diff options
| author | jaseg <code@jaseg.net> | 2020-03-30 00:55:33 +0200 |
|---|---|---|
| committer | jaseg <code@jaseg.net> | 2020-03-30 00:55:33 +0200 |
| commit | 0dcc11ebd03a6b80e9d930ab9edf5fe74291f95b (patch) | |
| tree | 525e098156e7df30a13dd4ba981e6e3d4bc9a745 /gerboweb/deploy/setup_git.yml | |
| parent | 78ce3bb25747a0966445ffd5360ad31ad4fb098a (diff) | |
| download | gerbolyze-0dcc11ebd03a6b80e9d930ab9edf5fe74291f95b.tar.gz gerbolyze-0dcc11ebd03a6b80e9d930ab9edf5fe74291f95b.tar.bz2 gerbolyze-0dcc11ebd03a6b80e9d930ab9edf5fe74291f95b.zip | |
Add gitolite/cgit git hosting
Diffstat (limited to 'gerboweb/deploy/setup_git.yml')
| -rw-r--r-- | gerboweb/deploy/setup_git.yml | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/gerboweb/deploy/setup_git.yml b/gerboweb/deploy/setup_git.yml new file mode 100644 index 0000000..9d351e5 --- /dev/null +++ b/gerboweb/deploy/setup_git.yml @@ -0,0 +1,115 @@ +- name: Install host requisites + dnf: + name: cgit,gitolite3,python3-pygments,python3-docutils,nodejs-markdown + state: latest + +- name: Copy cgit favicon + copy: + src: cgit-logo.png + dest: /var/www/git.jaseg.net/cgit.png + +- name: Create cgit instance config dir + file: + path: /var/lib/cgit + state: directory + mode: 0755 + +- name: Copy cgit rc + copy: + src: cgitrc + dest: /var/lib/cgit/cgitrc-gitolite-public + mode: 0644 + +- name: Create uwsgi worker user and group + user: + name: uwsgi-cgit + create_home: no + group: uwsgi + password: '!' + shell: /sbin/nologin + system: yes + +- name: Copy uwsgi config + copy: + src: uwsgi-cgit.ini + dest: /etc/uwsgi.d/cgit.ini + owner: uwsgi-cgit + group: uwsgi + mode: 0440 + +- name: Enable uwsgi systemd socket + systemd: + daemon-reload: yes + name: uwsgi-app@cgit.socket + enabled: yes + +- name: Copy gitolite admin pubkey + copy: + src: ~/.ssh/id_ed25519.gitolite.pub + dest: /tmp/jaseg-gitolite.pub + owner: gitolite3 + group: gitolite3 + +- name: Run gitolite initialization + command: gitolite setup -pk /tmp/jaseg-gitolite.pub + become: true + become_method: su + become_user: gitolite3 + become_flags: '-s /bin/sh' + args: + creates: /var/lib/gitolite3/projects.list + +- name: Remove leftover admin pubkey + file: + state: absent + path: /tmp/jaseg-gitolite.pub + +- name: Allow uwsgi group to access gitolite repo dir + file: + path: /var/lib/gitolite3 + state: directory + owner: gitolite3 + group: uwsgi + +- name: Add cgit uwsgi user to gitolite group + user: + name: uwsgi-cgit + groups: gitolite3 + append: yes + +- name: Allow cgit uwsgi user to access gitolite repos + file: + path: /var/lib/gitolite3/repositories + mode: 0750 + +- name: Allow cgit uwsgi user to gitolite repo list + file: + path: /var/lib/gitolite3/projects.list + mode: 0640 + +- name: Copy gitolite rc + copy: + src: gitolite.rc + dest: /var/lib/gitolite3/.gitolite.rc + owner: gitolite3 + group: gitolite3 + mode: 0600 + +- name: Query system user account info + getent: + database: passwd + key: gitolite3 + +- name: Create git alias user + user: + name: git + create_home: no + group: gitolite3 + password: '!' + comment: Alias for gitolite3 user + shell: "{{ getent_passwd['gitolite3'][5] }}" + system: yes + non_unique: yes + home: "{{ getent_passwd['gitolite3'][4] }}" + uid: "{{ getent_passwd['gitolite3'][1] }}" + |