Tag git setup foo

author: jaseg <code@jaseg.net> 2020-12-30 11:38:27 +0100
committer: jaseg <code@jaseg.net> 2020-12-30 11:38:27 +0100
commit: a62a4e1e11896568550d98854060c56343cf72d7 (patch)
tree: 5cc8e08413307d57f98f9ff4bebc724456954ab7
parent: d95759c23e89365ab49bbb92f96e3d3c631ffe04 (diff)
download: infra-a62a4e1e11896568550d98854060c56343cf72d7.tar.gz
infra-a62a4e1e11896568550d98854060c56343cf72d7.tar.bz2
infra-a62a4e1e11896568550d98854060c56343cf72d7.zip
5 files changed, 119 insertions, 32 deletions
diff --git a/cgit-logo-orig.png b/cgit-logo-orig.png
new file mode 100644
index 0000000..f781fdd
--- /dev/null
+++ b/cgit-logo-orig.png
diff --git a/cgit-logo.png b/cgit-logo.png
index f781fdd..b1c0322 100644
--- a/cgit-logo.png
+++ b/cgit-logo.png
diff --git a/cgitrc b/cgitrc
index d77778b..9b5a651 100644
--- a/cgitrc
+++ b/cgitrc
@@ -1,11 +1,24 @@
 css=/cgit.css
-logo= /cgit.png
+logo=/cgit.png
 
 enable-http-clone=1
 robots=noindex, nofollow
 virtual-root=/
 
 readme=:README.rst
+readme=:readme.rst
+readme=:README.md
+readme=:readme.md
+readme=:README.txt
+readme=:readme.txt
+readme=:README.mkd
+readme=:readme.mkd
+readme=:README.htm
+readme=:readme.htm
+readme=:README.html
+readme=:readme.html
+readme=:README
+readme=:readme
 about-filter=/usr/libexec/cgit/filters/about-formatting.sh
 
 enable-index-links=1
@@ -18,3 +31,11 @@ source-filter=/usr/libexec/cgit/filters/syntax-highlighting.py
 
 project-list=/var/lib/gitolite3/projects.list
 scan-path=/var/lib/gitolite3/repositories
+
+mimetype.gif=image/gif
+mimetype.html=text/html
+mimetype.jpg=image/jpeg
+mimetype.jpeg=image/jpeg
+mimetype.pdf=application/pdf
+mimetype.png=image/png
+mimetype.svg=image/svg+xml
diff --git a/playbook.yml b/playbook.yml
index 72beb91..a34e8fe 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -35,20 +35,24 @@
   hosts: wendelstein
   tasks:
     - name: Set hostname
+      tags: setup
       hostname:
         name: wendelstein.jaseg.net
 
     - name: Install common admin tools
+      tags: setup
       dnf:
         name: htop,tmux,fish,mosh,neovim,sqlite
         state: latest
 
     - name: Install host requisites
+      tags: setup
       dnf:
           name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,python3-libselinux,git,iptables-services,python3-pycryptodomex,zip,python3-uwsgidecorators,nsd
           state: latest
 
     - name: Disable password-based root login
+      tags: setup
       lineinfile:
         path: /etc/ssh/sshd_config
         regexp: '^PermitRootLogin'
@@ -56,12 +60,14 @@
       register: disable_root_pw_ssh
 
     - name: Restart sshd
+      tags: setup
       systemd:
           name: sshd
           state: restarted
       when: disable_root_pw_ssh is changed
 
     - name: Configure iptables firewall service
+      tags: setup
       copy:
         src: iptables.rules
         dest: /etc/sysconfig/iptables
@@ -70,13 +76,18 @@
         mode: 0664
 
     - name: Enable iptables firewall service
+      tags: setup
       systemd:
         name: iptables
         enabled: yes
         state: started
 
     - name: Create containers
-      include_tasks: setup_containers.yml
+      tags: setup
+      include_tasks:
+          file: setup_containers.yml
+          apply:
+              tags: setup
       vars:
         containers:
           - gerboweb
@@ -84,31 +95,72 @@
           - pogojig
 
     - name: Setup web server
-      include_tasks: setup_webserver.yml
+      tags: www
+      include_tasks:
+          file: setup_webserver.yml
+          apply:
+              tags: www
 
     - name: Setup gerboweb
-      include_tasks: setup_gerboweb.yml
+      tags: gerboweb
+      include_tasks:
+          file: setup_gerboweb.yml
+          apply: 
+              tags: gerboweb
 
     - name: Setup clippy
-      include_tasks: setup_clippy.yml
+      tags: clippy
+      include_tasks:
+          file: setup_clippy.yml
+          apply:
+              tags: clippy
 
