gitolite/.gitolite/conf/cgitrc.repo_service > /etc/cgitrc.repo_service + args: + creates: /etc/cgitrc.repo_service + +- name: Ensure correct permissions on cgitrc.repo_service + file: + name=/etc/cgitrc.repo_service + mode=0644 + +- name: Configure git-daemon + lineinfile: + dest=/etc/service/git-daemon/run + regexp="--base-path=/var/lib /var/lib/git" + line="--base-path=/var/lib/gitolite/repositories /var/lib/gitolite/repositories" + notify: Restart git-daemon diff --git a/roles/gitserver/tasks/restore_gitolite.yaml b/roles/gitserver/tasks/restore_gitolite.yaml new file mode 100644 index 0000000..c937ad1 --- /dev/null +++ b/roles/gitserver/tasks/restore_gitolite.yaml @@ -0,0 +1,44 @@ +- name: Create dummy key + shell: ssh-keygen -t rsa -b 2048 -N '' -f dummy_key + args: + chdir: /var/lib/gitolite + creates: /var/lib/gitolite/dummy_key + +- name: Initialize gitolite + shell: gitolite setup -pk dummy_key.pub + args: + chdir: /var/lib/gitolite + creates: /var/lib/gitolite/.gitolite/conf + +- name: Get repository backup + get_url: + url=https://oberon.sublab.org/protected/repositories.tar.gz + url_username="{{download_user}}" + url_password="{{download_pass}}" + validate_certs=no + dest=/var/lib/gitolite/repositories.tar.gz + +- name: Create directory for backup unpack + file: name=/var/lib/gitolite/old-repositories state=directory + +- name: Unpack repository backup + shell: tar -x --strip-components=1 -f ../repositories.tar.gz + args: + chdir: /var/lib/gitolite/old-repositories + creates: /var/lib/gitolite/old-repositories/gitolite-admin.git + +- name: Push gitolite backup + shell: gitolite push -f /var/lib/gitolite/repositories/gitolite-admin.git master:master + args: + chdir: /var/lib/gitolite/old-repositories/gitolite-admin.git + +- name: Put restore script + copy: + dest=/var/lib/gitolite/restore-backup.sh + src=restore-backup.sh + mode=0755 + +- name: Run restore + shell: ./restore-backup.sh + args: + chdir: /var/lib/gitolite -- cgit v1.2.1