From 591b7b8aacab0400d057043761e1870205573de1 Mon Sep 17 00:00:00 2001
From: jaseg <code@jaseg.net>
Date: Tue, 7 Dec 2021 16:53:18 +0100
Subject: Fix playbooks for clean re-deploy

---
 setup_git.yml | 71 ++++++++++++++++++++++++++++++++++-------------------------
 1 file changed, 41 insertions(+), 30 deletions(-)

(limited to 'setup_git.yml')

diff --git a/setup_git.yml b/setup_git.yml
index 4cad914..4b88101 100644
--- a/setup_git.yml
+++ b/setup_git.yml
@@ -1,6 +1,10 @@
+- name: Set local facts
+  set_fact:
+    gitolite_ssh_key: ~/.ssh/id_ed25519.gitolite
+
 - name: Install host requisites
   dnf:
-      name: cgit,gitolite3,python3-pygments,python3-docutils,nodejs-markdown,python3-markdown
+      name: cgit,gitolite3,python3-pygments,python3-docutils,python3-markdown
       state: latest
 
 - name: Copy cgit logo
@@ -47,6 +51,7 @@
       daemon-reload: yes
       name: uwsgi-app@cgit.socket
       enabled: yes
+      state: started
 
 - name: Check if gitolite ssh config exists
   stat:
@@ -57,7 +62,7 @@
   block:
     - name: Copy gitolite admin pubkey
       copy:
-          src: ~/.ssh/id_ed25519.gitolite.pub
+          src: "{{gitolite_ssh_key}}.pub"
           dest: /tmp/jaseg-gitolite.pub
           owner: gitolite3
           group: gitolite3
@@ -90,16 +95,6 @@
       groups: gitolite3
       append: yes
 
-- name: Allow cgit uwsgi user to access gitolite repos
-  file:
-      path: /var/lib/gitolite3/repositories
-      mode: 0750
-
-- name: Allow cgit uwsgi user to gitolite repo list
-  file:
-      path: /var/lib/gitolite3/projects.list
-      mode: 0640
-
 - name: Copy gitolite rc
   copy:
       src: gitolite.rc
@@ -108,6 +103,30 @@
       group: gitolite3
       mode: 0600
 
+- name: Query system user account info
+  getent:
+      database: passwd
+      key: gitolite3
+
+- name: Create git alias user
+  user:
+      name: git
+      create_home: no
+      group: gitolite3
+      password: '!'
+      comment: Alias for gitolite3 user
+      shell: "{{ getent_passwd['gitolite3'][5] }}"
+      system: yes
+      non_unique: yes
+      home: "{{ getent_passwd['gitolite3'][4] }}"
+      uid: "{{ getent_passwd['gitolite3'][1] }}"
+
+- name: Upload gitolite-admin repo
+  command: env "GIT_SSH_COMMAND=ssh -i {{gitolite_ssh_key}}" git push --force git@{{ansible_hostname}}:gitolite-admin.git master
+  args:
+    chdir: checkouts/gitolite-admin
+  delegate_to: localhost
+
 - name: Create gitolite hook dir
   file:
     path: /var/lib/gitolite3/local/hooks/repo-specific
@@ -132,27 +151,19 @@
     group: gitolite3
     mode: 0570
 
-- name: Query system user account info
-  getent:
-      database: passwd
-      key: gitolite3
-
-- name: Create git alias user
-  user:
-      name: git
-      create_home: no
-      group: gitolite3
-      password: '!'
-      comment: Alias for gitolite3 user
-      shell: "{{ getent_passwd['gitolite3'][5] }}"
-      system: yes
-      non_unique: yes
-      home: "{{ getent_passwd['gitolite3'][4] }}"
-      uid: "{{ getent_passwd['gitolite3'][1] }}"
-
 - name: Hack to fix cgit handling for restructuredtext readmes
   file:
       src: /usr/bin/rst2html
       dest: /usr/bin/rst2html.py
       state: link
 
+- name: Allow cgit uwsgi user to access gitolite repos
+  file:
+      path: /var/lib/gitolite3/repositories
+      mode: 0750
+
+- name: Allow cgit uwsgi user to gitolite repo list
+  file:
+      path: /var/lib/gitolite3/projects.list
+      mode: 0640
+
-- 
cgit