aboutsummaryrefslogtreecommitdiffstats
path: root/roles/git/tasks
diff options
context:
space:
mode:
authorAaron LI <aly@aaronly.me>2018-05-14 12:58:25 +0800
committerAaron LI <aly@aaronly.me>2018-05-14 12:58:59 +0800
commitc8dc9e163b50272bf8e3972c8ef37ea3e871b247 (patch)
tree515686d24df67aaf10c244efb09f855ccbb4e188 /roles/git/tasks
parent7a1b276f7b2c9478e28c16bb18e3095bd4b49e15 (diff)
downloadansible-dfly-vps-c8dc9e163b50272bf8e3972c8ef37ea3e871b247.tar.bz2
git: Use gitolite to replace the git-shell shipped with git
Diffstat (limited to 'roles/git/tasks')
-rw-r--r--roles/git/tasks/main.yml72
1 files changed, 56 insertions, 16 deletions
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
index 615927a..5348810 100644
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@@ -8,6 +8,7 @@
- cgit
- uwsgi-py36
- highlight
+ - gitolite
- name: check user group existence
command: pw groupshow {{ git.user.name }}
@@ -30,18 +31,9 @@
pw useradd {{ git.user.name }}
-u {{ git.user.id }} -g {{ git.user.name }}
-d {{ git.user.home }} -m -M 0700
- -s {{ git.user.shell }}
-c "Git Repositories Owner"
when: pw_cmd.rc != 0
-- name: add ssh keys
- authorized_key:
- user: "{{ git.user.name }}"
- state: present
- key: "{{ lookup('file', item) }}"
- with_fileglob:
- - "{{ git.user.ssh_keydir }}/*.pub"
-
- name: generate vars.conf file
template:
src: vars.conf.j2
@@ -51,14 +43,7 @@
copy:
src: git-shell-commands/ # trailing '/' -> directory contents
dest: "{{ git.user.home }}/git-shell-commands/"
- tags: git-cmds
-
-- name: add execution permission to git-shell commands
- file:
- path: "{{ git.user.home }}/git-shell-commands"
mode: 0755
- recurse: true
- tags: git-cmds
- name: (local) github sync - check ssh key existence
become: false
@@ -98,6 +83,61 @@
group: "{{ git.user.name }}"
#
+# gitolite
+#
+
+- name: gitolite - copy the admin ssh key to the server
+ copy:
+ src: "{{ ansible_ssh_private_key_file }}.pub"
+ dest: "{{ git.user.home }}/admin.pub"
+ mode: 0644
+ tags: gitolite
+
+- name: gitolite - setup
+ become_user: "{{ git.user.name }}"
+ command: gitolite setup -pk "{{ git.user.home }}/admin.pub"
+ args:
+ chdir: "{{ git.user.home }}"
+ creates: "{{ git.user.home }}/.gitolite.rc"
+ tags: gitolite
+
+- name: gitolite - copy config
+ copy:
+ src: gitolite.rc
+ dest: "{{ git.user.home }}/.gitolite.rc"
+ mode: 0644
+ tags: gitolite
+
+- name: (local) gitolite - check local admin repo existence
+ become: false
+ stat:
+ path: "{{ playbook_dir }}/gitolite-admin"
+ delegate_to: localhost
+ register: stat_result
+ tags: gitolite
+
+- name: (local) gitolite - clone admin repo to local
+ become: false
+ command: >
+ env GIT_SSH_COMMAND="ssh -F /dev/null -p {{ ansible_ssh_port }} -i {{ ansible_ssh_private_key_file }} -o IdentitiesOnly=yes"
+ git clone
+ "{{ git.user.name }}@{{ domains[0].name }}:gitolite-admin.git"
+ "{{ playbook_dir }}/gitolite-admin"
+ delegate_to: localhost
+ when: not stat_result.stat.exists
+ tags: gitolite
+
+- name: (local) gitolite - note about the push command
+ become: false
+ copy:
+ content: >
+ env GIT_SSH_COMMAND="ssh -F /dev/null -p {{ ansible_ssh_port }} -i {{ ansible_ssh_private_key_file }} -o IdentitiesOnly=yes"
+ git push
+ dest: "{{ playbook_dir }}/gitolite-admin/GIT_PUSH_CMD.sh"
+ delegate_to: localhost
+ tags: gitolite
+
+#
# cgit
#