Fix playbooks for clean re-deploy

2021-12-07 16:53:18 +01:00 · 2021-12-07 16:53:18 +01:00 · 591b7b8aac
commit 591b7b8aac
parent ab91420bb6
14 changed files with 364 additions and 320 deletions
--- a/setup_git.yml
+++ b/setup_git.yml
@ -1,6 +1,10 @@
+- name: Set local facts
+  set_fact:
+    gitolite_ssh_key: ~/.ssh/id_ed25519.gitolite
+
 - name: Install host requisites
  dnf:
-      name: cgit,gitolite3,python3-pygments,python3-docutils,nodejs-markdown,python3-markdown
+      name: cgit,gitolite3,python3-pygments,python3-docutils,python3-markdown
      state: latest

 - name: Copy cgit logo
@ -47,6 +51,7 @@
      daemon-reload: yes
      name: uwsgi-app@cgit.socket
      enabled: yes
+      state: started

 - name: Check if gitolite ssh config exists
  stat:
@ -57,7 +62,7 @@
  block:
    - name: Copy gitolite admin pubkey
      copy:
-          src: ~/.ssh/id_ed25519.gitolite.pub
+          src: "{{gitolite_ssh_key}}.pub"
          dest: /tmp/jaseg-gitolite.pub
          owner: gitolite3
          group: gitolite3
@ -90,16 +95,6 @@
      groups: gitolite3
      append: yes

- name: Allow cgit uwsgi user to access gitolite repos
-  file:
-      path: /var/lib/gitolite3/repositories
-      mode: 0750
-
- name: Allow cgit uwsgi user to gitolite repo list
-  file:
-      path: /var/lib/gitolite3/projects.list
-      mode: 0640
-
 - name: Copy gitolite rc
  copy:
      src: gitolite.rc
@ -108,6 +103,30 @@
      group: gitolite3
      mode: 0600

+- name: Query system user account info
+  getent:
+      database: passwd
+      key: gitolite3
+
+- name: Create git alias user
+  user:
+      name: git
+      create_home: no
+      group: gitolite3
+      password: '!'
+      comment: Alias for gitolite3 user
+      shell: "{{ getent_passwd['gitolite3'][5] }}"
+      system: yes
+      non_unique: yes
+      home: "{{ getent_passwd['gitolite3'][4] }}"
+      uid: "{{ getent_passwd['gitolite3'][1] }}"
+
+- name: Upload gitolite-admin repo
+  command: env "GIT_SSH_COMMAND=ssh -i {{gitolite_ssh_key}}" git push --force git@{{ansible_hostname}}:gitolite-admin.git master
+  args:
+    chdir: checkouts/gitolite-admin
+  delegate_to: localhost
+
 - name: Create gitolite hook dir
  file:
    path: /var/lib/gitolite3/local/hooks/repo-specific
@ -132,27 +151,19 @@
    group: gitolite3
    mode: 0570

- name: Query system user account info
-  getent:
-      database: passwd
-      key: gitolite3
-
- name: Create git alias user
-  user:
-      name: git
-      create_home: no
-      group: gitolite3
-      password: '!'
-      comment: Alias for gitolite3 user
-      shell: "{{ getent_passwd['gitolite3'][5] }}"
-      system: yes
-      non_unique: yes
-      home: "{{ getent_passwd['gitolite3'][4] }}"
-      uid: "{{ getent_passwd['gitolite3'][1] }}"
-
 - name: Hack to fix cgit handling for restructuredtext readmes
  file:
      src: /usr/bin/rst2html
      dest: /usr/bin/rst2html.py
      state: link

+- name: Allow cgit uwsgi user to access gitolite repos
+  file:
+      path: /var/lib/gitolite3/repositories
+      mode: 0750
+
+- name: Allow cgit uwsgi user to gitolite repo list
+  file:
+      path: /var/lib/gitolite3/projects.list
+      mode: 0640
+