--- - name: install packages pkgng: name: "{{ item }}" state: present with_items: - git - cgit - uwsgi-py36 - highlight - gitolite - name: check user group existence command: pw groupshow {{ git.user.name }} register: pw_cmd ignore_errors: true changed_when: false - name: create user group command: pw groupadd {{ git.user.name }} -g {{ git.user.id }} when: pw_cmd.rc != 0 - name: check user existence command: pw usershow {{ git.user.name }} register: pw_cmd ignore_errors: true changed_when: false - name: create user command: > pw useradd {{ git.user.name }} -u {{ git.user.id }} -g {{ git.user.name }} -d {{ git.user.home }} -m -M 0700 -c "Git Repositories Owner" when: pw_cmd.rc != 0 - name: generate vars.conf file template: src: vars.conf.j2 dest: "{{ git.user.home }}/vars.conf" - name: copy git-shell commands copy: src: git-shell-commands/ # trailing '/' -> directory contents dest: "{{ git.user.home }}/git-shell-commands/" mode: 0755 - name: (local) github sync - check ssh key existence become: false stat: path: "{{ playbook_dir }}/private/git/{{ git.github.keyname }}" delegate_to: localhost register: stat_result - name: (local) github sync - generate new ssh key pair become: false command: > ssh-keygen -t ed25519 -C "git:github-sync" -N "" -f "{{ playbook_dir }}/private/git/{{ git.github.keyname }}" delegate_to: localhost when: not stat_result.stat.exists - name: github sync - create .ssh directory on the server file: path: "{{ git.user.home }}/.ssh" state: directory owner: "{{ git.user.name }}" group: "{{ git.user.name }}" mode: 0700 - name: github sync - copy public key to the server copy: src: "{{ playbook_dir }}/private/git/{{ git.github.keyname }}" dest: "{{ git.user.home }}/.ssh/id_{{ git.github.keytype }}" owner: "{{ git.user.name }}" mode: 0400 - name: create directory for linking public repos file: path: "{{ git.user.home }}/{{ git.public_dir }}" state: directory owner: "{{ git.user.name }}" group: "{{ git.user.name }}" # # gitolite # - name: gitolite - copy the admin ssh key to the server copy: src: "{{ ansible_ssh_private_key_file }}.pub" dest: "{{ git.user.home }}/admin.pub" mode: 0644 tags: gitolite - name: gitolite - setup become_user: "{{ git.user.name }}" command: gitolite setup -pk "{{ git.user.home }}/admin.pub" args: chdir: "{{ git.user.home }}" creates: "{{ git.user.home }}/.gitolite.rc" tags: gitolite - name: gitolite - copy config copy: src: gitolite.rc dest: "{{ git.user.home }}/.gitolite.rc" mode: 0644 tags: gitolite - name: (local) gitolite - check local admin repo existence become: false stat: path: "{{ playbook_dir }}/gitolite-admin" delegate_to: localhost register: stat_result tags: gitolite - name: (local) gitolite - clone admin repo to local become: false command: > env GIT_SSH_COMMAND="ssh -F /dev/null -p {{ ansible_ssh_port }} -i {{ ansible_ssh_private_key_file }} -o IdentitiesOnly=yes" git clone "{{ git.user.name }}@{{ domains[0].name }}:gitolite-admin.git" "{{ playbook_dir }}/gitolite-admin" delegate_to: localhost when: not stat_result.stat.exists tags: gitolite - name: (local) gitolite - note about the push command become: false copy: content: > env GIT_SSH_COMMAND="ssh -F /dev/null -p {{ ansible_ssh_port }} -i {{ ansible_ssh_private_key_file }} -o IdentitiesOnly=yes" git push dest: "{{ playbook_dir }}/gitolite-admin/GIT_PUSH_CMD.sh" delegate_to: localhost tags: gitolite # # cgit # - name: cgit - create root directory file: path: "{{ git.cgit.root }}" state: directory - name: cgit - create static directory (allow git checkout) file: path: "{{ git.cgit.root }}/static" state: directory owner: "{{ git.user.name }}" group: "{{ git.user.name }}" - name: cgit - generate config file template: src: cgit/cgitrc.j2 dest: "{{ git.cgit.root }}/cgitrc" notify: restart-cgit - name: cgit - copy scripts copy: src: cgit/syntax-highlighting.sh dest: "{{ git.cgit.root }}/syntax-highlighting.sh" mode: 0755 - name: cgit - create static repo become_user: "{{ git.user.name }}" command: > ./git-shell-commands/create {{ git.cgit.static_repo }} "cgit static resources repo" args: chdir: "{{ git.user.home }}" creates: "{{ git.user.home }}/{{ git.cgit.static_repo }}" - name: cgit - add post-receive hook to the static repo template: src: cgit/post-receive.j2 dest: "{{ git.user.home }}/{{ git.cgit.static_repo }}/hooks/post-receive" owner: "{{ git.user.name }}" mode: 0755 - name: cgit - setup with uwsgi in rc.conf blockinfile: path: /etc/rc.conf marker: "# {mark} ANSIBLE MANAGED - uwsgi/cgit" block: | uwsgi_profiles="${uwsgi_profiles} cgit" uwsgi_cgit_uid="git" uwsgi_cgit_gid="git" uwsgi_cgit_flags="-L --log-reopen --logfile-chown --cgi /usr/local/www/cgit/cgit.cgi --env CGIT_CONFIG={{ git.cgit.root }}/cgitrc" notify: restart-cgit - name: enable and start uwsgi command: rcenable uwsgi - name: start cgit command: service uwsgi start cgit