     - name: Setup secure download
-      include_tasks: setup_secure_download.yml
+      tags: secure-download
+      include_tasks:
+          file: setup_secure_download.yml
+          apply:
+              tags: secure-download
 
     - name: Setup tracespace
-      include_tasks: setup_tracespace.yml
+      tags: pogojig
+      include_tasks:
+          file: setup_tracespace.yml
+          apply:
+              tags: pogojig
 
     - name: Setup openjscad
-      include_tasks: setup_openjscad.yml
+      tags: pogojig
+      include_tasks:
+          file: setup_openjscad.yml
+          apply:
+              tags: pogojig
 
     - name: Setup pogojig
-      include_tasks: setup_pogojig.yml
+      tags: pogojig
+      include_tasks:
+          file: setup_pogojig.yml
+          apply:
+              tags: pogojig
 
     - name: Setup notification proxy
-      include_tasks: setup_notification_proxy.yml
+      tags: notification-proxy
+      include_tasks:
+          file: setup_notification_proxy.yml
+          apply:
+              tags:
+                  notification-proxy
 
     - name: Setup semi-public git server
-      include_tasks: setup_git.yml
+      tags: git
+      include_tasks:
+          file: setup_git.yml
+          apply:
+              tags: git
 
     - name: Setup private DynDNS service
-      include_tasks: setup_dyndns.yml
+      tags: dyndns
+      include_tasks:
+          file: setup_dyndns.yml
+          apply:
+              tags: dyndns
diff --git a/setup_git.yml b/setup_git.yml
index 6e7d621..d1789bd 100644
--- a/setup_git.yml
+++ b/setup_git.yml
@@ -43,26 +43,34 @@
       name: uwsgi-app@cgit.socket
       enabled: yes
 
-- name: Copy gitolite admin pubkey
-  copy:
-      src: ~/.ssh/id_ed25519.gitolite.pub
-      dest: /tmp/jaseg-gitolite.pub
-      owner: gitolite3
-      group: gitolite3
-
-- name: Run gitolite initialization
-  command: gitolite setup -pk /tmp/jaseg-gitolite.pub
-  become: true
-  become_method: su
-  become_user: gitolite3
-  become_flags: '-s /bin/sh'
-  args:
-      creates: /var/lib/gitolite3/projects.list
-
-- name: Remove leftover admin pubkey
-  file:
-      state: absent
-      path: /tmp/jaseg-gitolite.pub
+- name: Check if gitolite ssh config exists
+  stat:
+      path: /var/lib/gitolite3/.ssh/authorized_keys
+  register: gitolite_ssh_keys_stat
+
+- name: Gitolite admin key setup
+  block:
+    - name: Copy gitolite admin pubkey
+      copy:
+          src: ~/.ssh/id_ed25519.gitolite.pub
+          dest: /tmp/jaseg-gitolite.pub
+          owner: gitolite3
+          group: gitolite3
+
+    - name: Run gitolite initialization
+      command: gitolite setup -pk /tmp/jaseg-gitolite.pub
+      become: true
+      become_method: su
+      become_user: gitolite3
+      become_flags: '-s /bin/sh'
+      args:
+          creates: /var/lib/gitolite3/projects.list
+
+    - name: Remove leftover admin pubkey
+      file:
+          state: absent
+          path: /tmp/jaseg-gitolite.pub
+  when: not gitolite_ssh_keys_stat.stat.exists
 
 - name: Allow uwsgi group to access gitolite repo dir
   file:
@@ -113,3 +121,9 @@
       home: "{{ getent_passwd['gitolite3'][4] }}"
       uid: "{{ getent_passwd['gitolite3'][1] }}"
 
+- name: Hack to fix cgit handling for restructuredtext readmes
+  file:
+      src: /usr/bin/rst2html
+      dest: /usr/bin/rst2html.py
+      state: link
+
author	jaseg <code@jaseg.net>	2020-12-30 11:38:27 +0100
committer	jaseg <code@jaseg.net>	2020-12-30 11:38:27 +0100
commit	a62a4e1e11896568550d98854060c56343cf72d7 (patch)
tree	5cc8e08413307d57f98f9ff4bebc724456954ab7
parent	d95759c23e89365ab49bbb92f96e3d3c631ffe04 (diff)
download	infra-a62a4e1e11896568550d98854060c56343cf72d7.tar.gz infra-a62a4e1e11896568550d98854060c56343cf72d7.tar.bz2 infra-a62a4e1e11896568550d98854060c56343cf72d7.zip